Jump to content

Malware Causing DNS Issue - Unable to Access Internet


Recommended Posts

Hello all,

 

A few days ago, I logged on to my computer as normal. I wasn't able to connect to the internet, there was an error "!" symbol on the connection icon. I tried ipconfig /release /renew, which removed the error, and my connection status was listed as connected. However, I could ping the default gateway, as well as servers (Tried 8.8.8.8 and 4.2.2.2), however, experienced a timeout when trying to ping websites, and was still unable to get onto my browser, Chrome. This was of litte concern to me at the time, because I was not in dire need of internet access. I didn't fret,  just played video games offline in lieu of browsing the net. The next day, my system was sluggish, and video games were crashing on launch. I restarted in safe mode with networking through MSconfig, since F8 wasn't working. From there I was able to get on to chrome, making me suspect the cause to be malware. I downloaded Malwarebytes, and ran a scan. It picked something up from the registry, which was removed. I couldn't get Norton to run in safe mode despite now being able to access the internet.

 

In spite of this, the scan didn't appear to solve the problem unfortunately, since in normal mode, I'm still unable to connect to the internet, so whatever I cleared up must not have been the issue. I appear to be stumbling from one PC issue to the next lately. Couldn't have hit me at a better time, what with all the uni assignment deadlines I have looming over me...

 

Cheers if anyone can help.

Link to post
Share on other sites

  • Replies 74
  • Created
  • Last Reply

Top Posters In This Topic

Apologies, I should have read the sticky topic. I assume this is why I'm still without answer. Please see below:

 

FRST scan:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by breadwinner (administrator) on BREADWINNER-PC on 15-07-2015 20:27:55
Running from C:\Users\breadwinner\Downloads
Loaded Profiles: breadwinner (Available Profiles: breadwinner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7640944 2015-04-27] (Realtek Semiconductor)
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2510784 2015-05-14] ()
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Run: [Desura] => C:\Program Files (x86)\Desura\desura.exe [2668496 2014-12-05] (Desura Net Pty Ltd)
HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-06-30] (Electronic Arts)
HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Run: [f.lux] => C:\Users\breadwinner\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785280 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7457336 2015-06-14] (GOG.com)
HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\MountPoints2: {ceeb136e-7ebc-11e2-a16f-c86000c3020e} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\FAHScreensaver.scr
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-06-13]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-08-13]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\breadwinner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dogecoin.lnk [2014-01-27]
ShortcutTarget: Dogecoin.lnk -> C:\Program Files\Dogecoin\dogecoin-qt.exe ()
Startup: C:\Users\breadwinner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk [2014-12-18]
ShortcutTarget: Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe (No File)
Startup: C:\Users\breadwinner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-01-31]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3235293135-4221542072-2322260496-1000 -> {88FB16D2-04EA-4ffe-8079-CFF68F1B9CE6} URL = http://www.search-results.com/web?q={searchTerms}&o=15868&l=dis&prt=BDIE&chn=retail&geo=GB&ver=4.0.0.1884
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3235293135-4221542072-2322260496-1000 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.5.0\ViProtocol.dll [2015-05-14] (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4E58BA67-7D1E-4BED-945F-A27933CC035A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{63654F90-73A0-4F24-B751-59D6B32449E7}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{85349D8A-4E3F-4578-80F7-92DFABF30A11}: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\breadwinner\AppData\Roaming\Mozilla\Firefox\Profiles\rlnllfq2.default-1376939664162
FF SelectedSearchEngine: Yahoo! Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-25] ()
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll [2013-01-30] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-25] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.5.0\\npsitesafety.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npIMAQAXControl.dll [2010-05-24] (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2010win32.dll [2011-06-09] (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\breadwinner\AppData\Roaming\Mozilla\Firefox\Profiles\rlnllfq2.default-1376939664162\searchplugins\safesearch.xml [2013-09-04]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-05-14]
FF Extension: YouTube Video and Audio Downloader - C:\Users\breadwinner\AppData\Roaming\Mozilla\Firefox\Profiles\rlnllfq2.default-1376939664162\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2013-08-24]
FF Extension: Remember The Milk for Gmail - C:\Users\breadwinner\AppData\Roaming\Mozilla\Firefox\Profiles\rlnllfq2.default-1376939664162\Extensions\rtmgmail@rememberthemilk.com.xpi [2013-10-20]
FF Extension: YouTube Auto Replay - C:\Users\breadwinner\AppData\Roaming\Mozilla\Firefox\Profiles\rlnllfq2.default-1376939664162\Extensions\YouTubeAutoReplay@arikv.com.xpi [2013-09-18]
FF Extension: NoScript - C:\Users\breadwinner\AppData\Roaming\Mozilla\Firefox\Profiles\rlnllfq2.default-1376939664162\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-07-20]
FF Extension: Nectar Search Toolbar - C:\Users\breadwinner\AppData\Roaming\Mozilla\Firefox\Profiles\rlnllfq2.default-1376939664162\Extensions\{841468a1-d7f4-4bd3-84e6-bb0f13a06c64}.xpi [2013-08-20]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\breadwinner\AppData\Roaming\Mozilla\Firefox\Profiles\rlnllfq2.default-1376939664162\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2014-08-14]
FF Extension: Adblock Plus - C:\Users\breadwinner\AppData\Roaming\Mozilla\Firefox\Profiles\rlnllfq2.default-1376939664162\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-19]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-16]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.5.0.909
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.5.0.909 [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn [2015-07-14]
FF HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
 
