VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Měl jsem problém s hackerským útokem

https://forum.viry.cz:443/viewtopic.php?t=156887

Stránka 1 z 1

Měl jsem problém s hackerským útokem

Napsal: 26 úno 2020 21:03
od Falldrax
Zdravím před cca asi před 3 týdny jsem udělal chybu a přijal na můj steamový účet do friendlistu žádost o přátelství od neznámé osoby toho jsem pak pozval do hry a cca po minutě mě to ze steamu vyhodilo. Někdo se do něj dostal a změnil heslo tak jsem si poslal do mailu spojenho se steamem nové heslo a účet získal zpět heslo změnil a myslel jsem, že je vše vpořádku asi před týdnem zjistil, že účet je znova pryč a někdo se mi naboural i do mailu a smazal všechny maily. Takže jsem napsal na podporu (účet už mám zpět) a mail taky. Změnil a zesložitil jsem všude hesla a dal ověření přes tel. Taky jsem projel PC avastem a rougekillerem. avast nenašel skoro nic, ale Rougekiller toho našel poměrně hodně. Nakonec jsem PC projel ještě CCleanerem.
Ale byl bych radši jestli byste se mohli podívat na log jestli tam ještě něco nezůstalo. PC už je trochu starší cca 10 let tak nevím jestli v něm něco není.
Předem díky za odpověď.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Okko at 2020-02-26 20:46:38
Microsoft Windows 8.1
System drive C: has 16 GB (2%) free of 653 GB
Total RAM: 8081 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:46:48, on 26. 2. 2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\Okko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Facebook Gameroom.lnk = Okko\AppData\Local\Facebook\Games\FacebookGameroom.exe
O4 - Global Startup: SRS PC Sound.lnk = C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
O8 - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O8 - Extra context menu item: Otevřít programem PDF Viewer Plus - res://C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\SCM\MSIService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11973 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
taskhostex.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
dashost.exe {be13a177-f9f7-40c1-a0a3c1bf5d1e7e0b}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\SCM\MSIService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-045eed47-72e0-4f72-8e94-4bce05f6515d -SystemEventPortName:HostProcess-091da8f9-54eb-4c62-b932-11d09d5b0113 -IoCancelEventPortName:HostProcess-6f5c7749-2339-42a8-93e2-bf88b0dc2b92 -NonStateChangingEventPortName:HostProcess-236bf2d4-b674-49d3-a708-55ab4520ecf0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c6410bac-209b-4c19-b705-929d31249ca1 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
igfxEM.exe
igfxHK.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Windows\System32\igfxTray.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="278D9C27-2C26-3355-5A0B-413F043E0F1F" /binpath="C:\Program Files\AVAST Software\Avast"
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=8384,16406659891838456544,185348198545729822,131072 --no-sandbox --log-file="C:\Users\Okko\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.1.2397)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --force-device-scale-factor=1.25 --pack_loading_disabled=1 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAMAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=16698851132846616396 --mojo-platform-channel-handle=8460 /prefetch:2

taskhost.exe
"C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "https://adlice.com/thanks-downloading-r ... medium=btn"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Okko\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Okko\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=79.0.3945.130 --initial-client-data=0x5c,0x60,0x64,0x54,0x68,0x7ffa99bcdd08,0x7ffa99bcdd18,0x7ffa99bcdd28
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3420 --on-initialized-event-handle=120 --parent-handle=116 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1064,16648250214426819711,6037236527623208638,131072 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=8142792796367128755 --mojo-platform-channel-handle=1080 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1064,16648250214426819711,6037236527623208638,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --service-request-channel-token=10753638649439326598 --mojo-platform-channel-handle=1412 /prefetch:8
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,16648250214426819711,6037236527623208638,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18384000038015949803 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2420 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,16648250214426819711,6037236527623208638,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13941175158355413366 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2672 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,16648250214426819711,6037236527623208638,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9643760357999611279 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2200 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,16648250214426819711,6037236527623208638,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8686564937809975715 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2912 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,16648250214426819711,6037236527623208638,131072 --lang=cs --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6675441814551590822 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,16648250214426819711,6037236527623208638,131072 --lang=cs --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18129423355503618683 --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4752 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,16648250214426819711,6037236527623208638,131072 --lang=cs --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8841337192042768874 --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,16648250214426819711,6037236527623208638,131072 --lang=cs --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16151383776019540295 --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6668 /prefetch:1
"C:\Users\Okko\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Okko\AppData\Roaming\Mozilla\Firefox\Profiles\9p91fk7e.default-1485611698885-1510962581897

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.142 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.191.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.191.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.142 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-22 480120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-22 194424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-11-28 2859344]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-11-28 13192848]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2012-08-27 11577216]
"Radio Manager"=C:\Program Files (x86)\SCM\Radio Manager.exe [2012-09-13 403848]
"SCM"=C:\Program Files (x86)\SCM\SCM.exe [2012-09-13 399776]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-08-27 395168]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-09-19 1923008]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2020-02-25 277664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-09-10 18630056]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-09-12 56128]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2012-12-21 507016]
"IndexSearch"=C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2013-08-15 47432]
"PaperPort PTD"=C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [2013-08-15 31048]
"PDFHook"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192]
"PDF5 Registry Controller"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-10-06 601424]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS PC Sound.lnk - C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe

C:\Users\Okko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Gameroom.lnk - C:\Users\Okko\AppData\Local\Facebook\Games\FacebookGameroom.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\windows\system32\nvinitx.dll, C:\Windows\system32\nvinitx.dll, C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-02-26 20:46:38 ----D---- C:\rsit
2020-02-26 20:46:38 ----D---- C:\Program Files\trend micro
2020-02-25 17:33:40 ----D---- C:\Program Files\RogueKiller
2020-02-25 17:32:56 ----D---- C:\ProgramData\RogueKiller
2020-02-25 16:16:42 ----A---- C:\WINDOWS\system32\aswBoot.exe
2020-02-25 16:16:39 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2020-02-25 16:16:39 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2020-02-20 17:24:12 ----D---- C:\Program Files (x86)\Mozilla Firefox
2020-02-08 15:20:41 ----SHD---- C:\Config.Msi
2020-02-04 19:48:00 ----D---- C:\Program Files (x86)\AdwCleaner

======List of files/folders modified in the last 1 month======

2020-02-26 20:46:44 ----D---- C:\WINDOWS\system32\drivers\etc
2020-02-26 20:46:38 ----RD---- C:\Program Files
2020-02-26 20:43:00 ----RD---- C:\WINDOWS\System32
2020-02-26 20:43:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-26 20:38:00 ----D---- C:\WINDOWS\system32\drivers
2020-02-26 20:33:12 ----D---- C:\WINDOWS\Temp
2020-02-26 20:18:05 ----D---- C:\WINDOWS\Prefetch
2020-02-26 20:14:32 ----D---- C:\WINDOWS\Inf
2020-02-26 20:00:00 ----D---- C:\WINDOWS\system32\sru
2020-02-26 17:14:07 ----D---- C:\Program Files (x86)\Steam
2020-02-26 16:53:05 ----D---- C:\Program Files (x86)\Battle.net
2020-02-26 16:15:08 ----D---- C:\WINDOWS\system32\config
2020-02-26 14:49:14 ----D---- C:\Users\Okko\AppData\Roaming\vlc
2020-02-26 14:34:01 ----D---- C:\Program Files (x86)
2020-02-26 10:05:31 ----D---- C:\WINDOWS\Microsoft.NET
2020-02-25 19:40:10 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2020-02-25 19:38:00 ----D---- C:\ProgramData\NVIDIA
2020-02-25 19:36:57 ----D---- C:\WINDOWS\WinSxS
2020-02-25 19:36:57 ----D---- C:\Program Files (x86)\OpenAL
2020-02-25 18:29:48 ----HD---- C:\ProgramData
2020-02-25 18:29:47 ----D---- C:\WINDOWS\SysWOW64
2020-02-25 16:17:31 ----D---- C:\WINDOWS\system32\Tasks
2020-02-25 08:55:11 ----D---- C:\WINDOWS\Tasks
2020-02-24 20:30:39 ----D---- C:\Windows
2020-02-23 20:30:55 ----D---- C:\WINDOWS\SoftwareDistribution
2020-02-23 20:30:26 ----D---- C:\Users\Okko\AppData\Roaming\MPC-HC
2020-02-23 20:30:26 ----D---- C:\Users\Okko\AppData\Roaming\DAEMON Tools Lite
2020-02-23 20:30:26 ----D---- C:\Users\Okko\AppData\Roaming\BitTorrent
2020-02-22 18:53:20 ----SHD---- C:\System Volume Information
2020-02-22 18:16:10 ----D---- C:\ProgramData\ProductData
2020-02-21 06:42:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-02-20 17:33:50 ----D---- C:\Users\Okko\AppData\Roaming\Discord
2020-02-17 18:47:11 ----D---- C:\Program Files (x86)\Hearthstone
2020-02-08 15:22:31 ----D---- C:\WINDOWS\AppReadiness
2020-02-08 15:22:01 ----HD---- C:\Program Files\WindowsApps
2020-02-08 15:20:43 ----SHD---- C:\WINDOWS\Installer
2020-02-08 15:20:18 ----SD---- C:\ProgramData\Microsoft
2020-02-08 15:04:24 ----D---- C:\Program Files (x86)\Baldur's Gate II Enhanced Edition
2020-02-04 19:26:29 ----D---- C:\WINDOWS\CbsTemp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2020-02-25 37864]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2020-02-25 206608]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2020-02-25 64272]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2020-02-25 84056]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2020-02-25 316256]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-02 647736]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-06-17 31376]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2020-02-25 205576]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2020-02-25 271120]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2020-02-25 279360]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2020-02-25 42976]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2020-02-25 110560]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2020-02-25 848672]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2020-02-25 458584]
R1 dtsoftbus01;@oem10.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2017-11-19 283200]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2020-02-25 175400]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2020-02-25 235184]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 btmhsf;btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [2012-08-29 857472]
R3 ETD;@oem7.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-11-28 295760]
R3 iBtFltCoex;iBtFltCoex; C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys [2012-08-06 68136]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-08-27 3797424]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-11-28 4142864]
R3 IntcDAud;@oem34.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem36.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 MEIx64;@oem28.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-11-28 62784]
R3 NETwNe64;@netwew00.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows 8; C:\WINDOWS\system32\DRIVERS\NETwew00.sys [2013-07-08 3344352]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-10-25 13368]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-06-17 11011216]
R3 nvvad_WaveExtensible;@oem37.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-09-19 48064]
R3 nvvhci;@oem20.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-03-17 59448]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
S3 BstkDrv;BlueStacks Plus Hypervisor; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [2017-06-21 270904]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2014-11-21 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2017-11-17 119296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2017-11-17 1201664]
S3 ew_usbenumfilter;@oem18.inf,%busupper.SVCDESC%;huawei_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys []
S3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys []
S3 hwusb_wwanecm;hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys []
S3 intaud_WaveExtensible;@oem35.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216]
S3 netr28ux;@netr28ux.inf,%Generic.Service.DispName%;RT2870 – ovladač rozšiřitelné karty USB pro bezdrátovou síť LAN; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2013-06-18 2408208]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-09-19 30144]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2017-11-17 167424]
S3 RSUSBSTOR;@oem4.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-11-28 252048]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2020-02-25 413472]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-08-27 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-09-06 1124288]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-09-02 14904]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-08-27 330136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-11-28 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-11-28 276864]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [2012-09-13 160768]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-12-21 144008]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2012-11-28 201360]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-28 364416]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2020-02-25 6046624]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-12-15 156104]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-07-29 2909472]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19 512960]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-06-17 937616]
S2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-09-19 449984]
S2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2013-08-15 145736]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-02-24 335872]
S3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2017-07-21 369720]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-08-27 291744]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2019-08-24 25832]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-07-12 780928]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe [2020-01-16 1113072]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-12-15 156104]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-02-20 244936]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19 512960]
S3 rkrtservice;RogueKiller RTP; C:\Program Files\RogueKiller\RogueKillerSvc.exe [2020-02-24 16647736]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2020-02-11 1759696]

-----------------EOF-----------------

Re: Měl jsem problém s hackerským útokem

Napsal: 26 úno 2020 21:50
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Měl jsem problém s hackerským útokem

Napsal: 26 úno 2020 22:04
od Falldrax
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-02-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-26-2020
# Duration: 00:00:01
# OS: Windows 8.1
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Okko\AppData\Local\28050

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted nladljmabboanhihfkjacnnkgjhnokhj

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1471 octets] - [26/02/2020 21:59:31]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Měl jsem problém s hackerským útokem

Napsal: 27 úno 2020 10:30
od Rudy
Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . Jsou podrobnější, než RSIT.

Re: Měl jsem problém s hackerským útokem

Napsal: 27 úno 2020 16:22
od Falldrax
Tady je FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-02-2020
Ran by Okko (administrator) on OKKO-NTB (Micro-Star International Co., Ltd. CX61 0NC/CX61 0ND/CX61 0NF/CX61 0NE) (27-02-2020 16:12:26)
Running from C:\Users\Okko\Desktop
Loaded Profiles: Okko (Available Profiles: Okko)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2859344 2012-11-28] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-11-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [403848 2012-09-13] (MICRO-STAR INTERNATIONAL CO., LTD -> MSI) [File not signed]
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [399776 2012-09-13] (MICRO-STAR INTERNATIONAL CO., LTD -> MSI) [File not signed]
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1923008 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-02] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [507016 2012-12-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [47432 2013-08-15] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [31048 2013-08-15] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\Software\Policies\...\system: [disablecmd] 0
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\MountPoints2: {0b1dfdc6-0b53-11ea-80a4-8c89a5083b21} - "G:\AutoRun.exe"
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\MountPoints2: {673a086f-825c-11e2-be7c-0cd2923ce500} - "G:\unlock.exe" autoplay=true
HKLM\Software\...\AppCompatFlags\Custom\Disciple.exe: [{e1bfbd75-3af5-4f2b-b0ac-6031371d7cb1}.sdb] -> GOG.com Disciples Gold
HKLM\Software\...\AppCompatFlags\Custom\Gothic.exe: [{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb] -> GothicW8
HKLM\Software\...\AppCompatFlags\Custom\Gothic2.exe: [{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb] -> GothicW8
HKLM\Software\...\AppCompatFlags\Custom\GothicMod.exe: [{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb] -> GothicW8
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9084b1e7-83b4-406a-8705-374300ee2d84}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb [2012-10-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{e1bfbd75-3af5-4f2b-b0ac-6031371d7cb1}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{e1bfbd75-3af5-4f2b-b0ac-6031371d7cb1}.sdb [2014-04-01]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [176904 2015-06-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-06-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-06-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-06-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS PC Sound.lnk [2012-11-28]
ShortcutTarget: SRS PC Sound.lnk -> C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc. -> SRS Labs, Inc.)
Startup: C:\Users\Okko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2019-11-18]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Okko\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-55469658-3419985309-1369119327-1002\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0391B9F5-0E0F-42DD-A039-793852082F2E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
Task: {0B8E88C4-202E-49E4-94F6-C0639A4C5198} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {103F1E4C-4CD8-4C0F-87E0-F6C5DE90BD6C} - System32\Tasks\{ABD73A06-1074-4D6C-8F20-1D878E54EE94} => C:\WINDOWS\system32\pcalua.exe -a "D:\Hry\WoW Cata\Wow.exe" -d "D:\Hry\WoW Cata"
Task: {17DC880F-DA9F-46DC-A282-2D2825F24458} - System32\Tasks\{01479244-658F-481D-AF55-19DD1AFB952D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe" -d "C:\Program Files (x86)\Pando Networks\Media Booster"
Task: {1B7F6913-AB96-438F-B0AE-79BCDEA40B90} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {23AF02E9-7649-495D-9F3C-4745EC2A6A17} - System32\Tasks\{1098EE12-CA14-4EC4-8514-5CD920C6F2D5} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.25.0.106/cs/abandoninstall?page=tsProgressBar
Task: {259A91E6-E4CD-4808-99DA-0B9F1DCC7844} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {2D22F375-818B-4C49-9EC7-06687FA09FA7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
Task: {440ED287-5AA7-4B04-B5C4-6E54D2482DD6} - System32\Tasks\{DF9FABEA-CB97-4F38-A52F-C263C4606055} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/cs/abandoninstall?page=tsProgressBar
Task: {605C9B63-F2C3-47D6-BAEC-3333335CFAB4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [947136 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6DBC8F2B-5E69-433F-B5D0-8D74A097EB19} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [1319936 2017-12-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7A5D70D5-991E-42B2-AEE7-C2E4228D4C6E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-02-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {7BC478E8-71F3-4537-B759-F1EF643255CD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe [1457152 2019-02-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {9263650E-6924-4169-B8E6-D118A1E902A1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9EA9555C-2284-46BE-9D59-8898C0EB43B0} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {A0401C2A-FD25-4C72-B82D-3A6D2D92A227} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [538952 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {B6B685FF-F3A4-4023-A30F-CD6DFCDA4087} - System32\Tasks\avastBCLRestartS-1-5-21-55469658-3419985309-1369119327-1002 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {B6F2DFB5-3EEB-4B18-9A3E-6725A4A82571} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B906B7E9-3768-45CD-929A-64FF5B075176} - System32\Tasks\{608ABA6A-B53E-4B67-85C1-013264962E2F} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\GOG.com\Gothic 3\Gothic3.exe" -d "C:\Program Files (x86)\GOG.com\Gothic 3\"
Task: {BA8FAA93-0D0B-4AC4-B5B1-9F7767DDA97C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C01C8B8F-779C-4093-8465-3EDFA5B019AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {C4900C8C-BA44-4AA8-B1FA-7E56AC839C5E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C4B43863-A749-4A47-AF93-16967959EF5C} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {C6D2ED83-DB7D-4EF3-B4C2-D63FA7A4E958} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1835112 2020-02-19] (Avast Software s.r.o. -> AVAST Software)
Task: {CA5A8EA2-42AB-4F23-9A41-0C6F9C7B70A7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1540544 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D2EBEADD-572E-4CB3-9A50-7F99A5130F9C} - System32\Tasks\{FE4F8438-448D-4E78-940E-BE2783E40C9D} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.25.0.106/cs/abandoninstall?page=tsProgressBar
Task: {E561EE09-D0C4-40C6-B570-BE674B594A5F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E8F5D6A0-D0CC-42FC-9D3B-CE77FA279B9B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1 10.111.128.254
Tcpip\..\Interfaces\{A8DD97B7-A4DD-45D0-BDC6-C5425928BFAA}: [DhcpNameServer] 192.168.20.1 10.111.128.254

