Problem z wykorzystywaniem dysku W10

[lolos11]

Witam, Mam taki problem iż system podaje że czas aktywności dysku wynosi 90-100% Czy to normalne? Komputer jakoś specjalnie sie nie zacina... System od nowości nie był formatowany (3 lata)

 

Screen z menagera zadań: http://scr.hu/1bcf/6zbed

CrystalDiskInfo: http://scr.hu/1bcf/6295y

 

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by LOLSON (administrator) on LOLSON-PC (07-07-2016 15:52:04)
Running from C:\Users\LOLSON\Desktop
Loaded Profiles: LOLSON & test123 &  (Available Profiles: LOLSON & test123 & DefaultAppPool)
Platform: Windows 10 Pro (X64) Language: Angielski (Stany Zjednoczone)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\System32\PnkBstrA.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files (x86)\screenSHU\screenSHU.exe
(IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
() C:\Program Files (x86)\TESORO Gaming\LOBERA Gaming Keyboard\HID.exe
() C:\Program Files (x86)\TESORO Gaming\SHRIKE V2 Gaming Mouse\mousehid.exe
() C:\Program Files (x86)\TESORO Gaming\SHRIKE V2 Gaming Mouse\trayicon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Qihu 360 Software Co., Ltd.) C:\Program Files (x86)\360\Total Security\safemon\chrome\360webshield.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\QHSafeMain.exe
() C:\Program Files (x86)\360\Total Security\PromoUtil.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Dism.exe
(Microsoft Corporation) C:\Users\LOLSON\AppData\Local\Temp\1648A808-920E-4D9A-8453-0F9B0F34F346\DismHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16719_none_11647d1561f368c0\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6629768 2016-06-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [hshhsaaaws] => [X]
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2015-06-25] (FNet Co., Ltd.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2016-06-21] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2623456 2016-06-02] (Malwarebytes Corporation)
HKLM-x32\...\Run: [G5] => C:\Program Files (x86)\TESORO Gaming\LOBERA Gaming Keyboard\HID.exe [1755648 2014-10-21] ()
HKLM-x32\...\Run: [TESORO] => C:\Program Files (x86)\TESORO Gaming\SHRIKE V2 Gaming Mouse\mousehid.exe [289792 2014-06-11] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-04-05] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\Run: [screenSHU] => C:\Program Files (x86)\screenSHU\screenSHU.exe [2112000 2013-09-04] ()
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1368816 2016-05-12] (Bogdan Sharkov)
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\Run: [VeraCrypt] => C:\Program Files\VeraCrypt\VeraCrypt.exe [2024928 2015-11-05] (IDRIX)
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53130368 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\Run: [BitTorrent] => C:\Users\LOLSON\AppData\Roaming\BitTorrent\updates\7.9.6_42095.exe [1963016 2016-04-24] (BitTorrent Inc.)
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [5513216 2016-05-11] (SecureMix LLC)
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\MountPoints2: {369e9d7a-0256-11e6-9c41-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\MountPoints2: {3bc910c4-ae71-11e5-9c18-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\MountPoints2: {42ea4858-f3d5-11e5-9c3d-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\MountPoints2: {594fa32c-b557-11e5-9c1b-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\MountPoints2: {594fb0d0-b557-11e5-9c1b-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\MountPoints2: {632652cb-f076-11e5-9c3d-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\MountPoints2: {6d798c82-aaf9-11e5-9c18-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\MountPoints2: {6d798cab-aaf9-11e5-9c18-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\MountPoints2: {6d798cad-aaf9-11e5-9c18-bc5ff4ceee10} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\MountPoints2: {6d79a2ac-aaf9-11e5-9c18-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\MountPoints2: {6dc45a07-1ed2-11e6-9c59-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\MountPoints2: {842a9cbe-3b95-11e6-9c62-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\MountPoints2: {d7271d2c-e3f2-11e5-9c32-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [screenSHU] => C:\Program Files (x86)\screenSHU\screenSHU.exe [2112000 2013-09-04] ()
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1368816 2016-05-12] (Bogdan Sharkov)
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [VeraCrypt] => C:\Program Files\VeraCrypt\VeraCrypt.exe [2024928 2015-11-05] (IDRIX)
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53130368 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BitTorrent] => C:\Users\LOLSON\AppData\Roaming\BitTorrent\updates\7.9.6_42095.exe [1963016 2016-04-24] (BitTorrent Inc.)
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [5513216 2016-05-11] (SecureMix LLC)
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {369e9d7a-0256-11e6-9c41-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3bc910c4-ae71-11e5-9c18-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {42ea4858-f3d5-11e5-9c3d-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {594fa32c-b557-11e5-9c1b-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {594fb0d0-b557-11e5-9c1b-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {632652cb-f076-11e5-9c3d-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6d798c82-aaf9-11e5-9c18-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6d798cab-aaf9-11e5-9c18-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6d798cad-aaf9-11e5-9c18-bc5ff4ceee10} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6d79a2ac-aaf9-11e5-9c18-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6dc45a07-1ed2-11e6-9c59-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {842a9cbe-3b95-11e6-9c62-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {d7271d2c-e3f2-11e5-9c32-bc5ff4ceee10} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3785322865-679390889-3198924132-1008\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-3785322865-679390889-3198924132-1008\...\RunOnce: [Uninstall C:\Users\test123\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\test123\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3785322865-679390889-3198924132-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-3785322865-679390889-3198924132-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\test123\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\test123\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellExecuteHooks:  - {98C066AB-D735-4339-9E52-A34875141B56} -  No File [ ]
Startup: C:\Users\LOLSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TotalVPN.lnk [2016-06-20]
ShortcutTarget: TotalVPN.lnk -> C:\Users\LOLSON\AppData\Local\TotalVPN\TotalVPN.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{838481b1-6546-4304-8271-bff8cb1a2652}: [DhcpNameServer] 139.162.11.5 139.162.13.5 139.162.14.5 139.162.15.5
Tcpip\..\Interfaces\{d8a699db-c2bf-4273-abed-4a52f5f93d83}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKLM -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKLM-x32 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3785322865-679390889-3198924132-1000 -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3785322865-679390889-3198924132-1000 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-25] (Oracle Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-06-21] (Qihu 360 Software Co., Ltd.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-25] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-02-01] (Qihu 360 Software Co., Ltd.)
Toolbar: HKU\S-1-5-21-3785322865-679390889-3198924132-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

FireFox:
========
FF ProfilePath: C:\Users\LOLSON\AppData\Roaming\Mozilla\Firefox\Profiles\2b148xnx.default
FF Homepage: about:home
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF user.js: detected! => C:\Users\LOLSON\AppData\Roaming\Mozilla\Firefox\Profiles\2b148xnx.default\user.js [2015-12-15]
FF Extension: YouTube™ Flash® Player - C:\Users\LOLSON\AppData\Roaming\Mozilla\Firefox\Profiles\2b148xnx.default\Extensions\[email protected] [2016-03-11]
FF Extension: Adblock Plus - C:\Users\LOLSON\AppData\Roaming\Mozilla\Firefox\Profiles\2b148xnx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360 Internet Protection - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2016-07-07]