Chrome: 
=======
CHR Profile: C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-27]
CHR Extension: (Google Docs) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-27]
CHR Extension: (Google Drive) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-19]
CHR Extension: (YouTube) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-19]
CHR Extension: (Adblock Plus) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-28]
CHR Extension: (Google Search) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-19]
CHR Extension: (Hola Better Internet Engine) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-03-06]
CHR Extension: (Google Sheets) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-27]
CHR Extension: (Norton Identity Safe) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-02-27]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2015-05-22]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-04-12]
CHR Extension: (The Great Suspender) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-05-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-22]
CHR Extension: (Norton Security Toolbar) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-02-27]
CHR Extension: (Google Wallet) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-06]
CHR Extension: (Gmail) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-19]
CHR Profile: C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-27]
CHR Extension: (Google Docs) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-27]
CHR Extension: (Google Drive) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-27]
CHR Extension: (YouTube) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-27]
CHR Extension: (Adblock Plus) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-28]
CHR Extension: (Google Search) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-27]
CHR Extension: (Google Sheets) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-27]
CHR Extension: (Norton Identity Safe) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-02-27]
CHR Extension: (Norton Security Toolbar) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-02-27]
CHR Extension: (Gmail) - C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-27]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-09-24] (EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1751096 2015-06-14] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6677048 2015-06-16] (GOG.com)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
S2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [46192 2011-06-14] (National Instruments Corporation)
S2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [56952 2011-06-14] (National Instruments Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [50336 2011-05-27] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [68256 2011-05-27] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
S2 niSvcLoc; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [50328 2011-05-27] (National Instruments Corporation)
S2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-06-12] (Symantec Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-06-30] (Electronic Arts)
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [File not signed]
S2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe [126392 2011-11-07] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-07] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 vToolbarUpdater18.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [1812416 2015-05-14] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20150625.001\BHDrvx64.sys [1648880 2015-06-17] (Symantec Corporation)
S1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-06-25] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-26] (Symantec Corporation)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-11] ()
S1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20150702.001\IDSvia64.sys [692984 2015-06-22] (Symantec Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-15] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150702.038\ENG64.SYS [138488 2015-06-23] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150702.038\EX64.SYS [2146040 2015-06-23] (Symantec Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows ® Win 7 DDK provider)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-09-04] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2015-04-06] (Windows ® Win 7 DDK provider)
S3 VBAudioVMVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2015-04-06] (Windows ® Win 7 DDK provider)
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-15 20:27 - 2015-07-15 20:28 - 00031687 _____ C:\Users\breadwinner\Downloads\FRST.txt
2015-07-15 20:27 - 2015-07-15 20:27 - 02133504 _____ (Farbar) C:\Users\breadwinner\Downloads\FRST64.exe
2015-07-15 20:27 - 2015-07-15 20:27 - 00000000 ____D C:\FRST
2015-07-15 19:20 - 2015-07-15 19:21 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\breadwinner\Downloads\mbam-setup-2.1.8.1057 (3).exe
2015-07-12 18:07 - 2015-07-12 18:08 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\breadwinner\Downloads\mbam-setup-2.1.8.1057 (2).exe
2015-07-12 17:59 - 2015-07-12 17:59 - 00001457 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK
2015-07-12 17:59 - 2015-07-12 17:59 - 00000464 ____H C:\Windows\Tasks\Norton Security Scan for breadwinner.job
2015-07-12 17:59 - 2015-07-12 17:59 - 00000000 ____D C:\Windows\system32\Drivers\NSSx64
2015-07-12 17:59 - 2015-07-12 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2015-07-12 17:59 - 2015-07-12 17:59 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2015-07-12 17:57 - 2015-07-12 17:57 - 00546728 _____ (Symantec) C:\Users\breadwinner\Downloads\Setup.exe
2015-07-12 17:56 - 2015-07-12 17:56 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\breadwinner\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-07-12 17:55 - 2015-07-12 17:55 - 00000490 _____ C:\Windows\Tasks\PC Checkup 3 Weekly Scan.job
2015-07-11 22:35 - 2015-07-11 22:35 - 00000000 ____D C:\Users\breadwinner\AppData\Local\TempTaskUpdateDetection8E04BB5B-30CE-424F-9E51-71E3918E5DB5
2015-07-11 17:45 - 2015-07-15 19:47 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-11 17:44 - 2015-07-11 17:44 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-11 17:44 - 2015-07-11 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-11 17:44 - 2015-07-11 17:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-11 17:44 - 2015-07-11 17:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-11 17:44 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-11 17:44 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-11 17:44 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-11 17:42 - 2015-07-11 17:42 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\breadwinner\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-11 17:21 - 2015-07-11 17:21 - 00000000 ____D C:\Windows\pss
2015-07-11 17:07 - 2015-07-11 17:07 - 00000000 ____D C:\Users\breadwinner\AppData\Local\TempTaskUpdateDetectionD875AC39-6B4B-498D-B835-982049959165
2015-07-11 16:48 - 2015-07-11 16:48 - 00000000 ____D C:\Users\breadwinner\Desktop\WUSB100
2015-07-06 22:21 - 2015-07-06 22:21 - 00000000 ____D C:\Users\breadwinner\AppData\Local\TempTaskUpdateDetectionB71A990D-836D-4C8C-B82C-BBED16041BB4
2015-07-04 12:49 - 2015-07-04 12:49 - 00003170 _____ C:\Windows\System32\Tasks\{1087A662-9EA0-48A1-A5D7-76CBBCD15EDE}
2015-07-03 18:04 - 2015-07-03 18:04 - 00000000 ____D C:\Users\breadwinner\AppData\Local\TempTaskUpdateDetection2C251C5F-8A41-41B5-9184-A468B61C5789
2015-07-03 17:04 - 2015-07-03 17:04 - 00002494 _____ C:\Users\Public\Desktop\Norton Internet Security.LNK
2015-07-03 17:04 - 2015-07-03 17:04 - 00000000 ____D C:\ProgramData\PCSettings
2015-06-25 20:57 - 2015-06-25 21:57 - 18174128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-25 11:19 - 2015-06-25 11:19 - 00000000 ____D C:\Users\breadwinner\AppData\Roaming\NVIDIA
2015-06-24 21:38 - 2015-06-24 21:38 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-24 21:38 - 2015-06-17 07:48 - 06873232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-06-24 21:38 - 2015-06-17 07:48 - 03492168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-06-24 21:38 - 2015-06-17 07:48 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-06-24 21:38 - 2015-06-17 07:48 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-06-24 21:38 - 2015-06-17 07:48 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-06-24 21:38 - 2015-06-17 07:48 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-06-24 21:38 - 2015-06-02 15:11 - 04421614 _____ C:\Windows\system32\nvcoproc.bin
2015-06-24 21:34 - 2015-06-17 10:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-24 21:34 - 2015-06-17 10:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-24 21:34 - 2015-06-17 10:10 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-06-24 21:33 - 2015-06-17 10:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-06-24 21:33 - 2015-06-17 10:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-24 21:33 - 2015-06-17 10:10 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-06-24 21:33 - 2015-06-17 10:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-23 17:23 - 2015-06-23 17:23 - 00001090 _____ C:\Users\breadwinner\Desktop\MSI Afterburner.lnk
2015-06-23 17:23 - 2015-06-23 17:23 - 00000000 ____D C:\Users\breadwinner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-06-23 17:22 - 2015-06-24 21:17 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-06-23 17:20 - 2015-06-23 17:20 - 36270420 _____ C:\Users\breadwinner\Downloads\MSIAfterburnerSetup.zip
2015-06-19 09:14 - 2015-06-19 09:14 - 00000000 ____D C:\Users\breadwinner\Documents\temp
2015-06-18 20:59 - 2015-07-04 15:16 - 00000000 ____D C:\Users\breadwinner\Documents\The Witcher 3
2015-06-18 14:37 - 2015-06-18 14:37 - 01125056 _____ (Adobe Systems Incorporated) C:\Users\breadwinner\Downloads\flashplayer18au_ga_install.exe
2015-06-16 14:05 - 2015-06-16 14:06 - 03588632 _____ (ExKode Co. Ltd. ) C:\Users\breadwinner\Downloads\DxtorySetup2.0.130.exe
2015-06-16 11:49 - 2015-07-04 13:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-15 22:53 - 2015-06-15 22:53 - 00000000 ____D C:\Users\breadwinner\AppData\Local\238010
2015-06-15 22:53 - 2015-06-15 22:53 - 00000000 ____D C:\ProgramData\Intel
2015-06-15 20:35 - 2015-06-15 20:35 - 00000000 ____D C:\Users\breadwinner\AppData\Local\GalaxyCommunicationService
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-15 19:18 - 2010-11-21 04:47 - 02504848 _____ C:\Windows\PFRO.log
2015-07-14 19:30 - 2012-05-05 04:40 - 01642317 _____ C:\Windows\WindowsUpdate.log
2015-07-14 19:29 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-14 19:29 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-14 19:27 - 2014-08-14 18:17 - 00000000 ____D C:\Users\breadwinner\AppData\Local\Adobe
2015-07-14 19:23 - 2013-08-18 14:33 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-14 19:20 - 2013-08-16 19:47 - 00000000 ____D C:\ProgramData\Origin
2015-07-14 19:17 - 2012-06-08 20:14 - 00000000 ____D C:\Users\breadwinner\AppData\Roaming\Skype
2015-07-14 19:16 - 2012-05-06 16:39 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-14 19:15 - 2009-07-14 05:51 - 00348886 _____ C:\Windows\setupact.log
2015-07-14 19:14 - 2013-08-18 14:33 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-14 19:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-12 19:14 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2015-07-12 17:59 - 2012-05-06 15:49 - 00000000 ____D C:\ProgramData\Norton
2015-07-11 16:59 - 2013-12-20 21:24 - 00000000 ____D C:\Users\breadwinner\AppData\Roaming\DogeCoin
2015-07-11 16:57 - 2012-07-13 17:35 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-09 23:01 - 2012-05-05 21:05 - 00126224 _____ C:\Users\breadwinner\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-06 22:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-06 16:41 - 2009-07-14 06:13 - 00783062 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-04 18:16 - 2014-02-17 22:54 - 00000000 ____D C:\Users\breadwinner\Documents\Ðogewallet Backup
2015-07-04 14:14 - 2009-07-14 05:45 - 00489032 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-04 13:49 - 2013-03-18 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S207
2015-07-04 13:15 - 2011-04-12 09:28 - 00000000 ____D C:\Windows\ShellNew
2015-07-04 13:10 - 2012-09-17 19:09 - 00000000 ____D C:\Program Files (x86)\Blender Foundation
2015-07-04 12:08 - 2013-08-16 20:06 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-07-04 12:07 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-03 17:04 - 2013-09-04 19:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-07-03 17:01 - 2013-09-04 19:12 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2015-07-03 16:59 - 2013-09-04 18:48 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-07-02 17:16 - 2015-06-03 21:27 - 00000000 ____D C:\Users\breadwinner\AppData\Local\Battle.net
2015-07-02 14:48 - 2015-06-03 21:28 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-07-02 08:48 - 2014-05-17 20:42 - 00000000 ____D C:\Users\breadwinner\AppData\Local\Dxtory Software
2015-07-02 08:48 - 2014-05-17 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2015-07-02 08:48 - 2014-05-17 20:36 - 00000000 ____D C:\Program Files (x86)\ExKode
2015-07-01 18:55 - 2012-05-31 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-07-01 17:40 - 2015-06-03 21:27 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-30 07:46 - 2013-08-16 19:46 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-27 13:44 - 2012-05-04 22:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-27 12:40 - 2012-06-08 20:14 - 00000000 ____D C:\ProgramData\Skype
2015-06-25 21:57 - 2012-07-13 17:35 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-25 21:57 - 2012-05-05 21:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-25 21:57 - 2012-05-05 21:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-25 13:05 - 2014-12-25 10:06 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-25 09:49 - 2012-05-08 14:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-24 21:38 - 2013-02-25 10:15 - 00000000 ____D C:\Temp
2015-06-24 21:38 - 2012-05-04 22:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-24 21:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2015-06-24 21:36 - 2012-05-04 22:32 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-24 21:25 - 2013-12-20 21:24 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-24 20:22 - 2015-01-31 11:53 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-24 12:36 - 2015-06-14 21:13 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-24 12:36 - 2015-06-14 21:13 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-24 12:36 - 2015-06-14 21:13 - 01320120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-24 12:36 - 2015-06-14 21:13 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-18 18:13 - 2012-05-08 11:39 - 00702757 _____ C:\Windows\DirectX.log
2015-06-18 17:53 - 2013-05-06 14:48 - 00000000 ____D C:\GOG Games
2015-06-18 14:48 - 2014-02-12 19:28 - 00007593 _____ C:\Users\breadwinner\AppData\Local\Resmon.ResmonCfg
2015-06-18 10:03 - 2014-05-26 11:00 - 00000000 ____D C:\Users\breadwinner\AppData\Roaming\vlc
2015-06-17 19:56 - 2012-05-16 20:24 - 00000000 ____D C:\Users\breadwinner\Desktop\Games
2015-06-16 21:41 - 2013-12-24 17:25 - 00000000 ____D C:\Users\breadwinner\AppData\Local\CrashDumps
2015-06-16 21:37 - 2014-08-10 22:06 - 00002040 _____ C:\Users\breadwinner\Desktop\Reading List.txt
2015-06-16 17:09 - 2014-02-28 20:52 - 00630885 _____ C:\Users\breadwinner\Downloads\cudaminer-2014-02-18.zip
2015-06-15 22:55 - 2012-05-08 14:37 - 00000000 ____D C:\Users\breadwinner\AppData\Local\dxhr
2015-06-15 16:48 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
 
==================== Files in the root of some directories =======
 
2013-06-24 13:23 - 2014-06-22 21:00 - 0003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2015-06-08 19:45 - 2015-06-08 19:45 - 0004193 _____ () C:\Users\breadwinner\AppData\Local\recently-used.xbel
2014-02-12 19:28 - 2015-06-18 14:48 - 0007593 _____ () C:\Users\breadwinner\AppData\Local\Resmon.ResmonCfg
2015-04-27 12:05 - 2015-04-27 12:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-05-14 23:15 - 2014-11-13 23:58 - 0007986 _____ () C:\ProgramData\hpzinstall.log
 
Some files in TEMP:
====================
C:\Users\breadwinner\AppData\Local\Temp\7za.exe
C:\Users\breadwinner\AppData\Local\Temp\9.0.0.2308SDAV_OCU_Online_9.0.0.2308.exe
C:\Users\breadwinner\AppData\Local\Temp\AskSLib.dll
C:\Users\breadwinner\AppData\Local\Temp\bdfilters.dll
C:\Users\breadwinner\AppData\Local\Temp\DefaultAssets.exe
C:\Users\breadwinner\AppData\Local\Temp\DefaultOfflineContent.exe
C:\Users\breadwinner\AppData\Local\Temp\firefoxjre_exe-1.exe
C:\Users\breadwinner\AppData\Local\Temp\firefoxjre_exe-2.exe
C:\Users\breadwinner\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\breadwinner\AppData\Local\Temp\GC_PCTOOLS.exe
C:\Users\breadwinner\AppData\Local\Temp\i4jdel0.exe
C:\Users\breadwinner\AppData\Local\Temp\InstallPlugin.exe
C:\Users\breadwinner\AppData\Local\Temp\install_flashplayer13x32au_mssa_aaa_aih_1.exe
C:\Users\breadwinner\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\breadwinner\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\breadwinner\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\breadwinner\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\breadwinner\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\breadwinner\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\breadwinner\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\breadwinner\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\breadwinner\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\breadwinner\AppData\Local\Temp\MSETUP4.EXE
C:\Users\breadwinner\AppData\Local\Temp\NLStubInstallerResources.dll
C:\Users\breadwinner\AppData\Local\Temp\nssSetup.exe
C:\Users\breadwinner\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\breadwinner\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\breadwinner\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\breadwinner\AppData\Local\Temp\nvStInst.exe
C:\Users\breadwinner\AppData\Local\Temp\oi_{A252F6AA-E45F-49E4-8D1E-F37FF6549972}.exe
C:\Users\breadwinner\AppData\Local\Temp\PCCheckupInstaller.exe
C:\Users\breadwinner\AppData\Local\Temp\PCCU_Installer.exe
C:\Users\breadwinner\AppData\Local\Temp\Setup_Downloader_3.5.8_stable.exe
C:\Users\breadwinner\AppData\Local\Temp\Setup_Downloader_3.6.0_stable.exe
C:\Users\breadwinner\AppData\Local\Temp\SkypeSetup.exe
C:\Users\breadwinner\AppData\Local\Temp\sqlite3.exe
C:\Users\breadwinner\AppData\Local\Temp\uninstall.exe
C:\Users\breadwinner\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\breadwinner\AppData\Local\Temp\vlc-2.2.1-win32.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-04 09:14
 