Internet Explorer:
==================
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKU\S-1-5-21-55469658-3419985309-1369119327-1002 -> DefaultScope {8F2B1849-447C-4AF0-B724-3A96E800FCD7} URL =
SearchScopes: HKU\S-1-5-21-55469658-3419985309-1369119327-1002 -> {8F2B1849-447C-4AF0-B724-3A96E800FCD7} URL =
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-22] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: 9p91fk7e.default-1485611698885-1510962581897
FF ProfilePath: C:\Users\Okko\AppData\Roaming\Mozilla\Firefox\Profiles\9p91fk7e.default-1485611698885-1510962581897 [2020-02-25]
FF NewTab: Mozilla\Firefox\Profiles\9p91fk7e.default-1485611698885-1510962581897 -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10444__191101
FF Extension: (Ant Video downloader) - C:\Users\Okko\AppData\Roaming\Mozilla\Firefox\Profiles\9p91fk7e.default-1485611698885-1510962581897\Extensions\anttoolbar@ant.com.xpi [2020-02-14]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Okko\AppData\Roaming\Mozilla\Firefox\Profiles\9p91fk7e.default-1485611698885-1510962581897\Extensions\sp@avast.com.xpi [2019-02-14]
FF Extension: (Avast Online Security) - C:\Users\Okko\AppData\Roaming\Mozilla\Firefox\Profiles\9p91fk7e.default-1485611698885-1510962581897\Extensions\wrc@avast.com.xpi [2018-07-19]
FF Extension: (Video DownloadHelper) - C:\Users\Okko\AppData\Roaming\Mozilla\Firefox\Profiles\9p91fk7e.default-1485611698885-1510962581897\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-13]
FF Extension: (No Name) - C:\Users\Okko\AppData\Roaming\Mozilla\Firefox\Profiles\9p91fk7e.default-1485611698885-1510962581897\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-24] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-24] (Adobe Systems Incorporated -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-11-28] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-11-28] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-55469658-3419985309-1369119327-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Okko\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-18] (Unity Technologies SF -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-55469658-3419985309-1369119327-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-55469658-3419985309-1369119327-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default [2020-02-27]
CHR Notifications: Default -> hxxps://gamifique.eurozpravy.cz; hxxps://www.youtube.com
CHR Extension: (Prezentace) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-17]
CHR Extension: (Dokumenty) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-28]
CHR Extension: (YouTube) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-02-19]
CHR Extension: (Vyhledávání Google) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-27]
CHR Extension: (Tabulky) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-09]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-02-21]
CHR Extension: (giicnncicnopjohcpamieklkiacdoeni) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\giicnncicnopjohcpamieklkiacdoeni [2014-11-23]
CHR Extension: (Avast Online Security) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-27]
CHR Extension: (Video DownloadHelper) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2019-06-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Flash-HTML5 for YouTube™) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\omimccinlhlkpjaeaocglgmkbelejlhj [2018-05-28]
CHR Extension: (Gmail) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-27]
CHR Extension: (Chrome Media Router) - C:\Users\Okko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-13]
CHR Profile: C:\Users\Okko\AppData\Local\Google\Chrome\User Data\System Profile [2020-02-23]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-07-21] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2019-08-24] (BioWare -> BioWare)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-07-12] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation - pGFX -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-11-28] (Intel Corporation -> Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit Information Technology -> IObit)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2012-09-13] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [144008 2012-12-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16647736 2020-02-24] (Adlice -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-11-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-11-17] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-11-17] (Microsoft Corporation -> Microsoft Corporation)
S2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37864 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205576 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [271120 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206608 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [64272 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279360 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42976 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175400 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110560 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84056 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848672 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [458584 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235184 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316256 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283200 2017-11-19] (DT Soft Ltd -> DT Soft Ltd)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 netr28ux; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2408208 2013-06-18] (Mediatek Inc. -> Ralink Technology Corp.)
R3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RTL8168; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [591360 2013-06-18] (Microsoft Windows -> Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-11-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-11-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-11-17] (Microsoft Windows -> Microsoft Corporation)
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 hwusb_cdcacm; \SystemRoot\system32\DRIVERS\ew_cdcacm.sys [X]
S3 hwusb_wwanecm; \SystemRoot\system32\DRIVERS\ew_wwanecm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-27 16:12 - 2020-02-27 16:13 - 000034728 _____ C:\Users\Okko\Desktop\FRST.txt
2020-02-27 16:11 - 2020-02-27 16:13 - 000000000 ____D C:\FRST
2020-02-27 16:09 - 2020-02-27 16:09 - 002279424 _____ (Farbar) C:\Users\Okko\Desktop\FRST64.exe
2020-02-26 22:25 - 2020-02-26 22:28 - 183595008 _____ C:\Users\Okko\Downloads\My z kačerova 014 - Ztracená koruna Džingischánova STARY CST DABING.avi
2020-02-26 22:24 - 2020-02-26 22:28 - 183498752 _____ C:\Users\Okko\Downloads\My z kačerova 013 - Hotel Kačerstein STARY CST DABING.avi
2020-02-26 22:24 - 2020-02-26 22:28 - 183330816 _____ C:\Users\Okko\Downloads\My z kačerova 011 - Válka stínů STARY CST DABING.avi
2020-02-26 22:24 - 2020-02-26 22:27 - 188102656 _____ C:\Users\Okko\Downloads\My z kačerova 010 - Roboti rabiáci STARY CST DABING.avi
2020-02-26 22:24 - 2020-02-26 22:27 - 183566336 _____ C:\Users\Okko\Downloads\My z kačerova 012 - Kdo je pánem džina STARY CST DABING.avi
2020-02-26 22:24 - 2020-02-26 22:27 - 183506944 _____ C:\Users\Okko\Downloads\My z kačerova 009 - Pašák STARY CST DABING.avi
2020-02-26 22:23 - 2020-02-26 22:24 - 183379968 _____ C:\Users\Okko\Downloads\My z kačerova 008 - Kam noha kačerova ještě nevkročila STARY CST DABING.avi
2020-02-26 21:58 - 2020-02-26 21:59 - 000000000 ____D C:\AdwCleaner
2020-02-26 21:57 - 2020-02-26 21:57 - 008356016 _____ (Malwarebytes) C:\Users\Okko\Downloads\AdwCleaner.exe
2020-02-26 20:46 - 2020-02-26 20:46 - 000000000 ____D C:\rsit
2020-02-26 20:46 - 2020-02-26 20:46 - 000000000 ____D C:\Program Files\trend micro
2020-02-26 20:41 - 2020-02-26 20:41 - 001222144 _____ C:\Users\Okko\Downloads\RSITx64.exe
2020-02-25 22:12 - 2020-02-25 22:15 - 183910400 _____ C:\Users\Okko\Downloads\My z kačerova 006 - Mezi námi dvojníky STARY CST DABING.avi
2020-02-25 22:12 - 2020-02-25 22:15 - 183359488 _____ C:\Users\Okko\Downloads\My z kačerova 007 - Sfinga na věčné časy STARY CST DABING.avi
2020-02-25 22:11 - 2020-02-25 22:15 - 183529472 _____ C:\Users\Okko\Downloads\My z kačerova 005 - Příliš mnoho zlata škodí STARY CST DABING.avi
2020-02-25 22:10 - 2020-02-25 22:15 - 183742235 _____ C:\Users\Okko\Downloads\My z Kačerova 001 - Neopuštěj loď.avi
2020-02-25 22:10 - 2020-02-25 22:14 - 159841792 _____ C:\Users\Okko\Downloads\My z Kačerova 003 - Tři Kachny Kondora.avi
2020-02-25 22:10 - 2020-02-25 22:14 - 159494144 _____ C:\Users\Okko\Downloads\My z Kačerova 004 - Studená Kachna.avi
2020-02-25 22:10 - 2020-02-25 22:13 - 159537152 _____ C:\Users\Okko\Downloads\My z Kačerova 002 - Patálie s Pokladem.avi
2020-02-25 22:03 - 2020-02-25 22:06 - 364058624 _____ C:\Users\Okko\Downloads\Hrdinove s03e06 - Svetlo zmira.avi
2020-02-25 17:33 - 2020-02-25 17:33 - 000000880 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-02-25 17:33 - 2020-02-25 17:33 - 000000880 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-02-25 17:33 - 2020-02-25 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-02-25 17:33 - 2020-02-25 17:33 - 000000000 ____D C:\Program Files\RogueKiller
2020-02-25 17:32 - 2020-02-25 18:04 - 000000000 ____D C:\ProgramData\RogueKiller
2020-02-25 16:16 - 2020-02-25 16:16 - 000368056 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-02-25 16:16 - 2020-02-25 16:16 - 000235184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-02-25 16:16 - 2020-02-25 16:16 - 000175400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-02-24 22:05 - 2020-02-24 22:06 - 108513822 _____ C:\Users\Okko\Downloads\South Park 05. Ztracená hra.mp4
2020-02-24 22:04 - 2020-02-24 22:05 - 073750328 _____ C:\Users\Okko\Downloads\SOUTH-PARK-CZ---Robo-kamarad.avi
2020-02-24 22:03 - 2020-02-24 22:05 - 108333421 _____ C:\Users\Okko\Downloads\South Park 12. Žebřík do nebe.mp4
2020-02-24 22:02 - 2020-02-24 22:04 - 094942150 _____ C:\Users\Okko\Downloads\SOUTH PARK_CZ Dabing_Věnuj se lásce, ne WARCRAFTU!!!_BSserial.avi
2020-02-24 22:02 - 2020-02-24 22:04 - 085977498 _____ C:\Users\Okko\Downloads\SOUTH-PARK-CZ---Mali-bojovnici-proti-zlocinu.avi
2020-02-23 22:20 - 2019-05-04 14:48 - 325355315 _____ C:\Users\Okko\Downloads\Městečko záhad - (Gravity Falls) - S02E07 - Tajná Společnost.mkv
2020-02-23 01:03 - 2019-05-04 14:47 - 325312652 _____ C:\Users\Okko\Downloads\Městečko záhad - (Gravity Falls) - S02E06 - Malý suvenýrový krámek hrůz.mkv
2020-02-20 17:32 - 2020-02-20 17:39 - 000000000 ____D C:\Users\Okko\AppData\Local\Discord
2020-02-20 17:24 - 2020-02-21 06:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-02-19 21:53 - 2020-02-19 21:56 - 371931136 _____ C:\Users\Okko\Downloads\Hrdinove s03e04 - Jsem smrt, nicitel svetu.avi
2020-02-19 21:21 - 2020-02-19 21:25 - 358524928 _____ C:\Users\Okko\Downloads\Hrdinové S03E05 - Andele a zrudy.avi
2020-02-17 20:20 - 2020-02-17 20:25 - 285563407 _____ C:\Users\Okko\Downloads\Stranger.Things.S01E01.BDRip.X264-REWARD.mkv
2020-02-17 18:30 - 2020-02-17 18:34 - 188606701 _____ C:\Users\Okko\Downloads\Nagasarete Airantou - 03.mp4
2020-02-17 18:22 - 2020-02-17 18:26 - 188646406 _____ C:\Users\Okko\Downloads\Nagasarete Airantou - 02.mp4
2020-02-17 18:04 - 2020-02-17 18:08 - 188609050 _____ C:\Users\Okko\Downloads\Nagasarete Airantou - 01.mp4
2020-02-15 22:59 - 2020-02-15 23:10 - 188522724 _____ C:\Users\Okko\Downloads\[HorribleSubs] Overlord III - 13 [720p].mp4
2020-02-15 22:58 - 2020-02-15 23:10 - 188631279 _____ C:\Users\Okko\Downloads\[HorribleSubs] Overlord III - 12 [720p].mp4
2020-02-15 22:58 - 2020-02-15 23:10 - 188624871 _____ C:\Users\Okko\Downloads\[HorribleSubs] Overlord III - 06 [720p].mp4
2020-02-15 22:58 - 2020-02-15 23:10 - 188574630 _____ C:\Users\Okko\Downloads\[HorribleSubs] Overlord III - 04 [720p].mp4
2020-02-15 22:58 - 2020-02-15 23:10 - 188550779 _____ C:\Users\Okko\Downloads\[HorribleSubs] Overlord III - 10 [720p].mp4
2020-02-15 22:58 - 2020-02-15 23:10 - 188513303 _____ C:\Users\Okko\Downloads\[HorribleSubs] Overlord III - 08 [720p].mp4
2020-02-15 22:58 - 2020-02-15 23:10 - 188494101 _____ C:\Users\Okko\Downloads\[HorribleSubs] Overlord III - 09 [720p].mp4
2020-02-15 22:58 - 2020-02-15 23:10 - 188448134 _____ C:\Users\Okko\Downloads\[HorribleSubs] Overlord III - 07 [720p].mp4
2020-02-15 22:58 - 2020-02-15 23:09 - 188573332 _____ C:\Users\Okko\Downloads\[HorribleSubs] Overlord III - 11 [720p].mp4
2020-02-15 22:58 - 2020-02-15 23:09 - 188536705 _____ C:\Users\Okko\Downloads\[HorribleSubs] Overlord III - 05 [720p].mp4
2020-02-15 22:57 - 2020-02-15 23:09 - 188582074 _____ C:\Users\Okko\Downloads\[HorribleSubs] Overlord III - 03 [720p].mp4
2020-02-15 22:57 - 2020-02-15 23:08 - 188651119 _____ C:\Users\Okko\Downloads\[HorribleSubs] Overlord III - 02 [720p].mp4
2020-02-15 22:57 - 2020-02-15 23:07 - 188574849 _____ C:\Users\Okko\Downloads\[HorribleSubs] Overlord III - 01 [720p].mp4
2020-02-15 22:47 - 2020-02-15 22:49 - 201952643 _____ C:\Users\Okko\Downloads\[JKP] Mikagura Gakuen Kumikyoku - 1.mp4
2020-02-15 22:46 - 2020-02-15 22:50 - 274668855 _____ C:\Users\Okko\Downloads\[SFEO-Raws] Mikagura Gakuen Kumikyoku - 08 (BD 720P x264 10bit AAC)[C52FA341].mp4
2020-02-15 22:46 - 2020-02-15 22:46 - 000033726 _____ C:\Users\Okko\Downloads\AnimesCX_Mikagura_Gakuen_Kumikyoku___08_HD.ass
2020-02-15 22:29 - 2020-02-15 22:33 - 264079094 _____ C:\Users\Okko\Downloads\[SFEO-Raws] Mikagura Gakuen Kumikyoku - 05 (BD 720P x264 10bit AAC)[C3E4A42B].mp4
2020-02-15 22:28 - 2020-02-15 22:28 - 000034124 _____ C:\Users\Okko\Downloads\AnimesCX_Mikagura_Gakuen_Kumikyoku___05_HD.ass
2020-02-15 22:17 - 2020-02-15 22:24 - 188939008 _____ C:\Users\Okko\Downloads\HNS_Mikagura_Gakuen_Kumikyoku_12.mp4
2020-02-15 22:17 - 2020-02-15 22:24 - 188802453 _____ C:\Users\Okko\Downloads\HNS_Mikagura_Gakuen_Kumikyoku_11.mp4
2020-02-15 22:16 - 2020-02-15 22:24 - 188776818 _____ C:\Users\Okko\Downloads\HNS_Mikagura_Gakuen_Kumikyoku_09.mp4
2020-02-15 22:16 - 2020-02-15 22:23 - 188905854 _____ C:\Users\Okko\Downloads\HNS_Mikagura_Gakuen_Kumikyoku_07.mp4
2020-02-15 22:16 - 2020-02-15 22:23 - 188873730 _____ C:\Users\Okko\Downloads\HNS_Mikagura_Gakuen_Kumikyoku_10.mp4
2020-02-15 22:16 - 2020-02-15 22:23 - 188815665 _____ C:\Users\Okko\Downloads\HNS_Mikagura_Gakuen_Kumikyoku_06.mp4
2020-02-15 22:11 - 2020-02-15 22:16 - 188981819 _____ C:\Users\Okko\Downloads\HNS_Mikagura_Gakuen_Kumikyoku_04.mp4
2020-02-15 22:11 - 2020-02-15 22:16 - 188923105 _____ C:\Users\Okko\Downloads\HNS_Mikagura_Gakuen_Kumikyoku_03.mp4
2020-02-15 22:11 - 2020-02-15 22:14 - 133462833 _____ C:\Users\Okko\Downloads\Mikagura Gakuen Kumikyoku - 02.mp4
2020-02-15 22:07 - 2020-02-15 22:27 - 731623060 _____ C:\Users\Okko\Downloads\Murenase! Seton Gakuen - 03 CZ.mkv
2020-02-15 22:03 - 2020-02-15 22:05 - 174335900 _____ C:\Users\Okko\Downloads\Murenase! Seton Gakuen - 01 [480p] CZ Sub.mkv
2020-02-15 22:03 - 2020-02-15 22:05 - 157643044 _____ C:\Users\Okko\Downloads\Murenase! Seton Gakuen - 02 [480p] CZ Sub.mkv
2020-02-15 16:41 - 2020-02-15 17:00 - 1507345752 _____ C:\Users\Okko\Downloads\Jumanji The Next Level 2019 (Další level) HDrip 1080p CZ tit titulky.mkv
2020-02-15 16:41 - 2020-02-15 16:41 - 000105010 _____ C:\Users\Okko\Downloads\Jumanji The Next Level 2019 (Další level) HDrip CZ titulky CMRG.srt
2020-02-14 22:23 - 2020-02-14 22:55 - 1493514481 _____ C:\Users\Okko\Downloads\Smrtonosná past -Opět v akci (2013).mkv
2020-02-10 21:36 - 2020-02-10 21:52 - 1880514912 _____ C:\Users\Okko\Downloads\Ovečka Shaun ve filmu 2 - Farmageddon novinka, novinky. Dj.mkv
2020-02-10 20:56 - 2020-02-10 21:12 - 1709698110 _____ C:\Users\Okko\Downloads\Rambo Poslední krev 2019 CZ titulky BluRay,1080p,.mkv
2020-02-10 20:53 - 2020-02-10 21:26 - 2176193648 _____ C:\Users\Okko\Downloads\Angry Birds ve filmu 2 2019 1080p cz dabing.mkv
2020-02-09 22:14 - 2020-02-09 22:23 - 449477098 _____ C:\Users\Okko\Downloads\Boku no Hero Academia - OVA2 - The Training of the Dead.mkv
2020-02-09 22:14 - 2020-02-09 22:22 - 403066646 _____ C:\Users\Okko\Downloads\Boku no Hero Academia - OVA1 - Sukue! Kyuujo Kunren!.mkv
2020-02-09 22:13 - 2020-02-09 22:23 - 737352073 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 16.mkv
2020-02-09 19:37 - 2020-02-09 19:37 - 000076092 _____ C:\Users\Okko\Downloads\navod-baldurs-gate.mht
2020-02-08 16:22 - 2020-02-08 16:22 - 003866543 _____ C:\Users\Okko\Downloads\BG 2 čeština.zip
2020-02-08 16:18 - 2020-02-08 16:18 - 000000929 _____ C:\Users\Public\Desktop\Baldur's Gate II - Enhanced Edition.lnk
2020-02-08 16:18 - 2020-02-08 16:18 - 000000929 _____ C:\ProgramData\Desktop\Baldur's Gate II - Enhanced Edition.lnk
2020-02-08 16:18 - 2020-02-08 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baldur's Gate II - Enhanced Edition [GOG.com]
2020-02-08 15:54 - 2020-02-08 16:14 - 000000904 _____ C:\Users\Public\Desktop\Baldur's Gate - Enhanced Edition.lnk
2020-02-08 15:54 - 2020-02-08 16:14 - 000000904 _____ C:\ProgramData\Desktop\Baldur's Gate - Enhanced Edition.lnk
2020-02-08 15:54 - 2020-02-08 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baldur's Gate - Enhanced Edition [GOG.com]
2020-02-08 15:27 - 2020-02-08 15:42 - 000000000 ____D C:\Users\Okko\AppData\Local\HearthstoneDeckTracker
2020-02-06 22:32 - 2020-02-06 22:42 - 199021460 _____ C:\Users\Okko\Downloads\HNS Uma Musume - Pretty Derby - 13.mp4
2020-02-06 22:31 - 2020-02-06 22:47 - 199487794 _____ C:\Users\Okko\Downloads\Uma Musume - Pretty Derby - 05.mp4
2020-02-06 22:31 - 2020-02-06 22:45 - 199169683 _____ C:\Users\Okko\Downloads\HNS Uma Musume - Pretty Derby - 08.mp4
2020-02-06 22:31 - 2020-02-06 22:44 - 199002452 _____ C:\Users\Okko\Downloads\HNS Uma Musume - Pretty Derby - 10.mp4
2020-02-06 22:31 - 2020-02-06 22:44 - 198803063 _____ C:\Users\Okko\Downloads\HNS Uma Musume - Pretty Derby - 09.mp4
2020-02-06 22:31 - 2020-02-06 22:43 - 199345851 _____ C:\Users\Okko\Downloads\HNS Uma Musume - Pretty Derby - 12.mp4
2020-02-06 22:31 - 2020-02-06 22:43 - 199235852 _____ C:\Users\Okko\Downloads\HNS Uma Musume - Pretty Derby - 07.mp4
2020-02-06 22:31 - 2020-02-06 22:42 - 198908801 _____ C:\Users\Okko\Downloads\HNS Uma Musume - Pretty Derby - 11.mp4
2020-02-06 22:30 - 2020-02-06 22:40 - 199125041 _____ C:\Users\Okko\Downloads\HNS Uma Musume - Pretty Derby - 06.mp4
2020-02-06 22:30 - 2020-02-06 22:39 - 199183794 _____ C:\Users\Okko\Downloads\HNS Uma Musume - Pretty Derby - 04.mp4
2020-02-06 22:29 - 2020-02-06 22:39 - 199216234 _____ C:\Users\Okko\Downloads\HNS Uma Musume - Pretty Derby - 03.mp4
2020-02-06 22:29 - 2020-02-06 22:37 - 199175470 _____ C:\Users\Okko\Downloads\HNS Uma Musume - Pretty Derby - 02.mp4
2020-02-06 22:29 - 2020-02-06 22:37 - 198867240 _____ C:\Users\Okko\Downloads\HNS Uma Musume - Pretty Derby - 01.mp4
2020-02-04 19:48 - 2020-02-04 19:48 - 000000000 ____D C:\Program Files (x86)\AdwCleaner
2020-02-04 19:24 - 2020-02-04 19:24 - 000000000 ____D C:\Users\Okko\AppData\Local\WeMod
2020-02-03 20:31 - 2020-02-03 20:38 - 208902567 _____ C:\Users\Okko\Downloads\HNS Dungeon ni Deai wo Motomeru no wa Machigatteiru Darou ka II - 07.mp4
2020-02-03 20:31 - 2020-02-03 20:38 - 208884604 _____ C:\Users\Okko\Downloads\HNS Dungeon ni Deai wo Motomeru no wa Machigatteiru Darou ka II - 11.mp4
2020-02-03 20:31 - 2020-02-03 20:38 - 208853097 _____ C:\Users\Okko\Downloads\HNS Dungeon ni Deai wo Motomeru no wa Machigatteiru Darou ka II - 08.mp4
2020-02-03 20:31 - 2020-02-03 20:38 - 208838812 _____ C:\Users\Okko\Downloads\HNS Dungeon ni Deai wo Motomeru no wa Machigatteiru Darou ka II - 10.mp4
2020-02-03 20:31 - 2020-02-03 20:38 - 208835184 _____ C:\Users\Okko\Downloads\HNS Dungeon ni Deai wo Motomeru no wa Machigatteiru Darou ka II - 09.mp4
2020-02-03 20:31 - 2020-02-03 20:38 - 208831238 _____ C:\Users\Okko\Downloads\HNS Dungeon ni Deai wo Motomeru no wa Machigatteiru Darou ka II - 06.mp4
2020-02-03 20:31 - 2020-02-03 20:37 - 208867379 _____ C:\Users\Okko\Downloads\HNS Dungeon ni Deai wo Motomeru no wa Machigatteiru Darou ka II - 12.mp4
2020-02-03 20:26 - 2020-02-03 20:32 - 063128261 _____ C:\Users\Okko\Downloads\Danmachi 2 OVA.mp4
2020-02-03 20:12 - 2020-02-03 20:27 - 866448316 _____ C:\Users\Okko\Downloads\[Himitsu]Accel World- Infinite Burst.mp4
2020-02-03 20:12 - 2020-02-03 20:16 - 191497499 _____ C:\Users\Okko\Downloads\[Erai-raws] Dungeon ni Deai wo Motomeru no wa Machigatteiru Darou ka II - 04 [720p] cz-sub.mp4
2020-02-03 20:12 - 2020-02-03 20:16 - 188486244 _____ C:\Users\Okko\Downloads\[Erai-raws] Dungeon ni Deai wo Motomeru no wa Machigatteiru Darou ka II - 05 [720p][Multiple Subtitle].mp4
2020-02-03 20:11 - 2020-02-03 20:16 - 188458323 _____ C:\Users\Okko\Downloads\[Erai-raws] Dungeon ni Deai wo Motomeru no wa Machigatteiru Darou ka II - 03 [720p][Multiple Subtitle].mp4
2020-02-03 20:11 - 2020-02-03 20:15 - 188720136 _____ C:\Users\Okko\Downloads\[Erai-raws] Dungeon ni Deai wo Motomeru no wa Machigatteiru Darou ka II - 01 [720p][Multiple Subtitle].mp4
2020-02-03 20:10 - 2020-02-03 20:13 - 188356493 _____ C:\Users\Okko\Downloads\[Erai-raws] Dungeon ni Deai wo Motomeru no wa Machigatteiru Darou ka II - 02 [720p][Multiple Subtitle].mp4
2020-02-03 19:17 - 2020-02-03 19:34 - 188660950 _____ C:\Users\Okko\Downloads\Kono Subarashii Sekai ni Shukufuku wo! 2 -CZsubs- 11 OVA.mp4
2020-02-02 17:33 - 2020-02-02 17:41 - 639212111 _____ C:\Users\Okko\Downloads\The.Dragon.Prince.S01E01.1080p.EN.CZ.K0F0LA.mp4
2020-02-02 15:09 - 2020-02-02 15:25 - 1151639107 _____ C:\Users\Okko\Downloads\Boku no Hero Academia the Movie Futari no Hero cz.mp4
2020-02-02 14:07 - 2020-02-02 14:29 - 736572775 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 15.mkv
2020-02-02 14:07 - 2020-02-02 14:28 - 737049477 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 14.mkv
2020-02-02 14:07 - 2020-02-02 14:22 - 737724969 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 13.mkv
2020-02-02 14:07 - 2020-02-02 14:22 - 737237973 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 11.mkv
2020-02-02 14:07 - 2020-02-02 14:22 - 737016751 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 12.mkv
2020-01-30 22:06 - 2020-01-30 23:23 - 2656749658 _____ C:\Users\Okko\Downloads\Městečko záhad - (Gravity Falls) CZ - S02 (WebRip) (720p).rar
2020-01-28 21:33 - 2020-01-28 21:53 - 737187462 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 05.mkv
2020-01-28 21:33 - 2020-01-28 21:52 - 737290920 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 06.mkv
2020-01-28 21:33 - 2020-01-28 21:52 - 737219124 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 09.mkv
2020-01-28 21:33 - 2020-01-28 21:52 - 736305066 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 10.mkv
2020-01-28 21:33 - 2020-01-28 21:52 - 735439988 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 08.mkv
2020-01-28 21:33 - 2020-01-28 21:46 - 736644424 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 07.mkv
2020-01-28 20:51 - 2020-01-28 21:11 - 737690079 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 04.mkv
2020-01-28 20:50 - 2020-01-28 21:11 - 736526401 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 03.mkv
2020-01-28 20:50 - 2020-01-28 21:07 - 737183243 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 01.mkv
2020-01-28 20:50 - 2020-01-28 21:07 - 737081665 _____ C:\Users\Okko\Downloads\Boku no Hero Academia 4 - 02.mkv
2020-01-21 18:23 - 2020-01-21 18:29 - 178395604 _____ C:\Users\Okko\Downloads\Outbreak Company -SKsubs- 11.mp4
2020-01-21 18:23 - 2020-01-21 18:29 - 178360843 _____ C:\Users\Okko\Downloads\Outbreak Company -SKsubs- 10.mp4
2020-01-21 18:23 - 2020-01-21 18:29 - 178315599 _____ C:\Users\Okko\Downloads\Outbreak Company -SKsubs- 12.mp4
2020-01-21 18:23 - 2020-01-21 18:29 - 178302138 _____ C:\Users\Okko\Downloads\Outbreak Company -SKsubs- 09.mp4
2020-01-21 18:15 - 2020-01-21 18:21 - 188845807 _____ C:\Users\Okko\Downloads\Outbreak Company -SKsubs- 08.mp4
2020-01-21 18:15 - 2020-01-21 18:21 - 178327806 _____ C:\Users\Okko\Downloads\Outbreak Company -SKsubs- 06.mp4
2020-01-21 18:15 - 2020-01-21 18:21 - 178278370 _____ C:\Users\Okko\Downloads\Outbreak Company -SKsubs- 05.mp4
2020-01-21 18:15 - 2020-01-21 18:21 - 178259742 _____ C:\Users\Okko\Downloads\Outbreak Company -SKsubs- 07.mp4
2020-01-21 18:09 - 2020-01-21 18:15 - 178400879 _____ C:\Users\Okko\Downloads\Outbreak Company -SKsubs- 02.mp4
2020-01-21 18:09 - 2020-01-21 18:15 - 178377833 _____ C:\Users\Okko\Downloads\Outbreak Company -SKsubs- 04.mp4
2020-01-21 18:09 - 2020-01-21 18:15 - 178344526 _____ C:\Users\Okko\Downloads\Outbreak Company -SKsubs- 01.mp4
2020-01-21 18:09 - 2020-01-21 18:13 - 178301864 _____ C:\Users\Okko\Downloads\Outbreak Company -SKsubs- 03.mp4
2020-01-19 19:53 - 2020-01-19 20:40 - 1845978666 _____ C:\Users\Okko\Downloads\Zombieland_ Rána jistoty(Zombieland_ Double Tap)-dab.+tit.(2019).mkv
2020-01-19 19:51 - 2020-01-19 20:39 - 1718010640 _____ C:\Users\Okko\Downloads\Doktor spánek (Doctor Sleep) 2019 CZtit V OBRAZE MARTEC.avi
2020-01-18 10:40 - 2020-01-18 10:40 - 000000222 _____ C:\Users\Okko\Desktop\Neverwinter.url
2020-01-16 17:22 - 2020-01-16 17:22 - 000001807 _____ C:\Users\Okko\Desktop\wesnoth.lnk
2020-01-16 17:20 - 2020-01-16 17:20 - 000000000 ___SD C:\Users\Okko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Battle for Wesnoth 1.14.9
2020-01-16 17:16 - 2020-01-16 17:22 - 000000000 ____D C:\Users\Okko\AppData\Local\Battle for Wesnoth 1.14.9
2020-01-10 18:31 - 2020-02-20 17:33 - 000000000 ____D C:\Users\Okko\AppData\Roaming\Discord
2020-01-03 18:23 - 2020-02-20 17:33 - 000000000 ____D C:\Users\Okko\AppData\Local\SquirrelTemp
2019-12-19 20:58 - 2019-12-19 20:58 - 000197971 _____ C:\Users\Okko\Downloads\pruvodni-dopis.pdf
2019-12-15 19:28 - 2019-12-15 19:28 - 002025035 _____ C:\Users\Okko\Downloads\Kněz.pdf
2019-12-15 19:28 - 2019-12-15 19:28 - 000076104 _____ C:\Users\Okko\Downloads\Kněžská-kouzla.pdf
2019-12-15 00:28 - 2020-01-23 16:44 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-15 00:28 - 2020-01-23 16:44 - 000002173 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-15 00:28 - 2020-01-23 16:44 - 000002173 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-15 00:27 - 2020-02-26 22:47 - 000003388 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-15 00:27 - 2020-02-26 22:47 - 000003260 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-11 19:55 - 2019-12-11 20:07 - 444372023 _____ C:\Users\Okko\Downloads\Tensei Shitara Slime Datta Ken - 06 CZ.mkv
2019-12-11 19:55 - 2019-12-11 20:07 - 362367882 _____ C:\Users\Okko\Downloads\Tensei Shitara Slime Datta Ken - 05 CZ.mkv
2019-12-11 19:36 - 2019-12-11 19:52 - 426397420 _____ C:\Users\Okko\Downloads\Tensei Shitara Slime Datta Ken - 04 CZ.mkv
2019-12-11 19:35 - 2019-12-11 20:03 - 514496036 _____ C:\Users\Okko\Downloads\Tensei Shitara Slime Datta Ken - 01 CZ.mkv
2019-12-11 19:35 - 2019-12-11 20:00 - 439981376 _____ C:\Users\Okko\Downloads\Tensei Shitara Slime Datta Ken - 02 CZ.mkv
2019-12-11 19:35 - 2019-12-11 19:56 - 436683275 _____ C:\Users\Okko\Downloads\Tensei Shitara Slime Datta Ken - 03 CZ.mkv
2019-12-10 18:29 - 2019-12-10 18:29 - 000002154 _____ C:\Users\Public\Desktop\Legacy of Kain Soul Reaver.lnk
2019-12-10 18:29 - 2019-12-10 18:29 - 000002154 _____ C:\ProgramData\Desktop\Legacy of Kain Soul Reaver.lnk
2019-12-08 22:19 - 2019-12-08 22:19 - 000031211 _____ C:\Users\Okko\Downloads\[GAW-Subs] Kono Yo no Hate de Koi wo Utau Shoujo YU-NO - 01.ass
2019-12-07 18:46 - 2019-12-07 18:52 - 432786124 _____ C:\Users\Okko\Downloads\[HorribleSubs] Kono Yo no Hate de Koi wo Utau Shoujo YU-NO - 01 [720p].mkv