Chrome: 
=======
CHR HomePage: ChromeDefaultData -> hxxp://www.dosearches.com/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=hp&from=cor&uid=WDCXWD5000AAJS-55A8B0_WD-WCASY191859418594&ts=1384101298
CHR StartupUrls: ChromeDefaultData -> "hxxp://mysearch.avg.com?cid={F8D73601-3D4E-4B1B-9B46-71A6BC3FD05C}&mid=c24f70d1cd4c47d389e4d154fcc6f9f6-b5dfc5b74873d2651901a7f15b87cfb11a4a2338〈=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-01-11 14:24:23&v=17.3.0.49&pid=safeguard&sg=&sap=hp","hxxp://rts.dsrlte.com"
CHR Session Restore: ChromeDefaultData -> is enabled.
CHR Profile: C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData
CHR Extension: (Dokumenty Google) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-29]
CHR Extension: (Dysk Google) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-29]
CHR Extension: (Adblock Plus) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-29]
CHR Extension: (Steam inventory helper) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2016-06-30]
CHR Extension: (Lamborghini Sesto Elemento Theme) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\dappigdjllcnkkoacaoolciaolaaiemb [2016-06-29]
CHR Extension: (PanicButton) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2016-06-29]
CHR Extension: (Pulpit zdalny Chrome) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-06-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-29]
CHR Extension: (360 Internet Protection) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\glcimepnljoholdmjchkloafkggfoijh [2016-06-29]
CHR Extension: (Ghostery) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-06-29]
CHR Extension: (F.B. Purity For Facebook) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2016-07-06]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-29]
CHR Extension: (Enhanced Steam) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2016-07-06]
CHR Extension: (Gmail) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-29]
CHR Profile: C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentacje Google) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-16]
CHR Extension: (Dokumenty Google) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-16]
CHR Extension: (Dysk Google) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-16]
CHR Extension: (YouTube) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-16]
CHR Extension: (Adblock Plus) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-29]
CHR Extension: (Steam inventory helper) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2016-06-25]
CHR Extension: (Lamborghini Sesto Elemento Theme) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\dappigdjllcnkkoacaoolciaolaaiemb [2016-06-16]
CHR Extension: (PanicButton) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2016-06-16]
CHR Extension: (Arkusze Google) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-16]
CHR Extension: (Pulpit zdalny Chrome) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-06-16]
CHR Extension: (Izak) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfcpekigacdfbhcedbefockjnialnnoi [2016-06-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-25]
CHR Extension: (360 Internet Protection) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2016-06-16]
CHR Extension: (Ghostery) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-06-16]
CHR Extension: (F.B. Purity For Facebook) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2016-06-29]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-16]
CHR Extension: (Enhanced Steam) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2016-06-16]
CHR Extension: (Gmail) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-25]
CHR HKLM\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ACTION_SVC; C:\Program Files (x86)\Mirillis\Action!\action_svc.exe [16064 2014-10-25] ()
S4 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [182304 2014-11-19] (EasyAntiCheat Ltd)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [4293632 2016-05-11] (SecureMix LLC)
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [191688 2016-05-25] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-04-05] (LogMeIn, Inc.)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [742368 2016-06-02] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4307704 2016-02-25] (INCA Internet Co., Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-30] (Electronic Arts)
S3 OVPNService; C:\Users\LOLSON\AppData\Local\TotalVPN\OVPN.Service.exe [20080 2016-06-28] ()
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-02-29] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2016-02-12] ()
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [913832 2016-06-21] (QIHU 360 SOFTWARE CO. LIMITED)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [151784 2016-06-03] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2016-02-01] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [77904 2016-06-21] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2016-06-21] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-05-18] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [370768 2016-06-03] (360.cn)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
S3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [110096 2016-04-26] (Advanced Micro Devices)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [182352 2016-06-03] (360.cn)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-06-25] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-06-25] (Symantec Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [66080 2016-06-02] ()
S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [70928 2016-05-25] (Multi Theft Auto)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2016-07-05] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2015-06-25] (FNet Co., Ltd.)
R3 G3GKB; C:\Windows\system32\drivers\G3GKB.sys [25600 2012-10-23] ( )
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33248 2015-05-29] (SecureMix LLC)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel  Corporation)
S3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-07] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2015-10-23] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42088 2015-06-04] (Anchorfree Inc.)
S3 UAExt; C:\Windows\System32\DRIVERS\UAExt.sys [81096 2015-08-31] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 usbser; C:\Windows\System32\drivers\usbser.sys [33280 2016-05-25] (Microsoft Corporation) [File not signed]
S3 uvhid; C:\Windows\System32\drivers\uvhid.sys [25592 2015-07-25] (Windows (R) Win 7 DDK provider)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2016-01-19] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation)
R0 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [195416 2015-11-05] (IDRIX)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 digitalpower; \SystemRoot\system32\drivers\digitalpower.sys [X]
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-07 15:52 - 2016-07-07 15:55 - 00035854 _____ C:\Users\LOLSON\Desktop\FRST.txt
2016-07-07 15:49 - 2016-07-07 15:43 - 02390016 _____ (Farbar) C:\Users\LOLSON\Desktop\FRST64.exe
2016-07-07 15:44 - 2016-07-07 15:52 - 00000000 ____D C:\FRST
2016-07-07 15:43 - 2016-07-07 15:43 - 02390016 _____ (Farbar) C:\Users\LOLSON\Downloads\FRST64.exe
2016-07-07 15:11 - 2016-07-07 15:11 - 00016148 _____ C:\WINDOWS\system32\LOLSON-PC_LOLSON_HistoryPrediction.bin
2016-07-07 02:11 - 2016-07-07 02:11 - 00000400 __RSH C:\ProgramData\ntuser.pol
2016-07-07 01:52 - 2016-07-07 01:52 - 00962828 _____ C:\Users\LOLSON\Downloads\Dblatt_Rollei_Actioncam_300_UK_14998.pdf
2016-07-07 01:52 - 2016-07-07 01:52 - 00241549 _____ C:\Users\LOLSON\Downloads\Poland_15006.pdf
2016-07-07 01:44 - 2016-07-07 01:50 - 07991656 _____ (Piriform Ltd) C:\Users\LOLSON\Downloads\ccsetup519.exe
2016-07-06 23:26 - 2016-07-06 23:26 - 00000000 _____ C:\Users\LOLSON\Desktop\x.bat
2016-07-06 23:12 - 2016-07-07 00:48 - 00000000 ____D C:\UWT
2016-07-06 23:11 - 2016-07-06 23:11 - 00106816 _____ C:\Users\LOLSON\Downloads\FixWin10.zip
2016-07-06 23:04 - 2016-07-06 23:04 - 00003236 _____ C:\WINDOWS\System32\Tasks\{45C61370-801D-4F65-B60C-B6F940C77F3C}
2016-07-06 15:55 - 2016-07-06 15:55 - 00053009 _____ C:\Users\LOLSON\Downloads\etykieta_2016-07-06_15-41-46.pdf
2016-07-06 15:08 - 2016-07-06 15:08 - 03887840 _____ (Husdawg, LLC) C:\Users\LOLSON\Downloads\Detection (1).exe
2016-07-06 15:07 - 2016-07-06 15:08 - 03887840 _____ (Husdawg, LLC) C:\Users\LOLSON\Downloads\Detection.exe
2016-07-06 01:50 - 2016-07-06 22:32 - 00000000 ____D C:\Users\LOLSON\Desktop\yamaha onboard
2016-07-06 01:22 - 2016-07-06 15:29 - 00000000 ____D C:\Users\LOLSON\Desktop\m
2016-07-05 15:05 - 2016-07-05 15:05 - 02541773 _____ C:\Users\LOLSON\Downloads\SJCAM_SJ5000_WIFI_20160224_V1.2.rar
2016-07-04 21:03 - 2016-07-07 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-07-04 21:03 - 2016-07-07 00:49 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-07-04 21:03 - 2016-07-04 21:03 - 03889464 _____ (Crystal Dew World ) C:\Users\LOLSON\Downloads\CrystalDiskInfo7_0_0-en.exe
2016-07-04 21:03 - 2016-07-04 21:03 - 00001277 _____ C:\Users\LOLSON\Desktop\CrystalDiskInfo.lnk
2016-07-03 17:44 - 2016-07-07 00:48 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-07-03 16:01 - 2016-07-03 17:41 - 330070928 _____ (AMD Inc.) C:\Users\LOLSON\Downloads\radeon-crimson-16.6.2-win10-64bit.exe
2016-07-03 02:15 - 2016-07-03 02:15 - 00000112 _____ C:\Users\LOLSON\Desktop\photo.php.url
2016-07-01 01:45 - 2016-07-01 01:47 - 00002449 _____ C:\Users\LOLSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-06-29 23:28 - 2016-07-07 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoVirusThanks
2016-06-29 23:28 - 2016-06-29 23:28 - 01998496 _____ (NoVirusThanks Company Srl ) C:\Users\LOLSON\Downloads\md5check_setup.exe
2016-06-29 23:28 - 2016-06-29 23:28 - 00000000 ____D C:\Program Files\NoVirusThanks
2016-06-29 23:27 - 2016-07-07 00:48 - 00000000 ____D C:\Users\LOLSON\Desktop\Windows Loader v2.2.2
2016-06-29 23:19 - 2016-06-29 23:19 - 06870016 _____ C:\Users\LOLSON\AppData\Roaming\agent.dat
2016-06-29 23:19 - 2016-06-29 23:19 - 00018432 _____ C:\Users\LOLSON\AppData\Roaming\Main.dat
2016-06-29 23:18 - 2016-06-29 23:18 - 00572588 _____ C:\Users\LOLSON\Downloads\W7z (2).zip
2016-06-29 23:18 - 2016-06-29 23:18 - 00128512 _____ C:\Users\LOLSON\AppData\Roaming\Installer.dat
2016-06-29 23:17 - 2016-07-07 00:49 - 00000000 ____D C:\Program Files (x86)\Reejoent
2016-06-29 23:17 - 2016-07-07 00:49 - 00000000 ____D C:\Program Files (x86)\Pholosp
2016-06-29 23:17 - 2016-06-30 03:25 - 00000000 ____D C:\Program Files (x86)\Coalery
2016-06-29 23:15 - 2016-06-29 23:15 - 00572588 _____ C:\Users\LOLSON\Downloads\W7z (1).zip
2016-06-29 22:41 - 2016-06-29 22:41 - 00572588 _____ C:\Users\LOLSON\Downloads\W7z.zip
2016-06-29 01:03 - 2016-06-29 01:03 - 00475870 _____ C:\Users\LOLSON\Downloads\6_2011_Korytkowski (1).pdf
2016-06-29 00:56 - 2016-06-29 00:56 - 00475870 _____ C:\Users\LOLSON\Downloads\6_2011_Korytkowski.pdf
2016-06-28 20:43 - 2016-06-28 20:43 - 00041768 _____ C:\Users\LOLSON\Desktop\sobola remix.veg
2016-06-28 01:06 - 2016-06-28 01:06 - 00580810 _____ C:\Users\LOLSON\Desktop\PanPetruczenko200.wav
2016-06-28 01:04 - 2016-06-28 01:04 - 00580846 _____ C:\Users\LOLSON\Desktop\PanPetruczenko.wav
2016-06-28 00:48 - 2016-06-28 00:48 - 01082416 _____ C:\Users\LOLSON\Desktop\Untitled.wav
2016-06-28 00:46 - 2016-06-28 00:46 - 01082404 _____ C:\Users\LOLSON\Desktop\jeb.wav
2016-06-27 21:30 - 2016-06-27 21:30 - 00000000 ____D C:\Users\LOLSON\Documents\Visual Studio 2005
2016-06-27 18:02 - 2016-06-27 18:02 - 00082426 _____ C:\Users\LOLSON\Downloads\etykieta_2016-06-27_17-48-39.pdf
2016-06-27 15:45 - 2016-06-27 15:45 - 00001224 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2016-06-27 15:45 - 2016-06-21 06:02 - 00330472 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2016-06-27 00:26 - 2016-06-27 00:27 - 12798936 _____ (GoldWave Inc.) C:\Users\LOLSON\Downloads\InstallGoldWave623.exe
2016-06-27 00:21 - 2016-07-06 23:23 - 00000000 ____D C:\Program Files (x86)\AV Media Player Morpher
2016-06-27 00:19 - 2016-06-27 00:20 - 33821736 _____ (AVSoft Corp. (VN)) C:\Users\LOLSON\Downloads\audio-editor-mpm.exe
2016-06-27 00:15 - 2016-06-27 00:16 - 00000000 ____D C:\Users\LOLSON\AppData\Local\Audacity
2016-06-27 00:14 - 2016-07-07 00:49 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-06-27 00:14 - 2016-06-27 00:14 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-06-27 00:14 - 2016-06-27 00:14 - 00001076 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-06-27 00:13 - 2016-06-27 00:14 - 26496761 _____ (Audacity Team ) C:\Users\LOLSON\Downloads\audacity-win-2.1.2.exe
2016-06-27 00:05 - 2015-09-01 21:43 - 73361964 _____ C:\Users\LOLSON\Desktop\norbert o kasce.wav
2016-06-27 00:03 - 2016-06-27 00:03 - 00000000 ____D C:\Users\LOLSON\AppData\Roaming\dBpoweramp
2016-06-26 23:50 - 2016-06-26 21:47 - 55459006 ____N C:\Users\LOLSON\Desktop\20160626_001.m4a
2016-06-26 22:35 - 2016-06-26 21:26 - 4286886084 _____ C:\Users\LOLSON\Desktop\2016_0626_205035_003.MOV
2016-06-26 05:56 - 2016-06-26 05:56 - 10809000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-06-26 05:56 - 2016-06-26 05:56 - 09893144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-06-26 05:56 - 2016-06-26 05:56 - 08951720 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-06-26 05:56 - 2016-06-26 05:56 - 08661312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-06-26 05:56 - 2016-06-26 05:56 - 07070576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-06-26 05:56 - 2016-06-26 05:56 - 00176840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-06-26 05:56 - 2016-06-26 05:56 - 00160792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-06-26 05:56 - 2016-06-26 05:56 - 00147240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-06-26 05:56 - 2016-06-26 05:56 - 00133808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-06-26 05:56 - 2016-06-26 05:56 - 00119744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-06-26 05:56 - 2016-06-26 05:56 - 00102032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-06-26 05:55 - 2016-06-26 05:55 - 08974608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-06-26 05:55 - 2016-06-26 05:55 - 08550888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-06-26 05:55 - 2016-06-26 05:55 - 06947072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-06-26 05:55 - 2016-06-26 05:55 - 01537512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-06-26 05:55 - 2016-06-26 05:55 - 01265208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-06-26 05:55 - 2016-06-26 05:55 - 00474992 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-06-26 05:55 - 2016-06-26 05:55 - 00151456 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-06-26 05:55 - 2016-06-26 05:55 - 00151456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-06-26 05:55 - 2016-06-26 05:55 - 00135288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-06-26 05:55 - 2016-06-26 05:55 - 00132664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-06-26 05:55 - 2016-06-26 05:55 - 00119744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-06-26 05:55 - 2016-06-26 05:55 - 00102040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-06-26 05:54 - 2016-06-26 05:54 - 00267288 _____ C:\WINDOWS\system32\GameManager64.dll
2016-06-26 05:54 - 2016-06-26 05:54 - 00260120 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-06-26 05:54 - 2016-06-26 05:54 - 00232472 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-06-26 05:54 - 2016-06-26 05:54 - 00225816 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-06-26 05:54 - 2016-06-26 05:54 - 00151064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-06-26 05:54 - 2016-06-26 05:54 - 00126480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-06-26 05:54 - 2016-06-26 05:54 - 00121880 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-06-26 05:54 - 2016-06-26 05:54 - 00100888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-06-26 05:53 - 2016-06-26 05:53 - 24844824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-06-26 05:53 - 2016-06-26 05:53 - 00874008 _____ (AMD) C:\WINDOWS\system32\coinst_16.20.dll
2016-06-26 05:53 - 2016-06-26 05:53 - 00341528 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-06-26 05:53 - 2016-06-26 05:53 - 00279064 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-06-26 05:53 - 2016-06-26 05:53 - 00261656 _____ C:\WINDOWS\system32\clinfo.exe