==================== End of log ============================
Link to post
Share on other sites

Addition:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by breadwinner at 2015-07-15 20:28:37
Running from C:\Users\breadwinner\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3235293135-4221542072-2322260496-500 - Administrator - Disabled)
breadwinner (S-1-5-21-3235293135-4221542072-2322260496-1000 - Administrator - Enabled) => C:\Users\breadwinner
Guest (S-1-5-21-3235293135-4221542072-2322260496-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3235293135-4221542072-2322260496-1004 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Internet Security (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 (HKLM\...\UDK-c1918cc2-3790-4917-8157-bb3be9e34291) (Version:  - RuneStorm
2.0 (HKLM-x32\...\Free Video to GIF Converter_is1) (Version: 2.0 - www.video-gif-converter.com)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Professional CS5.5 (HKLM-x32\...\{23E445D5-FD83-4C50-A211-EB26A2975317}) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version:  - Creative Assembly)
Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
Amazon Kindle (HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Amazon Kindle) (Version:  - Amazon)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.5.0.909 - AVG Technologies)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - )
Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
Battlefield™ Hardline Beta (HKLM-x32\...\{F5526D9D-13AD-4270-8707-AC921D168299}) (Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bitcoin (HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Bitcoin) (Version: 0.8.5 - Bitcoin project)
Bitcoin Core (64-bit) (HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Bitcoin Core (64-bit)) (Version: 0.9.3 - Bitcoin Core project)
Blackguards (HKLM-x32\...\Steam App 249650) (Version:  - Daedalic Entertainment)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Chivalry BETA (HKLM-x32\...\Steam App 232210) (Version:  - )
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Crusader No Remorse (HKLM-x32\...\{2AEA735F-B393-4D89-93EF-5849CB72B4A3}) (Version: 1.0.0.2 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Dead Space™ (HKLM-x32\...\{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}) (Version: 1.0.0.222 - Electronic Arts)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Desura (HKLM-x32\...\Desura) (Version: 100.57 - Desura)
Desura: Pitman (HKLM-x32\...\Desura_62633508077600) (Version: Full - Rat King Entertainment)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
Deus Ex: Human Revolution - The Missing Link (HKLM-x32\...\Steam App 201280) (Version:  - Eidos Montreal)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)
Diehard Dungeon (HKLM-x32\...\Steam App 277870) (Version:  - Tricktale)
Dogecoin (HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Dogecoin) (Version: 1.6.0.0 - Dogecoin)
Dogecoin Core (32-bit) (HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Dogecoin Core (32-bit)) (Version: 1.8.0 - Dogecoin project)
Dogecoin Core (64-bit) (HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Dogecoin Core (64-bit)) (Version: 1.8.0 - Dogecoin project)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - )
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dungeons of Dredmor (HKLM-x32\...\Steam App 98800) (Version:  - )
Dxtory version 2.0.130 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.130 - ExKode Co. Ltd.)
Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
f.lux (HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Flux) (Version:  - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Bethesda Softworks)
Fractured Space (HKLM-x32\...\Steam App 310380) (Version:  - Edge Case Games Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GIGABYTE OC_GURU II (x32 Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version:  - Robotronic Games)
Gnomoria Demo version 0.8.1 (HKLM-x32\...\{A93F2D1C-9146-41BC-B662-60DB662B1FFA}_is1) (Version: 0.8.1 - Robotronic Games, LLC)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grim Dawn (HKLM-x32\...\Steam App 219990) (Version:  - Crate Entertainment)
Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version:  - DrinkBox Studios)
Hammerwatch (HKLM-x32\...\GOGPACKHAMMERWATCH_is1) (Version: 2.0.0.2 - GOG.com)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - Square Enix)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche Studios)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
King Arthur's Gold (HKLM-x32\...\Steam App 219830) (Version:  - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibreOffice 4.0 Help Pack (English) (HKLM-x32\...\{FF6FE3EC-F36E-4061-8B06-2429107BCDB0}) (Version: 4.0.4.2 - The Document Foundation)
LibreOffice 4.0.4.2 (HKLM-x32\...\{FE88323B-9F0E-4596-8F56-37757C6918E9}) (Version: 4.0.4.2 - The Document Foundation)
Litecoin (HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\Litecoin) (Version: 0.8.6.1 - Litecoin project)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios AB)
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mercenary Kings (HKLM-x32\...\Steam App 218820) (Version:  - Tribute Games Inc.)
METAL GEAR RISING: REVENGEANCE (HKLM-x32\...\Steam App 235460) (Version:  - PlatinumGames)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft OneNote 2013 - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MST121 and MS221 Software (HKLM-x32\...\MST121 and MS221 Software) (Version:  - )
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MultiBit 0.5.14 (HKLM-x32\...\MultiBit 0.5.14) (Version: 0.5.14 - )
National Instruments Software (HKLM-x32\...\NI Uninstaller) (Version:  - National Instruments)
New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
NI Authentication 2.0 (64-bit) (Version: 2.0.220.0 - National Instruments) Hidden
NI Authentication 2.0 (x32 Version: 2.0.220.0 - National Instruments) Hidden
NI Curl 1.1 (64-bit) (Version: 1.1.216.0 - National Instruments) Hidden
NI Curl 1.1 (x32 Version: 1.1.216.0 - National Instruments) Hidden
NI EulaDepot (x32 Version: 3.0.408 - National Instruments) Hidden
NI GMP Windows 32-bit Installer 11.0.0 (x32 Version: 11.0.22.0 - National Instruments) Hidden
NI GMP Windows 64-bit Installer 11.0.0 (Version: 11.0.22.0 - National Instruments) Hidden
NI Help Assistant (64bit) (Version: 1.0.11 - National Instruments) Hidden
NI Help Assistant (x32 Version: 1.0.11 - National Instruments) Hidden
NI LabVIEW 2010 Real-Time NBFifo (x32 Version: 10.0.214.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2010 SP1 (x32 Version: 10.1.104.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2010 (x32 Version: 10.1.105.0 - National Instruments) Hidden
NI LabVIEW Web Server for Run-Time Engine (x32 Version: 10.0.235.0 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original) (x32 Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated) (x32 Version: 10.0.1434 - National Instruments) Hidden
NI License Manager (x32 Version: 3.6.85 - National Instruments) Hidden
NI Logos 5.3.0 (x32 Version: 5.3.223.0 - National Instruments) Hidden
NI Logos XT Support (x32 Version: 5.3.222.0 - National Instruments) Hidden
NI Logos64 5.3.0 (Version: 5.3.223.0 - National Instruments) Hidden
NI Logos64 XT Support (Version: 5.3.222.0 - National Instruments) Hidden
NI Math Kernel Libraries (64-bit) (Version: 1.0.15.0 - National Instruments) Hidden
NI Math Kernel Libraries (x32 Version: 1.0.25.0 - National Instruments) Hidden
NI MDF Support (x32 Version: 3.0.408 - National Instruments) Hidden
NI Security Update (KB5Q5FJ4QW) - LabVIEW Run-Time Engine 2010 (x32 Version: 1.00.49172 - National Instruments) Hidden
NI SSL Support (64-bit) (Version: 10.0.297.0 - National Instruments) Hidden
NI SSL Support (x32 Version: 11.0.221.0 - National Instruments) Hidden
NI System State Publisher (64-bit) (Version: 11.0.306.0 - National Instruments) Hidden
NI System State Publisher (x32 Version: 11.0.306.0 - National Instruments) Hidden
NI System Web Server 2.0 (x32 Version: 11.0.213.0 - National Instruments) Hidden
NI System Web Server Base 2.0 (64-bit) (Version: 2.0.215.0 - National Instruments) Hidden
NI System Web Server Base 2.0 (x32 Version: 2.0.215.0 - National Instruments) Hidden
NI TDMS (64-bit) (Version: 2.3.175.0 - National Instruments) Hidden
NI TDMS (x32 Version: 2.3.175.0 - National Instruments) Hidden
NI Trace Engine (64-bit) (Version: 11.0.213.0 - National Instruments) Hidden
NI Trace Engine (x32 Version: 11.0.213.0 - National Instruments) Hidden
NI Uninstaller (x32 Version: 3.0.408 - National Instruments) Hidden
NI VC2005MSMs x64 (Version: 8.04.0 - National Instruments) Hidden
NI VC2005MSMs x86 (x32 Version: 8.04.0 - National Instruments) Hidden
NI VC2008MSMs x64 (Version: 9.0.301 - National Instruments) Hidden
NI VC2008MSMs x86 (x32 Version: 9.0.301 - National Instruments) Hidden
NI Vision Common Resources 2011 (x32 Version: 11.0.73.0 - National Instruments) Hidden
NI Vision Common Resources 2011 64-bit (Version: 11.0.70.0 - National Instruments) Hidden
NI Web Application Server 2.0 (64-bit) (Version: 1.1.269.0 - National Instruments) Hidden
NI Web Application Server 2.0 (x32 Version: 2.0.212.0 - National Instruments) Hidden
Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
NI-RPC 4.2.2f0 (x32 Version: 4.22.49152 - National Instruments) Hidden
NI-RPC 4.2.2f0 for 64 Bit Windows (Version: 4.22.49152 - National Instruments) Hidden
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.2.122.0 - NortonLive Services)
Norton PC Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.17.20 - Symantec Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.0.3.27 - Symantec Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Octodad (HKLM-x32\...\Octodad) (Version:  - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version:  - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - Overkill)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version:  - Indie Stone Studios)
Project Zomboid (remove only) (HKLM-x32\...\ProjectZomboid) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Really Big Sky (HKLM-x32\...\Steam App 201570) (Version:  - Boss Baddie)
Realms of the Haunting (HKLM-x32\...\Steam App 292390) (Version:  - Gremlin Interactive)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Rogue Legacy version 1.2.0a (HKLM-x32\...\Rogue Legacy_is1) (Version: 1.2.0a - )
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shadow Warrior (HKLM-x32\...\Steam App 233130) (Version:  - Flying Wild Hog)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Sid Meier's Alpha Centauri (HKLM-x32\...\Sid Meier's Alpha Centauri_is1) (Version:  - GOG.com)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Space Hack (HKLM-x32\...\Steam App 315260) (Version:  - Rebelmind)
Spacebase DF-9 (HKLM-x32\...\Steam App 246090) (Version:  - Double Fine Productions)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sword of the Stars: The Pit (HKLM-x32\...\Steam App 233700) (Version:  - Kerberos Productions)
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Cave (HKLM-x32\...\Steam App 221810) (Version:  - http://www.doublefine.com)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Long Dark (HKLM-x32\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
The Sims™ 4 Create A Sim Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.6.0 - GOG.com)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Thief 2 (HKLM-x32\...\Steam App 211740) (Version:  - )
Thief Gold (HKLM-x32\...\Steam App 211600) (Version:  - )
Thief: Deadly Shadows (HKLM-x32\...\Steam App 6980) (Version:  - Eidos)
ToolBook 10.5 Neuron (HKLM-x32\...\{902EF8A0-AA81-47FB-AA57-E59BF4BEDF1F}) (Version: 10.5.0.20 - SumTotal Systems, Inc.)
Torchlight (HKLM-x32\...\Steam App 41500) (Version:  - Runic Games, Inc.)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
Transistor (HKLM-x32\...\Steam App 237930) (Version:  - Supergiant Games)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ultima 8 (HKLM-x32\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
Viscera Cleanup Detail: Shadow Warrior
Viscera Cleanup Detail: Shadow Warrior (HKLM-x32\...\Steam App 255520) (Version:  - RuneStorm)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
War of the Roses (HKLM-x32\...\Steam App 42160) (Version:  - )
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version:  - inXile Entertainment)
Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3235293135-4221542072-2322260496-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3235293135-4221542072-2322260496-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\breadwinner\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3235293135-4221542072-2322260496-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\breadwinner\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3235293135-4221542072-2322260496-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\breadwinner\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3235293135-4221542072-2322260496-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\breadwinner\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3235293135-4221542072-2322260496-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\breadwinner\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
04-07-2015 13:12:42 Removed Mathcad 14.0 M020
04-07-2015 13:15:52 Removed Mathcad 14.0 M020 Help
04-07-2015 13:18:24 Removed Mathcad 14.0 M020 Resource Center
04-07-2015 13:27:23 Removed Mathcad 14.0 M020 Resource Center
04-07-2015 13:29:04 Removed Nokia Connectivity Cable Driver
04-07-2015 13:49:03 Removed Path of Exile
04-07-2015 14:04:49 Restore Operation
11-07-2015 14:26:34 Installed Adapter
11-07-2015 16:12:55 Installed Adapter
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1225DDF9-73EF-4FB6-ADAE-81F2847EA44F} - System32\Tasks\{13123D68-D9C6-47B8-B30E-D15E6955EDCF} => pcalua.exe -a C:\Users\breadwinner\Desktop\GPUtweak\GPUTweak_2_5_2\setup.exe -d C:\Users\breadwinner\Desktop\GPUtweak\GPUTweak_2_5_2
Task: {16229BEB-2E29-4692-BA56-EE0F739C7F80} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1A130A0E-548A-4A29-B2AC-BDEDA136E77F} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {1D13289E-7235-4DA7-932C-52F91D3FB6B4} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {38661D78-D0F5-4873-A9E7-965A39AFFF4D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-25] (Adobe Systems Incorporated)
Task: {3DBB8DB5-5742-42CD-9598-75A11542E448} - System32\Tasks\{032AF61D-5B23-4CE4-B2F4-BFEF36E6A82D} => pcalua.exe -a D:\RemoteObs\install_ocean_colour.EXE -d D:\RemoteObs
Task: {3E688FDE-EDD9-4BB7-9EFD-B4040FCCE1BF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {586D9EDE-D73B-47A1-BE0C-60B12560B7DE} - System32\Tasks\{1087A662-9EA0-48A1-A5D7-76CBBCD15EDE} => pcalua.exe -a "C:\Program Files (x86)\Desura\desura.exe" -c desura://uninstall/games/14583
Task: {5DEACD63-03D6-45ED-8180-65A889DD8238} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {635AFD3B-BCC7-4DFA-914C-B908F9449955} - System32\Tasks\AdobeAAMUpdater-1.0-breadwinner-PC-breadwinner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {787A55BD-FF7B-4496-BC0B-880F511E4726} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {78B38A25-FCD0-480C-A768-884233E8EEAE} - System32\Tasks\{C16BB95A-EF40-41B3-9592-9FF2D1C2354A} => pcalua.exe -a "C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" -c uninstall=all
Task: {8D50CF37-83F0-4A4C-933F-7A7C975B3FE6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {93BEDE53-7DDC-49B2-AB87-1086D224E0E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-18] (Google Inc.)
Task: {956241F8-CB24-484C-95AE-DAE14397AA29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-18] (Google Inc.)
Task: {987AD5FE-6468-4BF4-ADD4-4AF1AF01179E} - System32\Tasks\{7EE7E85B-8796-47B9-8337-D5287FE49AAC} => pcalua.exe -a D:\RemoteObs\install_charting_change.EXE -d D:\RemoteObs
Task: {A1E46897-839C-4E43-B6A3-3B1E1407D99F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {C9FC4C96-73C2-4C1E-A92E-DBC00AE124DD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {CB783B32-F865-4EA7-B2E8-6C47E3B4CEC1} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {CCB01817-9AB5-473A-8A4E-1BC8FAE52D39} - System32\Tasks\{CE9C0B67-5090-431D-AC68-06E86C7429D9} => pcalua.exe -a D:\RemoteObs\install_Earth_Mars.EXE -d D:\RemoteObs
Task: {D6152201-6EC8-4605-9707-79F78BEDEB9C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {DAD5A89A-FE17-49C9-B0B9-0DF63CF2F5D0} - System32\Tasks\{98B82C95-65AA-4DC0-B83B-897C239ABC56} => pcalua.exe -a "C:\program files (x86)\steam\steamapps\common\left 4 dead 2\bin\addoninstaller.exe" -d "c:\program files (x86)\steam\steamapps\common\left 4 dead 2" -c /register
Task: {E2C8D5CF-DFD2-4EBD-A664-7A26EE30332A} - System32\Tasks\{14F7A70F-9902-47A7-8342-23CED56B4BA8} => pcalua.exe -a D:\RemoteObs\install_atmospheres.EXE -d D:\RemoteObs
Task: {E593CCC4-39DF-4145-BAF9-7C9C7777C041} - System32\Tasks\Microsoft_Hardware_Launch_vVX3000_exe => C:\Windows\vVX3000.exe [2010-05-20] (Microsoft Corporation)
Task: {EEF9F811-EBDF-4B9C-81E0-584822669304} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-06-16] (Symantec Corporation)
Task: {F70CE4A2-9CF6-4A6C-9EBA-35DBA240BCA7} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for breadwinner.job => 0x0106010049E26EDE03E01644BD5E808E7484FA3D46009E0100000000D0020100200000000074B7010000000003130400D02200010000000000000000000000000000000000002D0043003A005C00500052004F004700520041007E0032005C004E004F00520054004F004E007E0034005C0045006E00670069006E0065005C003400300033007E0031002E00320037005C004E00730073002E00650078006500000017002F007300630061006E002D0071007500690063006B0020002F007300630068006500640075006C006500640000003C0043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C004E006F00720074006F006E0020005300650063007500720069007400790020005300630061006E005C0045006E00670069006E0065005C0034002E0030002E0033002E003200370000000C0062007200650061006400770069006E006E0065007200000015004E006F00720074006F006E0020005300650063007500720069007400790020005300630061006E000000000008000313040000000000010030000000DF0707000C00000000000000080019000000000000000000000000000200000001007F000000000000000000
Task: C:\Windows\Tasks\PC Checkup 3 Weekly Scan.job => C:\Program Files (x86)\Norton PC Checkup 3.0\NLAppLauncher.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-03-21 21:50 - 2015-01-27 16:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-03-22 10:56 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-03-22 10:56 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\breadwinner\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\...\skype.com -> hxxps://apps.skype.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3235293135-4221542072-2322260496-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\breadwinner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
 