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-27 14:54 - 2013-03-01 22:44 - 000000000 ____D C:\Users\Okko\AppData\Roaming\vlc
2020-02-27 14:20 - 2017-02-07 16:33 - 000004168 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-02-27 10:20 - 2014-11-21 05:53 - 001749406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-27 10:20 - 2014-11-21 05:10 - 000740962 _____ C:\WINDOWS\system32\perfh005.dat
2020-02-27 10:20 - 2014-11-21 05:10 - 000152146 _____ C:\WINDOWS\system32\perfc005.dat
2020-02-27 10:20 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2020-02-26 22:47 - 2018-10-16 21:23 - 000004526 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-02-26 22:47 - 2018-08-08 15:39 - 000003862 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2020-02-26 22:47 - 2018-04-02 11:17 - 000003190 _____ C:\WINDOWS\system32\Tasks\{608ABA6A-B53E-4B67-85C1-013264962E2F}
2020-02-26 22:47 - 2015-12-03 22:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-02-26 22:47 - 2013-03-01 11:21 - 000002770 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-02-26 22:33 - 2013-03-03 18:48 - 049783296 ___SH C:\Users\Okko\Downloads\Thumbs.db
2020-02-26 22:05 - 2018-07-20 21:24 - 000000000 ____D C:\Users\Okko\AppData\Local\AVAST Software
2020-02-26 22:02 - 2017-11-18 00:08 - 000000000 __SHD C:\Users\Okko\IntelGraphicsProfiles
2020-02-26 22:01 - 2017-11-17 22:58 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-26 22:01 - 2016-07-02 08:46 - 000000439 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2020-02-26 22:01 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-26 17:14 - 2013-03-01 15:50 - 000000000 ____D C:\Program Files (x86)\Steam
2020-02-26 17:12 - 2013-03-03 12:19 - 000000000 ____D C:\Users\Okko\AppData\Local\dxhr
2020-02-26 16:53 - 2014-03-01 20:24 - 000000000 ____D C:\Users\Okko\AppData\Local\Battle.net
2020-02-26 16:53 - 2014-03-01 20:24 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-02-26 16:52 - 2013-07-28 08:16 - 000549888 ___SH C:\Users\Okko\Desktop\Thumbs.db
2020-02-25 22:01 - 2014-03-03 10:09 - 000000058 _____ C:\Users\Okko\Desktop\dluž.txt
2020-02-25 21:59 - 2017-12-04 13:34 - 000007249 _____ C:\Users\Okko\Desktop\Rosťa med.txt
2020-02-25 19:52 - 2013-03-01 10:21 - 000003596 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-55469658-3419985309-1369119327-1002
2020-02-25 19:36 - 2017-11-17 23:08 - 000000000 ____D C:\Users\Okko
2020-02-25 19:36 - 2016-03-20 20:06 - 000000000 ____D C:\Program Files (x86)\OpenAL
2020-02-25 16:16 - 2019-02-14 13:51 - 000279360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2020-02-25 16:16 - 2019-01-14 15:56 - 000271120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-02-25 16:16 - 2019-01-04 15:54 - 000206608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-02-25 16:16 - 2019-01-04 15:54 - 000064272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-02-25 16:16 - 2019-01-04 15:54 - 000037864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-02-25 16:16 - 2018-10-24 16:01 - 000042976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-02-25 16:16 - 2017-11-10 21:23 - 000205576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-02-25 16:16 - 2014-03-29 16:16 - 000848672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-02-25 16:16 - 2014-03-29 16:16 - 000458584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-02-25 16:16 - 2014-03-29 16:16 - 000316256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-02-25 16:16 - 2014-03-29 16:16 - 000110560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-02-25 16:16 - 2014-03-29 16:16 - 000084056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-02-25 09:18 - 2016-06-25 09:38 - 000000000 ____D C:\Users\Okko\Desktop\Katalogizace a Kyrandie
2020-02-25 09:01 - 2017-07-28 15:12 - 000000000 ____D C:\Users\Okko\Desktop\Doupě
2020-02-23 20:30 - 2018-04-21 09:00 - 000000000 ____D C:\Users\Okko\AppData\Roaming\MPC-HC
2020-02-23 20:30 - 2013-04-11 18:20 - 000000000 ____D C:\Users\Okko\AppData\Roaming\BitTorrent
2020-02-23 20:30 - 2013-03-16 21:08 - 000000000 ____D C:\Users\Okko\AppData\Roaming\DAEMON Tools Lite
2020-02-23 20:29 - 2017-03-26 18:05 - 000000000 ____D C:\Users\Okko\AppData\Local\CrashDumps
2020-02-23 11:37 - 2016-11-19 09:48 - 000000000 ____D C:\Users\Okko\AppData\LocalLow\Mozilla
2020-02-22 18:16 - 2017-11-05 18:46 - 000000000 ____D C:\ProgramData\ProductData
2020-02-21 21:49 - 2016-03-20 20:06 - 000000000 ____D C:\Users\Okko\Documents\Baldur's Gate - Enhanced Edition
2020-02-21 06:42 - 2017-01-28 14:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-02-20 18:38 - 2018-11-14 09:33 - 000002806 _____ C:\Users\Okko\Desktop\pátek oslava fondue.txt
2020-02-20 18:04 - 2017-01-28 14:53 - 000001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-02-17 21:55 - 2015-07-25 21:48 - 000000000 ____D C:\Users\Okko\Downloads\Subs
2020-02-17 18:47 - 2014-03-29 11:23 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2020-02-10 21:52 - 2013-03-21 10:30 - 000001052 _____ C:\Users\Okko\Desktop\filmy.txt
2020-02-08 16:24 - 2016-04-14 06:41 - 000000000 ____D C:\Users\Okko\Documents\Baldur's Gate II - Enhanced Edition
2020-02-08 15:22 - 2016-09-04 21:03 - 000000000 ____D C:\Users\Okko\AppData\Local\PokerStars.EU
2020-02-08 15:22 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-08 15:22 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-08 15:22 - 2013-03-01 10:13 - 000000000 ____D C:\Users\Okko\AppData\Local\Packages
2020-02-08 15:04 - 2016-04-14 06:35 - 000000000 ____D C:\Program Files (x86)\Baldur's Gate II Enhanced Edition
2020-02-04 19:51 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-02-04 19:26 - 2012-07-26 08:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-01 23:13 - 2018-10-17 21:22 - 663082282 _____ C:\Users\Okko\Downloads\GameOfThrones_Epizoda4_Cestina_v2.rar

==================== Files in the root of some directories ========

2016-02-18 06:55 - 2016-02-18 06:55 - 000000000 ___SH () C:\Users\Okko\AppData\Local\LumaEmu
2018-12-13 08:52 - 2018-12-13 08:52 - 000000837 _____ () C:\Users\Okko\AppData\Local\recently-used.xbel
2013-09-12 16:30 - 2013-09-12 16:30 - 000007674 _____ () C:\Users\Okko\AppData\Local\Resmon.ResmonCfg
2013-04-17 14:12 - 2013-04-17 14:12 - 001341859 _____ () C:\Users\Okko\AppData\Local\Tempmusic.ogg
2017-01-09 07:35 - 2017-01-09 07:35 - 000000000 _____ () C:\Users\Okko\AppData\Local\{FFB8A4C6-6B58-44A6-96AF-480859D6C8F4}