2016-06-26 05:53 - 2016-06-26 05:53 - 00128536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-06-26 05:53 - 2016-06-26 05:53 - 00110104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-06-26 05:53 - 2016-06-26 05:53 - 00059928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-06-26 05:53 - 2016-06-26 05:53 - 00012824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-06-26 05:53 - 2016-06-26 05:53 - 00012816 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-06-26 05:52 - 2016-06-26 05:52 - 27012624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-06-26 05:52 - 2016-06-26 05:52 - 15720464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-06-26 05:52 - 2016-06-26 05:52 - 00597016 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-06-26 05:52 - 2016-06-26 05:52 - 00506904 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-06-26 05:52 - 2016-06-26 05:52 - 00451096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-06-26 05:52 - 2016-06-26 05:52 - 00221208 _____ C:\WINDOWS\system32\atieah64.exe
2016-06-26 05:52 - 2016-06-26 05:52 - 00199192 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-06-26 05:52 - 2016-06-26 05:52 - 00194072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-06-26 05:52 - 2016-06-26 05:52 - 00167960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-06-26 05:52 - 2016-06-26 05:52 - 00115224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-06-26 05:52 - 2016-06-26 05:52 - 00102424 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-06-26 05:52 - 2016-06-26 05:52 - 00099864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-06-26 05:52 - 2016-06-26 05:52 - 00099864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-06-26 05:52 - 2016-06-26 05:52 - 00071192 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-06-26 05:52 - 2016-06-26 05:52 - 00060952 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-06-26 05:51 - 2016-06-26 05:51 - 48625688 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-06-26 05:51 - 2016-06-26 05:51 - 14311440 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-06-26 05:51 - 2016-06-26 05:51 - 08823832 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-06-26 05:51 - 2016-06-26 05:51 - 07068696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-06-26 05:51 - 2016-06-26 05:51 - 01315352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-06-26 05:51 - 2016-06-26 05:51 - 00983064 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-06-26 05:51 - 2016-06-26 05:51 - 00983064 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-06-26 05:51 - 2016-06-26 05:51 - 00394264 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-06-26 05:51 - 2016-06-26 05:51 - 00064528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-06-26 05:51 - 2016-06-26 05:51 - 00057880 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-06-26 05:51 - 2016-06-26 05:51 - 00052248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-06-26 05:50 - 2016-06-26 05:50 - 38107672 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-06-26 05:50 - 2016-06-26 05:50 - 21609496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-06-26 05:50 - 2016-06-26 05:50 - 06973976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-06-26 05:50 - 2016-06-26 05:50 - 05652504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-06-26 05:50 - 2016-06-26 05:50 - 00740888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-06-26 05:50 - 2016-06-26 05:50 - 00059416 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-06-26 05:50 - 2016-06-26 05:50 - 00047128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-06-26 05:49 - 2016-06-26 05:49 - 00616472 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-06-26 05:49 - 2016-06-26 05:49 - 00313760 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2016-06-26 05:49 - 2016-06-26 05:49 - 00239640 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-06-26 05:49 - 2016-06-26 05:49 - 00211480 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-06-26 05:49 - 2016-06-26 05:49 - 00193048 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-06-26 05:49 - 2016-06-26 05:49 - 00173080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-06-26 05:49 - 2016-06-26 05:49 - 00104984 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-06-26 05:49 - 2016-06-26 05:49 - 00095768 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-06-26 05:44 - 2016-06-26 05:44 - 30196760 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-06-26 05:44 - 2016-06-26 05:44 - 27442200 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-06-26 05:44 - 2016-06-26 05:44 - 00315416 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-06-26 05:44 - 2016-06-26 05:44 - 00283160 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-06-26 00:08 - 2016-06-26 00:08 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-06-26 00:08 - 2016-06-26 00:08 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-06-26 00:08 - 2016-06-26 00:08 - 00720104 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-06-26 00:08 - 2016-06-26 00:08 - 00720104 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-06-26 00:08 - 2016-06-26 00:08 - 00368416 _____ C:\WINDOWS\system32\ativvaxy_el_nd.dat
2016-06-26 00:08 - 2016-06-26 00:08 - 00322996 _____ C:\WINDOWS\system32\ativvaxy_vi.dat
2016-06-26 00:08 - 2016-06-26 00:08 - 00322736 _____ C:\WINDOWS\system32\ativvaxy_vi_nd.dat
2016-06-26 00:08 - 2016-06-26 00:08 - 00270784 _____ C:\WINDOWS\system32\ativvaxy_stn_nd.dat
2016-06-26 00:08 - 2016-06-26 00:08 - 00266688 _____ C:\WINDOWS\system32\ativvaxy_cz_nd.dat
2016-06-26 00:08 - 2016-06-26 00:08 - 00260852 _____ C:\WINDOWS\system32\ativvaxy_FJ.dat
2016-06-26 00:08 - 2016-06-26 00:08 - 00257872 _____ C:\WINDOWS\system32\ativvaxy_FJ_nd.dat
2016-06-26 00:08 - 2016-06-26 00:08 - 00177280 _____ C:\WINDOWS\system32\ativce03.dat
2016-06-26 00:07 - 2016-06-26 00:07 - 00875613 _____ C:\WINDOWS\system32\amdicdxx.dat
2016-06-26 00:07 - 2016-06-26 00:07 - 00175584 _____ C:\WINDOWS\system32\amde31a.dat
2016-06-26 00:07 - 2016-06-26 00:07 - 00166624 _____ C:\WINDOWS\system32\amde34b.dat
2016-06-26 00:07 - 2016-06-26 00:07 - 00166624 _____ C:\WINDOWS\system32\amde34a.dat
2016-06-26 00:07 - 2016-06-26 00:07 - 00012893 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2016-06-25 18:56 - 2016-06-25 18:56 - 00024726 _____ C:\Users\LOLSON\Downloads\statement_0354 20160607.pdf
2016-06-25 15:34 - 2016-06-14 19:32 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-25 15:34 - 2016-06-14 19:32 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-25 02:13 - 2016-06-25 02:13 - 00813288 _____ (Shark Labs) C:\Users\LOLSON\Downloads\CFSetup430.exe
2016-06-24 22:24 - 2016-06-26 00:40 - 00000307 _____ C:\Users\LOLSON\Desktop\HLSS 3.00.ini
2016-06-24 22:24 - 2016-06-24 01:35 - 00723456 _____ (None) C:\Users\LOLSON\Desktop\HLSS 3.00.exe
2016-06-24 22:23 - 2016-06-24 03:34 - 00333443 _____ C:\Users\LOLSON\Desktop\HLSS 3.0.zip
2016-06-24 03:34 - 2016-06-24 03:34 - 05405011 _____ C:\Users\LOLSON\Downloads\SLAM_v1.3.4.zip
2016-06-24 03:34 - 2016-06-24 03:34 - 00333443 _____ C:\Users\LOLSON\Downloads\HLSS 3.0.zip
2016-06-24 01:48 - 2016-07-06 23:01 - 00000000 ____D C:\Program Files\SpoonUninstall
2016-06-24 01:47 - 2016-07-06 23:23 - 00000000 ____D C:\Program Files\dBpoweramp
2016-06-24 01:46 - 2016-06-24 01:47 - 32577264 _____ C:\Users\LOLSON\Downloads\dMC-R16.0-Ref-Trial.exe
2016-06-24 01:37 - 2016-06-24 01:37 - 00000286 _____ C:\Users\LOLSON\Downloads\Komendy Bind.rar
2016-06-24 01:32 - 2016-06-24 01:33 - 01855692 _____ C:\Users\LOLSON\Downloads\hldj64_1.6.01_l4d2fix.zip
2016-06-24 01:06 - 2016-06-24 22:41 - 00000000 ____D C:\Users\LOLSON\Desktop\csgo bind
2016-06-24 01:05 - 2016-06-24 01:05 - 01872359 _____ C:\Users\LOLSON\Downloads\hldj64_1.7.0.zip
2016-06-24 00:58 - 2016-06-24 01:23 - 00000000 ____D C:\Users\LOLSON\AppData\Local\SLAM
2016-06-22 22:09 - 2016-06-22 22:09 - 00057058 _____ C:\Users\LOLSON\Downloads\45611570_F_50079469_05_16_F.pdf
2016-06-22 22:04 - 2016-06-22 22:04 - 00349452 _____ C:\Users\LOLSON\Downloads\45611570_F_50069806_10_15_F (1).pdf
2016-06-22 21:47 - 2016-06-22 21:47 - 00056271 _____ C:\Users\LOLSON\Downloads\45611570_F_50196349_06_16_F.pdf
2016-06-21 16:58 - 2016-06-21 16:58 - 31167346 _____ C:\Users\LOLSON\Downloads\GTAIV_spolszczenie (2).7z
2016-06-20 17:00 - 2016-06-20 17:00 - 01614151 _____ C:\Users\LOLSON\Downloads\Allegro_Paczkomaty_InPost_instrukcja_zamawiania_kuriera_i_nadawania_w_paczkomacie_003 (3).pdf
2016-06-20 16:47 - 2016-06-20 16:47 - 00082948 _____ C:\Users\LOLSON\Downloads\etykieta_2016-06-20_16-27-38 (1).pdf
2016-06-20 16:41 - 2016-06-20 16:41 - 00079498 _____ C:\Users\LOLSON\Downloads\etykieta_2016-06-20_16-28-27.pdf
2016-06-20 16:40 - 2016-06-20 16:40 - 00082948 _____ C:\Users\LOLSON\Downloads\etykieta_2016-06-20_16-27-38.pdf
2016-06-20 01:09 - 2016-06-20 01:09 - 01106840 _____ (Unity Technologies ApS) C:\Users\LOLSON\Downloads\UnityWebPlayer64.exe
2016-06-20 01:09 - 2016-06-20 01:09 - 00000000 ____D C:\Program Files\Unity
2016-06-20 01:08 - 2016-06-20 01:08 - 00002071 _____ C:\Users\LOLSON\Desktop\TotalVPN.lnk
2016-06-20 01:07 - 2016-07-07 00:48 - 00000000 ____D C:\Users\LOLSON\AppData\Local\TotalVPN
2016-06-20 01:07 - 2016-06-20 01:07 - 06717328 _____ C:\Users\LOLSON\Downloads\TotalVPN.exe
2016-06-20 01:07 - 2016-06-20 01:07 - 00002079 _____ C:\Users\LOLSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalVPN.lnk
2016-06-19 16:44 - 2016-06-19 16:44 - 00001060 _____ C:\Users\Public\Desktop\HiSuite.lnk
2016-06-19 16:44 - 2016-06-19 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2016-06-19 16:44 - 2016-06-19 16:44 - 00000000 ____D C:\ProgramData\HiSuiteOuc
2016-06-19 16:44 - 2016-06-19 16:44 - 00000000 ____D C:\ProgramData\HandSetService
2016-06-19 16:44 - 2016-05-25 12:53 - 00287232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbnet.sys
2016-06-19 16:44 - 2016-05-25 12:53 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbmdm.sys
2016-06-19 16:44 - 2016-05-25 12:53 - 00126592 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_cdcacm.sys
2016-06-19 16:44 - 2016-05-25 12:53 - 00116864 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbdev.sys
2016-06-19 16:44 - 2016-05-25 12:53 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-06-19 16:44 - 2016-05-25 12:53 - 00018816 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbccgpfilter.sys
2016-06-19 16:42 - 2016-06-19 16:43 - 25955389 _____ C:\Users\LOLSON\Downloads\Hisuite_4.0.5.300.rar
2016-06-18 23:51 - 2016-06-19 00:43 - 1689573992 _____ C:\Users\LOLSON\Downloads\Huawei_P8_Firmware_GRA-L09_Android 6.0_EMUI4.0_C432B321a.zip
2016-06-17 16:35 - 2016-06-17 16:35 - 00055514 _____ C:\Users\LOLSON\Downloads\SHU_1jnX6A.jpeg
2016-06-17 01:01 - 2016-06-17 01:01 - 00278393 _____ C:\Users\LOLSON\Downloads\S-A1-132.pdf
2016-06-17 00:52 - 2016-06-17 00:52 - 00285083 _____ C:\Users\LOLSON\Downloads\GA-RY1-162.pdf
2016-06-17 00:47 - 2016-06-17 00:47 - 00555118 _____ C:\Users\LOLSON\Downloads\GM-PY1-162.pdf
2016-06-17 00:44 - 2016-06-17 00:44 - 00291864 _____ C:\Users\LOLSON\Downloads\GM-MX1-162.pdf
2016-06-17 00:44 - 2016-06-17 00:44 - 00252788 _____ C:\Users\LOLSON\Downloads\GH-PX1-162 (1).pdf
2016-06-17 00:36 - 2016-06-17 00:36 - 00252788 _____ C:\Users\LOLSON\Downloads\GH-PX1-162.pdf
2016-06-16 22:47 - 2016-06-16 22:47 - 00634543 _____ C:\Users\LOLSON\Downloads\A3240-Datasheet.pdf
2016-06-16 14:26 - 2016-05-28 07:02 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-06-16 14:26 - 2016-05-28 07:02 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-16 14:26 - 2016-05-28 07:02 - 01314496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-16 14:26 - 2016-05-28 07:02 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-16 14:26 - 2016-05-28 07:02 - 00432360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-16 14:26 - 2016-05-28 07:02 - 00421536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-16 14:26 - 2016-05-28 07:02 - 00158048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-16 14:26 - 2016-05-28 07:02 - 00113144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-16 14:26 - 2016-05-28 07:00 - 02543784 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-16 14:26 - 2016-05-28 07:00 - 01591304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-16 14:26 - 2016-05-28 07:00 - 00327520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-16 14:26 - 2016-05-28 07:00 - 00203496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-06-16 14:26 - 2016-05-28 06:59 - 00363872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-16 14:26 - 2016-05-28 06:59 - 00131208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-16 14:26 - 2016-05-28 06:54 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-16 14:26 - 2016-05-28 06:53 - 03625416 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-16 14:26 - 2016-05-28 06:53 - 00026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2016-06-16 14:26 - 2016-05-28 06:52 - 22326760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-16 14:26 - 2016-05-28 06:47 - 00613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-16 14:26 - 2016-05-28 06:47 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-16 14:26 - 2016-05-28 06:39 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-16 14:26 - 2016-05-28 06:39 - 01365584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-16 14:26 - 2016-05-28 06:39 - 00952968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-16 14:26 - 2016-05-28 06:39 - 00365128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-16 14:26 - 2016-05-28 06:38 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-06-16 14:26 - 2016-05-28 06:38 - 00372368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-16 14:26 - 2016-05-28 06:38 - 00306528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-16 14:26 - 2016-05-28 06:38 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-16 14:26 - 2016-05-28 06:35 - 02188472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-16 14:26 - 2016-05-28 06:35 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-06-16 14:26 - 2016-05-28 06:35 - 00112632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-16 14:26 - 2016-05-28 06:28 - 00467296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-16 14:26 - 2016-05-28 06:27 - 20861984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-06-16 14:26 - 2016-05-28 06:27 - 02880560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-16 14:26 - 2016-05-28 06:21 - 00545400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-16 14:26 - 2016-05-28 06:21 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-16 14:26 - 2016-05-28 06:11 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-06-16 14:26 - 2016-05-28 06:10 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-06-16 14:26 - 2016-05-28 06:10 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-16 14:26 - 2016-05-28 06:09 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-16 14:26 - 2016-05-28 06:08 - 21860352 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-16 14:26 - 2016-05-28 06:07 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-16 14:26 - 2016-05-28 06:00 - 01336832 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-16 14:26 - 2016-05-28 05:58 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-16 14:26 - 2016-05-28 05:58 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-16 14:26 - 2016-05-28 05:58 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-16 14:26 - 2016-05-28 05:58 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-06-16 14:26 - 2016-05-28 05:57 - 06788096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-16 14:26 - 2016-05-28 05:57 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-16 14:26 - 2016-05-28 05:56 - 12511232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-16 14:26 - 2016-05-28 05:54 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-16 14:26 - 2016-05-28 05:54 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-16 14:26 - 2016-05-28 05:54 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-06-16 14:26 - 2016-05-28 05:53 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-16 14:26 - 2016-05-28 05:53 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-16 14:26 - 2016-05-28 05:52 - 02663424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-16 14:26 - 2016-05-28 05:51 - 02848256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-16 14:26 - 2016-05-28 05:51 - 02119680 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-16 14:26 - 2016-05-28 05:51 - 01603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-16 14:26 - 2016-05-28 05:50 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-16 