Link to post
Share on other sites

Addition continued:

 

==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{4E22F599-87C5-4AEE-A125-0B67868E9825}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{759E65D0-6E3C-43F9-9DA8-C034712D3494}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{30966A88-FC23-40B3-AF7C-B7B1411DE895}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{AC0CD1FF-5EF9-41DB-90D2-AD3D44F31D84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{83822B36-58E2-452D-8E23-A477CA7FDF07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{89954DE2-5E88-423E-8932-92B1630BE62F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{7A0DFE02-81BC-42E8-8D1A-1D55E880F3C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{A9B19A0B-2CC6-4A6A-BBEE-0A2A4A521A0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{0BEE0497-C094-455F-BDCA-C9C9447F9843}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{B098FBAD-471D-40D3-BAA8-D7AC20768777}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{EEB0CAC8-B94B-467E-BE52-B44E751CB4C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\deus ex - human revolution\dxhr.exe
FirewallRules: [{C344C461-812A-4E5C-925D-CC1BF8109063}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\deus ex - human revolution\dxhr.exe
FirewallRules: [{14FC7565-D1B2-40FA-BCF0-84BCC48AF659}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{35FD321B-72C2-4CEF-8533-481116896619}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{F683F12F-4A52-4F6C-85DD-072C67AE0A1A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0E638302-2009-4DFF-BADB-7D19E1F32F2A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{3B91279C-A37B-45CA-BDB7-278607DCB767}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor\System\KillingFloor.exe
FirewallRules: [{66671576-D2DE-48D7-AAC3-3B26CC5F7B33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor\System\KillingFloor.exe
FirewallRules: [{335135DB-8CA5-4279-AE8C-E07997EF02D8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{E384EF9C-928E-4200-87AE-B5FF89EA1771}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{C488A2B9-0E53-46FD-BE4C-0942AA9EAF6D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{F98E13F3-A039-4DDD-9F2A-74A2A5D949CE}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{9707C842-1576-4903-83CE-A8A37929222F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{6865561B-0618-4CA8-9156-1946698ADFE4}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{BCDDC3C9-FABB-4152-8B3B-AC2FFE360DBE}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{8907A9D7-AC86-4B37-B9A5-5A3BFD5E563A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{C0BFF376-206D-4AD3-956C-C865DDC39E21}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{2AECF101-458C-4ECA-A30E-1A4BFEF00C67}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{ADB241A0-481E-4727-AF58-4AD85A05ED46}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{ECE1F21C-10B3-43B7-BF90-88D0CF83A804}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{F18AAFA3-78E0-42BC-B71D-3B2114380C9B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{FD93A698-3B95-4E9C-98AE-D0059794917A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{AFECC51B-4E04-4A12-A335-7398B2883EC2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{A23D0BA8-7690-4F08-BC3D-4499EDE0BB40}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{FB9BC1EA-5CC4-4A77-B9D0-9B3374A3B729}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{CA2B226B-BC0E-457B-9BEB-EBB8771540E3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{5FAB467C-492A-42EF-A1E9-CE6147B4B7EC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{D4306ACF-4E5B-4BC4-AFEE-4377321DE397}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{00544EA5-4053-477B-A8D5-DF818A5125C1}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{E92CF0F2-6973-40CD-9F35-6F796C904D46}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{469723A8-9153-42FD-AB73-365531095A2A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{01BBDFFE-8B50-409A-85B6-08FA769146CE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{BF3EE8DB-955F-4653-807C-25541871B3D5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{5DC8FD3E-A4A1-4ADF-B7B5-F1E96C2B58F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{79D6B63A-991B-4DE8-B01F-5A129C576688}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{34330B52-1E6F-410A-AA77-4106749B1B1D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B68244AB-130D-48F6-B35A-B4901CE760F6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{55DB2A1A-0CF2-4C1A-8CB2-F02DA9A4EBD9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{127C4E9D-B65D-4D2B-8F5E-FDE5165C34BA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{AC61F107-9908-4F0B-B179-84E501F46DA1}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{136C7529-D92F-40E0-AB76-B19FAE5EADBB}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [uDP Query User{88C696E9-4F1A-46B7-ABD5-7916D8FF4D69}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{8998FD0C-C6AF-4B2D-8F81-E477353B9880}] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{73F4057D-50E0-4771-8BCC-EA23EC6A5830}] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{E60BD759-1562-4F0C-B76E-C22AD81764D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{62FDDF92-6094-4379-81E3-9669BA733F2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{E83F0428-A33F-4282-A1FE-0F59188CD932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\trine\trine_launcher.exe
FirewallRules: [{8EC53875-0C48-4A52-958F-C542D6BDB048}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\trine\trine_launcher.exe
FirewallRules: [{C96E115B-019D-4A5C-BCB3-038A69FB0BAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\deus ex - human revolution\dxhr.exe
FirewallRules: [{45A4CE3D-2378-4B5A-A77A-92EEF63CDF38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\deus ex - human revolution\dxhr.exe
FirewallRules: [TCP Query User{20CDC0A8-D041-47C9-96BD-DA997BE8ADE6}C:\program files (x86)\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe
FirewallRules: [uDP Query User{989DDD69-B6E8-4C68-9012-E864E7BF964D}C:\program files (x86)\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe
FirewallRules: [TCP Query User{9D4FDF14-21BF-4B90-93B9-3D63C4F1D795}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [uDP Query User{51FE48D7-7986-4B15-9757-182B30E05C37}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{0493CFA6-DC89-44FF-AB70-6F729A81B3FE}C:\program files (x86)\steam\steamapps\breadftw\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\breadftw\team fortress 2\hl2.exe
FirewallRules: [uDP Query User{B770E395-BAE2-48D0-920F-A28E60417D72}C:\program files (x86)\steam\steamapps\breadftw\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\breadftw\team fortress 2\hl2.exe
FirewallRules: [TCP Query User{60433C95-9BCD-4020-98F7-3F3CC79CB683}C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [uDP Query User{C6C9AABC-A09D-47BB-8BBA-9F9ECAED5F90}C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [{ED69E92C-74F7-4F77-9C3E-4E7D2ABE3BDD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0F63AE4B-A945-4FF3-82AD-0FED08891F33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{AED0F71F-7424-4545-96B9-86E84CFA14FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{B3B423AA-DC09-4D61-B983-25D38B9B4D57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor\System\KillingFloor.exe
FirewallRules: [{126E4CD9-5261-463C-82C5-D5C9C0D85D2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor\System\KillingFloor.exe
FirewallRules: [{C6A94FA7-CF45-48F7-9780-F067EA4A1302}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dxhrml\dxhrml.exe
FirewallRules: [{9A2DFD13-1638-4C49-BEF5-1E68D9571F01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dxhrml\dxhrml.exe
FirewallRules: [{7EE85E68-5667-4034-987F-B62D13180743}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dawn of war ii - retribution\DOW2.exe
FirewallRules: [{3B2F1B45-2904-4C5F-8C5A-ADE977F80098}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dawn of war ii - retribution\DOW2.exe
FirewallRules: [TCP Query User{C75A0771-D5CD-473C-867F-A46B6DF0285F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [uDP Query User{466C8D77-83B4-4175-BE6B-30C8CD2EDD94}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{19444D77-2397-4C9B-BBC5-615155F4576E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D19A91EC-909E-4608-8247-8579FA6C206C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E682AFEF-D7CC-4656-BD1C-72CC97AABE68}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BF3F7DB9-21C5-4FAB-8D34-B2D316EDA098}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{24FA2BCD-BE8B-4C47-9396-B149F4048260}C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [uDP Query User{F9E09F15-3765-4002-9E7C-294BE8D064C2}C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [{261EC5CC-4CD1-404E-A06E-2608AC1ECECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\orcs must die!\Build\release\OrcsMustDie.exe
FirewallRules: [{1AFB027E-8BAA-4B93-B85A-C70B5DE0E3CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\orcs must die!\Build\release\OrcsMustDie.exe
FirewallRules: [{FBC483DF-F9C6-4CAA-BC78-1791F0344D07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{D7AC2A7C-81C1-4087-A282-AC952678549D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{7816D97A-4462-417E-92AF-1F0DF21CF245}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{9DF2E614-5342-42BF-93B2-6075664C815A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{D6435232-47DB-46DD-8D6A-13BEE7DF630B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{FB819B92-BD18-4460-9B46-177B99AED9AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{8856E46E-7134-44BB-A654-6DB56E132B72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{1B235838-6CD6-4FD7-BF50-41783399E46C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{F01F5F3E-152E-4FCE-AF93-58FF75D538E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{2D12341B-AF19-4553-B642-06340F4838B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{FA133454-3AD6-4CC6-800A-762146551526}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{3AC1A5CB-399A-4820-B557-FB062AD5BAB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{BDEC6C00-045C-4B52-9868-6287CA324F44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{960EC635-85DE-4EAE-B12E-281E77303140}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{ABFCD59E-C2C2-453B-92B4-13D18C1CE6F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{FA8821A7-7689-461E-A22B-E7BD92A559EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{52E72F8D-0F54-471C-8B38-7B0C68067ADD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [{B6BEABF9-20EE-41B0-852B-70D836ECEFA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [{ADA6B8F2-3594-4021-87F9-3900155D81B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thief_gold\THIEF.EXE
FirewallRules: [{1BC342EA-38D2-4C14-9644-5F96E2314F74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thief_gold\THIEF.EXE
FirewallRules: [{994B159A-EA16-44CD-8F9C-47CDF55FBF21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thief_2\thief2.exe
FirewallRules: [{77DDC1EF-D99B-4B60-895C-839B9C21B8B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thief_2\thief2.exe
FirewallRules: [{46D4A6A1-6E15-49AA-BFD6-3DA8DF34A57C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{78769191-C86C-4A7D-98A5-5FDF965DF56F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{CD2A2C98-D8E8-435F-A42E-92013F53B130}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{B5BB96E3-C153-4C25-936D-8CF3DF634B34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{958E7D02-5F2C-42F8-A3B7-C5EE1FC03DEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCave\Cave.exe
FirewallRules: [{14307D03-2850-4E79-A42B-2E59C33954C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCave\Cave.exe
FirewallRules: [{5CFBF429-A120-4BFF-A6C7-39D42DCAF5A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{98D409C3-81D1-48CA-BE99-722E46B07E5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{2DC12CBF-2999-4FE4-AF0D-A3D368047FC9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A99D79F2-94EE-4CF6-8225-FA75BE7CF23E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C229CA86-D1D2-4089-A45B-2E31E803BAF1}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{4F08CF52-B016-4A68-944C-1304C9C0BE35}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{CD4A55A3-AC69-4910-B11D-11764353D2A1}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