==================== SigCheckExt =========================

2010-01-19 14:19 - 2010-01-19 14:19 - 000032768 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbmiapi.dll
2010-01-19 14:19 - 2010-01-19 14:19 - 000033280 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboid.dll
2010-01-19 14:19 - 2010-01-19 14:19 - 000009216 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboidps.dll
2010-01-19 14:19 - 2010-01-19 14:19 - 000056832 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbpro.dll
2010-01-19 14:19 - 2010-01-19 14:19 - 000009728 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbprops.dll
2010-01-19 14:12 - 2010-01-19 14:12 - 000070144 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPBWSDR.DLL
2009-11-27 11:15 - 2009-11-27 11:15 - 000228864 _____ (hp) C:\WINDOWS\system32\hplbddrv.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000079360 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZidr12.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000071680 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZinw12.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000089600 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipm12.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000053760 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipr12.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000045056 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzipt12.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000030208 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzisn12.dll
2017-01-26 01:09 - 2017-01-26 01:09 - 000322560 _____ C:\WINDOWS\system32\vulkan-1-1-0-39-1.dll
2017-03-26 18:03 - 2017-01-26 01:09 - 000322560 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-01-26 01:09 - 2017-01-26 01:09 - 000118272 _____ C:\WINDOWS\system32\vulkaninfo-1-1-0-39-1.exe
2017-03-26 18:03 - 2017-01-26 01:09 - 000118272 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-06-09 21:19 - 2018-06-09 21:19 - 000118784 _____ (Blizzard Entertainment) C:\WINDOWS\DiabUnin.exe
2013-08-09 12:46 - 1998-10-29 15:45 - 000306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2018-12-03 16:38 - 1997-01-16 00:00 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\ST5UNST.EXE
2013-12-12 20:12 - 2013-12-12 20:12 - 019727745 _____ C:\WINDOWS\SysWOW64\AKCE_MCL_AKCE_MCL_uninstaller.exe
2017-10-20 11:14 - 2010-03-15 18:45 - 000073728 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
2017-10-20 11:14 - 2007-12-13 21:16 - 000005120 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
2017-10-20 11:14 - 2012-12-03 12:39 - 000002560 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
2012-11-28 23:21 - 2012-11-28 17:33 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2010-01-18 11:28 - 2010-01-18 11:28 - 000049152 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZidr12.dll
2010-01-18 11:28 - 2010-01-18 11:28 - 000033792 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZipr12.dll
2012-06-20 03:52 - 2012-06-20 03:52 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll
2016-02-03 19:30 - 2006-07-11 18:43 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2006-07-11 18:02 - 2006-07-11 18:02 - 001053184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
2012-09-13 19:26 - 2012-09-13 19:26 - 000003584 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\msiapcfg.dll
2012-11-29 00:03 - 2009-07-10 00:54 - 000160768 _____ (Micro-Star International Co., Ltd.) C:\WINDOWS\SysWOW64\MSIService.exe
2012-11-29 00:03 - 2011-04-16 02:26 - 001598464 _____ (Micro-Star International Co., Ltd.) C:\WINDOWS\SysWOW64\MSIWmiAcpi.dll
2012-11-29 00:11 - 2006-07-11 18:35 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP71.dll
2006-07-11 17:35 - 2006-07-11 17:35 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2017-10-20 11:14 - 2013-07-12 13:03 - 000214016 _____ (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
2016-02-03 19:30 - 2007-01-01 20:03 - 000040960 ____R C:\WINDOWS\SysWOW64\psfind.dll
2005-09-07 12:03 - 2005-09-07 12:03 - 000722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb40032.dll
2018-12-03 16:38 - 1997-01-16 00:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5StKit.dll
2018-08-12 11:04 - 2005-02-26 06:34 - 000442368 ____R (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2017-01-26 01:12 - 2017-01-26 01:12 - 000326656 _____ C:\WINDOWS\SysWOW64\vulkan-1-1-0-39-1.dll
2017-03-26 18:03 - 2017-01-26 01:12 - 000326656 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-01-26 01:13 - 2017-01-26 01:13 - 000103936 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-39-1.exe
2017-03-26 18:03 - 2017-01-26 01:13 - 000103936 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2008-08-07 10:50 - 2008-08-07 10:50 - 001261568 _____ (Zeon International Investment Corp. ) C:\WINDOWS\SysWOW64\ZDImage2pdf7.dll
2020-02-27 16:09 - 2020-02-27 16:09 - 002279424 _____ (Farbar) C:\Users\Okko\Desktop\FRST64.exe
2013-11-13 21:09 - 2011-10-16 09:46 - 003249152 _____ C:\Users\Okko\Desktop\homm6_plus8_trainer.EXE
2019-10-31 17:12 - 2019-10-31 17:12 - 096046291 _____ (Fénix ProDabing ) C:\Users\Okko\Downloads\FPD Doom 3 + Resurrection of Evil.exe
2020-02-26 20:41 - 2020-02-26 20:41 - 001222144 _____ C:\Users\Okko\Downloads\RSITx64.exe
2018-10-18 19:09 - 2018-10-18 19:18 - 393237386 _____ () C:\Users\Okko\Downloads\Syberia1.cz.fenixprodabing.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{bd81aa87-5bd8-11e2-be78-806e6f6e6963}
{bd81aa88-5bd8-11e2-be78-806e6f6e6963}
timeout 2

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {abae5fbe-3f70-11e2-ad89-ed0f5de875ff}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Firmware Application (101fffff)
-------------------------------
identifier {bd81aa87-5bd8-11e2-be78-806e6f6e6963}
description UEFI: IPV4 Realtek PCIe GBE Family Controller

Firmware Application (101fffff)
-------------------------------
identifier {bd81aa88-5bd8-11e2-be78-806e6f6e6963}
description UEFI: IPV6 Realtek PCIe GBE Family Controller

Windows Boot Loader
-------------------
identifier {abae5fbb-3f70-11e2-ad89-ed0f5de875ff}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\abae5fbb-3f70-11e2-ad89-ed0f5de875ff\Winre.wim,{abae5fbc-3f70-11e2-ad89-ed0f5de875ff}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\abae5fbb-3f70-11e2-ad89-ed0f5de875ff\Winre.wim,{abae5fbc-3f70-11e2-ad89-ed0f5de875ff}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 8.1
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {abae5fc0-3f70-11e2-ad89-ed0f5de875ff}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {abae5fbe-3f70-11e2-ad89-ed0f5de875ff}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {abae5fc0-3f70-11e2-ad89-ed0f5de875ff}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{abae5fc1-3f70-11e2-ad89-ed0f5de875ff}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale cs-CZ
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{abae5fc1-3f70-11e2-ad89-ed0f5de875ff}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {abae5fb9-3f70-11e2-ad89-ed0f5de875ff}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
recoverysequence {abae5fbb-3f70-11e2-ad89-ed0f5de875ff}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Resume from Hibernate
---------------------
identifier {abae5fbe-3f70-11e2-ad89-ed0f5de875ff}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
recoverysequence {abae5fc0-3f70-11e2-ad89-ed0f5de875ff}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostika pam�ti syst�mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {abae5fbc-3f70-11e2-ad89-ed0f5de875ff}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\abae5fbb-3f70-11e2-ad89-ed0f5de875ff\boot.sdi

Device options
--------------
identifier {abae5fbd-3f70-11e2-ad89-ed0f5de875ff}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi

Device options
--------------
identifier {abae5fc1-3f70-11e2-ad89-ed0f5de875ff}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi


LastRegBack: 2020-02-26 22:47
==================== End of FRST.txt ========================

Re: Měl jsem problém s hackerským útokem

Napsal: 27 úno 2020 16:23
od Falldrax
Tady addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-02-2020
Ran by Okko (27-02-2020 16:17:26)
Running from C:\Users\Okko\Desktop
Windows 8.1 (Update) (X64) (2017-11-17 23:07:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-55469658-3419985309-1369119327-500 - Administrator - Disabled)
Guest (S-1-5-21-55469658-3419985309-1369119327-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-55469658-3419985309-1369119327-1007 - Limited - Enabled)
Okko (S-1-5-21-55469658-3419985309-1369119327-1002 - Administrator - Enabled) => C:\Users\Okko