14:26 - 2016-05-28 05:50 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-16 14:26 - 2016-05-28 05:50 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-16 14:26 - 2016-05-28 05:49 - 19330560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-16 14:26 - 2016-05-28 05:48 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2016-06-16 14:26 - 2016-05-28 05:47 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-16 14:26 - 2016-05-28 05:47 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2016-06-16 14:26 - 2016-05-28 05:45 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-16 14:26 - 2016-05-28 05:45 - 03584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-16 14:26 - 2016-05-28 05:44 - 04793344 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-16 14:26 - 2016-05-28 05:44 - 01381376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-16 14:26 - 2016-05-28 05:44 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-16 14:26 - 2016-05-28 05:44 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-16 14:26 - 2016-05-28 05:43 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-16 14:26 - 2016-05-28 05:41 - 05160960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-16 14:26 - 2016-05-28 05:41 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-16 14:26 - 2016-05-28 05:40 - 18797568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-16 14:26 - 2016-05-28 05:40 - 00672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-06-16 14:26 - 2016-05-28 05:39 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-16 14:26 - 2016-05-28 05:39 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-06-16 14:26 - 2016-05-28 05:38 - 01821696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-16 14:26 - 2016-05-28 05:38 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-16 14:26 - 2016-05-28 05:38 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-16 14:26 - 2016-05-28 05:37 - 02315776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-16 14:26 - 2016-05-28 05:36 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-16 14:26 - 2016-05-28 05:35 - 02042368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-16 14:26 - 2016-05-28 05:35 - 00679936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-16 14:26 - 2016-05-28 05:35 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-06-16 14:26 - 2016-05-28 05:35 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-16 14:26 - 2016-05-28 05:35 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-16 14:26 - 2016-05-28 05:33 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-06-16 14:26 - 2016-05-28 05:32 - 03580928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-16 14:26 - 2016-05-28 05:32 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2016-06-16 14:26 - 2016-05-28 05:31 - 11268096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-16 14:26 - 2016-05-28 05:30 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-16 14:26 - 2016-05-28 05:29 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-16 14:26 - 2016-05-28 05:29 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-16 14:26 - 2016-05-28 05:25 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-06-16 13:28 - 2016-07-07 00:48 - 00000000 ____D C:\Users\LOLSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome
2016-06-16 13:26 - 2016-07-07 01:31 - 00002280 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-16 13:26 - 2016-06-29 23:20 - 00002286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-16 13:25 - 2016-06-16 13:25 - 00987728 _____ (Google Inc.) C:\Users\LOLSON\Downloads\ChromeSetup (1).exe
2016-06-16 12:37 - 2016-06-16 12:21 - 20179544 ____N C:\Users\LOLSON\Desktop\VID_20160616_122126.mp4
2016-06-16 00:10 - 2016-06-16 00:54 - 00000000 ____D C:\Users\LOLSON\Desktop\sprzedam inne
2016-06-15 19:03 - 2016-06-22 23:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-15 18:31 - 2016-06-15 18:31 - 01859224 _____ (Malwarebytes ) C:\Users\LOLSON\Downloads\mbae-setup-1.08.1.1196.exe
2016-06-15 15:09 - 2016-06-15 15:09 - 01925517 _____ C:\Users\LOLSON\Downloads\cwget237.zip
2016-06-15 12:53 - 2016-06-15 12:53 - 02064884 _____ C:\Users\LOLSON\Downloads\instrukcja-MP (1).pdf
2016-06-15 12:53 - 2016-06-15 12:53 - 00042250 _____ C:\Users\LOLSON\Downloads\etykieta_2016-06-15_12-40-49.pdf
2016-06-15 12:52 - 2016-06-15 12:52 - 02064884 _____ C:\Users\LOLSON\Downloads\instrukcja-MP.pdf
2016-06-15 12:50 - 2016-06-15 12:50 - 00059680 _____ C:\Users\LOLSON\Downloads\easypack_dispatch_order_printout_2016-06-15_12-37-17.pdf
2016-06-15 12:49 - 2016-06-15 12:49 - 00042232 _____ C:\Users\LOLSON\Downloads\etykieta_2016-06-15_12-36-52.pdf
2016-06-14 20:02 - 2016-06-14 20:02 - 00029255 _____ C:\Users\LOLSON\Desktop\ArduinoPilot.jar
2016-06-12 21:58 - 2016-06-12 21:57 - 00116736 _____ (NirSoft) C:\WINDOWS\nircmd.exe
2016-06-12 21:57 - 2016-06-12 21:57 - 00153986 _____ C:\Users\LOLSON\Downloads\nircmd-x64.zip
2016-06-12 14:52 - 2016-06-12 14:52 - 00000000 ____D C:\Users\LOLSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360 Security Center
2016-06-12 14:52 - 2016-06-03 08:16 - 00370768 _____ (360.cn) C:\WINDOWS\system32\Drivers\360fsflt.sys
2016-06-12 14:52 - 2016-06-03 08:16 - 00182352 _____ (360.cn) C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
2016-06-12 14:52 - 2016-06-03 08:16 - 00151784 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
2016-06-11 22:08 - 2016-06-11 22:08 - 00249340 _____ C:\Users\LOLSON\Downloads\SHU_KXMoLL.jpeg
2016-06-11 22:08 - 2016-06-11 22:08 - 00249340 _____ C:\Users\LOLSON\Downloads\SHU_KXMoLL (1).jpeg
2016-06-10 21:23 - 2014-01-24 16:27 - 00153562 _____ C:\Users\LOLSON\Desktop\jssc.jar
2016-06-10 21:22 - 2016-06-10 21:22 - 00284209 _____ C:\Users\LOLSON\Downloads\jSSC-2.8.0-Release.zip
2016-06-10 20:24 - 2016-06-10 20:24 - 00574557 _____ C:\Users\LOLSON\Downloads\pobrane (7).htm
2016-06-10 17:28 - 2016-07-06 23:03 - 00000000 ____D C:\Users\LOLSON\AppData\Local\Bongiovi_Acoustics
2016-06-10 17:27 - 2016-07-06 23:03 - 00000000 ____D C:\ProgramData\Bongiovi Acoustics
2016-06-10 17:26 - 2016-06-10 17:26 - 06759564 _____ C:\Users\LOLSON\Downloads\Bongiovi_DPS_Win_2.0.1.8.zip
2016-06-09 19:22 - 2016-06-09 19:22 - 00630294 _____ C:\Users\LOLSON\Downloads\pobrane (6).htm
2016-06-09 16:29 - 2016-06-09 16:29 - 00016466 _____ C:\Users\LOLSON\Downloads\Informacje od sprzedającego (1).pdf
2016-06-08 22:13 - 2016-06-08 22:13 - 00128000 _____ C:\Users\LOLSON\Downloads\rxtxSerial.dll
2016-06-08 22:13 - 2016-06-08 22:13 - 00060866 _____ C:\Users\LOLSON\Downloads\RXTXcomm.jar
2016-06-08 21:53 - 2016-06-08 21:53 - 00000000 ____D C:\Users\LOLSON\.jmc
2016-06-08 21:44 - 2016-06-08 21:44 - 00000715 _____ C:\Users\LOLSON\Desktop\eclipse.exe.lnk
2016-06-08 21:40 - 2016-06-08 21:40 - 00610316 _____ C:\Users\LOLSON\Downloads\rxtx-2.1-7-bins-r2.zip
2016-06-07 23:42 - 2016-06-29 00:31 - 00000000 ____D C:\Users\LOLSON\Desktop\tzr
2016-06-07 22:01 - 2016-06-07 22:01 - 00001970 _____ C:\Users\Public\Desktop\GlassWire.lnk
2016-06-07 22:01 - 2016-06-07 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire
2016-06-07 22:00 - 2015-05-29 06:30 - 00008657 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat
2016-06-07 22:00 - 2015-05-29 06:15 - 00033248 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys
2016-06-07 21:52 - 2016-06-07 22:01 - 00000000 ____D C:\Program Files (x86)\GlassWire
2016-06-07 20:56 - 2016-06-07 21:51 - 30221368 _____ (SecureMix LLC) C:\Users\LOLSON\Downloads\GlassWireSetup (4).exe
2016-06-07 18:45 - 2016-06-07 18:45 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-06-07 18:45 - 2016-06-07 18:45 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-07 15:55 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-07 15:53 - 2015-06-25 16:34 - 00000000 ____D C:\Users\LOLSON\AppData\LocalLow\360WD
2016-07-07 15:49 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-07 15:41 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-07 15:41 - 2015-06-27 21:36 - 00000000 ____D C:\Users\LOLSON\AppData\Local\CrashDumps
2016-07-07 15:33 - 2015-06-25 23:16 - 00000000 ____D C:\Users\LOLSON\AppData\Local\screenSHU
2016-07-07 15:30 - 2015-06-25 16:42 - 00000000 ____D C:\Users\LOLSON\AppData\Roaming\Skype
2016-07-07 15:28 - 2015-07-27 21:58 - 00007638 _____ C:\Users\LOLSON\AppData\Local\Resmon.ResmonCfg
2016-07-07 15:28 - 2015-06-25 21:58 - 00000000 __SHD C:\ProgramData\360Quarant
2016-07-07 15:28 - 2015-06-25 21:58 - 00000000 __SHD C:\$360Section
2016-07-07 15:28 - 2015-06-25 16:34 - 00000000 ____D C:\ProgramData\360safe
2016-07-07 15:12 - 2015-06-25 16:33 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-07 02:26 - 2016-01-08 21:42 - 00000000 ____D C:\Users\LOLSON\Desktop\Obróbka wideo-audio-foto
2016-07-07 01:51 - 2016-01-09 03:31 - 00000000 ____D C:\Users\test123
2016-07-07 01:51 - 2015-10-29 23:19 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-07-07 01:29 - 2016-05-10 23:08 - 00001072 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12e0f6c75f034.job
2016-07-07 01:25 - 2015-11-25 21:17 - 00000091 _____ C:\HaxLogs.txt
2016-07-07 01:25 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-07 00:52 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-07-07 00:49 - 2016-03-15 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-07-07 00:49 - 2016-01-09 16:13 - 00000000 ____D C:\Users\LOLSON\.android
2016-07-07 00:49 - 2015-11-18 17:33 - 00000000 ____D C:\ProgramData\IObit
2016-07-07 00:49 - 2015-09-08 17:39 - 00000000 ____D C:\Users\LOLSON\AppData\Local\Microsoft Help
2016-07-07 00:49 - 2015-08-06 17:43 - 00000000 ____D C:\Program Files\AMD
2016-07-07 00:49 - 2015-07-21 15:21 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-07-07 00:49 - 2015-06-27 23:49 - 00000000 ____D C:\Users\LOLSON\AppData\Local\Eclipse
2016-07-07 00:49 - 2015-06-25 23:12 - 00000000 ____D C:\ProgramData\Origin
2016-07-07 00:49 - 2015-06-25 23:12 - 00000000 ____D C:\Program Files (x86)\Origin
2016-07-07 00:49 - 2015-06-25 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-07-07 00:49 - 2015-06-25 17:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-07-07 00:49 - 2015-06-25 16:36 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-07 00:49 - 2015-06-25 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2016-07-07 00:49 - 2015-06-25 16:19 - 00000000 ____D C:\ProgramData\FNET
2016-07-07 00:48 - 2016-01-24 00:59 - 00000000 ____D C:\Users\LOLSON\AppData\Roaming\ipla
2016-07-07 00:48 - 2015-11-18 17:34 - 00000000 ____D C:\Users\LOLSON\AppData\LocalLow\IObit
2016-07-07 00:48 - 2015-11-18 17:33 - 00000000 ____D C:\Users\LOLSON\AppData\Roaming\IObit
2016-07-07 00:48 - 2015-08-28 15:50 - 00000000 ____D C:\Users\LOLSON\AppData\Roaming\Audacity
2016-07-07 00:48 - 2015-08-06 22:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-07 00:48 - 2015-07-13 01:34 - 00000000 ____D C:\Users\LOLSON\AppData\Roaming\GHISLER
2016-07-07 00:48 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-07-07 00:48 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-07-07 00:48 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-07-07 00:48 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2016-07-07 00:48 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Globalization
2016-07-07 00:48 - 2015-07-10 13:02 - 00000000 ____D C:\WINDOWS\INF
2016-07-07 00:48 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-07-07 00:48 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\servicing
2016-07-07 00:48 - 2015-06-28 21:06 - 00000000 ____D C:\Users\LOLSON\AppData\Roaming\BitTorrent
2016-07-07 00:48 - 2015-06-25 19:49 - 00000000 ____D C:\Users\LOLSON\Desktop\Tor Browser
2016-07-07 00:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\registration
2016-07-06 23:24 - 2015-06-25 17:03 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-07-06 23:23 - 2015-11-22 01:17 - 00000000 ____D C:\Program Files\Unlocker
2016-07-06 23:23 - 2015-11-18 17:33 - 00000000 ____D C:\Program Files (x86)\IObit
2016-07-06 23:20 - 2015-06-25 23:20 - 00000000 ____D C:\Users\LOLSON\AppData\Roaming\GG
2016-07-06 23:05 - 2016-01-24 00:59 - 00000000 ____D C:\Program Files (x86)\ipla
2016-07-06 22:55 - 2016-03-15 17:27 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-07-06 22:55 - 2015-06-29 22:54 - 00000000 ____D C:\Program Files (x86)\Git
2016-07-06 22:42 - 2015-06-25 16:34 - 00000000 _RSHD C:\360SANDBOX
2016-07-06 22:31 - 2015-12-29 23:14 - 00000000 ____D C:\Users\LOLSON\Documents\HiSuite
2016-07-06 19:56 - 2015-12-13 20:09 - 00004214 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{90846B82-4F5A-4415-9198-32A9920B486B}
2016-07-06 00:50 - 2016-03-25 15:21 - 00000000 ____D C:\Users\LOLSON\Desktop\ARCHIWUM
2016-07-06 00:40 - 2015-08-28 15:23 - 00000000 ____D C:\Users\LOLSON\Documents\Bandicam
2016-07-05 21:41 - 2015-08-06 22:45 - 00891932 _____ C:\WINDOWS\system32\perfh015.dat
2016-07-05 21:41 - 2015-08-06 22:45 - 00190116 _____ C:\WINDOWS\system32\perfc015.dat
2016-07-05 21:41 - 2015-08-06 17:46 - 02100392 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-05 15:16 - 2015-07-09 18:47 - 00032320 ____N (FNet Co., Ltd.) C:\WINDOWS\system32\Drivers\FNETTBOH_305.SYS
2016-07-05 02:30 - 2015-08-06 17:46 - 00000000 ____D C:\Users\LOLSON
2016-07-05 00:01 - 2015-08-08 21:11 - 00000000 ____D C:\Users\DefaultAppPool
2016-07-04 16:59 - 2016-06-06 19:49 - 05010280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-03 17:59 - 2016-03-15 17:29 - 00004296 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2016-07-03 17:45 - 2016-04-25 17:17 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-03 17:43 - 2015-10-27 22:29 - 00000000 ____D C:\Users\LOLSON\AppData\Local\AMD
2016-07-03 17:42 - 2015-06-25 17:02 - 00000000 ____D C:\AMD
2016-07-02 15:09 - 2015-12-17 17:08 - 00000000 ____D C:\Users\LOLSON\Desktop\Ciekawe nuty
2016-07-02 14:50 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-07-02 02:51 - 2016-06-01 21:27 - 00000992 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-01 22:43 - 2015-06-25 16:45 - 00000000 ____D C:\Users\LOLSON\AppData\Roaming\360safe
2016-07-01 02:07 - 2015-06-25 20:02 - 00000000 ____D C:\Users\LOLSON\Desktop\workspace
2016-07-01 01:53 - 2015-08-18 00:41 - 00000000 ____D C:\Users\LOLSON\.p2
2016-07-01 01:46 - 2015-08-06 22:27 - 00000000 ___RD C:\Users\LOLSON\OneDrive
2016-06-30 03:08 - 2016-04-24 00:48 - 00000000 ____D C:\Users\LOLSON\Desktop\gry
2016-06-29 23:26 - 2016-04-24 13:29 - 00000000 ____D C:\Users\LOLSON\AppData\LocalLow\BitTorrent
2016-06-29 23:21 - 2015-06-25 16:14 - 00003118 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2016-06-29 23:21 - 2015-06-25 16:14 - 00002870 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2016-06-29 23:20 - 2015-08-30 21:31 - 00001017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-28 01:08 - 2016-03-17 22:29 - 00000000 ____D C:\Users\LOLSON\Desktop\sobolka
2016-06-25 15:32 - 2015-07-21 17:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-25 15:23 - 2015-06-25 16:54 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-25 02:13 - 2015-09-15 20:45 - 00001970 _____ C:\Users\Public\Desktop\Clownfish.lnk
2016-06-25 01:41 - 2015-08-28 09:43 - 00000000 ____D C:\Users\LOLSON\AppData\Roaming\TS3Client
2016-06-25 00:51 - 2015-08-28 09:43 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-06-24 00:51 - 2015-06-27 16:02 - 00000000 ____D C:\Users\LOLSON\AppData\Local\ElevatedDiagnostics
2016-06-21 19:58 - 2016-04-22 19:21 - 00000000 ____D C:\Program Files\MSI Kombustor 3
2016-06-21 06:02 - 2015-12-15 16:11 - 00077904 _____ (360.cn) C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys
2016-06-19 16:46 - 2015-11-22 16:29 - 00000000 ____D C:\Users\LOLSON\AppData\Roaming\TeamViewer
2016-06-19 16:46 - 2015-08-06 17:46 - 02118082 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-06-19 16:44 - 2015-12-29 23:13 - 00000000 ____D C:\Program Files (x86)\HiSuite
2016-06-19 00:11 - 2016-04-26 21:19 - 00000000 ____D C:\Users\LOLSON\Desktop\sprzedam
2016-06-17 17:28 - 2016-01-05 19:02 - 00000000 ____D C:\Users\LOLSON\Documents\Arduino
2016-06-17 17:28 - 2016-01-05 19:02 - 00000000 ____D C:\Users\LOLSON\AppData\Local\Arduino15
2016-06-16 13:26 - 2015-06-25 16:25 - 00000000 ____D C:\Users\LOLSON\AppData\Local\Google
2016-06-16 13:26 - 2015-06-25 16:25 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-16 11:37 - 2015-08-30 21:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-08 21:53 - 2015-08-18 00:41 - 00000000 ____D C:\Users\LOLSON\.eclipse
2016-06-08 17:28 - 2015-07-26 00:19 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-06-08 17:28 - 2015-07-25 01:02 - 00000000 ____D C:\Program Files\Rockstar Games