FirewallRules: [{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
FirewallRules: [{AFCBAB2E-146E-4757-9C6D-5489504B2A89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{15AA63B9-3141-4C50-8CAD-C9BE78689BC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{39F73ED2-60EB-4276-9477-4BAB38855CA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{79A0903E-632F-478A-893D-24281820EAB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{6C81571C-7F1C-4759-9FFC-70D848B3E744}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{CA37CEA0-F377-4795-AE35-BEEA37E8BBB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{C7FC108E-A8BC-48FD-86BC-0C4510C0BA17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe
FirewallRules: [{7B13AE6E-976F-49AA-B316-817160E35751}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe
FirewallRules: [{5968E067-E964-4621-AB8B-C7FB10BE106F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{82C44C7D-F4A4-4F33-9FB5-83906A5A529D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{E22FE39F-1B54-4984-B9AD-4BC425954425}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{147EA63F-B14A-4A82-B1D8-6D8D1D1273AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{61BC5A3C-9D72-45CE-A8C0-C1AE3251E9CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gnomoria\Gnomoria.exe
FirewallRules: [{A97D705C-D8F7-4A28-AFE3-7E2DF82C4376}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gnomoria\Gnomoria.exe
FirewallRules: [{EF6010F7-E4EF-4F51-A94F-8D8568659322}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{11356B6F-07F8-497C-B8DB-832296E127F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4447ADB4-3672-4329-9922-1E55010426D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{908C768E-4F9F-4B61-A217-D0EDBE3AF350}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{57C45078-9165-4B20-990A-C07025FE20D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{0AF55ECF-0A04-4171-B604-B92FFF723D6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{3AB11070-53AC-4635-B7E1-F8F5634CF422}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{08C37FA6-81AB-4E59-B6A6-F111EF4D7449}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{05CBE7C3-1B6E-44DD-AD33-57B5404EA62A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{2132B22A-036D-4330-A4B0-19A974C7FD7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{F5866C13-2ACD-4228-AB6D-F7862328C83E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{0D869592-5A25-48C0-83BA-5BA390FCADE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{9D731121-1126-45DA-9BCC-EB50AE4C6298}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{C8CA0403-7886-4994-B296-619DDE1C94E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{04562EA7-17F1-48DF-9EDB-184116DA2235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Space\Dead Space.exe
FirewallRules: [{FD49B9E0-D49E-459A-AB98-C4958E6E51D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Space\Dead Space.exe
FirewallRules: [{789962AB-8FAB-4237-94EA-50562D25580B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{80CD8E78-F246-4C7F-9CC7-3CBF774D36DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{6734953E-6D1F-4F3E-A203-BC3B96E8D111}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{2D30A289-47A3-4643-8E56-0746EE75E587}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{79A4EFEC-33C2-4BB3-8528-1F95C71037B0}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [uDP Query User{156F05DF-F931-42E6-A0F8-0B169B0CC674}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{95EE8DEC-36FF-4B73-8BBC-83296E6C31D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{C224AED9-8FD1-4396-AD21-849649DF7640}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{B923544D-3D71-434F-B29D-8DC1A3FC6430}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\magicka\Magicka.exe
FirewallRules: [{48637A8D-44C8-4684-B442-E4FFD5941012}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\magicka\Magicka.exe
FirewallRules: [{2676A92E-1DB0-41FF-9F7C-812C3E7B2987}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{E59D019A-E376-4596-98DC-8A43A051C05B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{527939FD-55DE-4CFA-A8D0-D32C4E0ECFA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{2B79C193-6C58-41F7-911D-7ECE79A795AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [TCP Query User{CCA115C3-35D9-433F-81C1-F2DFA71EFCA6}C:\program files (x86)\litecoin\litecoin-qt.exe] => (Allow) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [uDP Query User{FA67BAC1-B7F3-4BEF-844E-D7C4DE40089A}C:\program files (x86)\litecoin\litecoin-qt.exe] => (Allow) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [{510BE37A-ABCE-4C01-91C5-F8C7346825B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{36485FF4-7D05-468F-9AF4-E89510FB3732}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{E4ADD2D4-F8CC-4374-AB7C-9BCC374C4376}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe
FirewallRules: [{7B6C46ED-B99E-40CE-8FE6-46A8002B1C0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe
FirewallRules: [{4F696E82-8898-4365-A445-9DC5AECADDBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{8282794E-08BF-409F-87D0-971E95886099}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{41CE36FF-6ECC-45B0-8F40-6CA5858BB3AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{7271F7B2-ACDA-4478-B87A-DAD3EBAEB969}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{F1C966BA-F053-4678-8EF7-9BAF057C3EB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{13583028-9AEC-4F63-BACC-12BD6E801C94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{D74E7D50-7BA5-4FBC-AD49-3C9C6BC0574D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [{5201305E-D09E-47DE-8FC4-62A64976EA45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [{1C0519AB-7FBE-4828-97F4-BE7268683139}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{39EFFD38-E70B-4809-80AA-B4376ED976A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{05E55E7E-3F5B-4501-9C43-D802548A1194}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{783BC1C8-8D7B-4F4E-8F78-819816885268}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{6A938403-1314-4593-8B2B-33987D751CD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{130CB842-E618-47BE-AFF5-48798664BDBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{08D0ED60-C331-46A3-9DD3-850D86AD5D36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{9E79811E-B61E-48BE-8123-C2AA82738E4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{700F2A1C-7E6C-4B45-A198-5CFFFBF8EBAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B9EA8B1C-FCC1-4167-9105-C1D3E9539215}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{21980064-9261-411D-B9AC-9EE0C11FAE8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{179BDB6C-C8D6-432F-BD38-06A07B03992F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{8606E894-40B7-4442-8B92-2DAAEDFE92D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4A0A85C0-D025-4392-911A-0D4D947E7C50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5552532B-0818-4864-BB05-A0C720553ABB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{0A06023D-4390-4B7A-8C45-5C404AB26ADC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{02739C95-6073-436F-B6AB-DA86E55118F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gnomoria\Gnomoria.exe
FirewallRules: [{075EE276-1F9E-4829-8C9A-CF565332E954}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gnomoria\Gnomoria.exe
FirewallRules: [{963C2CF2-D00B-4729-935A-02CA536AE2ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2CD453AC-F17B-4EE4-BDD0-F0AA8F565271}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0968849A-2844-4BEB-A972-088EAC7602D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{68FA0655-7FE8-4B06-B81D-A257C84274C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{688E1003-4DC1-4A20-BA7D-97F130C3CD68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{BB6458A2-3917-4B87-A752-6CB785F15BD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0DD4A212-94DD-4F74-815B-AB3B1B823C23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{DE871C31-EE84-42C5-B9CF-017319E7F33C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{D6748FE0-47BE-4BFA-9926-65632DD63805}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [{46F55A2C-891C-417E-B610-CE65A5A5B34B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [{9CE07558-8D1A-49B5-B349-E2A1B5A3F319}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{4DDBA2A7-87A5-4926-A69D-2E596DF9B357}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{2C65B5DD-CEDA-41F1-94FD-1E2284CE33C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{4554ED94-70B5-4BFC-AB54-65B00765F9EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{8408871D-C7A2-4B34-8C8D-95E43B409658}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{C3611561-D148-4468-B2C0-F3B99496B851}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{5CA96CB9-17EC-4D20-961A-692F85773112}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{61002FCE-2186-44E9-BD3D-48E90634B3C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{9584722C-C0E4-4512-A4C2-19D7757AA1BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{4F9986D7-316E-45FD-887A-4F53EC683BB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{55F29DEF-8E39-4B26-8007-D3C9B536E72B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{17B4C664-1342-4A0E-A34B-58ABD2E250E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{70B9DC92-36BE-47BC-B077-E8BC710C1073}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{811C2160-2851-4AB9-A1B1-62F7D0964AEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{0AC91606-325F-4FE9-8BF5-0C964B769CA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{B5ED03AC-AF3C-48D0-8E49-B8E6FA4160A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0EA87411-7BDB-49A2-AE09-E5B09C275244}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{E0F1EDD7-F8D2-4449-8C41-E94D6A505287}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{8CC868CD-EEF8-4AFF-9AC8-264A58831466}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{886EAF53-5518-480D-A1BD-9251F0D005B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{8E27644B-C188-4E01-BAA2-EBC3717D1594}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{D5332F24-9EC1-447A-8418-47EC970A1AA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{920B8A1C-6F6D-4FB5-891A-29E45EDEE27B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{968B19A4-B992-49E7-BFD7-6E0A34D6ED29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{DE849CCA-B916-4001-9937-213FC347C295}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{EF0B155C-2449-4F9C-A3F2-52D34377BC28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{F594B2E1-20AC-462B-8A2F-09B869B7DBF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{00788A04-F737-49AB-B291-4F8C58C715B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{6ADC0573-CBEB-495B-A43C-7880F7F9C8F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{7C31987D-DAD8-48F4-97A8-C8C304BD3BF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{6F19B4C9-67FE-4CFB-9821-7E56F6EA351D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{9E26DD62-2C7F-4798-B91D-7B374B55D426}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{FF287C70-63A6-4728-9940-AB4A384FEAFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{E4DF198A-D171-4922-A465-965AEB58C9F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{4F4CD817-CC49-4BAB-B8E9-BADDD8815504}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{79331881-8DFF-4B91-99E4-6259D9E0A53E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{410B7D45-85A2-4A2F-8DEB-B2BB83EEA2C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{0BB76E75-82C2-44D2-9E7D-F6B71C170D63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{7492D50A-093A-4153-80EB-FD75DB128AFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{17E6DCB8-45B1-47D5-8100-7DA6FBEB0241}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{A5B89960-54B0-460C-A8CF-BE1C22107ADA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{81D3240A-A65E-4DA5-9011-7A8859012320}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{E82076E3-006E-499F-BF50-F0D79740AB3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{07AD88AF-3DCF-4215-ABBF-02168494C962}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AE861622-DA63-4171-892C-43538CD409DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0E583821-B99F-4411-949D-C5B8E0F28242}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{1DEE4409-83BD-4639-A08A-9D2AFCB266A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{C2A4D875-4A50-4A2F-B9BE-1D91D2853A9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{1E8B2CF0-D88E-4057-8C8B-EBA814111677}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{23F3F5F7-3BDA-4CAB-A5EA-5444F22BAA89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{BAD9BC3B-F377-49E0-BD80-C19D1B02E55D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{65C57F8B-D7A9-4ED5-AD54-DA7C30242992}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{AA66AF94-2E8F-48EC-AB2A-9B0FDC25B0DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{89A26423-4C19-4F80-AC8A-4425FF09C833}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{4E115B49-2E85-49B3-8335-784C1AF48D2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War of the Roses\run_game.exe