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{36C704E9-C7FC-44C1-847E-DC9470414709}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{491FCC06-244A-471D-974D-D7A59ED70B3F}) (Version: 16.4.3503.0728 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (HKLM-x32\...\{DDDC459A-9197-40D6-A4A4-83C46A702550}) (Version: 16.4.3503.0728 - „Microsoft Corporation“) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
A Vampyre Story (HKLM-x32\...\A Vampyre Story_is1) (Version: - Burda)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AdwCleaner verze 1.5 (HKLM-x32\...\AdwCleaner_is1) (Version: 1.5 - )
Aktualizace NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Alice: Madness Returns (HKLM-x32\...\Alice: Madness Returns_is1) (Version: - )
American McGee's Alice(tm) (HKLM-x32\...\{0B201E9A-2912-457D-87DE-CFB8DDEAF7F2}) (Version: 1.00.0000 - EA Games)
Amnesia (HKLM-x32\...\Amnesia_is1) (Version: 1.0 - TopQer s.r.o.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.92 - NVIDIA Corporation) Hidden
Ant Video downloader (Native messaging host) (HKLM-x32\...\{C7B24B38-A9D0-4F6D-A028-8C90DB8F2D85}) (Version: 3.1.24 - Ant.com)
Armed and Dangerous (HKLM-x32\...\1440410681_is1) (Version: 2.0.0.3 - GOG.com)
Assassin's Creed verze 1.0.0.1 (HKLM-x32\...\{A588EEF5-A2F0-4222-B1BB-E4CF3B859905}_is1) (Version: 1.0.0.1 - )
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Baldur's Gate - Enhanced Edition (HKLM-x32\...\1207666353_is1) (Version: 2.4.0.6 - GOG.com)
Baldur's Gate - Siege of Dragonspear (HKLM-x32\...\1459335293_is1) (Version: 2.4.0.6 - GOG.com)
Baldur's Gate II - Enhanced Edition (HKLM-x32\...\1207666373_is1) (Version: 2.4.0.6 - GOG.com)
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
Battle for Wesnoth 1.14.9 (HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\Battle for Wesnoth 1.14.9) (Version: 1.14.9 - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bio Menace (HKLM-x32\...\Bio Menace) (Version: - )
BioShock (HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.5.0000 - 2K Games)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version: - )
BitTorrent (HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\BitTorrent) (Version: 7.10.5.45496 - BitTorrent Inc.)
BloodRayne (HKLM-x32\...\GOGPACKBLOODRAYNE1_is1) (Version: 2.0.0.5 - GOG.com)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.21.2305 - BlueStack Systems, Inc.)
Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Brother MFL-Pro Suite DCP-L8400CDN (HKLM-x32\...\{A3C8ED27-D848-441A-AE81-E42E27109558}) (Version: 1.0.6.0 - Brother Industries, Ltd.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.65.1074 - AB Team, d.o.o.)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1211.2101 - Micro-Star International Co., Ltd.)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Clive Barker's Jericho (HKLM-x32\...\{BE9A67F1-BDD3-4259-9F5C-2EFCE6B3A6C5}) (Version: 0.10.0000 - Codemasters)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Cuphead (HKLM-x32\...\1963513391_is1) (Version: 20170929 - GOG.com)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Darkstone (HKLM-x32\...\1207659025_is1) (Version: 1.0.5B - GOG.com)
Dead Island (HKLM-x32\...\Dead Island_is1) (Version: - R.G. ReCoding | BAV)
Dead Space (HKLM-x32\...\{940EFF95-13D6-4D45-AFC6-377498E5B741}) (Version: 1.00.222 - Electronic Arts)
Deadpool (HKLM-x32\...\Deadpool_is1) (Version: 1.0 - Activision)
Diablo (HKLM-x32\...\Diablo) (Version: - )
Diablo (HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\Diablo) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Disciples 2 - Dark Prophecy and Gallean's Return (HKLM-x32\...\1207663703_is1) (Version: 2.1.0.8 - GOG.com)
Disciples 2 - Rise of the Elves (HKLM-x32\...\1207663713_is1) (Version: 2.1.0.8 - GOG.com)
Disciples Gold (HKLM-x32\...\1207658683_is1) (Version: 2.1.0.8 - GOG.com)
Dishonored verze 1.2 (HKLM-x32\...\{E52B76E9-F6DE-4EF1-BAFD-1684B037C7FA}_is1) (Version: 1.2 - tomi2k9)
Divinity - Original Sin (HKLM-x32\...\Divinity - Original Sin_is1) (Version: - )
Dragon Age II (HKLM-x32\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.00 - Electronic Arts, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ETDWare PS/2-X64 11.13.0.2_WHQL (HKLM\...\Elantech) (Version: 11.13.0.2 - ELAN Microelectronic Corp.)
Etherlords II (HKLM-x32\...\{A0E558A4-00E8-44E3-82D2-F32F75FA12E2}) (Version: 1.00 - Nival Interactive) Hidden
Etherlords II (HKLM-x32\...\InstallShield_{A0E558A4-00E8-44E3-82D2-F32F75FA12E2}) (Version: 1.00 - Nival Interactive)
F.E.A.R. 3 (HKLM-x32\...\F.E.A.R. 3_is1) (Version: - )
Facebook Gameroom 1.22.7235.32722 (HKLM-x32\...\{2867E3AE-18BA-4BCF-8268-F797A401ED86}) (Version: 1.22.7235.32722 - Facebook)
FEAR 2 Project Origin (HKLM-x32\...\{F72D25D6-8E5A-48B4-9DB6-E1474B618082}) (Version: 1.04 - WB Games)
Fotoattēlu galerija (HKLM-x32\...\{F86A4F2E-3006-49A2-BDFC-77AD9BB167D4}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogaléria (HKLM-x32\...\{8A05A5FC-339B-434E-B46E-B74A5D5E1BDB}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{1AED08A6-6BC5-4927-8FCD-FEE9ED00D2F2}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{B19E03EA-067C-412F-A81E-271720E601AB}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerii (HKLM-x32\...\{7FC256D7-7BC4-418D-A5BD-A86542C7E06C}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Foto-galerija (HKLM-x32\...\{175B4B56-63F1-464E-8286-4309E0A52395}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{3136AA57-563A-4BF4-98A5-CC0276BF4DC0}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{89DCA982-BA73-4379-9786-F3CA431FF6AD}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalleri (HKLM-x32\...\{81019508-84DC-476E-8C49-BD77A61217D9}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalleriet (HKLM-x32\...\{CD8F936D-7BA3-4902-B0A0-7D96C69E1193}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{35FA69FA-49DD-4BDF-8140-7DC2C4472C45}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{C2CDACDF-EC5C-4F9F-B2D7-D6486CFAAD58}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galeria de Fotografias (HKLM-x32\...\{75FCD3A9-D7F8-46AD-BC90-91A6364B9334}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galeria de Fotos (HKLM-x32\...\{46AEE281-3436-46EF-A36D-163F7125A290}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{959BC6D1-38C8-441F-9466-9ECCD4E68413}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{96AA21F4-C8CE-4380-995A-992536463263}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{FE8DFDD0-A543-4A83-B7A9-C411138194D5}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie foto (HKLM-x32\...\{A4A06F18-206F-476C-9D57-E272B446B09C}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerija fotografija (HKLM-x32\...\{9FB5E2F2-510A-4D1D-AE5A-82EC382A5D8C}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Gorky17 (HKLM-x32\...\Gorky17) (Version: - )
Gothic (HKLM-x32\...\{BBF10B37-4ED3-11D5-A818-00500435FC18}) (Version: - )
Gothic (HKLM-x32\...\Gothic_is1) (Version: - GOG.com)
Gothic 3 (HKLM-x32\...\Gothic 3_is1) (Version: - GOG.com)
GothicW8 (HKLM\...\{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb) (Version: - )
Hand of Fate version 1.2.4 (HKLM-x32\...\{EB3749AC-E97F-4AD0-93E3-ECDAB4A40BB8}_is1) (Version: 1.2.4 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hellfire (HKLM-x32\...\Hellfire) (Version: - )
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{07BE4679-4318-4413-9701-B3D91354F10C}) (Version: - )
Heroes of Might and Magic 2 GOLD (HKLM-x32\...\Heroes of Might and Magic 2 GOLD_is1) (Version: - GOG.com)
Heroes of Might and Magic III Complete HD (HKLM-x32\...\Heroes of Might and Magic III Complete HD) (Version: - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version: - )
Heroes of Might and Magic V (HKLM-x32\...\{8829DAD4-8F07-4A96-B995-15498EBB8045}) (Version: - )
Hexen II (HKLM\...\{7E7F525A-5059-4D71-865A-7BD238F1131D}) (Version: 04.09.2010 - Samkov)
Character Builder (HKLM-x32\...\{626C034B-50B8-47BD-AF93-EEFD0FA78FF4}) (Version: 1.10.0000 - Wizards of the Coast)
Icewind Dale II verze 2.01 (HKLM-x32\...\{322366D0-5310-4BA3-B769-757F3630BD76}_is1) (Version: 2.01 - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{FECB76C1-1C1D-4A84-8D47-5754C74B5A5E}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
KB9X Radio Switch Driver (HKLM\...\B16388B2E5D3CBA8F0EE88A8C5459BADAF4DE251) (Version: 1.0.7112.20593 - ENE TECHNOLOGY INC.)
K-Lite Codec Pack 13.7.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.0 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Legacy of Kain Soul Reaver (HKLM-x32\...\Legacy of Kain Soul Reaver_is1) (Version: - GOG.com)
Legacy of Kain: Soul Reaver (HKLM-x32\...\Kain 2) (Version: - )
Legend of Kyrandia - Hand of Fate (HKLM-x32\...\GOGPACKKYRANDIA2_is1) (Version: 2.0.0.5 - GOG.com)
Legend of Kyrandia - Malcolm's Revenge (HKLM-x32\...\GOGPACKKYRANDIA3_is1) (Version: 2.0.0.4 - GOG.com)
Legend of Kyrandia (HKLM-x32\...\GOGPACKKYRANDIA1_is1) (Version: 2.0.0.11 - GOG.com)
LibreOffice 6.2.3.2 (HKLM\...\{31C3855A-DA3A-4FC4-AE9B-1B4ACF89A2C4}) (Version: 6.2.3.2 - The Document Foundation)
Machinarium (HKLM-x32\...\Machinarium) (Version: CZ/14.02.2010 - Amanita Design, s.r.o.)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Mass Effect 2 (HKLM-x32\...\Mass Effect 2_is1) (Version: - )
Max Payne CZ verze 1.05 (HKLM-x32\...\{8C4A8727-C90D-4B0A-9570-4DB2D0FB9AFC}_is1) (Version: 1.05 - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\SkyDriveSetup.exe) (Version: 17.0.2011.0627 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Might & Magic Heroes VI (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.1 - Ubisoft)
Movie Maker (HKLM-x32\...\{0170C9A2-4FBB-47B3-B3FE-76170531EF1B}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{02082E30-6019-4F5B-B55C-025F4CE5D335}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{07866716-0FAA-44F8-A1BF-BD223799378A}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{07EDFDF9-F920-4BCB-B6FD-59DB8FFFFF47}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{18FE3424-7C22-4EDE-A3FD-414760CC363B}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{295A4A93-4462-4B26-9800-7706D8C22A60}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{302933F3-E6AD-414D-AB96-A18DBB979B1D}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{35A6026B-195A-4EBA-A16E-47E9CC2D1FA1}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{44820091-773E-471A-AAE1-DC032B8AE842}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{460ED3EF-6016-4234-8310-87CD46A2A898}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{4EFAC13A-6A1D-4A2A-8F4B-056ADBBF39E4}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{52FE9150-B4B1-42BE-8F05-7D559757E450}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5F86FE78-D294-448C-9993-B9AFB62BE456}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{61889FC7-9738-439A-96B3-17AF981BDDEF}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{643D412F-A46E-4D3D-832A-2D24A9AF85A8}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{723E4732-695B-4628-B5EC-A98EA34AA0F0}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{741ECBB6-1A0B-42F1-A7BF-76222734A63A}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{74D68BE3-3804-4066-A244-B4C7A9D9F156}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{78136417-2ABA-47D0-A462-FBF55155EF8B}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{7F682A00-6497-4551-A2A6-063AE667D1CF}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8AB3FBDE-CCF7-4055-98EF-A1FBC7B661E9}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8EEED220-D348-4F49-8C82-B11F6C5450C7}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9846E46F-07E0-4BDF-985A-E3FBA8C15877}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9F255ECE-A887-442C-A48C-61BD6BAE5559}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{AEBE7912-AA50-42EB-BBDA-AB352C4D8FAA}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CB11603E-C53E-4690-B73E-BC6E1317796B}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CCDB7ADB-1643-4C30-B39D-1562CFE51420}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DB55AFF5-B83E-43A9-8D48-903D2FB0FBB8}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DF6478C8-7643-4E80-8077-3D51614A3DBA}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{E1DA4302-1C06-4533-AF6D-9D68B01FCB34}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{E48271CD-6325-41A0-A5B8-593CC01DA131}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{E48B3EBF-0CEC-43AB-AC12-B36439ABE14C}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{E8F373BC-AAE2-4DC7-9853-B6A83CC88793}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F00A825A-2FDF-4569-BAF4-823EA08D775B}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F5153DD9-B31E-48DA-BBB3-34E9428DA84B}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 73.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 73.0.1 (x64 cs)) (Version: 73.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
MSI Remind Manager (HKLM-x32\...\{7359585E-A828-4EFC-8177-7D1883DDA0B5}) (Version: 2.12.1003 - MSI)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nox (HKLM-x32\...\GOGPACKNOX_is1) (Version: 2.0.0.20 - GOG.com)
Nuance PaperPort 12 (HKLM-x32\...\{D1FC9B4B-D686-4040-B0D4-118880FD08EA}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Oblivion verze 1.1.51 (HKLM-x32\...\{B3E6F372-4013-47C2-8996-5CF32755E926}_is1) (Version: 1.1.51 - )
OpenOffice 4.1.4 (HKLM-x32\...\{726F81BD-FECF-412D-917B-F237CD6C8FFE}) (Version: 4.14.9787 - Apache Software Foundation)
Outlast + DLC Whistleblower verze 1.0 (HKLM-x32\...\Outlast + DLC Whistleblower_is1) (Version: 1.0 - Danik1B9)
Ovládací panel NVIDIA 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.30 - NVIDIA Corporation) Hidden
Painkiller Black Edition (HKLM-x32\...\{0270B6D3-A512-4A86-9955-3052815B0C0F}) (Version: 1.00.0000 - Nordic Games)
Palm Reader (HKLM-x32\...\{ED8BB1CA-535A-408D-85C9-ED1986D2B85E}) (Version: - )
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PC Sound (HKLM\...\{3007FF9F-5B2C-41FF-8BFC-08BF25DB2681}) (Version: 1.12.2900 - SRS Labs, Inc.)
Pillars of Eternity (HKLM-x32\...\Pillars of Eternity_is1) (Version: - )
PilsFree IPTV verze 1.4 (HKLM-x32\...\{FD0E773E-A8D6-4CFC-AA66-1FD81E2B0000}_is1) (Version: 1.4 - PilsFree, z. s.)
Planescape: Torment Enhanced Edition (HKLM-x32\...\1132393016_is1) (Version: 3.1.3.0 - GOG.com)
Poczta usługi Windows Live (HKLM-x32\...\{0159A45D-DB64-454C-8DEE-037702F2FDF0}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{90B936B2-33E6-4FE8-9A64-08EEB42AF2B1}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Polda verze 1.0 (HKLM-x32\...\{4FCB8F8A-44D0-41D3-851B-DA07D8283966}_is1) (Version: 1.0 - )
Pošta Windows Live (HKLM-x32\...\{F1CE08B9-2D76-40A3-8BE8-342FC15D62F6}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Prince of Persia Warrior Within (HKLM-x32\...\GOGPACKPOP2_is1) (Version: 2.0.0.9 - GOG.com)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Překlad Pillars of Eternity verze 3.07 (HKLM-x32\...\{0FB1CAE7-E632-4A88-98D7-4BBAE6069783}_is1) (Version: 3.07 - Překlady her)
Raccolta foto (HKLM-x32\...\{86CAC8DE-288A-410D-A4A4-0190060E69AE}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6728 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Resident Evil 4 (HKLM-x32\...\Resident Evil 4_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Resident Evil 6 verzia 1.0.6.165 (HKLM-x32\...\Resident Evil 6_is1) (Version: 1.0.6.165 - CzTorrent.net)
Return To Castle Wolfenstein verze 1.42c (HKLM-x32\...\{1FCC8CF8-1DB9-43EC-BA9D-CEECC54ADCC6}_is1) (Version: 1.42c - )
RogueKiller version 14.2.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.2.1.0 - Adlice Software)
Sacred Underworld (HKLM-x32\...\Sacred Underworld_is1) (Version: - Ascaron Entertainment GmbH)
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
SCM (HKLM\...\{FA8AB91A-0B41-4797-9015-9B3FBC7834CC}) (Version: 10.012.09132 - )
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 2.07 (s databází 172)_is1) (Version: - )
Sierra Utilities (HKLM-x32\...\Sierra Utilities) (Version: - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.51 (HKLM-x32\...\Skype_is1) (Version: 8.51 - Skype Technologies S.A.)
Soul Reaver 2 (HKLM-x32\...\Soul Reaver 2) (Version: - )
Star Wars Jedi Knight - Jedi Academy version 1.0.1.0 (HKLM-x32\...\Star Wars Jedi Knight - Jedi Academy_is1) (Version: 1.0.1.0 - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StrongDC++ 2.41 (HKLM-x32\...\StrongDC++) (Version: 2.41 - Big Muscle)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.016 - MSI)
TeamSpeak 3 Client (HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.7.0.113 - KMP Media co., Ltd)
The Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - )
The Sims 2 Noční život (HKLM-x32\...\{F7529650-B9DB-481B-0089-A2AC3C2821C1}) (Version: - )
The Sims™ 2 Mazlíčci (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version: - )
The Sims™ 2 Volný čas (HKLM-x32\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version: - Electronic Arts)
The Walking Dead - Michonne - A Telltale Miniseries (HKLM-x32\...\1455785261_is1) (Version: 2.2.0.5 - GOG.com)
The Walking Dead A New Frontier Episode 5 (HKLM-x32\...\The Walking Dead A New Frontier Episode 5_is1) (Version: - )
The Walking Dead Survival Instinct (c) Activision version 1 (HKLM-x32\...\VGhlIFdhbGtpbmcgRGVhZCBTdXJ2aXZhbCBJbnN0aW5jdCAo~1255DFC2_is1) (Version: 1 - )
The Walking Dead: A New Frontier CZ (HKLM-x32\...\The Walking Dead: A New Frontier CZ) (Version: - )
The Walking Dead: Michonne CZ (HKLM-x32\...\The Walking Dead: Michonne CZ) (Version: - )
The Walking Dead: The Final Season (HKLM-x32\...\2031519202_is1) (Version: 152.8 - GOG.com)
The Wolf Among Us verze v1.5 (HKLM-x32\...\The Wolf Among Us_is1) (Version: v1.5 - (R.G.Danik1B9))
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Titan Quest Immortal Throne (HKLM-x32\...\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}) (Version: 1.00.0000 - Iron Lore)
Torchlight (HKLM-x32\...\{4991FCCE-1131-4B92-B697-9EC0FCAFDA5B}) (Version: 1.00.0000 - Runic Games)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.6.0.3 - ) <==== ATTENTION
Unity Web Player (HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Valokuvavalikoima (HKLM-x32\...\{AA04DFE7-C921-43AD-9A70-595DE6C5A881}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Ve stínu havrana (HKLM-x32\...\Ve stínu havrana_is1) (Version: - CINEMAX, s.r.o.)
Vertrix 2 (HKLM-x32\...\Vertrix 2) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Wakfu (HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\1F4715F1-86E7-4450-AA9A-13ADBF14BED1-2) (Version: - Ankama)
Wargaming.net Game Center (HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\Wargaming.net Game Center) (Version: 18.0.2.8102 - Wargaming.net)
We are the Dwarves (HKLM-x32\...\1115004086_is1) (Version: 2.1.0.3 - GOG.com)
Windows Driver Package - Intel (NETwNe64) net (09/12/2012 15.5.4.45) (HKLM\...\A007E57753F87B14A4737DA95057F173950A6A3D) (Version: 09/12/2012 15.5.4.45 - Intel)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
Zaklínač - Rozšířená edice (HKLM-x32\...\{86ACE727-A4F2-4B28-A37D-254D9CC03156}) (Version: 1.5 - CD Projekt Red)
Συλλογή φωτογραφιών (HKLM-x32\...\{6C4BAF40-14F7-44F2-9B9A-C697DA797EF4}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Основи Windows Live (HKLM-x32\...\{23AF8E37-01F3-41CD-B91C-9EF7E1F16B23}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{57B0AA0C-3B99-435E-9CEC-2EF61CBCEF5F}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B417B07D-3373-458A-A431-0F7E3742F182}) (Version: 16.4.3503.0728 - Корпорация Майкрософт) Hidden
Фотоальбом (HKLM-x32\...\{43C1D630-B6A4-4F9A-BF59-7C35F5907E11}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Фотогалерия (HKLM-x32\...\{7AFB4A8D-F1CE-41E5-A18A-00A095447632}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (HKLM-x32\...\{4D60765A-2FF1-4848-BDFD-CEA79458F59B}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Фотоколекція (HKLM-x32\...\{81E8E002-B85D-41A1-B085-850458716F52}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
フォト ギャラリー (HKLM-x32\...\{1097A508-1F04-41EA-B972-B6A335A71260}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
גלריית התמונות (HKLM-x32\...\{6B75C5F6-7FDA-4E8F-97D7-B74925857729}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{9D4E75DB-519C-4A25-B8D1-97FB673E50C5}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
معرض الصور (HKLM-x32\...\{A3E2CF81-515B-4881-8F21-95B3B2F24A15}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
사진 갤러리 (HKLM-x32\...\{3F52385B-AB6E-4E6E-9EDC-65E8F689BAE3}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
影像中心 (HKLM-x32\...\{3668CB0E-910D-43FE-9EDB-B07754E1CF24}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
照片库 (HKLM-x32\...\{0E6639BB-C1BB-4FF5-8846-5813EF63E04B}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2017-11-18] (WildTangent Games)
Adera -> C:\Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe [2017-11-18] (Microsoft Studios)
CyberLink PowerDVD BE -> C:\Program Files\WindowsApps\CyberLinkCorpPDVD.CyberLinkPowerDVDBE_1.0.903.10740_x86__av5vf9vzy3bgp [2012-11-28] (CYBERLINK.COM-CORP)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-21] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-11-18] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2019-02-02] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2018-08-08] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-11-18] (MAGIX)
Norton Studio -> C:\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.5.0.41_x86__v68kp9n051hdp [2017-11-18] (Symantec Corporation)
PuzzleTouch -> C:\Program Files\WindowsApps\1430GreenfieldTechnologie.PuzzleTouch_1.1.0.3_neutral__9tq5q6h98v2wa [2017-11-18] (Greenfield Technologies)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-11-18] (Skype) [MS Ad]
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2018-10-25] (Microsoft Studios) [MS Ad]
TuMetro -> C:\Program Files\WindowsApps\HitHot.TuMetro_1.0.0.57_neutral__dfaafakh22f12 [2015-08-01] (Intumit Inc.) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-11-18] (Microsoft Corporation) [MS Ad]
Wordament -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_2.8.4.0_x86__8wekyb3d8bbwe [2017-11-18] (Microsoft Studios)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-55469658-3419985309-1369119327-1002_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-55469658-3419985309-1369119327-1002_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-55469658-3419985309-1369119327-1002_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-55469658-3419985309-1369119327-1002_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-55469658-3419985309-1369119327-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-55469658-3419985309-1369119327-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Okko\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-55469658-3419985309-1369119327-1002_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-55469658-3419985309-1369119327-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Okko\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-55469658-3419985309-1369119327-1002_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-55469658-3419985309-1369119327-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Okko\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-55469658-3419985309-1369119327-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Okko\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-55469658-3419985309-1369119327-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Okko\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [442368 2005-02-26] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [442368 2005-02-26] (On2.com) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-11-19 09:54 - 2017-11-19 09:54 - 000016384 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\7ed69311ac58b5a03912367712b64d57\PSIClient.ni.dll
2017-11-19 09:54 - 2017-11-19 09:54 - 000020992 _____ (Intel Corp.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorCommon\883bb682d52fbfe0ee290d033e74a316\IAStorCommon.ni.dll
2012-11-28 23:32 - 2012-09-02 03:04 - 000507904 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2012-11-28 23:32 - 2012-09-02 03:04 - 000269824 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2017-11-19 09:53 - 2017-11-19 09:53 - 000072704 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMgr\d4586ebb5bcfcbb235d761452dfaf676\IAStorDataMgr.ni.dll
2017-11-19 09:53 - 2017-11-19 09:53 - 000357376 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\074843348f4c4a359d1be27948e2a2e8\IAStorUtil.ni.dll
2017-11-19 09:54 - 2017-11-19 09:54 - 001059840 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorViewModel\63cb65cbd8f65561265c9c3a84d8a0dc\IAStorViewModel.ni.dll
2017-11-19 09:53 - 2017-11-19 09:53 - 003706880 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSI\c158c1d7f1e34a6fe00b203412f6f2a4\PSI.ni.dll
2017-11-19 09:54 - 2017-11-19 09:54 - 000613376 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PsiData\dae215ab602c7b152e8b111bbff23a3a\PsiData.ni.dll
2017-11-19 09:54 - 2017-11-19 09:54 - 000027136 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\58ff81ca049dacbc9a5da02a10142220\IAStorDataMgrSvcInterfaces.ni.dll
2012-09-13 19:26 - 2012-09-13 19:26 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIWmiAcpi.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\123simsen.com -> www.123simsen.com

There are 7863 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2020-02-26 20:46 - 000451872 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15497 more lines.


2016-07-02 08:46 - 2020-02-26 22:01 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.20.57 Okko-ntb.mshome.net # 2022 11 2 15 15 44 51 802