==================== Files in the root of some directories =======

2015-08-06 23:07 - 2015-08-06 23:07 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD
2016-06-29 23:19 - 2016-06-29 23:19 - 6870016 _____ () C:\Users\LOLSON\AppData\Roaming\agent.dat
2016-06-29 23:18 - 2016-06-29 23:18 - 0128512 _____ () C:\Users\LOLSON\AppData\Roaming\Installer.dat
2016-06-29 23:19 - 2016-06-29 23:19 - 0018432 _____ () C:\Users\LOLSON\AppData\Roaming\Main.dat
2015-09-18 23:45 - 2015-09-18 23:46 - 212809145 _____ () C:\Users\LOLSON\AppData\Local\ACCCx3_2_0_129.zip.aamdownload
2015-09-18 23:45 - 2015-09-18 23:46 - 0002489 _____ () C:\Users\LOLSON\AppData\Local\ACCCx3_2_0_129.zip.aamdownload.aamd
2015-07-14 21:55 - 2016-03-04 22:55 - 0004608 _____ () C:\Users\LOLSON\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-13 15:21 - 2016-02-13 15:21 - 0000094 _____ () C:\Users\LOLSON\AppData\Local\fusioncache.dat
2015-07-11 01:03 - 2015-07-29 17:29 - 0000600 _____ () C:\Users\LOLSON\AppData\Local\PUTTY.RND
2016-03-29 21:55 - 2016-03-29 21:55 - 0003012 _____ () C:\Users\LOLSON\AppData\Local\recently-used.xbel
2015-07-27 21:58 - 2016-07-07 15:28 - 0007638 _____ () C:\Users\LOLSON\AppData\Local\Resmon.ResmonCfg
2015-06-25 16:19 - 2015-06-25 16:19 - 0000003 _____ () C:\Users\LOLSON\AppData\Local\user_data.ini
2015-07-14 21:53 - 2015-07-14 21:53 - 0005097 _____ () C:\ProgramData\hsqvmxbo.uxh
2015-08-31 13:31 - 2015-08-31 14:08 - 0000024 _____ () C:\ProgramData\SSSAudioEQAndMicData.dat

Files to move or delete:
====================
C:\ProgramData\SSSAudioEQAndMicData.dat


Some files in TEMP:
====================
C:\Users\LOLSON\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\LOLSON\AppData\Local\Temp\GotClip_Setup.exe
C:\Users\LOLSON\AppData\Local\Temp\GTA_V_Launcher_1_0_757_3.exe
C:\Users\LOLSON\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.1-10-g8688bd4-b3092jnks.dll
C:\Users\LOLSON\AppData\Local\Temp\raptrpatch.exe
C:\Users\LOLSON\AppData\Local\Temp\raptr_stub.exe
C:\Users\LOLSON\AppData\Local\Temp\sfamcc00001.dll
C:\Users\LOLSON\AppData\Local\Temp\sfamcc00002.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-27 17:10

==================== End of FRST.txt ============================

 

Addition

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by LOLSON (2016-07-07 15:57:32)
Running from C:\Users\LOLSON\Desktop
Windows 10 Pro (X64) (2015-08-06 20:21:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3785322865-679390889-3198924132-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3785322865-679390889-3198924132-1009 - Limited - Enabled)
DefaultAccount (S-1-5-21-3785322865-679390889-3198924132-503 - Limited - Disabled)
Guest (S-1-5-21-3785322865-679390889-3198924132-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3785322865-679390889-3198924132-1002 - Limited - Enabled)
LOLSON (S-1-5-21-3785322865-679390889-3198924132-1000 - Administrator - Enabled) => C:\Users\LOLSON
test123 (S-1-5-21-3785322865-679390889-3198924132-1008 - Limited - Enabled) => C:\Users\test123

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 8.6.0.1133 - 360 Security Center)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.29.0 - Mirillis)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.0.1 - Adobe Systems Incorporated)
Advanced Mouse Auto Clicker 4.1.2 (HKLM-x32\...\{ABB3A44C-97D0-466E-A0E8-562FAEBEF689}_is1) (Version:  - Advanced Mouse Auto Clicker Ltd.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.7 - Arduino LLC)
ASRock RapidStart v1.0.6 (HKLM\...\ASRock RapidStart_is1) (Version:  - ASRock Inc.)
ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version:  - ASRock Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.1.731 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
BitTorrent (HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
BitTorrent (HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
Camtasia Studio 8 (HKLM-x32\...\{72144B9D-58C4-4C09-A5CF-C6A914B912E8}) (Version: 8.0.0.878 - TechSmith Corporation)
Catalyst Control Center Next Localization BR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Chrome Remote Desktop Host (HKLM-x32\...\{95EB2FCC-AE0B-40E9-B804-347C6358923B}) (Version: 51.0.2704.7 - Google Inc.)
CL-Eye Driver (HKLM-x32\...\CL-Eye Driver) (Version: 5.3.0.0341 - Code Laboratories, Inc.)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Counter-Strike 1.6 v43 (HKLM-x32\...\{1BD2212B-8287-4F33-A6DC-903D423AB814}_is1) (Version: v43 - CSSetti.pl)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crysis (HKLM-x32\...\{E70E73B2-DABD-40E4-AE50-81B22567F418}) (Version: 1.1.1.6115 - Electronic Arts)
Crysis Warhead(R) (HKLM-x32\...\{D4383AEC-4AA1-4CA6-9EC7-88FD8268186C}) (Version: 1.1.1.711 - Electronic Arts, Inc.)
Crysis Wars(R) (HKLM-x32\...\Crysis Wars(R)) (Version:  - Electronic Arts)
Crysis Wars(R) (x32 Version: 1.0 - Crytek) Hidden
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 Digital Deluxe Edition Content (HKLM-x32\...\{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}) (Version: 1.0.0.0 - Electronic Arts)
CrystalDiskInfo 7.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.0 - Crystal Dew World)
DriverTools 1.0 (HKLM-x32\...\DriverTools) (Version: 1.0 - Huawei Technologies Co.,Ltd)
EasyBCD 2.3 (HKLM-x32\...\EasyBCD) (Version: 2.3 - NeoSmart Technologies)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
Firefighters 2014 (HKLM-x32\...\Firefighters 2014_is1) (Version:  - )
Gameforge Live 2.0.10 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.10 - Gameforge)
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GG (HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\GG) (Version: 12 - GG Network S.A.)
GG (HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GG) (Version: 12 - GG Network S.A.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GlassWire 1.2 (remove only) (HKLM-x32\...\GlassWire 1.2) (Version: 1.2.1064 - SecureMix LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
GRID Autosport (HKLM-x32\...\Steam App 255220) (Version:  - Codemasters Racing)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Daybreak Games)
Hacker Evolution - Untold (HKLM-x32\...\Steam App 70110) (Version:  - exosyphen studios)
Hacker Evolution (HKLM-x32\...\Steam App 70100) (Version:  - exosyphen studios)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Icy Tower v1.5.1 (HKLM-x32\...\Icy Tower v1.5.1_is1) (Version:  - Free Lunch Design)
IdleMaster (HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster)
IdleMaster (HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 8 Update 66 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180660}) (Version: 8.0.660.18 - Oracle Corporation)
LOBERA Gaming Keyboard (HKLM-x32\...\{738DB52B-4CA6-4E81-B482-03F90EB8EE4C}}_is1) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.422 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.422 - LogMeIn, Inc.) Hidden
Lost Planet 3 (HKLM-x32\...\Steam App 226720) (Version:  - Spark Unlimited)
Łatka polonizacyjna GTA IV v1.0 (HKLM-x32\...\Łatka polonizacyjna GTA IV v1.0) (Version: 1.0 - GTAPOLSKA.PL)
Malwarebytes Anti-Exploit version 1.8.1.2563 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.2563 - Malwarebytes)
Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Metin2 (HKLM-x32\...\Metin2_PL_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)
Mozilla Firefox 41.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0 (x86 en-US)) (Version: 41.0 - Mozilla)
Mozilla Firefox 47.0 (x64 pl) (HKLM\...\Mozilla Firefox 47.0 (x64 pl)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSI Kombustor 3.5.1 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
MTA:SA v1.5.2 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.2 - Multi Theft Auto)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9 - Notepad++ Team)
NoVirusThanks MD5 Checksum Tool v4.1 (HKLM\...\NoVirusThanks MD5 Checksum Tool_is1) (Version: 4.1.0.0 - NoVirusThanks Company Srl)
Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Linspire Inc.)
Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
OpenIV (HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\OpenIV) (Version: 2.6.4.646 - .black/OpenIV Team)
OpenIV (HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OpenIV) (Version: 2.6.4.646 - .black/OpenIV Team)
Oracle VM VirtualBox 5.0.14 (HKLM\...\{82022940-639B-48A3-86D9-B139864105F7}) (Version: 5.0.14 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.5 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
screenSHU - the fastest screen capture ever. (HKLM-x32\...\screenSHU) (Version:  - )
SHRIKE V2 Gaming Mouse (HKLM-x32\...\{683C749D-B99A-4F27-9528-98F535A31393}}_is1) (Version:  - )
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteamVR Performance Test (HKLM-x32\...\Steam App 323910) (Version:  - Valve)
SUPERHOT (HKLM-x32\...\1456141688_is1) (Version: 2.0.0.4 - GOG.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TotalVPN 1.4.5 (HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\TotalVPN) (Version: 1.4.5 - TotalVPN)
TotalVPN 1.4.5 (HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TotalVPN) (Version: 1.4.5 - TotalVPN)
TruckersMP 0.2.0.9.1 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.9.1 Alpha - ETS2MP Team)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.16 - IDRIX)
Video Card Stability Test (HKLM-x32\...\Video Card Stability Test) (Version: v.1.0.0.3 - FreeStone Group)
Vulkan Run Time Libraries 1.0.13.0 (HKLM\...\VulkanRT1.0.13.0) (Version: 1.0.13.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Warblade (HKLM-x32\...\Warblade_is1) (Version:  - EMV Software)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\LOLSON\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3785322865-679390889-3198924132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\LOLSON\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)
CustomCLSID: HKU\S-1-5-21-3785322865-679390889-3198924132-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\LOLSON\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3785322865-679390889-3198924132-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\LOLSON\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)
CustomCLSID: HKU\S-1-5-21-3785322865-679390889-3198924132-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\test123\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3785322865-679390889-3198924132-1008_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\test123\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {015C1544-C3D4-4D7A-95E8-577472F27E63} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {06EB7390-C142-4553-A438-6AD25AC708BE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-06-01] (Adobe Systems Incorporated)
Task: {0A664482-BBDF-4749-A318-322EAAE272F6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {146A48E1-F13E-4AC5-B11C-A9E7C3FC4F6F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {14747C9D-B807-497F-B34B-4AC49B020788} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {15350AC7-F35E-4341-9666-67C314C60367} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {18A1D998-F199-474F-999D-F4EA0CC959F5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {1E7DB0F3-68AF-4E2D-A872-77464E9F6A32} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {2127CCD6-31EC-4E72-851B-4FF6B9B28162} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {2AB990B2-2A14-4102-A664-16359B340C0D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {2BABE6F9-07C5-40C4-B9DC-47B66FA15D4A} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {339A169F-91AA-4D33-8825-6021F1BB8E7D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {3499A1A8-EAC9-4D9B-A62C-45407249D48B} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {39C48D4D-D82D-4AC4-93E9-E982715F3F82} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {3B627F8E-E94F-474A-8F54-DC0D541E60A8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {42CFB23C-2524-46BD-B10E-D4B55B453EEE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {455C763D-95C9-4214-8831-96C70597B618} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {45EFE680-CE53-4AE3-9E4C-555F4F6C0F47} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {463C2A89-0829-4DB7-8223-6FDA9E379887} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {48D44932-47DA-4735-A880-D0AA7168DCC4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {49F710C9-1885-4938-AEC6-5FFBE952A567} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {4C0A09EB-2B5F-4838-91D9-A79582DB97BC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-25] (Microsoft Corporation)
Task: {507E1AFD-4764-44B0-A859-1D6E3CBECF2B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {5C684212-26AD-4192-92E2-14DDC1AF8440} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6B52C0FB-1607-40AA-A21E-B3A71F4D2500} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {6BCB213D-2D19-4F65-BBA5-E73829991FBC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {77FF0919-4949-48C8-95A8-2FC1277A0954} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7D4CDE27-77B0-4E04-9C47-8FEC522B1A5C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8073A175-2776-49C7-9C61-12123EDB9FB8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8F4C3A2F-D807-437E-BAA4-10DF9721ED47} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: {8FDC57A1-D8BE-420E-BA78-0B4F4FDC3124} - System32\Tasks\{45C61370-801D-4F65-B60C-B6F940C77F3C} => pcalua.exe -a "C:\Program Files (x86)\CWGET\unins000.exe"
Task: {9388D926-CD96-4F90-BFD9-9957F8362939} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {9502D28F-6F91-4C97-8D77-12B58D0E60ED} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {A7C86543-ADE5-486F-87D7-C5321D28AD4A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A8343507-9298-44D1-A6E4-BCFFD57EAE62} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {B7788673-1435-44E5-99DF-134308BFED16} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {BB37A84C-4F81-42F0-8435-293EED98F80C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BD1DB8C3-23AB-46DA-9509-4B86D07014ED} - System32\Tasks\Intel(R) Small Business Advantage\Notifier => C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\SBA_Notifier.exe
Task: {D615768E-352D-4FB8-B2EF-23E25D1868DD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {DABACCEB-BBD4-4F40-B6EB-A3BD3C55E9CB} - System32\Tasks\GoogleUpdateTaskMachineCore1d12e0f6c75f034 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {DDA13CA5-54EA-4FC7-8199-57F02DCA5AEC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DE4D0B90-EDC9-4DCF-9B4F-B77EB93C3387} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DEE9816C-0342-4462-9789-CCE54B3BC716} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E38C7FE2-DC67-4FA1-B71E-A0F1127BB330} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E4E43F96-4AA2-4C9E-9245-537734FE1798} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {F2D87650-EF78-475A-B71C-D7F697047FAD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F6730341-5D9D-47B1-9C7E-E7F83B13B7AF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-01] (Adobe Systems Incorporated)
Task: {FAA2246E-4423-4A07-A47C-52CA2BB9C05E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12e0f6c75f034.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\LOLSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV\Go to OpenIV web site.lnk -> hxxp://openiv.com/ (No File)