FirewallRules: [{C5B34132-B694-4EB3-8830-C682BE54016A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War of the Roses\run_game.exe
FirewallRules: [{7AB90B23-938F-4C62-A38C-FDE37A3291FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{8C793613-5BC3-4A72-92AA-17B78504C13D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{08B1C9E6-517D-4150-A1B0-EDFE8FC28145}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{20EB7B41-02C6-4322-AAA2-9DB24576501B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{951CF6F5-8F96-4955-ADAE-A318601DAFFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War of the Roses\run_game.exe
FirewallRules: [{3F3159F8-62A5-4F4C-92F8-7D4D08B202BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War of the Roses\run_game.exe
FirewallRules: [{BA6A7786-5FDF-482F-9918-FB79A0716751}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{D3465EA0-14AB-42BD-AC85-29E7BF0C0013}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{816D2C58-B6D5-4DD6-A11E-5056398DAD3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{F3898146-8379-41FD-ADEC-89856399D72E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{4B921645-F1D6-44DA-8193-F19290C8F557}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0BB5934D-807D-4FF2-A064-B6034C613B6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{C06EF5E7-71CB-487A-BEB5-C026368FE463}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{367087A4-D1E8-44B7-96DE-3498CA313DD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0E5EFCA5-EE45-4759-85DC-0DFF70F133C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Pit\ThePit.exe
FirewallRules: [{65B81780-5522-4621-ADDE-63EDA7B7ADC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Pit\ThePit.exe
FirewallRules: [{3D4C64B9-CDAD-4C64-B044-0CD6FC9C333D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{289E6F1D-83EF-49BB-95B2-4F5F2F56AA9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{314122C0-2A4A-4D11-8A1E-B18D28E16944}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{2A8539DC-9AB8-4EA1-8D32-DA3B92FC12D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{D841C468-E784-4472-9CC8-2D9BDF7D4983}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{25EF25DC-E150-41A6-A94F-9DDCE853F2CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{6095E6EC-9D32-4CA7-B4FE-B043A140C483}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{1B4D2812-F8C1-4E60-892F-D05B26ECF131}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{628AE06C-2A04-4475-8323-FBEF2590E748}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{86528AA8-5FD4-41C3-A1DC-3C54EAB3A146}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{8A476D43-61E6-4D9A-9799-BA75F7BE6E62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{087CF250-4817-4713-B5EF-6DE4A9284522}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{51B6DFD4-32E9-4BCC-989C-35A4531DBEBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{FA7D113A-5B24-44EC-BC53-DEF8E2E89D2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{94CD8005-12E7-42BB-9F1C-9B5FB8EF1DAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{0910FF4C-2BD4-4747-89C5-BFE96195374B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{106E1FBB-360E-4AD1-83CF-3DB54E834846}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{40FF0C01-F8EB-4349-881F-EDD9A071A4F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{1517E041-B6E5-4737-8416-E125E8912B57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{F4F5C65A-5DBC-4C18-9B17-1149FFD2DB2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{1AAB9A0C-3AFE-4F8D-ADD7-2CD76FA2607E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E9A2D3D9-76FE-4800-9425-C7D7ED524058}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{33C543F7-6063-475B-A558-93CD619C4BD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{9D8CA38D-CBA2-4AAB-8C20-E65BB6F90DB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{DA9F4B8F-895B-4262-8D36-29406B63B7D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rust\rust.exe
FirewallRules: [{82B84E17-E90B-4EBD-B8DB-224CF337ACF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rust\rust.exe
FirewallRules: [TCP Query User{5EB73D29-662E-4BE4-ADAB-F33E3101FE31}C:\users\breadwinner\desktop\dogecoin\dogecoin-qt.exe] => (Allow) C:\users\breadwinner\desktop\dogecoin\dogecoin-qt.exe
FirewallRules: [uDP Query User{56B57F8E-A71C-41D5-88F8-41B1C4DE8494}C:\users\breadwinner\desktop\dogecoin\dogecoin-qt.exe] => (Allow) C:\users\breadwinner\desktop\dogecoin\dogecoin-qt.exe
FirewallRules: [{A76165CC-D16C-49B9-B4E6-DE1A91077153}] => (Block) C:\users\breadwinner\desktop\dogecoin\dogecoin-qt.exe
FirewallRules: [{A3DB7613-15E9-4239-B7DD-D31D0D016023}] => (Block) C:\users\breadwinner\desktop\dogecoin\dogecoin-qt.exe
FirewallRules: [TCP Query User{53D15BE2-75BF-444E-ADD3-B8949506B1C6}C:\users\breadwinner\desktop\ðogewallet\dogecoin-qt.exe] => (Block) C:\users\breadwinner\desktop\ðogewallet\dogecoin-qt.exe
FirewallRules: [uDP Query User{558AB2E7-B665-4353-A706-0D416B144844}C:\users\breadwinner\desktop\ðogewallet\dogecoin-qt.exe] => (Block) C:\users\breadwinner\desktop\ðogewallet\dogecoin-qt.exe
FirewallRules: [{468FFF75-E451-43CC-95C2-9903E5575F38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{04136F7C-7FCE-4A2B-8811-1CD596346DE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{E264CFF1-E301-462D-89D5-114A9F940A8E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B4402EB7-64F6-4E00-9931-5EC532321078}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A707F6D3-CC71-44FF-A333-0A5BC3B927BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AAFA75D6-C1CE-4FF5-9CCC-28B8F065E452}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EDBB8D6A-4318-4481-A49E-73FBB30C3466}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ABD2F294-052D-4DD1-AFD1-3E42F5BE8738}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6C4EFF3A-8A00-45D7-83CD-9A825C905073}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [{3278304F-5BAB-4B6C-9D85-78763D062519}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [TCP Query User{7DAAA986-D827-418C-BA73-9B60402C7E72}C:\program files (x86)\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files (x86)\dogecoin\dogecoin-qt.exe
FirewallRules: [uDP Query User{1D426193-BC6C-4FB3-A5F8-34FC3E554176}C:\program files (x86)\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files (x86)\dogecoin\dogecoin-qt.exe
FirewallRules: [{77C33AF4-72AF-4E9F-B7AD-AF76DBDC9064}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{172667A7-3A39-4C32-A478-B35A364E66FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{56E9B202-8EFF-48EB-B452-8AD282B984A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rust\rustlauncher.exe
FirewallRules: [{56D686C8-3FFA-4138-8B26-DC3190E21677}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rust\rustlauncher.exe
FirewallRules: [{895A8BD0-FCE7-4C85-BC2C-0456AB8504CF}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{937AB5B5-274B-46EB-A24E-2A2A47BC9B21}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{C7E0266A-48E9-4B21-BA35-564A63787C20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{2865C745-AE93-4390-81CF-75FC3470A8DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{E7A7D727-8FB3-4DB6-A067-EACCE246450F}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{E9A59869-2E78-46F2-B5D2-826D89D788A2}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{6544E318-02E4-4DDB-8B54-E7FDF3F0ECC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{51A34723-0FAC-425D-87EC-D7E4A6AF8681}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{620A2F41-8703-4F21-AD58-601C531A3CFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mercenary_kings\MercenaryKings.exe
FirewallRules: [{25F45E6E-E97A-4247-90AE-6F6500F3B43E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mercenary_kings\MercenaryKings.exe
FirewallRules: [{EE7F78AF-76DD-4B19-8E30-C18067888932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{F3098563-A0F5-4BE9-8B89-488EEB22DAFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{E27ACFFC-C0A0-4E1C-A764-49FD47843D53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{41BCD461-8B75-4A7A-9EA7-B669FA54CFFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{C24499B1-6A2D-4C59-9882-236D1F41E26C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{A430CA81-7AFE-4E92-B280-411FCEBAE3CE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{02FC799B-A9EF-428C-9FC5-54C767AFEC44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{A8D5A2E9-AFDE-4C77-9432-2C161E45A942}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{0065B703-E750-4E28-8785-47A72172A6FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{98B3B58C-D20E-4ED0-8781-6D8ACD469183}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{C4EC7F28-46C4-4CB0-9C4F-460DE19530F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{2821EDD3-597D-4560-BD80-C6CD46DEA0E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{335A3FF2-D6F9-41C2-8783-53BC572578F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{28B1C609-847A-451F-B05B-0BFCAB7B52C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{8632BAE9-18D8-44B9-B8D7-89E9E4D98B53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RBS\Really Big Sky.exe
FirewallRules: [{9B874726-4DF0-4B63-9D21-245F1C5FDF9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RBS\Really Big Sky.exe
FirewallRules: [{A9DAA050-1E2C-4E7F-8F76-9D7E6C130079}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [{836832FA-C255-423D-B619-493AF2D13568}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [{8595F8B1-15DD-4747-9A0A-72837BBA04D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{9F4C52EB-EC61-4927-8D0D-AB7C9124C3FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{E2D0C23A-1C84-4515-8909-E571D82BBE2A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E81310F3-1412-44E0-93AC-ED256448B975}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{131DB30C-E62D-4986-9B42-413827BC4789}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2B159615-B075-4079-BF6A-B447DC359CA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{5ED715CF-AC2C-4A03-845E-F2EC61D58075}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{38ABCFDD-A76A-4BDB-A89C-0A37852528FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{CBC45DAD-5A65-4DCC-A708-7B2D4468159F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dawn of war ii - retribution\DOW2.exe
FirewallRules: [{CA2FC01A-F486-4440-BBB4-740279F4FB3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dawn of war ii - retribution\DOW2.exe
FirewallRules: [{C938FA69-F221-4BD2-985E-74E97ED9FD52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpacebaseDF9\Space.exe
FirewallRules: [{0E6635F1-29E2-4797-8950-6CFBB3F8EACD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpacebaseDF9\Space.exe
FirewallRules: [{9F8DF78D-82D3-4E82-B3F2-58B18317D914}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rust\experimental\Rust.exe