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Okko\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 192.168.20.1 - 10.111.128.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: DAUpdaterSvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
HKLM\...\StartupApproved\StartupFolder: => "SRS PC Sound.lnk"
HKLM\...\StartupApproved\Run: => "Radio Manager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{A7595815-435D-4CC9-8688-200BE006B1C9}C:\program files (x86)\disciples gold\exe\disciple.exe] => (Allow) C:\program files (x86)\disciples gold\exe\disciple.exe (Strategy First) [File not signed]
FirewallRules: [TCP Query User{DB5338BD-232B-4EB8-BE00-C2F643DEDF50}C:\program files (x86)\disciples gold\exe\disciple.exe] => (Allow) C:\program files (x86)\disciples gold\exe\disciple.exe (Strategy First) [File not signed]
FirewallRules: [UDP Query User{5A143EB9-EFE9-42C1-8E6A-B17B8BC04A9E}C:6\hry\resident evil 6\bh6.exe] => (Allow) C:6\hry\resident evil 6\bh6.exe No File
FirewallRules: [TCP Query User{509DAF5B-F8A9-4CD0-86EC-87E9A1C87F6B}C:6\hry\resident evil 6\bh6.exe] => (Allow) C:6\hry\resident evil 6\bh6.exe No File
FirewallRules: [UDP Query User{6963AC44-2D9E-4F7E-A34D-452EA4141FD6}C:0\hry\resident evil 6 complete edition\bh6.exe] => (Allow) C:0\hry\resident evil 6 complete edition\bh6.exe No File
FirewallRules: [TCP Query User{CF802E5D-659F-400B-8EF4-C4EFFAA27975}C:0\hry\resident evil 6 complete edition\bh6.exe] => (Allow) C:0\hry\resident evil 6 complete edition\bh6.exe No File
FirewallRules: [UDP Query User{8EE61B12-7977-40C7-9D91-4560B61FAF4A}G:\hry\resident evil 6 complete edition\bh6.exe] => (Allow) G:\hry\resident evil 6 complete edition\bh6.exe No File
FirewallRules: [TCP Query User{C2765806-0240-4F3C-BF54-61003DBF5C88}G:\hry\resident evil 6 complete edition\bh6.exe] => (Allow) G:\hry\resident evil 6 complete edition\bh6.exe No File
FirewallRules: [UDP Query User{D333AF59-24C3-470A-8FB5-87A1BBAFA7ED}C:\program files (x86)\resident evil 5 gold edition\launcher.exe] => (Allow) C:\program files (x86)\resident evil 5 gold edition\launcher.exe No File
FirewallRules: [TCP Query User{2D4A6682-C552-4C34-BA9E-A00ECED995A6}C:\program files (x86)\resident evil 5 gold edition\launcher.exe] => (Allow) C:\program files (x86)\resident evil 5 gold edition\launcher.exe No File
FirewallRules: [UDP Query User{9B2C0517-575D-40E0-93EA-C91F4B1E7EC0}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{5A57C9B7-F599-4D43-9DED-FE70A65F7388}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{7B95743B-EDD8-42E5-8909-456779782B49}C:\program files (x86)\ascaron entertainment\sacred underworld\gameserver.exe] => (Allow) C:\program files (x86)\ascaron entertainment\sacred underworld\gameserver.exe (Ascaron Entertainment GmbH) [File not signed]
FirewallRules: [TCP Query User{EB0CFD0A-E626-4916-9A44-9338B36DA7FB}C:\program files (x86)\ascaron entertainment\sacred underworld\gameserver.exe] => (Allow) C:\program files (x86)\ascaron entertainment\sacred underworld\gameserver.exe (Ascaron Entertainment GmbH) [File not signed]
FirewallRules: [UDP Query User{3EC11B23-B7C6-44A6-ADD0-14E8088E393F}C:\program files (x86)\ascaron entertainment\sacred underworld\sacred.exe] => (Allow) C:\program files (x86)\ascaron entertainment\sacred underworld\sacred.exe (studio II Software) [File not signed]
FirewallRules: [TCP Query User{26C59D52-6898-4E4C-9C9E-7DA4C0863103}C:\program files (x86)\ascaron entertainment\sacred underworld\sacred.exe] => (Allow) C:\program files (x86)\ascaron entertainment\sacred underworld\sacred.exe (studio II Software) [File not signed]
FirewallRules: [{7A4D605C-CB81-4987-BCD5-B206BC6285E9}] => (Allow) C:\Program Files (x86)\Runic Games\Torchlight\Torchlight.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{7FCD1B7D-1BDF-4061-A012-9B01701D07B7}] => (Allow) C:\Program Files (x86)\Runic Games\Torchlight\Torchlight.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{D36AC558-1BCA-4C26-8D58-B79FDFCCE573}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Descent Road to Legend\Road to Legend.exe () [File not signed]
FirewallRules: [{EA054642-2F6A-4312-8662-F7BDFFD11D39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Descent Road to Legend\Road to Legend.exe () [File not signed]
FirewallRules: [{A18D7C09-73B0-4010-8142-646141F89A92}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{834A95B8-B6C4-447F-8D0B-03D9BFD38545}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{515AD91A-6604-432F-B26B-87114FD81143}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0AE133AC-3E7E-47DD-B7BE-4DC97B77C26B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F5D51D32-D78D-485B-AD12-1D1F6CEE1E6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0090001D-3B10-4B2E-8AB9-9EB48CB81B00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{BD63A775-DBBF-4F36-8948-C4E0581FB2F5}C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [TCP Query User{33431387-BA43-471D-A08C-B27A177C48C2}C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [UDP Query User{236136D4-937D-4E35-8CE0-26FAFFBC41D1}C:\program files (x86)\thq\titan quest immortal throne\tqit.exe] => (Allow) C:\program files (x86)\thq\titan quest immortal throne\tqit.exe () [File not signed]
FirewallRules: [TCP Query User{BF7D30C3-F41A-439E-B970-76E96D362F03}C:\program files (x86)\thq\titan quest immortal throne\tqit.exe] => (Allow) C:\program files (x86)\thq\titan quest immortal throne\tqit.exe () [File not signed]
FirewallRules: [UDP Query User{D1B20A35-BCDB-433E-80BA-CBF844F8CCD3}D:\icewind dale enhanced edition\icewind.exe] => (Allow) D:\icewind dale enhanced edition\icewind.exe (Overhaul Games™) [File not signed]
FirewallRules: [TCP Query User{E306C604-0B7A-4FE7-9BDB-08A92414F684}D:\icewind dale enhanced edition\icewind.exe] => (Allow) D:\icewind dale enhanced edition\icewind.exe (Overhaul Games™) [File not signed]
FirewallRules: [UDP Query User{59C78FBB-77BD-4BA4-9D66-1BE344E35CAC}D:\hry\warcraft 3\war3.exe] => (Allow) D:\hry\warcraft 3\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{7D5180B9-C684-44E5-AB0D-8EA4F13EEF31}D:\hry\warcraft 3\war3.exe] => (Allow) D:\hry\warcraft 3\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [{2A30ED1E-55CD-4986-85DE-23F5DC27449E}] => (Block) C:\program files (x86)\larian studios\divinity - original sin\shipping\eocapp.exe () [File not signed]
FirewallRules: [{B990CEE7-A691-41C8-A79D-EF96FDE02DEE}] => (Block) C:\program files (x86)\larian studios\divinity - original sin\shipping\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{F9BD05AD-150C-45FD-A01E-A61EFFFAC73A}C:\program files (x86)\larian studios\divinity - original sin\shipping\eocapp.exe] => (Allow) C:\program files (x86)\larian studios\divinity - original sin\shipping\eocapp.exe () [File not signed]
FirewallRules: [TCP Query User{2266D3EE-F5DE-42A9-A021-AB4F3D94BF7B}C:\program files (x86)\larian studios\divinity - original sin\shipping\eocapp.exe] => (Allow) C:\program files (x86)\larian studios\divinity - original sin\shipping\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{73E385CA-4DCF-4819-A6DE-FA8E23A52844}C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe] => (Block) C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe No File
FirewallRules: [TCP Query User{47CA561C-A01A-451C-953C-5E105AF544C5}C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe] => (Block) C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe No File
FirewallRules: [UDP Query User{2E2B0701-74DC-4BEA-B5FC-0E67F3622BD6}D:\hry\disciples ii gold\galleans return\discipl2.exe] => (Block) D:\hry\disciples ii gold\galleans return\discipl2.exe No File
FirewallRules: [TCP Query User{CC799D88-9728-4D53-A772-50B5EC8AE055}D:\hry\disciples ii gold\galleans return\discipl2.exe] => (Block) D:\hry\disciples ii gold\galleans return\discipl2.exe No File
FirewallRules: [UDP Query User{41AC7E26-B705-4781-9F86-801F6DC3F24B}D:\hry\etherlords ii\etherlords2.exe] => (Allow) D:\hry\etherlords ii\etherlords2.exe (Nival Interactive) [File not signed]
FirewallRules: [TCP Query User{C720913B-06C6-43F5-A494-9F240DBA2FE8}D:\hry\etherlords ii\etherlords2.exe] => (Allow) D:\hry\etherlords ii\etherlords2.exe (Nival Interactive) [File not signed]
FirewallRules: [{4998F254-9B3B-4A1F-8C31-524CE675FD14}] => (Allow) C:\Games\Dragon Age 2\DragonAge2Launcher.exe (BioWare -> BioWare)
FirewallRules: [{AF44A81F-EC9B-4007-9154-F173E828E46F}] => (Allow) C:\Games\Dragon Age 2\DragonAge2Launcher.exe (BioWare -> BioWare)
FirewallRules: [{283E598C-7BF5-4FDF-AD2C-6FA9AA95A62C}] => (Allow) C:\Games\Dragon Age 2\bin_ship\DragonAge2.exe (BioWare) [File not signed]
FirewallRules: [{82CBE503-F3ED-4CF5-8C87-E5D258F17162}] => (Allow) C:\Games\Dragon Age 2\bin_ship\DragonAge2.exe (BioWare) [File not signed]
FirewallRules: [{E36CCA2B-D04A-4866-8B4B-368EB8FC706F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{99E37A18-3CCA-4005-AABA-54C6271386B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CE1A214F-D1FA-4C1F-AF3B-031B36E6B074}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{A1B191A9-F058-475B-8F54-3333F49B2350}C:\program files (x86)\electronic arts\dead space\dead space.exe] => (Block) C:\program files (x86)\electronic arts\dead space\dead space.exe (Electronic Arts -> )
FirewallRules: [TCP Query User{4F915626-B62B-47A7-B5B7-55651CDD8870}C:\program files (x86)\electronic arts\dead space\dead space.exe] => (Block) C:\program files (x86)\electronic arts\dead space\dead space.exe (Electronic Arts -> )
FirewallRules: [UDP Query User{01451A73-723D-4059-A5C3-CAEB72155113}C:\program files (x86)\electronic arts\dead space\dead space.exe] => (Allow) C:\program files (x86)\electronic arts\dead space\dead space.exe (Electronic Arts -> )
FirewallRules: [TCP Query User{B461C1B1-BCCF-4AB4-840B-866825A5A983}C:\program files (x86)\electronic arts\dead space\dead space.exe] => (Allow) C:\program files (x86)\electronic arts\dead space\dead space.exe (Electronic Arts -> )
FirewallRules: [UDP Query User{71824407-397F-4110-8EBB-FA35D2371680}D:\hry\dead island\deadislandgame.exe] => (Allow) D:\hry\dead island\deadislandgame.exe (Techland) [File not signed]
FirewallRules: [TCP Query User{6B3BF77C-4632-493A-9100-3DD21AF72EA2}D:\hry\dead island\deadislandgame.exe] => (Allow) D:\hry\dead island\deadislandgame.exe (Techland) [File not signed]
FirewallRules: [UDP Query User{4E7455A0-FA42-4270-9378-808B7608B8A3}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe] => (Allow) C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe (Day 1 Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{FA5DA304-E7E2-4ABA-BED9-12E1F847C48A}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe] => (Allow) C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe (Day 1 Studios, LLC) [File not signed]
FirewallRules: [UDP Query User{F74DD103-CADF-49E8-A2E1-2EDF3EF07FBE}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe] => (Allow) C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe (Day 1 Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{50820BC5-BB49-40C5-9B0E-43126AFCCB07}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe] => (Allow) C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe (Day 1 Studios, LLC) [File not signed]
FirewallRules: [UDP Query User{5F58B548-E0FC-4718-B810-DE5D11E5DE02}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{EF6B6FC6-A0AB-4144-8615-165102D731C7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{1BF22BBF-5D7A-459D-8CEC-8CE04DD814D7}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{4B70BC6E-F220-4C7B-B64B-5A3633D868BF}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{50783A01-464D-49C8-9604-8EABF5A28FF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{ED5ED3CA-C505-4924-927C-09CB0AE65F6F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{2EE871DF-9EC1-470E-BDE7-FB486DEAF6B4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{8BE446D5-7415-4865-971F-A007E391F6C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{F0A3CDBC-3449-45EE-8046-377427645BD0}D:\hry\american mcgee's alice\alice.exe] => (Allow) D:\hry\american mcgee's alice\alice.exe (Rogue Entertainment) [File not signed]
FirewallRules: [TCP Query User{476F9E60-742A-4F81-B913-119957A7048C}D:\hry\american mcgee's alice\alice.exe] => (Allow) D:\hry\american mcgee's alice\alice.exe (Rogue Entertainment) [File not signed]
FirewallRules: [{68CEBB8D-9EE3-41A5-A81A-B743BFB85065}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{CB7FC23F-2281-46E4-90C8-C4A21A21048A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{48515CB8-C801-474D-A8E0-DE6CA10E7DFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7C64A5E1-866B-4B6D-89FD-A00D5D6B833A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{8F4408F8-919A-4043-A034-BEAD505C8CB3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{83707213-DA46-45E1-9E6A-5F9F96761861}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E4D67971-C651-4487-BE5C-FDC8034D6D50}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{47132BA1-669F-4C45-977C-F94DCB04545D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{7E94BED5-F126-4A26-84FF-DB22FF1AA738}D:\hry\stronghold crusader\stronghold crusader.exe] => (Allow) D:\hry\stronghold crusader\stronghold crusader.exe ( ) [File not signed]
FirewallRules: [TCP Query User{E595E554-A9D2-4477-A46D-D85F75C9E196}D:\hry\stronghold crusader\stronghold crusader.exe] => (Allow) D:\hry\stronghold crusader\stronghold crusader.exe ( ) [File not signed]
FirewallRules: [UDP Query User{72DF5A12-B06C-4110-873F-C270255DD80F}C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe No File
FirewallRules: [TCP Query User{D3399801-1783-4287-AB9B-0F273D1C7578}C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe No File
FirewallRules: [UDP Query User{A701CEEC-63EF-40EC-95AC-2E8BA3A81F82}C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe No File
FirewallRules: [TCP Query User{4723E832-8DE0-4CDD-BEC9-2B93CDB26818}C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe No File
FirewallRules: [UDP Query User{0882B738-82D0-4364-B3AE-6FE9722251EE}C:\program files (x86)\ea games\alice madness returns\alice1\bin\alice.exe] => (Allow) C:\program files (x86)\ea games\alice madness returns\alice1\bin\alice.exe (Kalloc Studios -> Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{00CD48E5-358C-4F71-8D4D-C4B68E3AFE9E}C:\program files (x86)\ea games\alice madness returns\alice1\bin\alice.exe] => (Allow) C:\program files (x86)\ea games\alice madness returns\alice1\bin\alice.exe (Kalloc Studios -> Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{93BC6B6E-7326-495D-9985-A121ABF2E8D4}C:\program files (x86)\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe] => (Allow) C:\program files (x86)\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe (Kalloc Studios -> Electronic Arts, Inc.) [File not signed]
FirewallRules: [TCP Query User{0B854860-83DE-46E2-BC3D-4E4E9E04BC49}C:\program files (x86)\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe] => (Allow) C:\program files (x86)\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe (Kalloc Studios -> Electronic Arts, Inc.) [File not signed]
FirewallRules: [UDP Query User{611D9BED-9CFD-4373-A3C2-9BB43A26E5D4}C:\program files (x86)\dragon age\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\dragon age\bin_ship\daorigins.exe No File
FirewallRules: [TCP Query User{0F9AC37E-37DB-4961-8F57-2A8298EA5611}C:\program files (x86)\dragon age\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\dragon age\bin_ship\daorigins.exe No File
FirewallRules: [UDP Query User{2216EC02-BAC5-4BC4-96A3-65BB47314CCF}C:\program files (x86)\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\dishonored\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [TCP Query User{1DFAF8B6-F29C-43B4-9FE3-F4633672EE4F}C:\program files (x86)\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\dishonored\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [UDP Query User{896831D2-6A6F-460B-9B59-BBE58177F71B}C:\program files (x86)\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\dishonored\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [TCP Query User{48F7D463-F7DA-4CA4-98E5-C9650CF72B0E}C:\program files (x86)\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\dishonored\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [UDP Query User{76A320B4-6460-4A1B-B6C9-8B202C44B13A}C:\program files (x86)\ea games\alice madness returns\alice1\bin\alice.exe] => (Block) C:\program files (x86)\ea games\alice madness returns\alice1\bin\alice.exe (Kalloc Studios -> Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{67E6BF2B-31C2-4A65-9E76-91FF2BD0E373}C:\program files (x86)\ea games\alice madness returns\alice1\bin\alice.exe] => (Block) C:\program files (x86)\ea games\alice madness returns\alice1\bin\alice.exe (Kalloc Studios -> Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{C22CAE6E-1CF0-42D4-B3B1-A1EB4EC77201}C:\program files (x86)\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) C:\program files (x86)\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe (Kalloc Studios -> Electronic Arts, Inc.) [File not signed]
FirewallRules: [TCP Query User{00977821-F2B8-427F-9231-E8021C61FE19}C:\program files (x86)\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) C:\program files (x86)\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe (Kalloc Studios -> Electronic Arts, Inc.) [File not signed]
FirewallRules: [UDP Query User{CABE5238-AD13-4717-9450-88CBDBBF12E2}C:\program files (x86)\ubisoft\might & magic heroes vi\might & magic heroes vi.exe] => (Block) C:\program files (x86)\ubisoft\might & magic heroes vi\might & magic heroes vi.exe (Black Hole Kft. -> Black Hole Entertainment) [File not signed]
FirewallRules: [TCP Query User{0B533BA1-5B29-443B-892A-1E5C3B2E7707}C:\program files (x86)\ubisoft\might & magic heroes vi\might & magic heroes vi.exe] => (Block) C:\program files (x86)\ubisoft\might & magic heroes vi\might & magic heroes vi.exe (Black Hole Kft. -> Black Hole Entertainment) [File not signed]
FirewallRules: [UDP Query User{FF7C69CA-B255-41BF-A6F0-BCBE66B723A1}C:\program files\strongdc++\strongdc.exe] => (Allow) C:\program files\strongdc++\strongdc.exe () [File not signed]
FirewallRules: [TCP Query User{5D9135AE-43F7-49D1-91C5-9DE62F8E349F}C:\program files\strongdc++\strongdc.exe] => (Allow) C:\program files\strongdc++\strongdc.exe () [File not signed]
FirewallRules: [{EC68B4E9-7E1A-4167-AD4C-B8056B413FC7}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe (Black Hole Kft. -> Black Hole Entertainment) [File not signed]
FirewallRules: [{16814BD8-1B5B-4465-A6C6-1271467948DA}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe (Black Hole Kft. -> Black Hole Entertainment) [File not signed]
FirewallRules: [UDP Query User{D6CCBB25-1014-4653-8C34-01ACB5770202}C:\program files\strongdc++\strongdc.exe] => (Allow) C:\program files\strongdc++\strongdc.exe () [File not signed]
FirewallRules: [TCP Query User{39B1DF47-5F66-445A-9B5D-2397C0BA537D}C:\program files\strongdc++\strongdc.exe] => (Allow) C:\program files\strongdc++\strongdc.exe () [File not signed]
FirewallRules: [UDP Query User{95349E69-7680-4831-923E-145140F4F9BF}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Block) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe (BioWare -> BioWare) [File not signed]
FirewallRules: [TCP Query User{21DE61FA-26AB-4088-9667-83D52FCD964E}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Block) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe (BioWare -> BioWare) [File not signed]
FirewallRules: [{709879F9-B904-4F23-9F32-9B352C13B4DB}] => (Allow) D:\Hry\Mass Effect\MassEffectLauncher.exe (BioWare -> BioWare)
FirewallRules: [{F22A9043-5EBA-4005-9739-D2167CD85A7B}] => (Allow) D:\Hry\Mass Effect\MassEffectLauncher.exe (BioWare -> BioWare)
FirewallRules: [{46FBF4FF-ECDC-4E6D-8A66-7B58D4C42DEE}] => (Allow) D:\Hry\Mass Effect\Binaries\MassEffect.exe (BioWare) [File not signed]
FirewallRules: [{12EC91D3-DCA0-4FA5-8327-7C82B55DA889}] => (Allow) D:\Hry\Mass Effect\Binaries\MassEffect.exe (BioWare) [File not signed]
FirewallRules: [UDP Query User{B48780BD-CEDD-477B-A77C-7BB7DAAC8A8A}D:\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) D:\cryptic studios\neverwinter\live\gameclient.exe No File
FirewallRules: [TCP Query User{172DC863-48A6-4AB9-9999-92E38D430B9A}D:\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) D:\cryptic studios\neverwinter\live\gameclient.exe No File
FirewallRules: [UDP Query User{2C8BF296-B3EE-460D-BD02-2E6ED4DEC591}D:\hry\counter-strike 1.6\hl.exe] => (Block) D:\hry\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{6C821628-FA3B-472E-8DCE-393B655E16C3}D:\hry\counter-strike 1.6\hl.exe] => (Block) D:\hry\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{1A8C8671-20E2-4FEF-AB3A-CC905F0517AA}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{4B42E5C4-5FB5-4573-AF22-8F85F2C88BD3}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9E218021-0192-45BE-99FF-7782AFF834A1}D:\hry\bulánci\bulanci.exe] => (Allow) D:\hry\bulánci\bulanci.exe () [File not signed]
FirewallRules: [TCP Query User{1D0583B3-4DBD-4816-9064-6F3EC5EBB4DE}D:\hry\bulánci\bulanci.exe] => (Allow) D:\hry\bulánci\bulanci.exe () [File not signed]
FirewallRules: [UDP Query User{950D2CEF-A84C-4FEE-B90A-184C9780D114}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{9BE0A137-3FD3-4EF4-B9A3-A2546733CEFA}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{24DA82C0-026B-457C-A51A-96D91758C8D8}D:\hry\bulánci\bulanci.exe] => (Allow) D:\hry\bulánci\bulanci.exe () [File not signed]
FirewallRules: [TCP Query User{A93DD8C8-7980-4760-8E90-E0DAB2BADFDB}D:\hry\bulánci\bulanci.exe] => (Allow) D:\hry\bulánci\bulanci.exe () [File not signed]
FirewallRules: [UDP Query User{6707E77E-7CBE-4F4F-AEA5-2394682DCAB7}D:\hry\counter-strike 1.6\hl.exe] => (Allow) D:\hry\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{70739AFA-6A2C-4DB6-BF03-F223D344F45D}D:\hry\counter-strike 1.6\hl.exe] => (Allow) D:\hry\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [{58B068FC-95B3-4334-A4A1-9CEAEBDEE265}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe (Electronic Arts -> Solid State Networks)
FirewallRules: [{B63DA29B-9C9E-432E-9548-4270192EC870}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe (Electronic Arts -> Solid State Networks)
FirewallRules: [{C3FBC256-00C5-444C-ACA7-39857F5075F3}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe (Electronic Arts -> Solid State Networks)
FirewallRules: [{42F21522-12D8-4F73-AE32-F81B91B6D580}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe (Electronic Arts -> Solid State Networks)
FirewallRules: [UDP Query User{823DF2CA-DF20-4855-8FAD-3AB7729E8200}D:\hry\borderlands\binaries\borderlands.exe] => (Allow) D:\hry\borderlands\binaries\borderlands.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [TCP Query User{E58DA5B2-1272-44EE-AB08-145E2DE297AE}D:\hry\borderlands\binaries\borderlands.exe] => (Allow) D:\hry\borderlands\binaries\borderlands.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [UDP Query User{144D66E7-5906-4ED1-AABC-950D229AC1A5}D:\hry\borderlands\binaries\borderlands.exe] => (Allow) D:\hry\borderlands\binaries\borderlands.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [TCP Query User{0C9297C8-1C65-4B91-AE3E-6025F89C6AF8}D:\hry\borderlands\binaries\borderlands.exe] => (Allow) D:\hry\borderlands\binaries\borderlands.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{E513D1AC-B5B6-4F3C-A6F5-CE499B905368}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\configure.exe () [File not signed]
FirewallRules: [{DC405E17-BBEF-4775-A167-4D696C35BB85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\configure.exe () [File not signed]
FirewallRules: [{20398FD9-35C6-4C67-B845-8AC9F913A5BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exe () [File not signed]
FirewallRules: [{F7785A77-90A0-4EBD-89ED-19A9BAD0A824}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exe () [File not signed]
FirewallRules: [UDP Query User{FEC1938F-8192-4914-89CE-6D7574C90DD6}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{C7A0F57F-A7D3-4B24-9BF4-AB35017A5418}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{9CBDA12D-827F-484A-A5CD-33C6E60BE526}] => (Allow) C:\Program Files (x86)\Zaklínač - Rozšířená edice\launcher.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{4F05273C-079D-45C2-98FD-423EFED5D821}] => (Allow) C:\Program Files (x86)\Zaklínač - Rozšířená edice\launcher.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [UDP Query User{F503E76B-FF5E-4CAD-BC8E-6E4F375A455F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [TCP Query User{38E19254-AF41-4226-9E24-870B40C2F8C4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [{D4454882-7018-4862-9017-08963B4AE2FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex - Human Revolution\dxhr.exe (Square Enix LTD -> Square Enix Limited)
FirewallRules: [{16DA9DCB-FE9C-47C2-A09C-64C887F160C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex - Human Revolution\dxhr.exe (Square Enix LTD -> Square Enix Limited)
FirewallRules: [{51EEC945-31F2-428D-BAE8-4F400943436F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lara Croft and the Guardian of Light\lcgol.exe (Valve Corp. -> Square Enix Limited) [File not signed]
FirewallRules: [{9228F38C-4D29-4ACE-8442-7E9953D9DE9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lara Croft and the Guardian of Light\lcgol.exe (Valve Corp. -> Square Enix Limited) [File not signed]
FirewallRules: [{93D687DD-33D4-49C5-848B-2008BD11EF7A}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{C7C21015-DD98-4873-A948-A3985FED3771}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{E5E4833D-4183-4B77-9A39-57F54F509418}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3793BA97-768C-4C5E-9256-9CB504E526A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B66A8579-2729-4C5C-A1CD-4A5DEE91E12B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{4516328A-0F0D-4FC2-9AB1-5999F058119B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{208ACDB2-28E4-4353-BD22-6B3E1A5C3959}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80E6F86B-D6D4-4DF1-8570-4C1244947B39}] => (Allow) LPort=1900
FirewallRules: [{0AFD600E-FFF2-437F-8C98-1AD7404A2264}] => (Allow) LPort=2869
FirewallRules: [{0598FD00-2DAA-46D2-A321-586DCC771AAE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01F85889-B5FB-4EEC-A24C-7F7486DF4CB5}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{C7CE7932-F2E1-407A-A35B-6E7AA59556F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{30498892-7CF8-4E29-875D-1D5483C56890}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BB215526-2E55-4242-A121-EF0B94B8A69F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C6DC06C8-E272-43D5-ACBD-9470160E8A59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E68E1C2E-AFF4-4D33-B25E-1985BA9A1E8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{09456ABF-459C-4181-B9E0-E5F5B36B8DF3}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{B066919F-88A9-48DA-A5B0-AA83974FC08F}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{22FF287E-DEC4-4FB9-8F0D-AB4C5419DFDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Icewind Dale Enhanced Edition\icewind.exe (Overhaul Games™) [File not signed]
FirewallRules: [{44B8AF7F-8EDD-4360-87A4-7A74DA3EE7B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Icewind Dale Enhanced Edition\icewind.exe (Overhaul Games™) [File not signed]
FirewallRules: [{33B1F8ED-7126-4F01-9857-9397EEB4FFBA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe (Telltale Games) [File not signed]
FirewallRules: [{3EADFFC1-92DC-4728-8A9A-D395A1C2BEC9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe (Telltale Games) [File not signed]
FirewallRules: [{0A813E42-DFCE-4628-973C-0E2FB8A5C229}] => (Allow) G:\Hry\Wargaming.net\GameCenter\wgc.exe No File
FirewallRules: [{178F6011-1EC8-4073-BD4F-D072FFB8D2F6}] => (Allow) G:\Hry\Wargaming.net\GameCenter\wgc.exe No File
FirewallRules: [{1B366B7D-6AD3-420D-B4E9-634CBF594CDD}] => (Allow) G:\Hry\World_of_Warplanes_EU\WorldOfWarplanes.exe No File
FirewallRules: [{3424094C-9398-4EF5-9156-04C93338152A}] => (Allow) G:\Hry\World_of_Warplanes_EU\WorldOfWarplanes.exe No File
FirewallRules: [TCP Query User{B37D781B-4325-4371-9B06-5EFE56E9972D}C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [UDP Query User{8537C818-89E1-4579-8E35-1A352DFEBFA6}C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{B5F6CDE7-7EF4-4183-8DD3-1CDE6752A64A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\One Unit Whole Blood\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{E5A43DC8-92FB-428D-9196-B62160AC68F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\One Unit Whole Blood\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [TCP Query User{418A3B2F-1BA3-4E88-BF25-8DF1EBD9B530}C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [UDP Query User{9D54A450-7B8C-41CB-A9B3-020464537540}C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [TCP Query User{01040F76-406D-45F2-A797-5F57C5259CF2}D:\hry\outlast + dlc whistleblower\binaries\win64\olgame.exe] => (Allow) D:\hry\outlast + dlc whistleblower\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{2B73554A-4022-42DE-B10D-E7E1544D6269}D:\hry\outlast + dlc whistleblower\binaries\win64\olgame.exe] => (Allow) D:\hry\outlast + dlc whistleblower\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [TCP Query User{D2458B7D-AD22-4042-8351-D1F91CF71E72}D:\hry\outlast + dlc whistleblower\binaries\win64\olgame.exe] => (Allow) D:\hry\outlast + dlc whistleblower\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{F654922B-FD7F-41CB-AB29-4F36CF7B1E0A}D:\hry\outlast + dlc whistleblower\binaries\win64\olgame.exe] => (Allow) D:\hry\outlast + dlc whistleblower\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [TCP Query User{99F403E8-5099-44EE-A931-00D22F82731E}D:\hry\diablo i + hellfire (2001)(cz)\diablo i + hellfire (2001)(cz)\diablo 1 plus hellfire cz\diablo\diablo.exe] => (Block) D:\hry\diablo i + hellfire (2001)(cz)\diablo i + hellfire (2001)(cz)\diablo 1 plus hellfire cz\diablo\diablo.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{9550282B-63E3-44BE-BDE5-C8E8077DCED7}D:\hry\diablo i + hellfire (2001)(cz)\diablo i + hellfire (2001)(cz)\diablo 1 plus hellfire cz\diablo\diablo.exe] => (Block) D:\hry\diablo i + hellfire (2001)(cz)\diablo i + hellfire (2001)(cz)\diablo 1 plus hellfire cz\diablo\diablo.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{DFE5CE90-1AFE-493C-A0B3-C9F14E575278}D:\hry\tf 2\team fortress 2\hl2.exe] => (Allow) D:\hry\tf 2\team fortress 2\hl2.exe No File
FirewallRules: [UDP Query User{8D20D578-C786-457D-A05D-ABCFD25FBD66}D:\hry\tf 2\team fortress 2\hl2.exe] => (Allow) D:\hry\tf 2\team fortress 2\hl2.exe No File
FirewallRules: [TCP Query User{E61BD731-EDE6-44D0-A7A4-3ABE2DD4F333}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{8BDFECC5-B147-43FD-B03F-10650F83740E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{A866416F-9B4B-4E4F-A7B3-A0F3A5EFF0A9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{AED94610-E0E5-4B9A-9194-6BF5FAF37BBC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [{A8BF0D50-7A1F-46C6-87B9-6FD28E1CDE42}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [{035680B0-6811-42EA-90F3-DADBEB35CE2F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [TCP Query User{49E53443-4E48-4E4A-9D58-9F226023D4AA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{54A146E2-2F6A-4F16-BE6D-9247E5695809}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [{BD084611-3EBE-4256-B938-A316B20F10BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game of Thrones\Thrones.exe (Telltale Games) [File not signed]
FirewallRules: [{F5F22F76-6D73-4093-BDAD-2DD938290C2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game of Thrones\Thrones.exe (Telltale Games) [File not signed]
FirewallRules: [{75911137-301A-44E7-A0EE-A1BC40187BC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nosferatu The Wrath of Malachi\Nosferatu.exe (Idol FX AB) [File not signed]
FirewallRules: [{3D5783F2-C62E-4FF0-8279-488467307CA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nosferatu The Wrath of Malachi\Nosferatu.exe (Idol FX AB) [File not signed]
FirewallRules: [TCP Query User{47E458DA-D904-4871-8D7D-A3ACEEF90CA2}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [UDP Query User{1E3A6B11-3D29-482E-8694-19461CE19B3A}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [{3A111193-758A-4D9A-88A0-8F687EDD6C17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lucius\Lucius.exe (Esenthel) [File not signed]
FirewallRules: [{0D7385C0-E049-41A5-8BDC-11282E13A61C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lucius\Lucius.exe (Esenthel) [File not signed]
FirewallRules: [TCP Query User{D9039D64-E1DB-4A09-9363-1BB584DADCAE}C:\program files (x86)\disciples gold\exe\disciple.exe] => (Block) C:\program files (x86)\disciples gold\exe\disciple.exe (Strategy First) [File not signed]
FirewallRules: [UDP Query User{1A9AFDFD-06CE-4189-8D18-ABD222FBF4E2}C:\program files (x86)\disciples gold\exe\disciple.exe] => (Block) C:\program files (x86)\disciples gold\exe\disciple.exe (Strategy First) [File not signed]
FirewallRules: [{88EF709D-84D0-4B37-9F32-7B401BAAAC23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{744FD315-5B46-452E-A08D-16080FD816B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [TCP Query User{AA6BA898-03D2-4AE8-BAC8-1A7AEDDDA508}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [UDP Query User{D9E56ACB-EF17-475C-9F14-D341C7A1544E}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{5562D02D-570E-4325-B94B-89BC2E755B98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{23E67839-BC62-4E48-8BEB-3B6E5562FED4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [TCP Query User{FE4F3945-9F85-4980-A2DD-17DD1A632AEA}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.)
FirewallRules: [UDP Query User{75A6CE8A-F395-4D0B-BB32-1CB6697E493C}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.)
FirewallRules: [{A43AB198-D3F0-4CC7-AFF2-F36F115BD25A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens versus Predator Classic\Launcher\AvpGoldLauncher.exe () [File not signed]
FirewallRules: [{BEE8376D-F204-4F43-A130-9A1B7EE70695}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens versus Predator Classic\Launcher\AvpGoldLauncher.exe () [File not signed]
FirewallRules: [{15DD0088-A981-4CCE-88DF-9BF5C0315CE1}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{F51F46D6-51DA-4217-B85E-E4F72CD3EB75}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{6B161DEC-4827-4FDC-B5CD-AE345D123E25}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{FEF2FF89-E563-439A-AA79-B5758126EECD}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{5F29AE50-61B6-4795-9F32-84B57651FD17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{53D17EDF-91D4-4232-8E01-D2DA775CCF58}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{2D8E22D4-C136-496A-8698-BC365014A942}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{A0F32686-7D69-4FAA-BF14-4A64568D8A09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [TCP Query User{3B7C7B9F-9DA7-406B-B632-077A60872688}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe (Electronic Arts -> BioWare)
FirewallRules: [UDP Query User{84B0AF15-3337-407D-9813-55CEA0FA2262}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe (Electronic Arts -> BioWare)
FirewallRules: [TCP Query User{B420797E-66BA-4DFB-874E-D773B9BADF0F}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe (Electronic Arts -> BioWare)
FirewallRules: [UDP Query User{9C23014D-1F8E-4399-A008-4E2200CFA021}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe (Electronic Arts -> BioWare)
FirewallRules: [TCP Query User{DAE6C866-BA9B-4EED-BF44-81C5B83CDE3D}J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{F033328A-C232-4B75-81B1-74328F259032}J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe No File
FirewallRules: [TCP Query User{825D8D57-6164-4D19-ACC8-A87ED72A1AD2}C:\program files (x86)\common files\oracle\java\javapath_target_48872734\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_48872734\java.exe
FirewallRules: [UDP Query User{9A0CE685-A1AC-46FF-B378-3065C4A939E1}C:\program files (x86)\common files\oracle\java\javapath_target_48872734\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_48872734\java.exe
FirewallRules: [{A5C3EC63-332E-4730-88FC-EA487EC98C61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{B36DFB16-F696-4873-B173-B5E126DB1EA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{3FB47E77-74EE-45BA-A98C-1906F10E284C}] => (Allow) C:\Users\Okko\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E0AE8225-E3A3-4A46-B946-E180519DBC78}] => (Allow) C:\Users\Okko\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1D59CEE3-6492-4690-A107-75D45481F0AF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{493C3300-61E3-468C-9C3E-5E924937EB8D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{56C864DB-DD70-4EA9-B677-1648B945F8D7}] => (Allow) D:\SteamLibrary\steamapps\common\Cryptic Studios\Neverwinter.exe (Cryptic Studios Inc. -> )
FirewallRules: [{06602645-B7AB-422A-ABBB-345008A0932D}] => (Allow) D:\SteamLibrary\steamapps\common\Cryptic Studios\Neverwinter.exe (Cryptic Studios Inc. -> )
FirewallRules: [TCP Query User{22AD7A4E-35DB-47F9-B3B5-F9B2790C4C2A}D:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) D:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe (Cryptic Studios Inc. -> )
FirewallRules: [UDP Query User{B6D1E410-F36C-4A8A-A5AC-1D2240675C3B}D:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) D:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe (Cryptic Studios Inc. -> )
FirewallRules: [{CF14FA8D-9A9C-4877-BF30-AC866DFCEB35}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