ShortcutWithArgument: C:\Users\LOLSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Pulpit zdalny Chrome (1).lnk -> C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web Applications\_crx_gbchcmhmhahfdphkhkmpfmihenigjmpp\Pulpit zdalny Chrome.ico () ->  --profile-directory=ChromeDefaultData --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\LOLSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Pulpit zdalny Chrome.lnk -> C:\Users\LOLSON\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_gbchcmhmhahfdphkhkmpfmihenigjmpp\Pulpit zdalny Chrome.ico () ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\LOLSON\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%

==================== Loaded Modules (Whitelisted) ==============

2015-08-07 03:38 - 2015-08-07 03:38 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 12:19 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2016-06-19 16:44 - 2016-05-25 12:53 - 00191688 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2015-08-30 22:24 - 2016-02-29 22:30 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2016-04-20 17:20 - 2016-03-16 06:55 - 02495768 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-20 17:20 - 2016-03-16 06:55 - 02495768 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-07-01 01:45 - 2016-07-01 01:45 - 00959168 _____ () C:\Users\LOLSON\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-06-27 15:45 - 2016-06-21 06:02 - 00782248 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2013-09-04 19:21 - 2013-09-04 19:21 - 02112000 _____ () C:\Program Files (x86)\screenSHU\screenSHU.exe
2015-06-25 17:16 - 2014-10-21 10:04 - 01755648 _____ () C:\Program Files (x86)\TESORO Gaming\LOBERA Gaming Keyboard\HID.exe
2016-02-10 19:16 - 2014-06-11 17:07 - 00289792 _____ () C:\Program Files (x86)\TESORO Gaming\SHRIKE V2 Gaming Mouse\mousehid.exe
2016-02-10 19:16 - 2014-01-17 17:12 - 00232960 _____ () C:\Program Files (x86)\TESORO Gaming\SHRIKE V2 Gaming Mouse\trayicon.exe
2016-06-10 17:23 - 2016-06-10 17:23 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll
2016-06-27 15:44 - 2016-06-21 06:02 - 01082792 _____ () C:\Program Files (x86)\360\Total Security\PromoUtil.exe
2016-06-27 15:45 - 2016-06-21 06:02 - 00098736 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2011-06-08 09:32 - 2011-06-08 09:32 - 00043008 _____ () C:\Program Files (x86)\screenSHU\libgcc_s_dw2-1.dll
2011-06-08 09:32 - 2011-06-08 09:32 - 00011362 _____ () C:\Program Files (x86)\screenSHU\mingwm10.dll
2016-06-27 15:45 - 2016-06-21 06:02 - 00519080 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2016-02-10 19:16 - 2013-01-16 10:06 - 00061952 _____ () C:\Program Files (x86)\TESORO Gaming\SHRIKE V2 Gaming Mouse\HidDevice.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [346]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [346]
AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
AlternateDataStreams: C:\ProgramData\Application Data:NT2 [346]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [346]
AlternateDataStreams: C:\Users\LOLSON\Application Data:NT [40]
AlternateDataStreams: C:\Users\LOLSON\Application Data:NT2 [346]
AlternateDataStreams: C:\Users\LOLSON\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\LOLSON\AppData\Roaming:NT2 [346]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-03-15 21:53 - 00001794 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       idb.iobit.com
127.0.0.1       asc55.iobit.com
127.0.0.1       is360.iobit.com
127.0.0.1       asc.iobit.com
127.0.0.1       pf.iobit.com
127.0.0.1       98.129.229.186
127.0.0.1       www.iana.org
127.0.0.1       iana.org
127.0.0.1       idb.iobit.com
127.0.0.1       asc55.iobit.com
127.0.0.1       is360.iobit.com
127.0.0.1       asc.iobit.com
127.0.0.1       pf.iobit.com
127.0.0.1       98.129.229.186
127.0.0.1       www.iana.org
127.0.0.1       iana.org#	::1             localhost
127.0.0.1                   mirillis.com
127.0.0.1                   www.mirillis.com
127.0.0.1                   serwer2.paka-service.com
127.0.0.1                   mirillis.pl
127.0.0.1                   176.31.241.10
127.0.0.1                   91.121.143.139
127.0.0.1                   thislineskipsanyemptylines
127.0.0.1					www.iobit.com 
127.0.0.1					www.asc55.iobit.com127.0.0.1                   bandicam.com
127.0.0.1                   ssl.bandisoft.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3785322865-679390889-3198924132-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-3785322865-679390889-3198924132-1008\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ACTION_SVC => 3
MSCONFIG\Services: cFosSpeedS => 2
MSCONFIG\Services: chromoting => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: LiveUpdateSvc => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\Run: => "XFast LAN"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\StartupApproved\StartupFolder: => "SHU.lnk"
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\StartupApproved\StartupFolder: => "TotalVPN.lnk"
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\StartupApproved\Run: => "ALLUpdate"
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\StartupApproved\Run: => "RGSC"
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\StartupApproved\Run: => "Unified Remote V3"
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\StartupApproved\Run: => "Advanced SystemCare 9"
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\StartupApproved\Run: => "Comrade.exe"
HKU\S-1-5-21-3785322865-679390889-3198924132-1000\...\StartupApproved\Run: => "IPLA!"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{01CA38C2-C1FA-491B-9944-9AC52B45E455}] => (Allow) F:\Gry\GTA V\GTA5.exe
FirewallRules: [{EF1D522A-BA17-43AE-B6C3-61AD3CCDE5A5}] => (Allow) F:\Gry\GTA V\GTA5.exe
FirewallRules: [{42341010-0CC7-4534-94E1-E6EAC3887855}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{F52BDF33-DDC2-4891-911B-EE9B6E4554E2}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{86A3ACB6-763E-4C63-BD35-9ABE6C20F218}] => (Block) C:\totalcmd\totalcmd64.exe
FirewallRules: [{34D32855-D324-49AA-9D9C-F68846E08FC5}] => (Block) C:\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{F3EA4FE4-9264-44AD-BA42-D1BF8C57D593}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [TCP Query User{E3B24B56-2731-4636-9338-C7656A8CA356}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [{0AB3885F-C7A7-4C65-91EB-D03705342B87}] => (Block) C:\totalcmd\totalcmd.exe
FirewallRules: [{CD684695-5C30-4A78-AF30-AD820939A34B}] => (Block) C:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{B1F7BD75-5F57-4561-89FC-6DEAE1BB4257}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{A425930D-9BDF-46FD-9987-1AE23E2C6096}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{6BAC0090-A78A-40F7-A4C9-B573A0A6405C}C:\users\lolson\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\lolson\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [TCP Query User{E7BF24FC-D64D-4700-A01E-36F58713E4E3}C:\users\lolson\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\lolson\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{AB29B45D-35DD-4BC4-8698-67C479D9BC91}C:\users\lolson\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\lolson\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [TCP Query User{B5C89E4A-998D-41EE-9444-03049CA74705}C:\users\lolson\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\lolson\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [{BA9D522C-24F9-47F9-8515-C37ABFF4201B}] => (Allow) F:\Gry\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{B964C3B9-B607-4E2B-8B45-E4C9B583F0B5}] => (Allow) F:\Gry\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{ACF0A185-DD22-4C63-B764-6315737A9B77}] => (Allow) F:\Gry\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{9945AD49-5AED-4A04-A7F6-CB98577584D8}] => (Allow) F:\Gry\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{3C685F04-CBD1-4E2C-B1B2-EB8C6D6F1F6E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{35C71E88-892F-43FA-A013-7B076D4291C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5F65C41F-E78A-4ED9-B6CC-57B9D35884E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A8AD7D6B-6C92-46DB-9E46-58A2DECA7309}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{F6B2138F-4C8B-483F-A4A8-1BF95759A285}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{46A9BF17-AF1C-4285-943F-758C52303E0D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{3D66BC6D-793F-4401-870D-E7079F706CFB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{55ACAE94-C6A6-4C22-96BF-B535C60B0096}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3740E40F-D5F2-4205-830C-5AB6A39529DA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F0BDDAD8-8F3E-489D-9A84-DC424D3CFC8B}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{CC0600AA-E68E-4738-A5AB-48768D18278D}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{FD3B0AB6-3488-4127-A3A3-6693E0F64A39}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A85EB902-2264-407F-B5D8-BFCF02C0284B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{640E2ED5-3071-4A5E-BF1A-6FE692DCE53F}C:\program files\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\java.exe
FirewallRules: [UDP Query User{325651DF-353E-4288-9199-797DBAD832DA}C:\program files\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\java.exe
FirewallRules: [TCP Query User{EC54A7E9-13EF-47BE-88FE-E18D71CC9F53}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{153C7630-FF5F-4B66-AD3C-868C9A05B7B6}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{ADF2D1DC-4C0D-47B4-A900-82DFC393A6DA}] => (Allow) F:\Gry\Gry steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{BF4A8711-45E2-4F72-BCC2-952A42F866C7}] => (Allow) F:\Gry\Gry steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{3DC3FE42-97EC-4828-8015-2BC689CBA7F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1CF5A13D-B53F-46E2-B108-29EFA4432F94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{21325280-4A59-4766-9FD0-04EC509EB7AE}] => (Allow) F:\Gry\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{30861783-86D6-4FA9-BC95-CA45C45FA8A5}] => (Allow) F:\Gry\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{8BA5DCE9-FF9E-4769-A330-5788FEF235E1}] => (Allow) F:\Gry\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2B456049-65FE-4A20-BCCF-FCD6F96221CF}] => (Allow) F:\Gry\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{19C629EA-6449-4117-9E28-1D689C7230C8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{986509D4-DFF9-4F9F-B518-7B422AC07318}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B7FB2EE7-8586-4C99-8E5C-9808585CE0E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A0A76232-AB6A-4D3D-88D9-A10FE2ACFAB2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{00CE26AB-E39A-4B45-A7CB-192E6DB7DD72}] => (Allow) F:\Gry\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{F2AFEB18-243C-41C4-A0DF-06A12B8B7C76}] => (Allow) F:\Gry\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{C082DEDC-F777-4BDA-8C8F-7C7CA1ED6425}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{CA0ED885-94CA-4C98-856C-21DB2ACC3F3E}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{8879FFBC-5106-4772-A89A-405F9C3FC48D}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{7A0A1393-0680-4AE0-9EA0-F0A3385E7699}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{7B5C1C44-BB7A-40B5-B1A3-D09699E895FA}] => (Allow) F:\Gry\Origin Games\Mirrors Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{D7C86539-F639-46AE-8752-3EC8E3704DCF}] => (Allow) F:\Gry\Origin Games\Mirrors Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{2B82309C-AB58-43C2-BB82-D18F067FFE3E}] => (Allow) F:\Gry\Gry steam\steamapps\common\Hacker Evolution\HackerEvolution.exe
FirewallRules: [{5AC4ACF6-A9D7-4F57-AE91-28DE7709231E}] => (Allow) F:\Gry\Gry steam\steamapps\common\Hacker Evolution\HackerEvolution.exe
FirewallRules: [{7BE9EE19-D94F-487D-A458-1F5482945C9D}] => (Allow) F:\Gry\Gry steam\steamapps\common\Hacker Evolution\HackerEvolutionModEditor.exe
FirewallRules: [{84015A0F-530F-4853-B367-20D42CEA71DB}] => (Allow) F:\Gry\Gry steam\steamapps\common\Hacker Evolution\HackerEvolutionModEditor.exe
FirewallRules: [{A0718EAE-726C-4E8A-A831-3B0B1225FC16}] => (Allow) F:\Gry\Gry steam\steamapps\common\Lost Planet 3\Binaries\Win32\LP3Launcher.exe
FirewallRules: [{04B1EFB9-A498-4DC8-830E-85C3800A812A}] => (Allow) F:\Gry\Gry steam\steamapps\common\Lost Planet 3\Binaries\Win32\LP3Launcher.exe
FirewallRules: [{43FCF869-38E3-4E05-9F02-D6F45ECF3A68}] => (Allow) F:\Gry\Gry steam\steamapps\common\Hacker Evolution Untold\Hacker Evolution Untold.exe
FirewallRules: [{DBDE97CA-C5F8-4797-8731-E582BB5BDFA4}] => (Allow) F:\Gry\Gry steam\steamapps\common\Hacker Evolution Untold\Hacker Evolution Untold.exe
FirewallRules: [{482C1AE3-F44E-43E2-AD34-373DC8A22498}] => (Allow) F:\Gry\Gry steam\steamapps\common\Hacker Evolution Untold\Hacker Evolution Mod Editor.exe
FirewallRules: [{CF64E9BD-0F39-44C0-8F11-FE30492CA270}] => (Allow) F:\Gry\Gry steam\steamapps\common\Hacker Evolution Untold\Hacker Evolution Mod Editor.exe
FirewallRules: [{9918334F-6B58-45E0-87C3-8DBB3AF5BDCE}] => (Allow) F:\Gry\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{8710BA23-094E-4E50-9E54-1B5BA0E9D78B}] => (Allow) F:\Gry\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{8896DEA3-7C77-463D-9F7A-0D684027F159}] => (Allow) F:\Gry\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{31248A5C-2BED-445F-8915-332D575B175E}] => (Allow) F:\Gry\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{C6BC5FC3-0A68-498B-A350-9268F3B1DA26}] => (Allow) F:\Gry\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe
FirewallRules: [{30EA4B1D-AC1C-4401-A0EB-FC5EAD79C358}] => (Allow) F:\Gry\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe
FirewallRules: [TCP Query User{10A264F2-5816-4FCC-858A-4509543CACEC}F:\gry\gry steam\steamapps\common\payday the heist\payday_win32_release.exe] => (Allow) F:\gry\gry steam\steamapps\common\payday the heist\payday_win32_release.exe
FirewallRules: [UDP Query User{32984327-DC61-44D8-9453-5B238E4A9DC5}F:\gry\gry steam\steamapps\common\payday the heist\payday_win32_release.exe] => (Allow) F:\gry\gry steam\steamapps\common\payday the heist\payday_win32_release.exe
FirewallRules: [{8B6020F3-4F2D-44D8-93C2-1F3DD71A1FA9}] => (Allow) F:\Gry\Gry steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{002A7393-E97C-46C1-8178-162662A82179}] => (Allow) F:\Gry\Gry steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{3EF6B93E-50F5-4C2A-9976-9C1869D9C7B9}F:\gry\gry steam\steamapps\common\h1z1\h1z1.exe] => (Allow) F:\gry\gry steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{BC435A08-D6EB-4390-A35F-35D4D86BAED7}F:\gry\gry steam\steamapps\common\h1z1\h1z1.exe] => (Allow) F:\gry\gry steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{DE330D2F-5042-4981-AF2B-81332499CCEE}] => (Block) F:\gry\gry steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{3C280510-4203-4E5E-8FE8-F463EB107E35}] => (Block) F:\gry\gry steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{BA09B594-D1AE-4F31-ADBD-0C2E9E8A71CD}] => (Allow) F:\Gry\Gry steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{A25214C3-D628-4CA7-BE9B-FC00C9298107}] => (Allow) F:\Gry\Gry steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{EB619148-66FA-4304-B093-A5A9AB57CA5F}] => (Allow) F:\Gry\Gry steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{65E02B18-09E2-4E47-A91A-696A30FA0C34}] => (Allow) F:\Gry\Gry steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{0AEC5E6D-B927-4361-89D0-7A0CEC473E47}] => (Allow) F:\Gry\GTA V\GTA5.exe
FirewallRules: [{49733BFA-10BC-437A-82F7-0B0673649E9B}] => (Allow) F:\Gry\GTA V\GTA5.exe
FirewallRules: [{BC9ED6F6-2032-4249-AA0D-44972DB7EA36}] => (Allow) C:\Users\LOLSON\Downloads\BitTorrent.exe
FirewallRules: [{A45B66D6-9255-407C-A068-E7B24BB6434C}] => (Allow) C:\Users\LOLSON\Downloads\BitTorrent.exe
FirewallRules: [{A8700AE3-1987-42EA-84C6-6D0B5F81ABD2}] => (Allow) F:\Gry\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{676FE95B-41E5-45AB-BF96-BD0BB94BD3CF}] => (Allow) F:\Gry\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{DF5EFBD3-0969-4D32-B6CE-4FFCBE525B32}] => (Allow) F:\Gry\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe
FirewallRules: [{7B42C214-DA35-4D7E-AAC7-19755F2B0410}] => (Allow) F:\Gry\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe
FirewallRules: [{36154B67-C801-4B83-A0EF-EC6D64AE80C3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FDDDE65A-E238-4574-84F2-1DEB45A91A70}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BBA910A7-A753-4E4F-8F37-1F0013576B8D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9351474E-BD6F-4F92-8CD7-DBEF30BF26E5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0B517BF4-AAD0-499E-9212-8D29D0D29FC5}] => (Allow) F:\Gry\Gry steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{1BEFE6D8-8EC0-44C4-B26D-3330D5362AEF}] => (Allow) F:\Gry\Gry steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{24D01B98-F424-4E7C-9D52-445F43B3B5E3}] => (Allow) F:\Gry\Gry steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{11C974C2-D43B-4021-ACB1-0C6C3F70B058}] => (Allow) F:\Gry\Gry steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [TCP Query User{52C8F060-77BF-4AA6-B325-544377179F24}F:\gry\gry steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) F:\gry\gry steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{EA203582-59CF-45AB-AB1D-3799EC6635CC}F:\gry\gry steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) F:\gry\gry steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{F950F42B-C6B5-4A31-BB3A-E2471EE5AC41}] => (Allow) F:\Gry\Gry steam\steamapps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{6005538F-07F8-4DF6-9FD7-5755C26FD1B5}] => (Allow) F:\Gry\Gry steam\steamapps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [TCP Query User{7F061071-31A6-476A-9EB7-F9BDD1F0462C}F:\gry\gry steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) F:\gry\gry steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [UDP Query User{6BC959F9-6571-47B5-AACA-D8AFBBCD8615}F:\gry\gry steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) F:\gry\gry steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [TCP Query User{6C5337AF-B865-497D-9277-A89C45126FC2}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{BFB078A3-A5D8-4DA2-AAE3-7DA03A039942}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{127A0E2C-C0AB-4563-A8C3-556B22535B35}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe
FirewallRules: [UDP Query User{B5CC3E84-7315-4A44-9915-618955DF42F4}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe
FirewallRules: [{9AF3D370-FC8F-40DE-9766-8B80332B01C7}] => (Allow) F:\Gry\Gry steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{02FA0AF7-63B3-441F-ACFE-7084937D6884}] => (Allow) F:\Gry\Gry steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{A398A8A3-4788-4339-AA3C-00FC85AEAA8B}F:\gry\gry steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) F:\gry\gry steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{F09D743F-8792-467B-A3D7-752F50248C0B}F:\gry\gry steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) F:\gry\gry steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{04AB039B-3B43-457A-A644-DE1ACB82A8E6}] => (Allow) F:\Gry\Gry steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{439793A9-B6A0-41CB-AD13-6E8046F81271}] => (Allow) F:\Gry\Gry steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{1385EE17-1153-4ACD-A3CE-78D22C8B0D5F}C:\program files\java\jre1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\java.exe
FirewallRules: [UDP Query User{92A4C9BE-AA5B-4B70-8BC7-D8D503AC8066}C:\program files\java\jre1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\java.exe
FirewallRules: [TCP Query User{3C67E8F4-4FA9-4ABF-B187-8A7A475B29D4}F:\gry\ride\ride\ridex64.exe] => (Block) F:\gry\ride\ride\ridex64.exe
FirewallRules: [UDP Query User{D9150C97-2598-47F3-94A9-96F239F7B6CE}F:\gry\ride\ride\ridex64.exe] => (Block) F:\gry\ride\ride\ridex64.exe
FirewallRules: [TCP Query User{F943924F-C6AF-4C23-A487-2C34DA91C735}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{9B920BFA-ACA1-4A65-BBA2-3DC0DA301395}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{C1FD4A4C-50F2-4871-B3E2-A40E4D35B0D8}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe
FirewallRules: [UDP Query User{3CC92837-4A0D-4150-9E26-9E622D738AEB}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe
FirewallRules: [{887AFCC0-6AD8-43D3-AEE3-7BA2356E3CB3}] => (Allow) F:\Gry\Gry steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{994DCAC6-2AF2-4A73-9C5B-14B76C75305C}] => (Allow) F:\Gry\Gry steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{0F262E12-803B-4872-AEAD-879CD5288294}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{05A67EE5-E781-40B4-A32D-8DAD96913E2F}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{609EDED7-FA17-4327-9CD0-B4F04C7C28F3}] => (Allow) F:\Gry\Gry steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{F85702F4-B221-4768-AF31-E0962E68848D}] => (Allow) F:\Gry\Gry steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{38C8D030-2532-4FF6-B90B-6CEFEA0C07C4}] => (Allow) F:\Gry\Gry steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{53D20A56-B274-49E5-A959-E8D5C70CAEDF}] => (Allow) F:\Gry\Gry steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{FBD86DEF-09E4-4E73-9CB5-DD1367065F0E}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{B7817374-07BB-41D7-A5D1-AC08CEAC8907}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [TCP Query User{737DE439-E001-4798-A636-F00952E8CF6E}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{8FB9AC17-7832-4F26-80FF-2DA36BA74AF6}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{252B6ABE-78B0-4297-9951-363FC2594934}] => (Allow) F:\Gry\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{6D421A9A-4EE6-4D53-A8E5-23DE30C683ED}] => (Allow) F:\Gry\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{158862B7-2144-4170-85EC-01995774C129}] => (Allow) F:\Gry\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{60F4BA21-9F58-4EE1-8D24-2EF38DD12B98}] => (Allow) F:\Gry\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{D7618D5E-2567-4AE9-AE2C-2149AFB01C60}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4654279B-A33B-45DF-8C7D-554B4D861301}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{69E78770-8E3E-4A90-AB9D-FA2406E78C71}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5FA8C762-A3F6-4CD2-8C13-B4AFDD9B9025}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{45EBDA5A-2926-41D2-9510-476968DF601D}E:\programowanie\eclipse\eclipse.exe] => (Block) E:\programowanie\eclipse\eclipse.exe
FirewallRules: [UDP Query User{AD7FCDF3-1900-40BC-96F3-A45B7D8E0860}E:\programowanie\eclipse\eclipse.exe] => (Block) E:\programowanie\eclipse\eclipse.exe
FirewallRules: [TCP Query User{A7CB8F93-EA44-4052-BB40-C041886619F1}C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.5_41713.exe] => (Allow) C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.5_41713.exe
FirewallRules: [UDP Query User{6BAE6CD1-A316-44FA-9104-84CF7461B39D}C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.5_41713.exe] => (Allow) C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.5_41713.exe
FirewallRules: [{6944322B-A1F7-4E8A-878D-C79ABC3610EF}] => (Block) C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.5_41713.exe
FirewallRules: [{8ADB0AA1-8588-4F02-B047-B3BBB8919775}] => (Block) C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.5_41713.exe
FirewallRules: [{235C7909-159D-41E3-A900-9586B63F06B9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{012026FA-01BD-422D-8A68-3EC6BBF064E4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6767E98F-B12A-441D-95BD-6F93D48E7B94}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{43D1D3F0-FEED-42F1-9FD8-92374CD9D856}C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.5_41866.exe] => (Block) C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.5_41866.exe
FirewallRules: [UDP Query User{7C758123-AC89-440E-A267-77BC37470E72}C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.5_41866.exe] => (Block) C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.5_41866.exe
FirewallRules: [{1E8F03E3-9389-4E51-A1DF-DAB9C3420BED}] => (Block) c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\logtransport2.exe
FirewallRules: [{56947543-7D58-453A-B181-ACD54921DFC0}] => (Block) c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\logtransport2.exe
FirewallRules: [{BA3A3E49-E035-4D6A-8379-2F9D6D654247}] => (Block) c:\program files (x86)\common files\adobe\oobe\pdapp\core\pdapp.exe
FirewallRules: [{87FCBFE2-38F4-48A1-993B-6A93CA4A2453}] => (Block) c:\program files (x86)\common files\adobe\oobe\pdapp\core\pdapp.exe
FirewallRules: [{8E23737D-2C12-4505-B4DB-B010C3BEBDBF}] => (Block) c:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe
FirewallRules: [{9AB0371E-FA7E-4248-AE25-A5EF8B44F710}] => (Block) c:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe
FirewallRules: [{3346E228-F54B-4E3D-9388-9F42BB5B7E83}] => (Block) c:\windows\system32\wermgr.exe
FirewallRules: [{99F71252-8810-4021-8672-ECAE5E404969}] => (Block) c:\windows\system32\wermgr.exe
FirewallRules: [{BE5C3943-1306-4340-B7D7-BC0E62A79CF1}] => (Block) c:\windows\system32\dmclient.exe
FirewallRules: [{DC9DB7E9-5A11-4E41-AC88-7A8BCEAFBAF8}] => (Block) c:\windows\system32\dmclient.exe
FirewallRules: [{5C6AA710-3DAA-41D3-8C43-E23A52EA2395}] => (Block) c:\windows\system32\mrt.exe
FirewallRules: [{029EF9AF-C92A-49DF-B4AA-F383B6D1339C}] => (Block) c:\windows\system32\mrt.exe
FirewallRules: [{052DD962-2AB9-4CF6-8961-86999455C26E}] => (Block) c:\windows\system32\compattelrunner.exe
FirewallRules: [{582BF661-09D8-4673-A474-28A48F0F0F02}] => (Block) c:\windows\system32\compattelrunner.exe
FirewallRules: [{868C635E-E6F7-434D-8C18-278E6C2A1EC3}] => (Block) e:\yt\camtasia\camtasiastudio.exe
FirewallRules: [{C2628F50-9D4B-4B32-A14F-A45D1684B1FB}] => (Block) e:\yt\camtasia\camtasiastudio.exe
FirewallRules: [{7DF1214F-86A0-4D76-AF4C-91D5D2B719A8}] => (Block) c:\program files (x86)\gpu-z\gpu-z.exe
FirewallRules: [{78E444D4-0467-4C53-A69A-623C1CD5D863}] => (Block) c:\program files (x86)\gpu-z\gpu-z.exe
FirewallRules: [{7522A6C4-6396-4EE3-AB5E-067AB526AC63}] => (Block) c:\windows\syswow64\werfault.exe
FirewallRules: [{AE25CA63-A6A0-48DE-8E0B-3D146A38C705}] => (Block) c:\windows\syswow64\werfault.exe
FirewallRules: [{9FD95B8F-40A0-41B6-B7E7-97F0E2BFCE42}] => (Block) c:\program files\cpuid\cpu-z\cpuz.exe
FirewallRules: [{E398805A-8CF9-4737-AFE4-35BCE13C78C0}] => (Block) c:\program files\cpuid\cpu-z\cpuz.exe
FirewallRules: [{2C003AA3-D736-4E0F-B18F-6B790976A7DF}] => (Block) c:\program files (x86)\bandicam\bdcam.exe
FirewallRules: [{D1AB0AD7-D805-4A61-BCE8-0B0AE7E167F1}] => (Block) c:\program files (x86)\bandicam\bdcam.exe
FirewallRules: [{0446EFC6-272F-4AE3-8D3B-C3278BADB0B6}] => (Block) c:\program files (x86)\iobit\iobit uninstaller\uninstallpromote.exe
FirewallRules: [{77A4D49D-0FE4-4467-8656-A7CF6B387227}] => (Block) c:\program files (x86)\iobit\iobit uninstaller\uninstallpromote.exe
FirewallRules: [{41824B67-CF75-4EA8-A4AD-5B621A1A3F13}] => (Block) f:\gry\ride\ride\ridex64.exe
FirewallRules: [{E0A283BD-20BA-41B7-B031-D4776A707E03}] => (Block) f:\gry\ride\ride\ridex64.exe
FirewallRules: [{ED0CDFDC-6F20-4A29-A173-02F476C06C3B}] => (Block) c:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [{FCD53FEB-9921-4792-858D-84DBD7A20F01}] => (Block) c:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [{82E7E6CA-01DB-42C7-A611-A708C1347547}] => (Block) c:\program files (x86)\mirillis\action!\action.exe
FirewallRules: [{3E82E4DF-A7CD-473E-8D6F-B1B63AACF1AE}] => (Block) c:\program files (x86)\mirillis\action!\action.exe
FirewallRules: [TCP Query User{7753B6E3-619B-4B5F-8147-B5F55DF93855}C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.6_42095.exe] => (Block) C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.6_42095.exe
FirewallRules: [UDP Query User{3B03E94B-E8A0-4B8F-9898-A752EADF84E6}C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.6_42095.exe] => (Block) C:\users\lolson\appdata\roaming\bittorrent\updates\7.9.6_42095.exe
FirewallRules: [{3D982BA4-3577-4A51-ABB9-23C026408D33}] => (Block) c:\program files (x86)\apple software update\softwareupdate.exe
FirewallRules: [{C45923ED-8BC6-4D90-A604-A2EBDC398772}] => (Block) c:\program files (x86)\apple software update\softwareupdate.exe
FirewallRules: [{82ABB57E-805B-4DD7-84B0-CAE8CAEECEE9}] => (Block) c:\program files (x86)\iobit\liveupdate\liveupdate.exe
FirewallRules: [{ED608E80-9D8D-4953-8F4C-33DF8B693A22}] => (Block) c:\program files (x86)\iobit\liveupdate\liveupdate.exe
FirewallRules: [{A4BE01FC-A151-4C94-9FAB-A041C3D201D7}] => (Block) c:\program files (x86)\iobit\iobit uninstaller\aupdate.exe
FirewallRules: [{7C774A67-3F44-48D6-BEE9-EAF169774515}] => (Block) c:\program files (x86)\iobit\iobit uninstaller\aupdate.exe
FirewallRules: [{75B839F2-B1B2-49B8-A981-F21AC20C5434}] => (Block) c:\gog games\superhot\sh.exe
FirewallRules: [{FFB6AE1C-D7F0-4066-9254-80F4C96D2B2F}] => (Block) c:\gog games\superhot\sh.exe
FirewallRules: [{0D4EFCDA-E55E-4554-A922-D485731D590E}] => (Block) c:\program files (x86)\quicktime\quicktimeplayer.exe
FirewallRules: [{7040259D-B3C9-4885-BCC4-A7A630A9AC62}] => (Block) c:\program files (x86)\quicktime\quicktimeplayer.exe
FirewallRules: [{C7E8EC1A-7DCE-407C-B7BE-B7E5135A628F}] => (Block) c:\users\lolson\downloads\superhot-gog\setup_superhot_2.0.0.4.exe
FirewallRules: [{A84A6C3A-5D9B-4889-9E08-656D4822CA04}] => (Block) c:\users\lolson\downloads\superhot-gog\setup_superhot_2.0.0.4.exe
FirewallRules: [{8D37E041-56C9-4FA8-9ABB-E11537D59538}] => (Block) c:\program files (x86)\iobit\iobit uninstaller\bigupgrade_iu.exe
FirewallRules: [{FE93D814-D29F-47C9-B4C4-4AAF681E7892}] => (Block) c:\program files (x86)\iobit\iobit uninstaller\bigupgrade_iu.exe
FirewallRules: [{AE595E1C-2F6C-4751-8274-84853E551EEA}] => (Block) c:\users\lolson\desktop\development\fritzing.0.9.2b.64.pc\fritzing.exe
FirewallRules: [{A23486A1-892A-43D4-8697-3FA78CDC54F8}] => (Block) c:\users\lolson\desktop\development\fritzing.0.9.2b.64.pc\fritzing.exe
FirewallRules: [{4F41B044-0870-4F16-8632-57F0E9D06505}] => (Allow) F:\Gry\GameforgeLive\gfl_client.exe
FirewallRules: [{88ACAC23-DCAE-466D-80FF-32541DE944F7}] => (Block) f:\gry\ksp-0.21.1\ksp_win\ksp_x64.exe
FirewallRules: [{5F944B5C-71EE-4822-98F7-F07450B995BF}] => (Block) f:\gry\ksp-0.21.1\ksp_win\ksp_x64.exe
FirewallRules: [{8D11F915-AEEE-4693-90C5-C49B8F8CC359}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
FirewallRules: [TCP Query User{9183C727-6A9F-4294-B7CC-C94F96AF6F65}C:\gry\counter-strike 1.6 v43\hl.exe] => (Allow) C:\gry\counter-strike 1.6 v43\hl.exe
FirewallRules: [UDP Query User{55E04B90-F801-43C9-944E-1131D55D6E0B}C:\gry\counter-strike 1.6 v43\hl.exe] => (Allow) C:\gry\counter-strike 1.6 v43\hl.exe
FirewallRules: [{7500DF84-8361-4653-BC33-0D057EBBFBE4}] => (Block) C:\gry\counter-strike 1.6 v43\hl.exe
FirewallRules: [{2E94116A-7563-4211-8532-3D3584B0D11B}] => (Block) C:\gry\counter-strike 1.6 v43\hl.exe
FirewallRules: [TCP Query User{997956A7-F03C-4177-84E2-5EC460083B3C}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{A20DF9C1-7A25-4711-9189-7E924EA2E205}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{1DDB730B-8D10-4CAC-9EA7-E9A63FD0AA4A}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{0C42B791-56BE-4DFE-9E16-8C01CC099729}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{820A3A6C-8D49-4C6C-8ED0-A9448A885576}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{20A95F44-A334-40E3-B6F3-C8F02FD6AFDE}] => (Allow) F:\Gry\Gry steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{A2319308-1C95-4E43-8EE6-FF6EF039250D}] => (Allow) F:\Gry\Gry steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{CCB40FC6-9D39-4F68-B481-53FD9FEB64EE}] => (Allow) F:\Gry\Gry steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9B99ABF4-3BC2-49BE-B763-8B757C716DFA}] => (Allow) F:\Gry\Gry steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{335ECCB9-A2CD-4379-93AA-2C82CBD091C4}] => (Block) c:\users\lolson\appdata\local\temp\{c517c063-a153-4e77-9d65-00303ddf1b82}.exe
FirewallRules: [{7E3F54DB-828E-4F71-9951-9988709C7298}] => (Block) c:\users\lolson\appdata\local\temp\{c517c063-a153-4e77-9d65-00303ddf1b82}.exe
FirewallRules: [{06AA91CA-B0BB-49B6-991F-530901A045E3}] => (Block) c:\users\lolson\appdata\roaming\bittorrent\updates\7.9.6_42095.exe
FirewallRules: [{2949CFC6-0068-4BDF-9676-F29B66A86296}] => (Block) c:\users\lolson\appdata\roaming\bittorrent\updates\7.9.6_42095.exe
FirewallRules: [{26D1E1E4-AEF5-40C2-8890-AA8387C2B669}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{A3D470E7-6F80-4C29-9629-597BC5E0856F}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Restore Points =========================