FirewallRules: [{8DDD5B28-C0DB-458D-A294-937B021E95D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rust\experimental\Rust.exe
FirewallRules: [{64EBD394-2EC1-4C6A-853B-42636D627574}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{93F128F7-3CF5-46FD-A4C2-165A0BD3E084}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{04801E37-B5D5-4A60-9C00-7EAACFE2219A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King Arthur's Gold\KAG.exe
FirewallRules: [{B98AED7A-647A-48D3-8123-62BC215D4711}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King Arthur's Gold\KAG.exe
FirewallRules: [TCP Query User{B3139AFF-E147-4BBD-9250-2672F9D20BD2}C:\program files\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files\dogecoin\dogecoin-qt.exe
FirewallRules: [uDP Query User{0AA5CF6D-175B-4C65-8F0E-6E0D8E6CE177}C:\program files\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files\dogecoin\dogecoin-qt.exe
FirewallRules: [{C5585993-5DE7-4515-A00B-1EFF42FADD71}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{F045E0BC-B2A8-448C-9B0F-98ED44DA2030}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{7FDD0FB8-5ADB-4E26-9749-13E0683A4DF6}] => (Allow) C:\Program Files (x86)\Origin Games\Crusader No Remorse\data\Game\DOSBox\DOSBox.exe
FirewallRules: [{A7126778-549A-4374-BCC4-4D35B5A145C9}] => (Allow) C:\Program Files (x86)\Origin Games\Crusader No Remorse\data\Game\DOSBox\DOSBox.exe
FirewallRules: [{4A0A68C6-0264-48A4-95D8-C3D86D4FBC4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{4BA32466-66D3-4F5A-AB1C-90F59EE9A400}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{60529891-107A-4BA4-967A-1973F1A7FD34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{ACC0D895-14CE-4D6B-809F-355FC7119033}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{A86B73EF-6C57-4B12-B540-62B1D937C3E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{B1FAEEB7-76E9-435C-9973-37FC0EC76067}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{CFB8D78D-2D08-492F-9B7C-204604B22E66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{C53E2DBD-F7BB-46C9-8F67-C1DE3027987B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{D468B1BC-39C7-4A1E-8A37-56E6B59494E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{6DBE4019-F755-40DC-8766-EA4F3EAC04B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [TCP Query User{7F40C000-FE54-4AD9-B0C9-AB2491EC4203}C:\program files\bitcoin\bitcoin-qt.exe] => (Block) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [uDP Query User{1DF53577-E4BB-4914-8475-6B1C27FBAD31}C:\program files\bitcoin\bitcoin-qt.exe] => (Block) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [{0B8E315C-558B-45E4-BEE2-A179AEEF6F0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{1128B615-FD74-4D3F-82AA-6C4E1FB09118}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{2AA1A595-784D-464E-9A07-11C4CE4742A0}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{4713E083-9832-48D2-B613-B1DA6F30C30A}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [TCP Query User{2F83F81A-EA0C-4CE1-85A3-D9601859584F}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe
FirewallRules: [uDP Query User{2D38854D-F197-481F-8EAC-A972247211D1}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe
FirewallRules: [{92985877-60E5-448B-8135-1AC306F12617}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{E3CD1C19-4CF7-47F7-8252-981E208BD0DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{7B49B0ED-CEF3-49FD-85BC-5582403171FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{8F6E3016-1DDB-4A45-A6B4-B403B4F659F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{CFA54BCD-4654-4FCD-AD7F-B59F6004E50A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{1B6B7A4F-165D-417B-95D7-268C2F429487}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{861F2CFC-1A71-4E72-80D1-1C242438BD8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{014D9F35-BA9F-46FA-9835-F767017C3D4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{FD2545B3-3744-4AE7-91A1-A004A5295D23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{77582AA4-C61B-4BDC-AB01-D10834A68B85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{87363029-17F5-44F3-A2F2-D4E950AFDF80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{628B4E16-4BE6-42FC-99A9-BECB8E2CFF51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{DBBF39EF-80D4-4929-8EE0-0B2B9622AFC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiehardDungeon\DiehardDungeon.exe
FirewallRules: [{B1B3D99B-B134-478F-8D40-CF9BA18D7E58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiehardDungeon\DiehardDungeon.exe
FirewallRules: [{554F7CA6-98DE-414F-86C5-6D46986429FB}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{A7498EA4-262F-408C-9296-AC96C3CA1C67}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{D4BFED32-D8DF-407D-A491-04A4F5DC3CE7}] => (Allow) C:\Users\breadwinner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{D36C61EB-A8E1-4EDA-A4BF-29EF7A9E5B4A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1041F5AF-4840-4B10-999D-B0B4785F4D36}] => (Allow) LPort=2869
FirewallRules: [{35FD50A9-B0F2-42F2-A801-CF3D39BE7A5E}] => (Allow) LPort=1900
FirewallRules: [{4E19DF0C-51EE-460F-9DF3-46FED3DA0980}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CCCAD2DB-EFAB-4C56-94E7-76172EBC673A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C02B261B-64F7-472B-8A65-F617D1AF11A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{171A8477-953C-4255-91AE-B5D5D74B529D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DC63B41D-9864-45B6-96E4-C4F4F64AC51E}] => (Allow) C:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{4AE81D03-1A5B-4AB3-806C-9F510CB5170E}] => (Allow) C:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{083F1FE9-41AE-44E0-810B-6E948DE36435}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{2AAF9480-914C-424F-8D24-78FE0005EC5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{2C2D1091-8FE1-45E2-8382-E0F7F692CC83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blackguards\Blackguards.exe
FirewallRules: [{EC261190-8C6C-44A0-B690-C27DB7C8FB63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blackguards\Blackguards.exe
FirewallRules: [{553A0A22-DDDA-4EFF-95F7-C115710C622D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{4FF1E7AB-640D-4495-889A-BD4F475F598D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{80E9D179-DF36-41A5-83A7-934817A56E05}] => (Allow) C:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{E089336F-2FD0-4411-913D-701600AD252A}] => (Allow) C:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{F8F46BAB-5990-48D9-9A90-CDB2AF5E403C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Hack\main.exe
FirewallRules: [{30A32C82-9D4D-4308-A400-47645822C1DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Hack\main.exe
FirewallRules: [{1F4EBE8A-8304-4BBE-B04A-D25296E5AE91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{665DD824-AA90-4D37-8126-910BB05A1B7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{6D825F57-5D85-4AD1-97A9-07926A40F75B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{347EF9B3-D995-46FF-B4BE-0D3242250FA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{CE1321EF-1BAF-4CE3-9990-7E9BEBD578D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{9D37E894-CF01-46C1-AB57-6E27880F594F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{AD77DEA0-03B2-43C8-ABAF-6C37FC71D2D7}] => (Allow) C:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{22933B1C-2990-426A-A1EC-4E5CF0899619}] => (Allow) C:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{825E089F-51E9-44B5-B2C2-8C9AD19F9B72}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{1E0688F3-CC6C-4C96-9242-C8675BAB70EF}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{F3AC063E-955E-4A59-9B60-528C75B83C63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rust\legacy\rust.exe
FirewallRules: [{0D1A7F51-62CF-4641-B560-E6EEE8D29867}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rust\legacy\rust.exe
FirewallRules: [{889E42B9-2645-4FD4-90FE-0F3FB543CED5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{997E3DD6-33D9-4C56-9C49-FC80CB94F0A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{02D491B2-CB4E-41F5-B477-FE487597AAC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realms of the Haunting\DOSBOX\DOSBox.exe
FirewallRules: [{B4A0DA59-1927-4294-9378-3A54C5E355EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realms of the Haunting\DOSBOX\DOSBox.exe
FirewallRules: [{222618A7-9003-46EB-909D-5018BCAFDB25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe
FirewallRules: [{2DE928DF-8550-4C59-832D-AF58C6C92820}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe
FirewallRules: [{BAFF48DB-F469-42B5-82E8-6A777DB85E92}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5514533B-3829-4BEF-93D9-3889C0681F32}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{920F645E-9FFF-4637-B627-C02D84DE5365}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{230E06D2-BFB3-4222-927C-149D8DFFEE6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{C5140127-322F-43A8-B012-6E703C6435A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{D01BD48C-65BE-40C5-8237-D88DB7BAD516}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{ECE9FB9C-1F02-4F1D-97D4-234D56DDA1A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{80038AA2-8219-46F9-983B-E217ACAB34FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{18FD0E55-D2A9-4079-A053-7F2C5DC4C408}C:\program files (x86)\fahclient\fahclient.exe] => (Block) C:\program files (x86)\fahclient\fahclient.exe
FirewallRules: [uDP Query User{D4CA4A57-1DBD-42C1-945F-2452E3328AF7}C:\program files (x86)\fahclient\fahclient.exe] => (Block) C:\program files (x86)\fahclient\fahclient.exe
FirewallRules: [TCP Query User{D94F4B86-5372-4A4F-9B4F-8898604CC12E}C:\program files\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files\dogecoin\dogecoin-qt.exe
FirewallRules: [uDP Query User{801F1F07-E7FF-439E-9B77-F71078E31979}C:\program files\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files\dogecoin\dogecoin-qt.exe
FirewallRules: [{9BED92A9-F141-4165-B692-713276C49A46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{896983E3-EFDF-46FA-8E5F-1DB46E0CE55E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{08CE6B16-72CF-4D8C-A2FF-4AC308DB0630}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{CDB42DCC-37EC-4EAD-A642-5E2D47371629}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{19A34738-BEDA-42C1-BBAF-3A2A2551FAEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe
FirewallRules: [{CCC071A2-8FF6-4DE5-87E4-CDC461763508}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe
FirewallRules: [{7C8D10D7-FF83-42FF-A7D7-FFE9404C9926}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{7890D144-D38F-4849-BD58-6BFBA35A2244}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{AB46BA4A-77C5-4BC3-AF27-C94C6BC6B6B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe
FirewallRules: [{D7C5ADA7-C11F-4364-A7C5-6154D59887BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe
FirewallRules: [{BDF6AA19-7EAE-43D4-8287-E8AA8155D82B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{40174AE9-3FD0-46E2-8A39-216F59DFA823}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{DC71532E-C5DE-4690-B8C9-C2465A9D7762}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe
FirewallRules: [{E2700B67-267A-41B1-9495-4E69CA27BACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe
FirewallRules: [{4D7F10FD-D6BC-4E04-A393-28DEE3C4CD29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{6A5B4E77-669E-4866-A8E9-3E927A4F33BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{EF2AE3A4-28EF-4DB0-88E7-21A651931404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{245C7FF8-88EC-4591-93AE-70245C330A5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{73C8C951-AF3F-4AE6-BE94-B5F9A823D657}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{AB90A9C9-C9FE-4E3B-8513-1FECDE2D7482}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [uDP Query User{AA6263E7-FF6C-4E31-B268-EC904A56E7D6}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/11/2015 09:17:48 AM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information:  Error: 404 "Not Found" for "deletetree", file "": No handler for URL: deletetree       .
 