08-02-2020 15:19:32 Odebráno: Microsoft Office
15-02-2020 16:28:18 Naplánovaný kontrolní bod
22-02-2020 18:52:56 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/26/2020 10:04:34 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (02/26/2020 04:53:14 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: Procedura Collect pro službu C:\Windows\System32\winspool.drv v knihovně DLL Spooler generovala výjimku nebo vrátila neplatný stav. Výkonnostní data vrácená knihovnou DLL čítačů nebudou vrácena v bloku výkonnostních dat. Kód výjimky nebo stavu obsahují první čtyři bajty (DWORD) v datové části.

Error: (02/25/2020 04:15:01 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: Procedura Collect pro službu C:\Windows\System32\winspool.drv v knihovně DLL Spooler generovala výjimku nebo vrátila neplatný stav. Výkonnostní data vrácená knihovnou DLL čítačů nebudou vrácena v bloku výkonnostních dat. Kód výjimky nebo stavu obsahují první čtyři bajty (DWORD) v datové části.

Error: (02/23/2020 08:29:49 PM) (Source: ESENT) (EventID: 413) (User: )
Description: DllHost (2084) WebCacheLocal: Nový soubor protokolu nelze vytvořit, protože není možné zapisovat na jednotku protokolu. Jednotka může být označena jen pro čtení, na disku je nedostatek místa nebo je jednotka chybně nakonfigurována či poškozena. Chyba -1032

Error: (02/23/2020 08:29:49 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (2084) WebCacheLocal: Pokus o otevření souboru C:\Users\Okko\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (02/23/2020 07:22:53 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: Procedura Collect pro službu C:\Windows\System32\winspool.drv v knihovně DLL Spooler generovala výjimku nebo vrátila neplatný stav. Výkonnostní data vrácená knihovnou DLL čítačů nebudou vrácena v bloku výkonnostních dat. Kód výjimky nebo stavu obsahují první čtyři bajty (DWORD) v datové části.

Error: (02/23/2020 01:00:05 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (02/21/2020 04:35:55 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: Procedura Collect pro službu C:\Windows\System32\winspool.drv v knihovně DLL Spooler generovala výjimku nebo vrátila neplatný stav. Výkonnostní data vrácená knihovnou DLL čítačů nebudou vrácena v bloku výkonnostních dat. Kód výjimky nebo stavu obsahují první čtyři bajty (DWORD) v datové části.


System errors:
=============
Error: (02/27/2020 10:18:24 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: J:\Device\HarddiskVolume93

Error: (02/26/2020 10:09:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDFProFiltSrvPP byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/26/2020 10:02:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/26/2020 10:02:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (02/26/2020 10:00:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba Windows Media Player Network Sharing závisí na službě Windows Search, která neuspěla při spuštění v důsledku následující chyby:
Služba nebyla spuštěna.

Error: (02/26/2020 09:59:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/26/2020 09:59:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/26/2020 09:59:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2019-10-15 22:13:13.370
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {AE33EA21-4676-4594-82F8-BB6A6354FEB8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-10-15 21:45:26.865
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A56CEF5B-B9C5-43B4-9724-3D03DAAF6B33}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-10-15 18:38:43.823
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8EEC34DD-A22B-46F3-941A-ECA13E688B39}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-10-15 18:31:43.595
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files (x86)\Southpark Stick of Truth\steam_api.dll
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\rundll32.exe
Verze podpisu: AV: 1.303.1752.0, AS: 1.303.1752.0, NIS: 119.0.0.0
Verze modulu: AM: 1.1.16400.2, NIS: 2.1.14600.4

Date: 2019-10-15 16:57:20.958
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {72604F68-1C80-4D91-8975-B966AB254292}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-02 09:28:43.346
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 119.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: Okko-ntb\Okko
Aktuální verze modulu:
Předchozí verze modulu: 2.1.14600.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-05-02 09:28:43.341
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.277.950.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: Okko-ntb\Okko
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15300.6
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-05-02 09:28:43.341
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.277.950.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: Okko-ntb\Okko
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15300.6
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-05-02 09:28:43.321
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.277.950.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15300.6
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-05-02 09:28:27.440
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 119.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: Okko-ntb\Okko
Aktuální verze modulu:
Předchozí verze modulu: 2.1.14600.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2018-02-20 20:17:19.605
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-20 20:17:19.496
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-20 20:17:19.386
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-20 20:17:19.271
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-20 20:17:19.162
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-20 20:17:19.044
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-20 20:17:18.931
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-20 20:17:18.824
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. E16GBIMS.50I 10/13/2012
Motherboard: Micro-Star International Co., Ltd. MS-16GB
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 38%
Total physical RAM: 8081.44 MB
Available physical RAM: 5007.95 MB
Total Virtual: 9361.44 MB
Available Virtual: 5974.38 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:638.04 GB) (Free:13.11 GB) NTFS
Drive d: (Data) (Fixed) (Total:271.43 GB) (Free:20.68 GB) NTFS

\\?\Volume{056f02fc-582e-4720-bb9c-b6fb4816c3ff}\ (WinRE tools) (Fixed) (Total:0.59 GB) (Free:0.33 GB) NTFS
\\?\Volume{a974895a-83ef-4393-ab80-8872abee12c4}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS
\\?\Volume{374d8bfc-72f5-4d2c-8bf0-a3c8b5bf3961}\ (BIOS_RVY) (Fixed) (Total:20.6 GB) (Free:1.29 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AC38BDF4)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Měl jsem problém s hackerským útokem