25-06-2016 15:21:50 Windows Update
06-07-2016 22:58:18 Removed Movavi Video Editor 4.
06-07-2016 23:42:54 Operacja przywracania

==================== Faulty Device Manager Devices =============

Name: Urządzenie audio USB
Description: Urządzenie audio USB
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: (Rodzajowe audio USB)
Service: usbaudio
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2016 03:41:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LOLSON-PC)
Description: Aktywacja aplikacji Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/07/2016 03:41:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LOLSON-PC)
Description: Aktywacja aplikacji Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/07/2016 03:41:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: ShellExperienceHost.exe, wersja: 10.0.10240.16766, sygnatura czasowa: 0x56e8dba8
Nazwa modułu powodującego błąd: ShellExperienceHost.exe, wersja: 10.0.10240.16766, sygnatura czasowa: 0x56e8dba8
Kod wyjątku: 0xc000027b
Przesunięcie błędu: 0x0000000000076127
Identyfikator procesu powodującego błąd: 0x123c
Godzina uruchomienia aplikacji powodującej błąd: 0xShellExperienceHost.exe0
Ścieżka aplikacji powodującej błąd: ShellExperienceHost.exe1
Ścieżka modułu powodującego błąd: ShellExperienceHost.exe2
Identyfikator raportu: ShellExperienceHost.exe3
Pełna nazwa pakietu powodującego błąd: ShellExperienceHost.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: ShellExperienceHost.exe5

Error: (07/07/2016 03:41:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: ShellExperienceHost.exe, wersja: 10.0.10240.16766, sygnatura czasowa: 0x56e8dba8
Nazwa modułu powodującego błąd: ShellExperienceHost.exe, wersja: 10.0.10240.16766, sygnatura czasowa: 0x56e8dba8
Kod wyjątku: 0xc000027b
Przesunięcie błędu: 0x0000000000076127
Identyfikator procesu powodującego błąd: 0xc30
Godzina uruchomienia aplikacji powodującej błąd: 0xShellExperienceHost.exe0
Ścieżka aplikacji powodującej błąd: ShellExperienceHost.exe1
Ścieżka modułu powodującego błąd: ShellExperienceHost.exe2
Identyfikator raportu: ShellExperienceHost.exe3
Pełna nazwa pakietu powodującego błąd: ShellExperienceHost.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: ShellExperienceHost.exe5

Error: (07/07/2016 03:40:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LOLSON-PC)
Description: Aktywacja aplikacji Microsoft.WindowsAlarms_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/07/2016 03:40:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LOLSON-PC)
Description: Aktywacja aplikacji Microsoft.WindowsAlarms_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/07/2016 03:39:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LOLSON-PC)
Description: Aktywacja aplikacji Microsoft.WindowsAlarms_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/07/2016 03:39:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LOLSON-PC)
Description: Aktywacja aplikacji Microsoft.WindowsAlarms_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/07/2016 03:39:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LOLSON-PC)
Description: Aktywacja aplikacji Microsoft.WindowsAlarms_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/07/2016 03:39:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LOLSON-PC)
Description: Aktywacja aplikacji Microsoft.WindowsAlarms_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.


System errors:
=============
Error: (07/07/2016 03:41:10 PM) (Source: DCOM) (EventID: 10010) (User: LOLSON-PC)
Description: App

Error: (07/07/2016 03:41:08 PM) (Source: DCOM) (EventID: 10010) (User: LOLSON-PC)
Description: App

Error: (07/07/2016 03:40:05 PM) (Source: DCOM) (EventID: 10010) (User: LOLSON-PC)
Description: App.AppXwzrz54cs8gbnfgve6ctx6ht4bjw97w0y.mca

Error: (07/07/2016 03:40:01 PM) (Source: DCOM) (EventID: 10010) (User: LOLSON-PC)
Description: App.AppXwzrz54cs8gbnfgve6ctx6ht4bjw97w0y.mca

Error: (07/07/2016 03:39:57 PM) (Source: DCOM) (EventID: 10010) (User: LOLSON-PC)
Description: App.AppXwzrz54cs8gbnfgve6ctx6ht4bjw97w0y.mca

Error: (07/07/2016 03:39:51 PM) (Source: DCOM) (EventID: 10010) (User: LOLSON-PC)
Description: App.AppXwzrz54cs8gbnfgve6ctx6ht4bjw97w0y.mca

Error: (07/07/2016 03:39:47 PM) (Source: DCOM) (EventID: 10010) (User: LOLSON-PC)
Description: App.AppXwzrz54cs8gbnfgve6ctx6ht4bjw97w0y.mca

Error: (07/07/2016 03:39:41 PM) (Source: DCOM) (EventID: 10010) (User: LOLSON-PC)
Description: App.AppXwzrz54cs8gbnfgve6ctx6ht4bjw97w0y.mca

Error: (07/07/2016 03:39:38 PM) (Source: DCOM) (EventID: 10010) (User: LOLSON-PC)
Description: App.AppXwzrz54cs8gbnfgve6ctx6ht4bjw97w0y.mca

Error: (07/07/2016 03:39:34 PM) (Source: DCOM) (EventID: 10010) (User: LOLSON-PC)
Description: App.AppXwzrz54cs8gbnfgve6ctx6ht4bjw97w0y.mca


CodeIntegrity:
===================================
  Date: 2016-07-05 16:54:02.614
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-05 15:09:58.970
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-06-26 15:09:13.384
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-06-26 15:09:13.300
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-06-26 15:09:13.225
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-06-26 15:09:13.081
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-06-26 15:09:13.015
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-06-26 15:09:12.974
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-06-26 15:09:11.376
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-06-26 15:09:10.853
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 60%
Total physical RAM: 8108.15 MB
Available physical RAM: 3204.09 MB
Total Virtual: 16812.15 MB
Available Virtual: 10550.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:244.7 GB) (Free:30.15 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (Dane) (Fixed) (Total:222.65 GB) (Free:87.21 GB) NTFS
Drive f: (Gry) (Fixed) (Total:464.05 GB) (Free:23.62 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0003A167)
Partition 1: (Active) - (Size=244.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.7 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=464.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Ktosiu]

Skoro pobiera aktualizacje to chyba logiczne że zapisuje i dysk działa