Error: (07/11/2015 09:17:48 AM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information:  Error: 404 "Not Found" for "deletetree", file "": No handler for URL: deletetree       .
 
Error: (07/06/2015 10:21:13 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [183]).
 
Error: (07/06/2015 10:21:13 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).
 
Error: (07/06/2015 10:21:13 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD endpoint registration failed [0]).
 
Error: (07/04/2015 07:14:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 604
 
Start Time: 01d0b67b93bf9462
 
Termination Time: 22
 
Application Path: C:\Windows\Explorer.EXE
 
Report Id: 8719d22a-2278-11e5-893c-c86000c3020e
 
Error: (07/04/2015 03:05:20 PM) (Source: System Restore) (EventID: 8206) (User: )
Description: The restore point selected was damaged or deleted during the restore (Restore Operation).
 
Error: (07/04/2015 02:49:59 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information:  Error: 404 "Not Found" for "deletetree", file "": No handler for URL: deletetree       .
 
Error: (07/04/2015 02:49:59 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information:  Error: 404 "Not Found" for "deletetree", file "": No handler for URL: deletetree       .
 
Error: (07/04/2015 02:44:07 PM) (Source: System Restore) (EventID: 8206) (User: )
Description: The restore point selected was damaged or deleted during the restore (Restore Operation).
 
 
System errors:
=============
Error: (07/15/2015 08:27:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (07/15/2015 08:27:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (07/15/2015 08:27:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (07/15/2015 08:27:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (07/15/2015 08:27:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (07/15/2015 08:27:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (07/15/2015 08:24:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (07/15/2015 08:24:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (07/15/2015 08:24:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (07/15/2015 08:22:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office:
=========================
Error: (07/11/2015 09:17:48 AM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "deletetree", file "": No handler for URL: deletetree
 
Error: (07/11/2015 09:17:48 AM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "deletetree", file "": No handler for URL: deletetree
 
Error: (07/06/2015 10:21:13 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [183]
 
Error: (07/06/2015 10:21:13 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (07/06/2015 10:21:13 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (07/04/2015 07:14:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.1756760401d0b67b93bf946222C:\Windows\Explorer.EXE8719d22a-2278-11e5-893c-c86000c3020e
 
Error: (07/04/2015 03:05:20 PM) (Source: System Restore) (EventID: 8206) (User: )
Description: Restore Operation
 
Error: (07/04/2015 02:49:59 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "deletetree", file "": No handler for URL: deletetree
 
Error: (07/04/2015 02:49:59 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "deletetree", file "": No handler for URL: deletetree
 
Error: (07/04/2015 02:44:07 PM) (Source: System Restore) (EventID: 8206) (User: )
Description: Restore Operation
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 21%
Total physical RAM: 8147.59 MB
Available physical RAM: 6393.91 MB
Total Virtual: 16293.39 MB
Available Virtual: 14598.08 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:45.38 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4EBDAD1E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End of log ============================
Link to post
Share on other sites

  • Root Admin

Hello and :welcome:

Please read the following and post back the logs when ready and we'll see about getting you cleaned up.

General P2P/Piracy Warning:
 
 

 
If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on
Piracy
.



 
Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.
  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

    [*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)


 
STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.
 


Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.
  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please run a Threat Scan with MBAM.  If you're unable to run or complete the scan as shown below please see the following:  MBAM Clean Removal Process 2x
When reinstalling the program please try the latest version.

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.
 
 
 

Link to post
Share on other sites

Step 0: I've run Rkill as admin; the DOS box appeared, but didn't close itself, I got a message stating that it had completed though. It also generated a .txt file. So I'm not sure if it ran correctly.

 

Step 01: ERUNT ran successfully.

 

Step 02: Below is the paste from the completed Malwarebytes Threat scan:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 17/07/2015
Scan Time: 22:01
Logfile: 
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.07.17.05
Rootkit Database: v2015.07.17.01
License: Trial
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: breadwinner
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 410761
Time Elapsed: 36 min, 43 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
Will I need to keep my computer running through this process, or can I shut down for now and rerun rkill? (it's late in the UK)
Link to post
Share on other sites

  • Root Admin

You can shut down and we don't need to use Rkill anymore at this point. When ready please run the following. I'll be away most of the day tomorrow but will try to check back on you Sunday or Monday

 

Please go ahead and run through the following steps and post back the logs when ready.
 
STEP 04
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus


STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


STEP 06
Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkits, Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button. Remove any threats found
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.


STEP 07
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology


    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.


STEP 08
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Link to post
Share on other sites

  • Root Admin

Please run the AdwCleaner again but make sure you chose to let it fix what it finds.

 

Then go to this folder "C:\Program Files (x86)\Malwarebytes Anti-Malware\Plugins" inside there is a file called "fixdamage.exe" please right click on it and choose "Run as administrator"

 

Then when done reboot the computer and run the following.

 

 

Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files


Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.
 

Link to post
Share on other sites

  • Root Admin

Were you able to find and run FIXDAMAGE.EXE with Admin rights and reboot?  The logs seem to indicate that it may not have been run.

 

 

System errors:
=============
Error: (07/22/2015 09:36:27 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
 

Link to post
Share on other sites

  • Root Admin

Okay well it looks like that did not fix it as this logs shows the error still as it appears to be late evening for you now.

 

System errors:
=============
Error: (07/22/2015 10:15:11 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

 

The other logs shows the same error but in the morning.

 

Let me have you run the following please.

 

 

 

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender

    [*]Press "Scan". [*]It will create a log (FSS.txt) in the same directory the tool is run. [*]Please copy and paste the log to your reply.


 

Link to post
Share on other sites

  • Root Admin

Well that says a few services are not running. Let me have you run the following please.

 

Make sure you disable your antivirus while running this tool.

 

 

 

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.


 

Link to post
Share on other sites

Apologies, I'm not knowledgeable in this topic. I wasn't aware that it would make a difference.

In normal mode, I have no internet access, and the system is quite unresponsive.

 

Though I haven't tried them in normal mode. Should I start from step 0, or just fixdamage.exe and MiniToolBox?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.