Napsal: 27 úno 2020 17:04
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [UDP Query User{5A143EB9-EFE9-42C1-8E6A-B17B8BC04A9E}C:6\hry\resident evil 6\bh6.exe] => (Allow) C:6\hry\resident evil 6\bh6.exe No File
FirewallRules: [TCP Query User{509DAF5B-F8A9-4CD0-86EC-87E9A1C87F6B}C:6\hry\resident evil 6\bh6.exe] => (Allow) C:6\hry\resident evil 6\bh6.exe No File
FirewallRules: [UDP Query User{6963AC44-2D9E-4F7E-A34D-452EA4141FD6}C:0\hry\resident evil 6 complete edition\bh6.exe] => (Allow) C:0\hry\resident evil 6 complete edition\bh6.exe No File
FirewallRules: [TCP Query User{CF802E5D-659F-400B-8EF4-C4EFFAA27975}C:0\hry\resident evil 6 complete edition\bh6.exe] => (Allow) C:0\hry\resident evil 6 complete edition\bh6.exe No File
FirewallRules: [UDP Query User{8EE61B12-7977-40C7-9D91-4560B61FAF4A}G:\hry\resident evil 6 complete edition\bh6.exe] => (Allow) G:\hry\resident evil 6 complete edition\bh6.exe No File
FirewallRules: [TCP Query User{C2765806-0240-4F3C-BF54-61003DBF5C88}G:\hry\resident evil 6 complete edition\bh6.exe] => (Allow) G:\hry\resident evil 6 complete edition\bh6.exe No File
FirewallRules: [UDP Query User{D333AF59-24C3-470A-8FB5-87A1BBAFA7ED}C:\program files (x86)\resident evil 5 gold edition\launcher.exe] => (Allow) C:\program files (x86)\resident evil 5 gold edition\launcher.exe No File
FirewallRules: [TCP Query User{2D4A6682-C552-4C34-BA9E-A00ECED995A6}C:\program files (x86)\resident evil 5 gold edition\launcher.exe] => (Allow) C:\program files (x86)\resident evil 5 gold edition\launcher.exe No File
FirewallRules: [UDP Query User{BD63A775-DBBF-4F36-8948-C4E0581FB2F5}C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [TCP Query User{33431387-BA43-471D-A08C-B27A177C48C2}C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [UDP Query User{73E385CA-4DCF-4819-A6DE-FA8E23A52844}C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe] => (Block) C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe No File
FirewallRules: [TCP Query User{47CA561C-A01A-451C-953C-5E105AF544C5}C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe] => (Block) C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe No File
FirewallRules: [UDP Query User{2E2B0701-74DC-4BEA-B5FC-0E67F3622BD6}D:\hry\disciples ii gold\galleans return\discipl2.exe] => (Block) D:\hry\disciples ii gold\galleans return\discipl2.exe No File
FirewallRules: [TCP Query User{CC799D88-9728-4D53-A772-50B5EC8AE055}D:\hry\disciples ii gold\galleans return\discipl2.exe] => (Block) D:\hry\disciples ii gold\galleans return\discipl2.exe No File
FirewallRules: [UDP Query User{611D9BED-9CFD-4373-A3C2-9BB43A26E5D4}C:\program files (x86)\dragon age\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\dragon age\bin_ship\daorigins.exe No File
FirewallRules: [TCP Query User{0F9AC37E-37DB-4961-8F57-2A8298EA5611}C:\program files (x86)\dragon age\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\dragon age\bin_ship\daorigins.exe No File
FirewallRules: [UDP Query User{B48780BD-CEDD-477B-A77C-7BB7DAAC8A8A}D:\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) D:\cryptic studios\neverwinter\live\gameclient.exe No File
FirewallRules: [TCP Query User{172DC863-48A6-4AB9-9999-92E38D430B9A}D:\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) D:\cryptic studios\neverwinter\live\gameclient.exe No File
FirewallRules: [UDP Query User{F503E76B-FF5E-4CAD-BC8E-6E4F375A455F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [TCP Query User{38E19254-AF41-4226-9E24-870B40C2F8C4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [{0A813E42-DFCE-4628-973C-0E2FB8A5C229}] => (Allow) G:\Hry\Wargaming.net\GameCenter\wgc.exe No File
FirewallRules: [{178F6011-1EC8-4073-BD4F-D072FFB8D2F6}] => (Allow) G:\Hry\Wargaming.net\GameCenter\wgc.exe No File
FirewallRules: [{1B366B7D-6AD3-420D-B4E9-634CBF594CDD}] => (Allow) G:\Hry\World_of_Warplanes_EU\WorldOfWarplanes.exe No File
FirewallRules: [{3424094C-9398-4EF5-9156-04C93338152A}] => (Allow) G:\Hry\World_of_Warplanes_EU\WorldOfWarplanes.exe No File
FirewallRules: [TCP Query User{DFE5CE90-1AFE-493C-A0B3-C9F14E575278}D:\hry\tf 2\team fortress 2\hl2.exe] => (Allow) D:\hry\tf 2\team fortress 2\hl2.exe No File
FirewallRules: [UDP Query User{8D20D578-C786-457D-A05D-ABCFD25FBD66}D:\hry\tf 2\team fortress 2\hl2.exe] => (Allow) D:\hry\tf 2\team fortress 2\hl2.exe No File
FirewallRules: [TCP Query User{E61BD731-EDE6-44D0-A7A4-3ABE2DD4F333}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{8BDFECC5-B147-43FD-B03F-10650F83740E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{A866416F-9B4B-4E4F-A7B3-A0F3A5EFF0A9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{AED94610-E0E5-4B9A-9194-6BF5FAF37BBC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [{A8BF0D50-7A1F-46C6-87B9-6FD28E1CDE42}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [{035680B0-6811-42EA-90F3-DADBEB35CE2F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [TCP Query User{49E53443-4E48-4E4A-9D58-9F226023D4AA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{54A146E2-2F6A-4F16-BE6D-9247E5695809}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{DAE6C866-BA9B-4EED-BF44-81C5B83CDE3D}J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{F033328A-C232-4B75-81B1-74328F259032}J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe No File
C:\Program Files (x86)\Southpark Stick of Truth\steam_api.dll
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\MountPoints2: {0b1dfdc6-0b53-11ea-80a4-8c89a5083b21} - "G:\AutoRun.exe"
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\MountPoints2: {673a086f-825c-11e2-be7c-0cd2923ce500} - "G:\unlock.exe" autoplay=true
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-55469658-3419985309-1369119327-1002\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0391B9F5-0E0F-42DD-A039-793852082F2E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
Task: {103F1E4C-4CD8-4C0F-87E0-F6C5DE90BD6C} - System32\Tasks\{ABD73A06-1074-4D6C-8F20-1D878E54EE94} => C:\WINDOWS\system32\pcalua.exe -a "D:\Hry\WoW Cata\Wow.exe" -d "D:\Hry\WoW Cata"
Task: {17DC880F-DA9F-46DC-A282-2D2825F24458} - System32\Tasks\{01479244-658F-481D-AF55-19DD1AFB952D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe" -d "C:\Program Files (x86)\Pando Networks\Media Booster
Task: {B906B7E9-3768-45CD-929A-64FF5B075176} - System32\Tasks\{608ABA6A-B53E-4B67-85C1-013264962E2F} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\GOG.com\Gothic 3\Gothic3.exe" -d "C:\Program Files (x86)\GOG.com\Gothic 3\"
Task: {C01C8B8F-779C-4093-8465-3EDFA5B019AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\{608ABA6A-B53E-4B67-85C1-013264962E2F}
C:\Users\Okko\AppData\Local\{FFB8A4C6-6B58-44A6-96AF-480859D6C8F4}

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Měl jsem problém s hackerským útokem

Napsal: 27 úno 2020 17:45
od Falldrax
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-02-2020
Ran by Okko (27-02-2020 17:33:45) Run:1
Running from C:\Users\Okko\Desktop
Loaded Profiles: Okko (Available Profiles: Okko)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [UDP Query User{5A143EB9-EFE9-42C1-8E6A-B17B8BC04A9E}C:6\hry\resident evil 6\bh6.exe] => (Allow) C:6\hry\resident evil 6\bh6.exe No File
FirewallRules: [TCP Query User{509DAF5B-F8A9-4CD0-86EC-87E9A1C87F6B}C:6\hry\resident evil 6\bh6.exe] => (Allow) C:6\hry\resident evil 6\bh6.exe No File
FirewallRules: [UDP Query User{6963AC44-2D9E-4F7E-A34D-452EA4141FD6}C:0\hry\resident evil 6 complete edition\bh6.exe] => (Allow) C:0\hry\resident evil 6 complete edition\bh6.exe No File
FirewallRules: [TCP Query User{CF802E5D-659F-400B-8EF4-C4EFFAA27975}C:0\hry\resident evil 6 complete edition\bh6.exe] => (Allow) C:0\hry\resident evil 6 complete edition\bh6.exe No File
FirewallRules: [UDP Query User{8EE61B12-7977-40C7-9D91-4560B61FAF4A}G:\hry\resident evil 6 complete edition\bh6.exe] => (Allow) G:\hry\resident evil 6 complete edition\bh6.exe No File
FirewallRules: [TCP Query User{C2765806-0240-4F3C-BF54-61003DBF5C88}G:\hry\resident evil 6 complete edition\bh6.exe] => (Allow) G:\hry\resident evil 6 complete edition\bh6.exe No File
FirewallRules: [UDP Query User{D333AF59-24C3-470A-8FB5-87A1BBAFA7ED}C:\program files (x86)\resident evil 5 gold edition\launcher.exe] => (Allow) C:\program files (x86)\resident evil 5 gold edition\launcher.exe No File
FirewallRules: [TCP Query User{2D4A6682-C552-4C34-BA9E-A00ECED995A6}C:\program files (x86)\resident evil 5 gold edition\launcher.exe] => (Allow) C:\program files (x86)\resident evil 5 gold edition\launcher.exe No File
FirewallRules: [UDP Query User{BD63A775-DBBF-4F36-8948-C4E0581FB2F5}C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [TCP Query User{33431387-BA43-471D-A08C-B27A177C48C2}C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [UDP Query User{73E385CA-4DCF-4819-A6DE-FA8E23A52844}C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe] => (Block) C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe No File
FirewallRules: [TCP Query User{47CA561C-A01A-451C-953C-5E105AF544C5}C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe] => (Block) C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe No File
FirewallRules: [UDP Query User{2E2B0701-74DC-4BEA-B5FC-0E67F3622BD6}D:\hry\disciples ii gold\galleans return\discipl2.exe] => (Block) D:\hry\disciples ii gold\galleans return\discipl2.exe No File
FirewallRules: [TCP Query User{CC799D88-9728-4D53-A772-50B5EC8AE055}D:\hry\disciples ii gold\galleans return\discipl2.exe] => (Block) D:\hry\disciples ii gold\galleans return\discipl2.exe No File
FirewallRules: [UDP Query User{611D9BED-9CFD-4373-A3C2-9BB43A26E5D4}C:\program files (x86)\dragon age\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\dragon age\bin_ship\daorigins.exe No File
FirewallRules: [TCP Query User{0F9AC37E-37DB-4961-8F57-2A8298EA5611}C:\program files (x86)\dragon age\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\dragon age\bin_ship\daorigins.exe No File
FirewallRules: [UDP Query User{B48780BD-CEDD-477B-A77C-7BB7DAAC8A8A}D:\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) D:\cryptic studios\neverwinter\live\gameclient.exe No File
FirewallRules: [TCP Query User{172DC863-48A6-4AB9-9999-92E38D430B9A}D:\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) D:\cryptic studios\neverwinter\live\gameclient.exe No File
FirewallRules: [UDP Query User{F503E76B-FF5E-4CAD-BC8E-6E4F375A455F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [TCP Query User{38E19254-AF41-4226-9E24-870B40C2F8C4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [{0A813E42-DFCE-4628-973C-0E2FB8A5C229}] => (Allow) G:\Hry\Wargaming.net\GameCenter\wgc.exe No File
FirewallRules: [{178F6011-1EC8-4073-BD4F-D072FFB8D2F6}] => (Allow) G:\Hry\Wargaming.net\GameCenter\wgc.exe No File
FirewallRules: [{1B366B7D-6AD3-420D-B4E9-634CBF594CDD}] => (Allow) G:\Hry\World_of_Warplanes_EU\WorldOfWarplanes.exe No File
FirewallRules: [{3424094C-9398-4EF5-9156-04C93338152A}] => (Allow) G:\Hry\World_of_Warplanes_EU\WorldOfWarplanes.exe No File
FirewallRules: [TCP Query User{DFE5CE90-1AFE-493C-A0B3-C9F14E575278}D:\hry\tf 2\team fortress 2\hl2.exe] => (Allow) D:\hry\tf 2\team fortress 2\hl2.exe No File
FirewallRules: [UDP Query User{8D20D578-C786-457D-A05D-ABCFD25FBD66}D:\hry\tf 2\team fortress 2\hl2.exe] => (Allow) D:\hry\tf 2\team fortress 2\hl2.exe No File
FirewallRules: [TCP Query User{E61BD731-EDE6-44D0-A7A4-3ABE2DD4F333}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{8BDFECC5-B147-43FD-B03F-10650F83740E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{A866416F-9B4B-4E4F-A7B3-A0F3A5EFF0A9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{AED94610-E0E5-4B9A-9194-6BF5FAF37BBC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [{A8BF0D50-7A1F-46C6-87B9-6FD28E1CDE42}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [{035680B0-6811-42EA-90F3-DADBEB35CE2F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [TCP Query User{49E53443-4E48-4E4A-9D58-9F226023D4AA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{54A146E2-2F6A-4F16-BE6D-9247E5695809}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{DAE6C866-BA9B-4EED-BF44-81C5B83CDE3D}J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{F033328A-C232-4B75-81B1-74328F259032}J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe No File
C:\Program Files (x86)\Southpark Stick of Truth\steam_api.dll
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\MountPoints2: {0b1dfdc6-0b53-11ea-80a4-8c89a5083b21} - "G:\AutoRun.exe"
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\...\MountPoints2: {673a086f-825c-11e2-be7c-0cd2923ce500} - "G:\unlock.exe" autoplay=true
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-55469658-3419985309-1369119327-1002\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0391B9F5-0E0F-42DD-A039-793852082F2E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
Task: {103F1E4C-4CD8-4C0F-87E0-F6C5DE90BD6C} - System32\Tasks\{ABD73A06-1074-4D6C-8F20-1D878E54EE94} => C:\WINDOWS\system32\pcalua.exe -a "D:\Hry\WoW Cata\Wow.exe" -d "D:\Hry\WoW Cata"
Task: {17DC880F-DA9F-46DC-A282-2D2825F24458} - System32\Tasks\{01479244-658F-481D-AF55-19DD1AFB952D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe" -d "C:\Program Files (x86)\Pando Networks\Media Booster
Task: {B906B7E9-3768-45CD-929A-64FF5B075176} - System32\Tasks\{608ABA6A-B53E-4B67-85C1-013264962E2F} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\GOG.com\Gothic 3\Gothic3.exe" -d "C:\Program Files (x86)\GOG.com\Gothic 3\"
Task: {C01C8B8F-779C-4093-8465-3EDFA5B019AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\{608ABA6A-B53E-4B67-85C1-013264962E2F}
C:\Users\Okko\AppData\Local\{FFB8A4C6-6B58-44A6-96AF-480859D6C8F4}

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
C:\WINDOWS\system32\Drivers\btmhsf.sys => ":Microsoft_Appcompat_ReinstallUpgrade" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5A143EB9-EFE9-42C1-8E6A-B17B8BC04A9E}C:6\hry\resident evil 6\bh6.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{509DAF5B-F8A9-4CD0-86EC-87E9A1C87F6B}C:6\hry\resident evil 6\bh6.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6963AC44-2D9E-4F7E-A34D-452EA4141FD6}C:0\hry\resident evil 6 complete edition\bh6.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CF802E5D-659F-400B-8EF4-C4EFFAA27975}C:0\hry\resident evil 6 complete edition\bh6.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8EE61B12-7977-40C7-9D91-4560B61FAF4A}G:\hry\resident evil 6 complete edition\bh6.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C2765806-0240-4F3C-BF54-61003DBF5C88}G:\hry\resident evil 6 complete edition\bh6.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D333AF59-24C3-470A-8FB5-87A1BBAFA7ED}C:\program files (x86)\resident evil 5 gold edition\launcher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2D4A6682-C552-4C34-BA9E-A00ECED995A6}C:\program files (x86)\resident evil 5 gold edition\launcher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BD63A775-DBBF-4F36-8948-C4E0581FB2F5}C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{33431387-BA43-471D-A08C-B27A177C48C2}C:\program files (x86)\2k games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{73E385CA-4DCF-4819-A6DE-FA8E23A52844}C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{47CA561C-A01A-451C-953C-5E105AF544C5}C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2E2B0701-74DC-4BEA-B5FC-0E67F3622BD6}D:\hry\disciples ii gold\galleans return\discipl2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CC799D88-9728-4D53-A772-50B5EC8AE055}D:\hry\disciples ii gold\galleans return\discipl2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{611D9BED-9CFD-4373-A3C2-9BB43A26E5D4}C:\program files (x86)\dragon age\bin_ship\daorigins.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0F9AC37E-37DB-4961-8F57-2A8298EA5611}C:\program files (x86)\dragon age\bin_ship\daorigins.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B48780BD-CEDD-477B-A77C-7BB7DAAC8A8A}D:\cryptic studios\neverwinter\live\gameclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{172DC863-48A6-4AB9-9999-92E38D430B9A}D:\cryptic studios\neverwinter\live\gameclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F503E76B-FF5E-4CAD-BC8E-6E4F375A455F}C:\program files (x86)\skype\phone\skype.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{38E19254-AF41-4226-9E24-870B40C2F8C4}C:\program files (x86)\skype\phone\skype.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A813E42-DFCE-4628-973C-0E2FB8A5C229}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{178F6011-1EC8-4073-BD4F-D072FFB8D2F6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1B366B7D-6AD3-420D-B4E9-634CBF594CDD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3424094C-9398-4EF5-9156-04C93338152A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DFE5CE90-1AFE-493C-A0B3-C9F14E575278}D:\hry\tf 2\team fortress 2\hl2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8D20D578-C786-457D-A05D-ABCFD25FBD66}D:\hry\tf 2\team fortress 2\hl2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E61BD731-EDE6-44D0-A7A4-3ABE2DD4F333}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8BDFECC5-B147-43FD-B03F-10650F83740E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A866416F-9B4B-4E4F-A7B3-A0F3A5EFF0A9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AED94610-E0E5-4B9A-9194-6BF5FAF37BBC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A8BF0D50-7A1F-46C6-87B9-6FD28E1CDE42}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{035680B0-6811-42EA-90F3-DADBEB35CE2F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{49E53443-4E48-4E4A-9D58-9F226023D4AA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{54A146E2-2F6A-4F16-BE6D-9247E5695809}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DAE6C866-BA9B-4EED-BF44-81C5B83CDE3D}J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F033328A-C232-4B75-81B1-74328F259032}J:\hry\wow clasic\world of warcraft\_classic_\utils\wowvoiceproxy.exe" => removed successfully
"C:\Program Files (x86)\Southpark Stick of Truth\steam_api.dll" => not found
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0b1dfdc6-0b53-11ea-80a4-8c89a5083b21} => removed successfully
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{673a086f-825c-11e2-be7c-0cd2923ce500} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKU\S-1-5-21-55469658-3419985309-1369119327-1002\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0391B9F5-0E0F-42DD-A039-793852082F2E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0391B9F5-0E0F-42DD-A039-793852082F2E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{103F1E4C-4CD8-4C0F-87E0-F6C5DE90BD6C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{103F1E4C-4CD8-4C0F-87E0-F6C5DE90BD6C}" => removed successfully
C:\WINDOWS\System32\Tasks\{ABD73A06-1074-4D6C-8F20-1D878E54EE94} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ABD73A06-1074-4D6C-8F20-1D878E54EE94}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17DC880F-DA9F-46DC-A282-2D2825F24458}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17DC880F-DA9F-46DC-A282-2D2825F24458}" => removed successfully
C:\WINDOWS\System32\Tasks\{01479244-658F-481D-AF55-19DD1AFB952D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{01479244-658F-481D-AF55-19DD1AFB952D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B906B7E9-3768-45CD-929A-64FF5B075176}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B906B7E9-3768-45CD-929A-64FF5B075176}" => removed successfully
C:\WINDOWS\System32\Tasks\{608ABA6A-B53E-4B67-85C1-013264962E2F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{608ABA6A-B53E-4B67-85C1-013264962E2F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C01C8B8F-779C-4093-8465-3EDFA5B019AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C01C8B8F-779C-4093-8465-3EDFA5B019AB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\{608ABA6A-B53E-4B67-85C1-013264962E2F}" => not found
C:\Users\Okko\AppData\Local\{FFB8A4C6-6B58-44A6-96AF-480859D6C8F4} => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62207604 B
Java, Flash, Steam htmlcache => 393538174 B
Windows/system/drivers => 2466946 B
Edge => 0 B
Chrome => 536556392 B
Firefox => 20858737 B
Opera => 297754 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 3402 B
NetworkService => 3402 B
Okko => 67600969 B

RecycleBin => 0 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:36:10 ====

Re: Měl jsem problém s hackerským útokem

Napsal: 27 úno 2020 17:55
od Rudy
Smazáno, log je již OK.

Re: Měl jsem problém s hackerským útokem

Napsal: 27 úno 2020 17:57
od Falldrax
Díky moc za pomoc :D nemám účet, ale mohl bych nějakou částku poslat fyzicky poukázkou z pošty?

Re: Měl jsem problém s hackerským útokem

Napsal: 27 úno 2020 18:52
od Rudy
To, bohužel, není možné. Dříve fungovala možnost přispět dárcovskou SMS, to ale bylo zrušeno z důvodu nicotných částech, které nám zbyly po zaplacení polatku operátorům. Jednou možností je tedy https://platba.viry.cz/payment/ . Nemáte zač!
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz