Jump to content

Recommended Posts

Today suddenly when i opened computer 

 

Detection, 9/27/2015 1:57 PM, SYSTEM, LASSEWHO-PC, Protection, Malicious Website Protection, IP, 91.198.22.70, checkip.dyndns.org, 49361, Outbound, C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe, 
 
Detection, 9/27/2015 1:57 PM, SYSTEM, LASSEWHO-PC, Protection, Malicious Website Protection, IP, 91.198.22.70, checkip.dyndns.org, 49361, Outbound, C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe, 
 
This came as blocked which is weird i never had this before atleast what i have seen, and its weird because its from NVIDIA Netservice (i deleted it just incase right after this)
 
im not sure if this is falsepositive or just some virus
 
 
Link to post
Share on other sites

Hello and welcome to Malwarebytes.org

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here. Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.


Next,

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Settings.JPG
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

Next,

Follow the instructions in the following link to show hidden files:

http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/

Next,

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.

            'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.



To get the log from Malwarebytes do the following:

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Recommend you use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…




If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.

  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either accept the alert or disable your security and allow FRST to run...

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.



Next,

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8/8.1/10, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes select "Report",in the next window select "Export txt" the log will open as a text file post that log... Also save to your Desktop for reference. log will open.
  • Close the program > Don't Fix anything!



Let me see those logs in your reply....

Thank you,

Kevin...
 

Link to post
Share on other sites

heres the mbam log

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/27/2015
Scan Time: 2:46 PM
Logfile: 
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.09.27.03
Rootkit Database: v2015.09.22.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: LasseWho
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 441623
Time Elapsed: 22 min, 28 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015

Ran by LasseWho (administrator) on LASSEWHO-PC (27-09-2015 15:10:07)

Running from C:\Users\LasseWho\Desktop

Loaded Profiles: LasseWho (Available Profiles: LasseWho)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe

() C:\Windows\SysWOW64\ASGT.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\Windows\System32\PnkBstrA.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe

(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(Microsoft Corporation) C:\Windows\System32\taskmgr.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

 

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)

HKLM\...\Run: [saiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)

HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-26] (AVAST Software)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-06] (LogMeIn Inc.)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-11] (AVAST Software)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2014-09-18]

ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe ()

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 62.241.198.246 62.241.198.245

Tcpip\..\Interfaces\{0282D0F4-2302-43B1-9023-16BC51FA47D3}: [DhcpNameServer] 62.241.198.245 62.241.198.246

Tcpip\..\Interfaces\{032B4B4B-68C0-481D-9BC2-4B22C4DEA63A}: [DhcpNameServer] 62.241.198.246 62.241.198.245

 

Internet Explorer:

==================

HKU\S-1-5-21-1588957578-3755077194-3935895131-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fi.msn.com/?rd=1&ucc=FI&dcc=FI&opt=0&ocid=iehp

SearchScopes: HKLM-x32 -> DefaultScope value is missing

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11] (AVAST Software)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll [2015-07-23] (Perfect World Entertainment Inc)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11] (AVAST Software)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

 

FireFox:

========

FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]

FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]

FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [No File]

FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Program Files (x86)\Perfect World Entertainment\Arc\plugins\NPSWF32.dll [2015-08-20] ()

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)

FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [No File]

FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]

FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]

FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [No File]

FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)

FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [2015-07-23] (Perfect World Entertainment Inc)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)

FF Plugin HKU\S-1-5-21-1588957578-3755077194-3935895131-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\LasseWho\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-30]

 

Chrome: 

=======

CHR StartupUrls: Default -> "www.google.com"

CHR Profile: C:\Users\LasseWho\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\LasseWho\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]

CHR Extension: (Chrome Web Store Payments) - C:\Users\LasseWho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-28]

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-30]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-30]

 

==================== Services (Whitelisted) ========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2015-07-23] (Perfect World Entertainment Inc)

R2 ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [258688 2010-12-02] (ASUSTeK Computer Inc.)

R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-11] (AVAST Software)

S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-08-11] (EasyAntiCheat Ltd)

S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)

R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-06] (LogMeIn, Inc.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-13] (Electronic Arts)

R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-08-02] ()

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-08-02] ()

S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()

S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)

S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)

S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]

S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

S2 NvNetworkService; "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" [X]

 

===================== Drivers (Whitelisted) ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)

R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-11] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-11] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-11] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-11] (AVAST Software)

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-14] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-11] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-11] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-11] (AVAST Software)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-27] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)

S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [15648 2013-04-19] ()

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)

R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)

R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)

R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)

R3 SaiK1703; C:\Windows\System32\DRIVERS\SaiK1703.sys [180544 2012-09-20] (Saitek)

R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)

R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)

R3 SaiU1703; C:\Windows\System32\DRIVERS\SaiU1703.sys [47168 2012-09-20] (Saitek)

R1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [43136 2010-09-21] (ASUSTeK Computer Inc.)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-09-27 15:10 - 2015-09-27 15:10 - 00018650 _____ C:\Users\LasseWho\Desktop\FRST.txt

2015-09-27 15:10 - 2015-09-27 15:10 - 00000000 ____D C:\FRST

2015-09-27 14:44 - 2015-09-27 14:44 - 18801736 _____ C:\Users\LasseWho\Desktop\RogueKiller.exe

2015-09-27 14:44 - 2015-09-27 14:44 - 02192384 _____ (Farbar) C:\Users\LasseWho\Desktop\FRST64.exe

2015-09-27 14:06 - 2015-09-27 14:43 - 00002843 _____ C:\Users\LasseWho\Desktop\asd.txt

2015-09-25 19:11 - 2015-09-25 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw

2015-09-25 19:11 - 2015-09-25 19:11 - 00000000 ____D C:\Program Files (x86)\x264vfw

2015-09-25 19:09 - 2015-09-25 19:09 - 02253095 _____ C:\Users\LasseWho\Desktop\x264vfw_full_42_2538bm_41390.exe

2015-09-25 19:00 - 2015-09-25 19:21 - 62445870 _____ C:\Users\LasseWho\Downloads\FoxGame-Win32-Shipping 2015-09-25 18-45-14-53.avi

2015-09-25 18:54 - 2015-09-25 20:06 - 00000000 ____D C:\Users\LasseWho\Desktop\New folder (10)

2015-09-25 18:54 - 2015-09-25 18:54 - 01908225 _____ C:\Users\LasseWho\Downloads\VirtualDub-1.10.4.zip

2015-09-25 18:47 - 2015-09-25 18:48 - 1741450052 _____ C:\Users\LasseWho\Desktop\FoxGame-Win32-Shipping 2015-09-25 18-48-04-17.avi

2015-09-25 18:46 - 2015-09-25 18:48 - 4195631192 _____ C:\Users\LasseWho\Desktop\FoxGame-Win32-Shipping 2015-09-25 18-47-09-51.avi

2015-09-25 18:45 - 2015-09-25 18:48 - 4195997816 _____ C:\Users\LasseWho\Desktop\FoxGame-Win32-Shipping 2015-09-25 18-46-13-87.avi

2015-09-25 18:45 - 2015-09-25 18:48 - 4195277784 _____ C:\Users\LasseWho\Desktop\FoxGame-Win32-Shipping 2015-09-25 18-45-14-53.avi

2015-09-25 13:32 - 2015-09-25 13:32 - 00000000 ___HD C:\$Windows.~BT

2015-09-24 16:04 - 2015-09-24 16:04 - 00000000 ____D C:\Users\LasseWho\AppData\Roaming\MKKE

2015-09-19 15:23 - 2015-09-19 15:23 - 00000565 _____ C:\Windows\wmsetup.log

2015-09-19 15:22 - 2015-09-19 15:22 - 00000000 ____D C:\Users\LasseWho\Documents\Riptide

2015-09-18 16:26 - 2015-09-26 15:11 - 00000000 ____D C:\Users\LasseWho\AppData\Roaming\TS3Client

2015-09-18 16:25 - 2015-09-24 15:57 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client

2015-09-18 16:25 - 2015-09-18 16:25 - 00000927 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk

2015-09-18 16:25 - 2015-09-18 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client

2015-09-18 16:23 - 2015-09-18 16:23 - 31071896 _____ (TeamSpeak Systems GmbH) C:\Users\LasseWho\Desktop\TeamSpeak3-Client-win64-3.0.17.exe

2015-09-12 17:29 - 2015-09-12 17:30 - 00001707 _____ C:\Users\Public\Desktop\Volgarr the Viking.lnk

2015-09-12 17:29 - 2015-09-12 17:29 - 00000000 ____D C:\Users\LasseWho\AppData\Roaming\Crazy Viking Studios

2015-09-12 17:04 - 2015-09-12 17:06 - 1042909544 _____ (GOG.com ) C:\Users\LasseWho\Desktop\setup_eador2_2.4.0.22.exe

2015-09-12 17:04 - 2015-09-12 17:05 - 110234520 _____ ( ) C:\Users\LasseWho\Desktop\patch_eador2_2.4.1.24.exe

2015-09-12 17:03 - 2015-09-12 17:04 - 161630280 _____ (GOG.com ) C:\Users\LasseWho\Desktop\setup_volgarr_the_viking_2.5.0.7.exe

2015-09-12 16:36 - 2015-09-12 16:36 - 00000000 ____D C:\Users\LasseWho\Documents\GuacameleeSTCE

2015-09-12 16:35 - 2015-09-12 16:35 - 00001963 _____ C:\Users\Public\Desktop\Guacamelee! Super Turbo Championship Edition.lnk

2015-09-12 16:31 - 2015-09-12 16:32 - 736776408 _____ (GOG.com ) C:\Users\LasseWho\Desktop\setup_guacamelee_super_turbo_championship_edition_2.0.0.1.exe

2015-09-12 16:13 - 2015-09-12 16:14 - 69841719 _____ (rofi ) C:\Users\LasseWho\Downloads\NGHL_Lite_v1_34.exe

2015-09-12 15:35 - 2015-09-12 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com

2015-09-12 15:35 - 2015-09-12 15:35 - 00001723 _____ C:\Users\Public\Desktop\Dust - An Elysian Tail.lnk

2015-09-12 15:34 - 2015-09-12 17:51 - 00000000 ____D C:\GOG Games

2015-09-12 14:54 - 2015-09-12 14:56 - 1321870504 _____ (GOG.com ) C:\Users\LasseWho\Desktop\setup_dust_an_elysian_tail_2.0.0.2.exe

2015-09-12 14:41 - 2015-09-12 14:41 - 00000000 _____ C:\Users\LasseWho\Desktop\New Bitmap Image (5).bmp

2015-09-09 17:35 - 2015-09-09 17:35 - 00002430 _____ C:\Users\Public\Desktop\Tom Clancy's Rainbow Six Vegas.lnk

2015-09-09 17:34 - 2015-09-09 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft

2015-09-09 16:30 - 2015-08-27 21:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2015-09-09 16:30 - 2015-08-27 21:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2015-09-09 16:30 - 2015-08-27 21:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2015-09-09 16:30 - 2015-08-27 21:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2015-09-09 16:30 - 2015-08-27 20:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2015-09-09 16:30 - 2015-08-27 20:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2015-09-09 16:30 - 2015-08-27 20:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2015-09-09 16:30 - 2015-08-27 20:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2015-09-09 16:30 - 2015-08-18 04:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-09-09 16:30 - 2015-08-18 04:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-09-09 16:30 - 2015-08-15 09:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-09-09 16:30 - 2015-08-15 09:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-09-09 16:30 - 2015-08-15 09:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-09-09 16:30 - 2015-08-15 09:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-09-09 16:30 - 2015-08-15 09:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-09-09 16:30 - 2015-08-15 09:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-09-09 16:30 - 2015-08-15 09:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-09-09 16:30 - 2015-08-15 09:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-09-09 16:30 - 2015-08-15 09:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-09-09 16:30 - 2015-08-15 09:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-09-09 16:30 - 2015-08-15 09:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-09-09 16:30 - 2015-08-15 09:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-09-09 16:30 - 2015-08-15 09:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-09-09 16:30 - 2015-08-15 09:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-09-09 16:30 - 2015-08-15 09:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-09-09 16:30 - 2015-08-15 09:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-09-09 16:30 - 2015-08-15 09:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-09-09 16:30 - 2015-08-15 09:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-09-09 16:30 - 2015-08-15 08:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-09-09 16:30 - 2015-08-15 08:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-09-09 16:30 - 2015-08-15 08:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-09-09 16:30 - 2015-08-15 08:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-09-09 16:30 - 2015-08-15 08:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-09-09 16:30 - 2015-08-15 08:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-09-09 16:30 - 2015-08-15 08:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-09-09 16:30 - 2015-08-15 08:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-09-09 16:30 - 2015-08-15 08:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-09-09 16:30 - 2015-08-15 08:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-09-09 16:30 - 2015-08-15 08:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-09-09 16:30 - 2015-08-15 08:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-09-09 16:30 - 2015-08-15 08:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-09-09 16:30 - 2015-08-15 08:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-09-09 16:30 - 2015-08-15 08:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-09-09 16:30 - 2015-08-15 08:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-09-09 16:30 - 2015-08-15 08:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-09-09 16:30 - 2015-08-15 08:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-09-09 16:30 - 2015-08-15 08:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-09-09 16:30 - 2015-08-15 08:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-09-09 16:30 - 2015-08-15 08:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-09-09 16:30 - 2015-08-15 08:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-09-09 16:30 - 2015-08-15 08:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-09-09 16:30 - 2015-08-15 08:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-09-09 16:30 - 2015-08-15 08:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-09-09 16:30 - 2015-08-15 08:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-09-09 16:30 - 2015-08-15 08:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-09-09 16:30 - 2015-08-15 08:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-09-09 16:30 - 2015-08-15 08:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-09-09 16:30 - 2015-08-15 08:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-09-09 16:30 - 2015-08-15 08:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-09-09 16:30 - 2015-08-15 08:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-09-09 16:30 - 2015-08-15 08:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-09-09 16:30 - 2015-08-15 08:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-09-09 16:30 - 2015-08-15 08:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-09-09 16:30 - 2015-08-15 07:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-09-09 16:30 - 2015-08-15 07:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-09-09 16:30 - 2015-08-15 07:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-09-09 16:30 - 2015-08-15 07:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-09-09 16:30 - 2015-08-15 07:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-09-09 16:30 - 2015-08-05 20:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll

2015-09-09 16:30 - 2015-08-05 20:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll

2015-09-09 16:30 - 2015-08-05 20:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll

2015-09-09 16:30 - 2015-08-05 20:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll

2015-09-09 16:30 - 2015-08-04 21:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2015-09-09 16:30 - 2015-08-04 21:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2015-09-09 16:30 - 2015-08-04 20:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll

2015-09-09 16:30 - 2015-08-04 20:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll

2015-09-09 16:30 - 2015-08-04 20:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll

2015-09-09 16:30 - 2015-08-04 20:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe

2015-09-09 16:30 - 2015-08-04 20:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe

2015-09-09 16:30 - 2015-08-04 20:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll

2015-09-09 16:30 - 2015-08-04 19:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys

2015-09-09 16:30 - 2015-07-23 03:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-09-09 16:30 - 2015-07-23 03:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-09-09 16:30 - 2015-07-23 03:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-09-09 16:30 - 2015-07-23 03:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2015-09-09 16:30 - 2015-07-23 03:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2015-09-09 16:30 - 2015-07-23 03:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2015-09-09 16:30 - 2015-07-23 03:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2015-09-09 16:30 - 2015-07-23 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-09-09 16:30 - 2015-07-23 03:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2015-09-09 16:30 - 2015-07-23 03:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-09-09 16:30 - 2015-07-23 03:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2015-09-09 16:30 - 2015-07-23 03:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2015-09-09 16:30 - 2015-07-23 03:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-09-09 16:30 - 2015-07-23 03:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-09-09 16:30 - 2015-07-23 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-09-09 16:30 - 2015-07-23 02:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2015-09-09 16:30 - 2015-07-23 02:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-09-09 16:30 - 2015-07-22 20:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-09-09 16:30 - 2015-07-22 20:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-09-09 16:30 - 2015-07-22 20:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2015-09-09 16:30 - 2015-07-22 20:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2015-09-09 16:30 - 2015-07-22 20:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2015-09-09 16:30 - 2015-07-22 20:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-09-09 16:30 - 2015-07-22 20:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-09-09 16:30 - 2015-07-22 20:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-09-09 16:30 - 2015-07-22 20:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-09-09 16:30 - 2015-07-22 20:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-09-09 16:30 - 2015-07-22 20:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-09-09 16:30 - 2015-07-22 20:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-09-09 16:30 - 2015-07-22 20:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2015-09-09 16:30 - 2015-07-22 20:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-09-09 16:30 - 2015-07-22 20:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-09-09 16:30 - 2015-07-22 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2015-09-09 16:30 - 2015-07-22 20:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2015-09-09 16:30 - 2015-07-22 20:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2015-09-09 16:30 - 2015-07-22 20:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2015-09-09 16:30 - 2015-07-22 20:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-09-09 16:30 - 2015-07-22 20:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-09-09 16:30 - 2015-07-22 20:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2015-09-09 16:30 - 2015-07-22 20:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2015-09-09 16:30 - 2015-07-22 20:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-09-09 16:30 - 2015-07-22 20:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 19:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll

2015-09-09 16:30 - 2015-07-22 19:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2015-09-09 16:30 - 2015-07-22 19:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2015-09-09 16:30 - 2015-07-22 19:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2015-09-09 16:30 - 2015-07-22 19:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2015-09-09 16:30 - 2015-07-22 19:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2015-09-09 16:30 - 2015-07-22 19:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 19:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 19:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2015-09-09 16:30 - 2015-07-22 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2015-09-09 16:30 - 2015-07-15 06:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2015-09-09 16:30 - 2015-07-15 05:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2015-09-09 16:30 - 2015-07-09 20:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll

2015-09-09 16:30 - 2015-07-09 20:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll

2015-09-09 16:30 - 2015-07-09 20:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll

2015-09-09 16:30 - 2015-07-09 20:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll

2015-09-09 16:30 - 2015-06-25 13:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2015-09-09 16:30 - 2015-06-25 13:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2015-09-09 16:30 - 2015-06-25 13:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2015-09-09 16:30 - 2015-06-25 12:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2015-09-09 16:29 - 2015-09-02 06:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2015-09-09 16:29 - 2015-09-02 06:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2015-09-09 16:29 - 2015-09-02 06:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2015-09-09 16:29 - 2015-09-02 06:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2015-09-09 16:29 - 2015-09-02 05:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2015-09-09 16:29 - 2015-09-02 05:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2015-09-09 16:29 - 2015-09-02 05:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2015-09-09 16:29 - 2015-09-02 05:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2015-09-09 16:29 - 2015-09-02 04:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-09-09 16:29 - 2015-09-02 04:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2015-09-09 16:29 - 2015-09-02 04:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2015-09-09 16:29 - 2015-08-26 21:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-09-09 16:29 - 2015-08-26 21:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-09-09 16:29 - 2015-08-26 21:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-09-09 16:29 - 2015-08-26 21:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-09-09 16:29 - 2015-08-26 21:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-09-09 16:29 - 2015-08-26 21:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-09-09 16:29 - 2015-08-26 21:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-09-09 16:29 - 2015-08-26 21:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-09-09 16:29 - 2015-08-26 21:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-09-09 16:29 - 2015-08-26 21:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-09-09 16:29 - 2015-08-26 21:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-09-09 16:29 - 2015-08-26 20:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-09-09 16:29 - 2015-08-26 20:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-09-09 16:29 - 2015-08-26 20:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-09-09 16:29 - 2015-08-26 20:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-09-09 16:29 - 2015-08-26 20:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-08-30 15:09 - 2015-08-11 10:06 - 00238376 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe

2015-08-29 15:38 - 2015-08-29 15:38 - 00000000 ____D C:\Users\LasseWho\AppData\Local\_

2015-08-29 15:04 - 2015-08-29 15:38 - 00000000 ____D C:\Users\LasseWho\Documents\GameMaker

2015-08-29 15:01 - 2015-08-29 15:01 - 00000000 ____D C:\Users\LasseWho\AppData\Local\gm_ttt_3419

2015-08-29 15:00 - 2015-08-29 15:00 - 00000000 ____D C:\ProgramData\GameMaker-Studio-Early-Access

2015-08-29 14:59 - 2015-08-29 14:59 - 00000000 ____D C:\Users\LasseWho\AppData\Local\gm_ttt_81193

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-09-27 14:21 - 2014-03-29 20:45 - 00000000 ____D C:\Program Files (x86)\Steam

2015-09-27 14:12 - 2014-03-29 20:56 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-09-27 14:00 - 2009-07-14 07:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-09-27 14:00 - 2009-07-14 07:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-09-27 13:55 - 2014-03-29 20:32 - 01208398 _____ C:\Windows\WindowsUpdate.log

2015-09-27 13:53 - 2015-08-22 13:20 - 00000000 ____D C:\Users\LasseWho\AppData\Local\LogMeIn Hamachi

2015-09-27 13:52 - 2015-07-06 11:24 - 00022696 _____ C:\Windows\setupact.log

2015-09-27 13:52 - 2014-07-06 18:38 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-09-27 13:52 - 2014-03-29 20:56 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-09-27 13:52 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-09-27 13:51 - 2014-03-29 21:03 - 00000000 ____D C:\ProgramData\NVIDIA

2015-09-27 13:06 - 2014-05-28 12:40 - 00000000 ____D C:\Program Files (x86)\SpeedFan

2015-09-27 10:29 - 2014-03-29 20:56 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-09-26 11:59 - 2014-07-09 11:26 - 00000000 ____D C:\Users\LasseWho\AppData\Local\CrashDumps

2015-09-25 13:32 - 2014-03-30 04:23 - 00000000 ____D C:\Windows\Panther

2015-09-23 14:37 - 2014-03-29 20:58 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2015-09-19 15:23 - 2015-07-30 13:14 - 00095670 _____ C:\Windows\DirectX.log

2015-09-17 17:07 - 2014-03-29 20:56 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-09-17 17:07 - 2014-03-29 20:56 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-09-16 18:12 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\rescache

2015-09-16 16:01 - 2009-07-14 08:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI

2015-09-15 17:00 - 2014-03-29 20:56 - 00000000 ____D C:\Users\LasseWho\AppData\Local\Google

2015-09-13 09:25 - 2014-04-12 12:48 - 00000000 ____D C:\ProgramData\Origin

2015-09-13 09:24 - 2014-04-12 12:48 - 00000000 ____D C:\Program Files (x86)\Origin

2015-09-12 17:39 - 2009-07-14 08:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2015-09-12 15:38 - 2015-02-28 11:17 - 00000000 ____D C:\Users\LasseWho\Documents\SavedGames

2015-09-12 14:42 - 2014-07-02 14:11 - 00000000 ____D C:\Users\LasseWho\.gimp-2.8

2015-09-10 16:22 - 2015-07-06 11:24 - 00295936 _____ C:\Windows\system32\FNTCACHE.DAT

2015-09-10 16:20 - 2011-04-12 11:28 - 00000000 ____D C:\Program Files\Windows Journal

2015-09-10 16:20 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2015-09-09 19:30 - 2014-03-31 14:56 - 00000000 ____D C:\Windows\system32\MRT

2015-09-09 17:35 - 2015-03-08 13:49 - 00000000 ____D C:\Users\LasseWho\Documents\Ubisoft

2015-09-09 17:35 - 2014-12-03 17:22 - 00000000 __SHD C:\Users\LasseWho\AppData\Local\EmieBrowserModeList

2015-09-09 17:35 - 2014-05-25 09:53 - 00000000 __SHD C:\Users\LasseWho\AppData\Local\EmieUserList

2015-09-09 17:35 - 2014-05-25 09:53 - 00000000 __SHD C:\Users\LasseWho\AppData\Local\EmieSiteList

2015-09-09 17:23 - 2015-01-16 22:14 - 00000000 ____D C:\Program Files (x86)\Ubisoft

2015-09-09 17:23 - 2014-03-29 20:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2015-09-09 17:18 - 2014-04-22 11:57 - 00000000 ____D C:\Users\LasseWho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2015-09-05 10:20 - 2014-03-29 22:31 - 00000000 ____D C:\Users\LasseWho\Documents\My Games

2015-08-31 15:17 - 2009-07-14 08:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2015-08-30 14:36 - 2015-08-15 18:10 - 00001996 _____ C:\Users\LasseWho\Desktop\hlds.exe - Shortcut.lnk

2015-08-29 15:04 - 2015-08-25 17:36 - 00000000 ____D C:\Users\LasseWho\AppData\Local\GameMaker_Player

2015-08-29 15:04 - 2015-08-24 19:09 - 00000000 ____D C:\Users\LasseWho\AppData\Local\gamemaker_studio

 

==================== Files in the root of some directories =======

 

2014-08-10 18:35 - 2014-08-10 18:35 - 0000099 _____ () C:\Users\LasseWho\AppData\Roaming\LauncherSettings_live.cfg

2014-08-10 18:34 - 2014-08-10 18:34 - 0000040 _____ () C:\Users\LasseWho\AppData\Roaming\TheHunterSettings_steam_live.cfg

2015-08-13 18:45 - 2015-08-13 18:45 - 0006532 _____ () C:\Users\LasseWho\AppData\Local\recently-used.xbel

2014-04-28 14:50 - 2014-11-07 12:34 - 0007610 _____ () C:\Users\LasseWho\AppData\Local\resmon.resmoncfg

2008-02-05 15:28 - 2008-02-05 15:28 - 0000051 _____ () C:\Users\LasseWho\AppData\Local\setup.txt

 

Some files in TEMP:

====================

C:\Users\LasseWho\AppData\Local\Temp\sfamcc00001.dll

C:\Users\LasseWho\AppData\Local\Temp\sfamcc00002.dll

C:\Users\LasseWho\AppData\Local\Temp\sfareca00002.dll

C:\Users\LasseWho\AppData\Local\Temp\sonarinst.exe

 

 

==================== Bamital & volsnap =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

ATTENTION: ==> Could not access BCD. 

 

 

LastRegBack: 2015-09-23 17:41

 

==================== End of FRST.txt ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-09-2015

Ran by LasseWho (2015-09-27 15:10:44)

Running from C:\Users\LasseWho\Desktop

Windows 7 Home Premium Service Pack 1 (X64) (2014-03-29 17:32:55)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-1588957578-3755077194-3935895131-500 - Administrator - Disabled)

Guest (S-1-5-21-1588957578-3755077194-3935895131-501 - Limited - Disabled)

LasseWho (S-1-5-21-1588957578-3755077194-3935895131-1000 - Administrator - Enabled) => C:\Users\LasseWho

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)

Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden

Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)

Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)

Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)

ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.)

ASUS GPU Tweak (x32 Version: 2.4.9.2 - ASUSTek COMPUTER INC.) Hidden

ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)

Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

Autodesk SketchBook (HKLM\...\{E8771745-B470-4EB7-AF2C-D57A8CF60388}) (Version: 7.11.0000 - Autodesk)

Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)

AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)

Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)

Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)

BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )

Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden

Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden

Besiege (HKLM-x32\...\Steam App 346010) (Version:  - Spiderling Studios)

BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)

Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden

Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden

Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden

Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden

Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None)

Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden

Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden

Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden

Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden

Call of Duty® 4 - Modern Warfare (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.6 - Activision)

Call of Duty® 4 - Modern Warfare (x32 Version: 1.6 - Activision) Hidden

Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)

Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )

Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)

CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)

Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)

Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)

Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)

Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)

Dark Messiah of Might & Magic Single Player (HKLM-x32\...\Steam App 2100) (Version:  - Arkane Studios)

Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)

DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)

Dead Rising 2 (HKLM-x32\...\Steam App 45740) (Version:  - Capcom Vancouver)

DeadCore (HKLM-x32\...\Steam App 284460) (Version:  - 5 Bits Games)

Disk Unlocker (HKLM-x32\...\{FE73C47E-0FF8-47A6-A903-FFA827A4B43D}) (Version: 2.0.8 - ASUS)

Door Kickers (HKLM-x32\...\Steam App 248610) (Version:  - KillHouse Games)

Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden

Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)

Dust -  An Elysian Tail (HKLM-x32\...\GOGPACKDUSTANELYSIANTAIL_is1) (Version: 2.0.0.2 - GOG.com)

Dustforce (HKLM-x32\...\Steam App 65300) (Version:  - Hitbox Team)

Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)

ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)

Fallout (HKLM-x32\...\Steam App 38400) (Version:  - Interplay Inc.)

Fallout 2 (HKLM-x32\...\Steam App 38410) (Version:  - Black Isle Studios)

Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)

Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)

Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)

Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )

FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)

GameMaker: Studio (HKLM-x32\...\Steam App 214850) (Version:  - YoYo Games Ltd.)

GECK - New Vegas Edition (HKLM-x32\...\Steam App 22480) (Version:  - )

GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden

GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)

GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden

Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)

Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)

Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version:  - Rockstar Games)

Guacamelee! Super Turbo Championship Edition (HKLM-x32\...\1207665733_is1) (Version: 2.0.0.1 - GOG.com)

Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)

Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)

Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)

Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)

Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)

Half-Life Dedicated Server (HKLM-x32\...\Steam App 90) (Version:  - )

Half-Life: Opposing Force (HKLM-x32\...\Steam App 50) (Version:  - Gearbox Software)

Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - Crackshell)

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)

Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)

IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)

IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )

IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )

Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)

Intel® Network Connections 16.6.126.0 (HKLM\...\PROSetDX) (Version: 16.6.126.0 - Intel)

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)

Interplanetary (HKLM-x32\...\Steam App 278910) (Version:  - Team Jolly Roger)

Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)

Java SE Development Kit 8 Update 11 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)

jMonkeyEngine SDK (HKLM\...\nbi-jmonkeyplatform-3.0.10.0.4) (Version:  - )

Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)

Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)

Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)

Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)

Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version:  - Tripwire Interactive)

Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Lambda Wars Beta (HKLM-x32\...\Steam App 270370) (Version:  - Vortal Storm)

LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden

LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden

LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.385 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.385 - LogMeIn, Inc.) Hidden

Magicite (HKLM-x32\...\Steam App 268750) (Version:  - SmashGames)

Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)

Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)

Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden

Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)

Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)

Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)

Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)

Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual Studio Community 2013 with Update 4 (HKLM-x32\...\{96a8b90c-0a91-4e76-ab34-730c23923d11}) (Version: 12.0.31101 - Microsoft Corporation)

Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)

Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)

Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)

Mortal Kombat Komplete Edition (HKLM-x32\...\Steam App 237110) (Version:  - NetherRealm Studios)

Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)

Mumble 1.2.7 (HKLM-x32\...\{CF8BBFA2-5502-4904-A9E9-8D5CAA8DF785}) (Version: 1.2.7 - Thorvald Natvig)

Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.8 - Black Tree Gaming)

NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)

NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)

NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)

OldSchool RuneScape Launcher 1.2.3 (HKLM-x32\...\{CCCEAAD4-3D2F-42C1-9AAA-08D458DB3509}) (Version: 1.2.3 - Jagex Ltd)

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version:  - Robot Entertainment)

Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)

PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)

Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)

PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)

Platformines (HKLM-x32\...\Steam App 264540) (Version:  - Magiko Gaming)

PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden

PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden

Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)

Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden

Quake Live (HKLM-x32\...\Steam App 282440) (Version:  - id Software)

Rainbow Six 3 Gold (HKLM-x32\...\Uplay Install 2235) (Version:  - Ubisoft)

Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)

Reassembly (HKLM-x32\...\Steam App 329130) (Version:  - Anisoptera Games)

Receiver (HKLM-x32\...\Steam App 234190) (Version:  - Wolfire Games)

Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)

Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.0 - Rockstar Games)

Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)

RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)

Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)

SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden

Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)

Sleeping Dogs: Definitive Edition (HKLM-x32\...\Steam App 307690) (Version:  - United Front Games)

Smart Technology Programming Software 7.0.27.13 (HKLM\...\{BD90BC1C-115D-47E1-B85C-07AE182C3AB8}) (Version: 7.0.27.13 - Mad Catz)

Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)

Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)

Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)

Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)

Source SDK Base 2013 Multiplayer (HKLM-x32\...\Steam App 243750) (Version:  - )

Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)

Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager)

SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)

Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)

Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)

Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )

StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)

Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)

SteelSeries Engine 3.2.9 (HKLM\...\SteelSeries Engine 3) (Version: 3.2.9 - SteelSeries ApS)

Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)

System Shock 2 (HKLM-x32\...\Steam App 238210) (Version:  - Irrational Games)

Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)

Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)

Tesla Effect (HKLM-x32\...\Steam App 261510) (Version:  - Big Finish Games)

The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)

Thief Gold (HKLM-x32\...\Steam App 211600) (Version:  - Looking Glass Studios)

Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)

Tom Clancy's Rainbow 6 VEGAS 2 (HKLM-x32\...\Uplay Install 108) (Version:  - Ubisoft)

Tom Clancy's Rainbow Six Vegas (HKLM-x32\...\{5731C0A8-B266-451A-8D3F-8066AA21836F}) (Version: 1.06.000 - Ubisoft)

Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version:  - Ubisoft Toronto)

Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)

TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version:  - Nadeo)

TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden

TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden

Ubuntu (HKLM-x32\...\Wubi) (Version: 14.04-rev286 - Ubuntu)

Unity (HKLM-x32\...\Unity) (Version: 4.5.5f1 - Unity Technologies ApS)

Unity Web Player (HKU\S-1-5-21-1588957578-3755077194-3935895131-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)

Unreal Development Kit: 2014-08 (HKLM\...\UDK-5da7538a-05bd-4e26-9b9b-a4b3e25d411b) (Version:  - Epic Games, Inc.)

Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)

Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)

Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)

Volgarr the Viking (HKLM-x32\...\1207659623_is1) (Version: 2.5.0.7 - GOG.com)

VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden

Warhammer 40,000: Dawn of War - Game of the Year Edition (HKLM-x32\...\Steam App 4570) (Version:  - Relic Entertainment)

Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic Entertainment)

WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden

WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden

WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)

Worms Revolution (HKLM-x32\...\Steam App 200170) (Version:  - Team17 Digital Ltd.)

x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version:  - )

XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)

Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== Restore Points =========================

 

18-09-2015 15:50:19 Windows Update

19-09-2015 15:20:33 Installed DirectX

22-09-2015 15:56:32 Windows Update

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 05:34 - 2014-07-06 17:15 - 00450709 ___RA C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 1000gratisproben.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

127.0.0.1 www.100sexlinks.com

127.0.0.1 100sexlinks.com

127.0.0.1 10sek.com

127.0.0.1 www.10sek.com

127.0.0.1 www.1-2005-search.com

127.0.0.1 1-2005-search.com

127.0.0.1 123fporn.info

127.0.0.1 www.123fporn.info

127.0.0.1 123haustiereundmehr.com

127.0.0.1 www.123haustiereundmehr.com

127.0.0.1 123moviedownload.com

 

There are 1000 more lines.

 

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {342C0F0F-B90D-4A99-9448-2BD10681AFD6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-11] (AVAST Software)

Task: {5BF2212D-0441-4CAD-9DD9-1A304326C46C} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser

Task: {89404F91-C2EA-49D9-A474-28BDDD90DA06} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-04-25] (Safer-Networking Ltd.)

Task: {A25B2ACC-AC8F-41E1-9070-2027D9230CB2} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)

Task: {AB6FD7AF-101C-46D1-9CEB-60E4BA64D56C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)

Task: {AC44A477-2065-4DF3-9620-1FE077D368B9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-04-25] (Safer-Networking Ltd.)

Task: {B3F4331D-D320-4095-8B09-135E2D82C012} - System32\Tasks\ASUS\i-Setup193800 => C:\Windows\Chipset\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)

Task: {D2946055-D143-4563-A209-976925D102B3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-04-25] (Safer-Networking Ltd.)

Task: {E52D115D-BC6A-4BA2-8AC7-829A915481DC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)

Task: {EA346656-C5B6-4483-AAFB-EC6844A384B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (Whitelisted) ==============

 

2014-03-29 21:03 - 2015-05-28 07:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2012-01-17 12:24 - 2012-01-17 12:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe

2014-07-01 13:57 - 2015-08-02 17:10 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe

2015-08-11 19:36 - 2015-08-11 19:36 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll

2015-08-11 19:36 - 2015-08-11 19:36 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll

2015-09-26 23:25 - 2015-09-26 23:25 - 02966016 _____ () C:\Program Files\AVAST Software\Avast\defs\15092601\algo.dll

2015-06-03 10:49 - 2015-05-23 04:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

2015-05-20 05:29 - 2015-05-20 05:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll

2014-05-28 12:46 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2014-05-28 12:46 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

2014-05-28 12:46 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2015-03-30 15:24 - 2015-03-30 15:24 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2015-09-27 10:29 - 2015-09-24 05:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll

2015-09-27 10:29 - 2015-09-24 05:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll

2014-03-29 20:48 - 2012-02-07 18:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2015-09-16 15:57 - 2015-07-03 19:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2015-09-16 15:57 - 2015-07-03 19:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll

2015-09-16 15:57 - 2015-07-03 19:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll

2015-09-16 15:57 - 2015-07-03 19:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll

2015-09-16 15:57 - 2015-08-19 23:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll

2015-09-16 15:57 - 2014-12-02 00:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll

2015-09-16 15:57 - 2014-12-02 00:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll

2015-09-16 15:57 - 2014-12-02 00:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll

2015-09-16 15:57 - 2014-12-02 00:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll

2015-09-16 15:57 - 2014-12-02 00:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll

2015-07-27 12:42 - 2015-08-19 23:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2015-07-27 12:42 - 2015-07-27 04:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll

2015-07-27 12:42 - 2015-07-03 19:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com

IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com

IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com

IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com

IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com

IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com

IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

 

There are 7866 more restricted sites.

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-1588957578-3755077194-3935895131-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LasseWho\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 62.241.198.246 - 62.241.198.245

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{10F02C56-BD0A-43A1-8E39-F100C0F488E4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{8B9DA541-E69F-4943-9B0C-3E59EE8411AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{FD8A4666-D1B0-4DA1-8199-9A3D7233F970}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe

FirewallRules: [{9E08EF91-9773-41D0-A6A2-71626F2A0354}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe

FirewallRules: [{5BD9AED7-2F1C-4A3C-B86B-C4CA017217AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe

FirewallRules: [{3EDC209E-25A3-4938-B793-5285B61C9896}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe

FirewallRules: [{1D296212-1ABC-4A4D-B6C6-7F644F88065D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe

FirewallRules: [{E57EEF53-3CCC-4E3B-956A-82218D594C3E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe

FirewallRules: [{F47D8F4A-2E31-49B9-9B43-F9C1C70B5458}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thief_gold\THIEF.EXE

FirewallRules: [{0AD76EF3-5ABA-4179-A7A8-2B142156E87D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thief_gold\THIEF.EXE

FirewallRules: [{7E4036C9-2E86-4F9D-9E3B-4BD11EA96ECF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe

FirewallRules: [{E01101C7-6F11-42B2-A620-784862A29150}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe

FirewallRules: [{CEE9C61B-2DFE-4164-A569-B3ECEF53D7C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe

FirewallRules: [{73FEC50E-0D27-421B-B8E0-1BE3FC4C61E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe

FirewallRules: [TCP Query User{5CCCF7B4-330A-4824-AC19-183062A9AC0C}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe

FirewallRules: [uDP Query User{1D7CA835-992A-4EDC-B214-93087691A929}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe

FirewallRules: [{D58B4FDF-5D59-4DE2-894D-BE8CD32777F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe

FirewallRules: [{0FB2CAAA-D284-4B6C-A373-B92D45C7BD83}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe

FirewallRules: [{DBEF5F82-2195-4AB5-AFC9-EC2D82591399}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe

FirewallRules: [{91F91048-CA89-43BB-A1BB-9EB6B756D15F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe

FirewallRules: [{28CDEE94-95B9-46B8-AE85-BD15DDBAF399}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe

FirewallRules: [{28C38A99-AAA4-4409-BE72-B70E6E2DACF9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe

FirewallRules: [{A008FC4C-9895-458F-8B39-4FDBBDDA8441}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [{786040F5-4C27-4EA1-8AAA-DBC3149B4997}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [{05A81972-0BAA-41B9-9D23-DC4E8A9AD7BE}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe

FirewallRules: [{A684E781-B783-482C-931D-656CF4092E1A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe

FirewallRules: [{343E5BE6-A9BE-4CBD-AE21-EF86FA7AA726}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{0B8C843B-F4C0-4CB3-B6AA-CE87C910A430}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceFilmmaker\game\sfm.exe

FirewallRules: [{DA4D8606-FDF6-468B-99F0-515EA589AC31}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceFilmmaker\game\sfm.exe

FirewallRules: [{84024059-44FD-4135-B867-3B5D59637026}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe

FirewallRules: [{30BDDC92-8D9C-4132-9A14-A985249CE1B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe

FirewallRules: [{1981E4D4-E161-4974-8E7F-4075118547D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe

FirewallRules: [{D610160B-6498-4323-AD22-4D1B4B27F2CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe

FirewallRules: [{8EC3E904-C8E9-42E0-881D-EC0CD76B1825}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe

FirewallRules: [{3A424ACB-0F68-4EBD-B881-2F53AE6831B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe

FirewallRules: [{16BC0AC5-C957-4052-A43B-386BDF797452}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe

FirewallRules: [{D1566D92-D431-454F-93C0-CAD9EDFFC128}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe

FirewallRules: [TCP Query User{A1683F21-0706-4247-BDCA-46095AF3D320}C:\program files (x86)\java\jdk1.8.0_11\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_11\jre\bin\javaw.exe

FirewallRules: [uDP Query User{D8B24F14-7A66-49AC-825E-051337543C1E}C:\program files (x86)\java\jdk1.8.0_11\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_11\jre\bin\javaw.exe

FirewallRules: [TCP Query User{8DEAE596-05B9-41AB-869D-E78AA4835FD3}C:\program files (x86)\java\jdk1.8.0_11\bin\jmc.exe] => (Block) C:\program files (x86)\java\jdk1.8.0_11\bin\jmc.exe

FirewallRules: [uDP Query User{B6145EF1-D54D-42B9-B307-AF2768498671}C:\program files (x86)\java\jdk1.8.0_11\bin\jmc.exe] => (Block) C:\program files (x86)\java\jdk1.8.0_11\bin\jmc.exe

FirewallRules: [TCP Query User{7D000486-59AA-4170-B266-B6CFAF625044}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe

FirewallRules: [uDP Query User{868FA0D1-BAE3-49B3-8CEF-0587FCB2169B}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe

FirewallRules: [{C09CBB6B-F7B7-46FD-9E50-18F34AA8BC1F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{9B40D1EA-07F7-41C9-983A-3BE9674C4EBF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{74283CFB-06B5-4712-ACA2-AFC8DF9C5BC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{274882F3-4562-4EEB-ACC2-78FF6017B18E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{7B80C5E4-2EF5-41AE-9789-31FC2DB5C3D0}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe

FirewallRules: [{9A9E9D18-FA84-4069-812A-D7D3CC11FDA3}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe

FirewallRules: [{B636B171-1DC1-4F18-8F08-CCDD709F9FFE}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe

FirewallRules: [{C45FB92D-25E4-4A4F-B9F5-CE1AF3A0A237}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe

FirewallRules: [{DC1566EE-16B3-4053-8F90-A8BFCBB13563}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe

FirewallRules: [{12B94E6D-6D0D-4BDE-95E2-672A481DFCEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe

FirewallRules: [{AF18F9AB-F6DA-478E-B863-1882BC8518A9}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe

FirewallRules: [{22635FBE-C4D0-4D96-98B4-5BD20062809E}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe

FirewallRules: [{D198B163-F8B1-4DB1-94E8-6A6780E16E2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Quake Live\quakelive_steam.exe

FirewallRules: [{C0D139AE-D84F-48BC-9133-E7E94058D9A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Quake Live\quakelive_steam.exe

FirewallRules: [TCP Query User{8EF2DFB7-396E-4894-9697-D24AEC41138E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe

FirewallRules: [uDP Query User{7E0511F9-8821-498E-B6C7-3002FE5C64EB}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe

FirewallRules: [{98A2D11B-47D4-4DCE-97B5-8503A4C0F4F5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe

FirewallRules: [{1983A212-5484-4915-9D2F-C10180F55F29}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe

FirewallRules: [{32B83E9D-4BD8-4FE8-ABA3-A6658886F66B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe

FirewallRules: [{C6D21367-0A34-42E2-840C-99BB048D79F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe

FirewallRules: [{D13E6204-1113-4A9A-895C-78132F450AB5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\insurgency2\insurgency.exe

FirewallRules: [{9DAE974C-4B96-4C14-9A5D-D3E24F001CFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\insurgency2\insurgency.exe

FirewallRules: [{68204031-9155-42C3-BE48-7AD91C1BF7B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tesla Effect\TeslaEffect.exe

FirewallRules: [{0BCAB5E5-AB70-4856-9645-C1CBDAAF8225}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tesla Effect\TeslaEffect.exe

FirewallRules: [{27FEFE5F-79D0-4769-A1AF-A21942E256FD}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe

FirewallRules: [{B92D3629-50EC-471D-B9CD-DE5899C1914E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Multiplayer\hl2.exe

FirewallRules: [{19977F30-C7EB-4C65-8DF0-89E6C7D53AFA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Multiplayer\hl2.exe

FirewallRules: [{269C281B-88C3-4EE5-B604-7CCB94A76373}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe

FirewallRules: [{F849CACF-1355-4CA8-80FE-35C8E6C5DB01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe

FirewallRules: [{005D4DCD-8A3D-4FCE-86AC-640D2D5D8BD7}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win32\UDK.exe

FirewallRules: [{9D87C3FF-F567-47EE-A7FC-DBEED4E79C70}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win32\UDK.exe

FirewallRules: [{B5907D02-564D-45BE-B918-F506DBF0210C}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win64\UDK.exe

FirewallRules: [{638782E0-A654-416B-850A-E48BFD74D0C7}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win64\UDK.exe

FirewallRules: [TCP Query User{078A2E08-220E-4971-88E4-EA9856C266E1}C:\udk\udk-2014-08\binaries\swarmagent.exe] => (Block) C:\udk\udk-2014-08\binaries\swarmagent.exe

FirewallRules: [uDP Query User{41A20C17-E8D8-4887-BCE6-E9CC56302D38}C:\udk\udk-2014-08\binaries\swarmagent.exe] => (Block) C:\udk\udk-2014-08\binaries\swarmagent.exe

FirewallRules: [{7F362B9A-A5E1-4833-A60E-BE79465C760A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Messiah Might and Magic Single Player\mm.exe

FirewallRules: [{8CCECC29-0441-4CF8-9C45-DB4B177840FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Messiah Might and Magic Single Player\mm.exe

FirewallRules: [{0C3E3755-43C5-43EE-A591-016ED0929394}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe

FirewallRules: [{08775491-FA21-4E14-851D-478C5DFF0145}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe

FirewallRules: [{A89C4954-1C07-41A9-A832-B1FC83EE11BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe

FirewallRules: [{06B7F8B7-5ACE-4C6C-A5F5-FFCB751E22BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe

FirewallRules: [{6DDB0174-0FAD-41A8-A2FA-0A5A8984E782}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{BAB5FD8A-1947-4B91-BBC8-524048588593}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{A8DAB2D9-85E1-415F-B4AB-509813C34022}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{1DCA3245-B458-4EBB-8477-FA0738F24460}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{327CB2B2-9090-4BD0-B540-C9150EACB38E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{0A067D5C-F0E3-4CD3-9728-D1503D66A032}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{8C793135-64A4-46CC-AB5F-AED309CC83A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe

FirewallRules: [{713FB528-E135-48BF-B89E-AB0245372A44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe

FirewallRules: [{81FED2AC-817D-4AD3-B647-9CF9122BE96F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe

FirewallRules: [{32D28665-20BB-4D2E-803A-C02ED13A3DD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe

FirewallRules: [{14BBACA2-827C-4174-966E-356922672753}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 2\Fallout2Launcher.exe

FirewallRules: [{D0048719-C65A-4F96-AF43-C917DC3CB4F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 2\Fallout2Launcher.exe

FirewallRules: [{97D7CF37-51B4-42E7-9008-25B6335783E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe

FirewallRules: [{D1AFB6E5-9D33-4F69-954D-C5C095D80A04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe

FirewallRules: [{8A5DD9F2-9B8B-4E89-84B1-C90D7658DB48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe

FirewallRules: [{FD1BE5E6-F213-4B3D-80B3-A8A208352D33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe

FirewallRules: [{A143B99C-08F0-4248-B64C-16053E9C7679}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe

FirewallRules: [{E7553434-2B8E-403E-9DE2-82218DF3800C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe

FirewallRules: [{CB14693E-D1E2-42CB-80BB-A8A261CD78F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War Gold\W40k.exe

FirewallRules: [{4B5184F5-76D9-4D03-A875-3546664FAD4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War Gold\W40k.exe

FirewallRules: [{5538662C-5125-4A9F-B87D-E22C7C697AFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe

FirewallRules: [{A5F9911D-1251-48DD-80C4-3D3765CC0C4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe

FirewallRules: [{8E38362E-9B7A-4E6E-BB70-115529E061CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe

FirewallRules: [{D44E3495-10D8-4680-8079-8647EFAEC466}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe

FirewallRules: [{12FA469A-4CB5-4793-BD1B-B7C76CB733C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe

FirewallRules: [{D85BC7F5-A950-466D-92A3-D87CC55A9ED0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe

FirewallRules: [{C9FA49F3-0A6A-48B9-953A-989900F0A01F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe

FirewallRules: [{3A651CF2-53EC-4DD1-80B9-5C65FEC43077}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe

FirewallRules: [{2E92B220-3314-452F-A445-77F6820813BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe

FirewallRules: [{36B53D2B-6EEF-4284-82C1-445B975BBF3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe

FirewallRules: [{46CE4141-27AE-429F-BACB-BC640B6150CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe

FirewallRules: [{E83214A2-09CC-4B2D-A075-8405F1678817}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe

FirewallRules: [{917A292D-7DBB-4602-88A1-D8A2882A587F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe

FirewallRules: [{28340C36-FF34-4CA1-9268-E249DBFDCD69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe

FirewallRules: [{6F01E246-EC55-43D0-BC85-06589E73B446}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicite\Magicite.exe

FirewallRules: [{6CEDB75E-D650-4941-86F9-AB06B4F2200B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicite\Magicite.exe

FirewallRules: [{24C6745A-39E8-4AA6-84FF-5A081A2D9962}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [{F818ACCF-DE5D-411C-B408-7D92D0AD23E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [{D9E40824-354D-48E0-B999-0B7860B581F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe

FirewallRules: [{A1597AE2-C414-45E7-B013-2B1D52B0D34C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe

FirewallRules: [{69EB0C6B-C5E3-4DCC-AB04-4053D7EBB17D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe

FirewallRules: [{590071B7-832F-496B-8D07-C15A1653C344}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe

FirewallRules: [{FB735BEF-9ED8-4758-AD2A-904EDB8F7E07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe

FirewallRules: [{D4F655A2-C811-43DE-A24B-1D3DCF915807}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe

FirewallRules: [{57D87752-C92B-4698-AC0B-BF358DAED25E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SleepingDogsDefinitiveEdition\sdhdship.exe

FirewallRules: [{F7758BD1-09ED-453C-A69E-12DED089E701}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SleepingDogsDefinitiveEdition\sdhdship.exe

FirewallRules: [{3BA4ADFD-3DAA-4C9F-A537-E48A0A49D0CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe

FirewallRules: [{B224AEAF-AC09-4FAB-B489-862F4D5E05D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe

FirewallRules: [TCP Query User{6A9B1991-A0B2-4E19-85E9-7039CF865362}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe

FirewallRules: [uDP Query User{68910D4E-AFC9-4630-A473-F4BAB6A210B1}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe

FirewallRules: [TCP Query User{029FE0CD-6B61-4935-B670-F18CCA792899}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe

FirewallRules: [uDP Query User{71DE9EBF-D788-4902-8485-4F2BA9499B01}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe

FirewallRules: [{8A15452A-E050-47F0-BC7B-70CF89C973DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe

FirewallRules: [{29BEA7D1-42E6-409D-8EFF-C63CE4363109}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe

FirewallRules: [{AD7B5B14-0B04-4E0C-968C-552C85652B03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe

FirewallRules: [{AC2E6C78-63B0-44B3-B123-308D8E992859}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe

FirewallRules: [{38008ACA-52DE-463E-A192-93C36C0088B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe

FirewallRules: [{4D2BAB6B-C4B5-4A26-B5D3-BE026F0977A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe

FirewallRules: [{C1E04541-13CB-424B-95EE-4FD840CE5A0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe

FirewallRules: [{47414C50-7C4A-43E2-AAE9-B468B238C5FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe

FirewallRules: [{18C2FB0C-9C63-4C24-830E-EF5B522A7B0C}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe

FirewallRules: [{65F645F4-053D-426F-8900-BF666D6547D6}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe

FirewallRules: [{8D9F8532-57E4-4976-813F-7979B1DFDA04}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe

FirewallRules: [{EF4F8089-B65E-4D9B-A91B-55F60B06CE6C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe

FirewallRules: [{1E21C998-E1A8-4CDA-8DA1-18083401A559}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe

FirewallRules: [{ACBA5F76-7D84-45AD-A18A-2974AE28555F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe

FirewallRules: [{7F537986-2AE7-4BEB-BD50-29CE132CA0A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe

FirewallRules: [{789CCC6A-5D43-4CA5-852C-FD871BD73BFA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe

FirewallRules: [{C59C99B5-A1C0-4A6A-B0A1-F460568FB715}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DoorKickers\DoorKickers.exe

FirewallRules: [{E02D157D-DC97-4968-BFDB-4E3B87B82B4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DoorKickers\DoorKickers.exe

FirewallRules: [{5EAAC57E-C383-4CD0-BAD2-66259EE14F53}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe

FirewallRules: [{03C2C120-8D75-4714-BB11-2FAC8AD75EF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe

FirewallRules: [{AEF75441-0973-4481-9215-5FAFC84D70F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe

FirewallRules: [{1EB420CF-5878-448C-A772-E568F454A52D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe

FirewallRules: [{237C14A0-E312-4FAC-8AC7-4B5B612B68DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe

FirewallRules: [{BE8D72CF-C731-4792-AA78-0432B748168A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe

FirewallRules: [TCP Query User{54153376-F95A-439E-9A62-9F6D957B4976}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe

FirewallRules: [uDP Query User{BEFE03FE-F5C8-4201-A3F3-319F2D09BDE8}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe

FirewallRules: [{4A25CABD-B29F-4240-9127-9767046BF192}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe

FirewallRules: [{2627F130-AC23-405C-B851-3C597C9704F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe

FirewallRules: [{0435BB10-DE94-4C75-9C02-9FE546734F6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe

FirewallRules: [{8F1CD8CE-EC96-49D5-A305-C0DFEEF083BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe

FirewallRules: [{83EBDF66-61C1-4CB7-8DA1-FEB4B1215970}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe

FirewallRules: [{BA0F79D1-380C-4971-B45F-1B7D22FE9B64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe

FirewallRules: [{D5A47FCE-0852-48E1-88EE-CB7A9DA99E84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe

FirewallRules: [{E0F92AB1-A255-42D2-B481-346F64A94D3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe

FirewallRules: [{2A709486-22AF-4855-8573-69FC9EE452A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\World of Goo\WorldOfGoo.exe

FirewallRules: [{D23CEF89-566B-40D4-9690-F4CC27FD5E89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\World of Goo\WorldOfGoo.exe

FirewallRules: [{54C1BE7F-C2DD-414E-9342-B8ED5227B1D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dustforce\dustforce.exe

FirewallRules: [{7D1CEF63-31EE-473D-9387-3C1E506B559C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dustforce\dustforce.exe

FirewallRules: [{BE3AE454-9DC5-4B93-BA9E-261C9EBC2425}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe

FirewallRules: [{37B77529-304A-48B6-85B7-F7F3AD9A0C88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe

FirewallRules: [{B370061A-BD30-472B-8B4D-9544825C4EAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe

FirewallRules: [{13DFBC90-C1F2-45A7-903A-0D7368CFD10F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe

FirewallRules: [{F3703A4D-B424-4FA7-A4C6-E8A70D5C850F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe

FirewallRules: [{B870D16A-0196-4D64-A171-A7D9C7E74B42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe

FirewallRules: [TCP Query User{B0DC5ED5-907A-4E14-BFD7-883002ACF5A7}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe

FirewallRules: [uDP Query User{4BDF260F-2E75-421D-85D2-B3949DBAC641}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe

FirewallRules: [{308DF46E-2887-4745-9E7C-A09E217CF196}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe

FirewallRules: [{7DC9ABCA-CA86-4221-9B0A-658C990A1510}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe

FirewallRules: [{0E089589-A4A4-4B3E-A208-81777D8E3197}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\half-life 2 deathmatch\hl2.exe

FirewallRules: [{4F42924F-5B7F-4D25-BC32-EDE54489AA26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\half-life 2 deathmatch\hl2.exe

FirewallRules: [{27665ADE-6102-4BF6-9D2F-390BDC2D377F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe

FirewallRules: [{CF93C661-B7D3-493B-90C7-8E527F152F16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe

FirewallRules: [{62A3E11A-BF95-4924-AC75-2103AF4EF1EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Depth\Binaries\Win64\DepthGame.exe

FirewallRules: [{F15913C0-86A0-49D3-A218-E44862DB9E6D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Depth\Binaries\Win64\DepthGame.exe

FirewallRules: [{2810E4EA-A2F1-406C-AA98-C7FD7DD2A66C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout\FalloutLauncher.exe

FirewallRules: [{E182DED7-614B-40A6-AA50-8F65A475BFED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout\FalloutLauncher.exe

FirewallRules: [TCP Query User{54A2D3E0-BBC9-40F6-B443-C5A725A63C74}C:\program files (x86)\steam\steamapps\common\half-life\hltv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\half-life\hltv.exe

FirewallRules: [uDP Query User{3112BC90-5EAD-451F-A747-A9445216F0BD}C:\program files (x86)\steam\steamapps\common\half-life\hltv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\half-life\hltv.exe

FirewallRules: [{BA5090F0-D71F-442D-B416-203395850956}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe

FirewallRules: [{9D61F12D-762B-42A3-A6E6-A11B8F4843E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe

FirewallRules: [{1E3E9228-B9ED-4AE3-83C2-0E7762E3C6EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\half-life 2\hl2.exe

FirewallRules: [{CFDE84DA-52DF-4277-B72A-2F69FAEE580F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\half-life 2\hl2.exe

FirewallRules: [{29B351E4-41CE-4DF1-A7E8-8873905C954C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe

FirewallRules: [{B79B9E58-610F-4AD2-A325-F1949BB3B031}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe

FirewallRules: [{FE854B11-7AB4-4E5D-9723-D815223D3311}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\Geck.exe

FirewallRules: [{3FE8088E-F5B7-4FA6-8242-32CDBC91DB5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\Geck.exe

FirewallRules: [{FAEED0E4-6B37-449C-AE2D-C7F11157AC89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe

FirewallRules: [{68D8D56A-BA06-413C-8031-0B37C6B9B514}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe

FirewallRules: [{DD3D58CE-DCD6-4A38-9E3E-21F2BB0A75DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{D5D806B7-C795-4163-A884-264A7164986A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{53CB43A9-BC61-4F1A-AE29-425ED8F81234}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{E9C3E0E1-9105-4511-8116-8A9D48040CB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{7A4C7CBE-CDAA-441D-B267-71DD7613A421}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe

FirewallRules: [{04793EF9-840F-4DC4-9385-AE2D40BB00A1}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe

FirewallRules: [{C5FEC522-8D76-4AF9-BF1C-41138FC0ED29}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe

FirewallRules: [{AB67DDD2-FFBF-4738-AB73-E3F078DEE353}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe

FirewallRules: [{1B9B933A-BA27-4B8E-A22C-43FE726103E3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe

FirewallRules: [{2DE2752B-50A3-4035-91CE-B2F722B476B7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe

FirewallRules: [{D3AB0CF7-A900-4484-9C19-D696B5C69597}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe

FirewallRules: [{8620312D-E52B-429E-8DAF-4395AE55C12C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe

FirewallRules: [{474269CD-7DD6-44C7-9998-E3C3969B131A}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe

FirewallRules: [{C3BA67FD-7FB4-47D8-9977-1CB8CB3140A1}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe

FirewallRules: [TCP Query User{FF993808-AE82-4F31-8EE1-E1DB79903DA7}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe

FirewallRules: [uDP Query User{9118E790-FA2F-4346-832C-9F6B3BD772C0}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe

FirewallRules: [{D05CC8E4-EECD-484C-9F71-D7D37F535FBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe

FirewallRules: [{42563DD3-ECDF-4C02-B9D5-D894C91AC30C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe

FirewallRules: [{CB420B66-864C-44BA-821F-D7E17CBCC6D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe

FirewallRules: [{358EB58C-6621-43E0-8E6C-C7024CA0D5D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe

FirewallRules: [{70CEE2B7-F326-4B3F-852F-B0F3AD37D100}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe

FirewallRules: [{25CD0F7F-7E3F-4DF1-8434-4A6FE1D18C65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe

FirewallRules: [{1B2BFF40-67CB-40A4-8215-EF582780E9A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Rising 2\deadrising2.exe

FirewallRules: [{C3B76343-0E41-4789-8360-5DA66D5F6F16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Rising 2\deadrising2.exe

FirewallRules: [{6C9D4033-224E-4C81-8A99-1509246AC1BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe

FirewallRules: [{9DBD3755-2F2C-4C38-8C0D-802A75B1E075}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe

FirewallRules: [{EF0D96B4-154A-41CC-A25F-9DF6C98880C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SS2\Shock2.exe

FirewallRules: [{7A962AF7-29C3-479D-933B-C838D981CBA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SS2\Shock2.exe

FirewallRules: [{990477EB-C0A3-47AE-9173-47749ABE9D6D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hlds.exe

FirewallRules: [{B17CA7FC-82D3-4426-B9D9-DECF5243DAD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hlds.exe

FirewallRules: [{5AF78573-F0CC-4578-972D-D2DC98E03CE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DeadCore\DeadCore.exe

FirewallRules: [{D3FD96B5-B19F-40EE-AD75-7954442D346C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DeadCore\DeadCore.exe

FirewallRules: [{6CC046F3-3300-43C3-9DAD-B97CFEC11221}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Platformines\Platformines.exe

FirewallRules: [{BF07D06E-9FC2-4EE6-AD8F-5E338E9230E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Platformines\Platformines.exe

FirewallRules: [{387DA88C-5E6B-4D48-9C58-8BAD334A613C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Interplanetary\Interplanetary.exe

FirewallRules: [{F581F45E-4282-4FEB-8771-1C15244C2FDA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Interplanetary\Interplanetary.exe

FirewallRules: [{0890F97E-1FFC-48C4-AD42-84F7153EBF87}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe

FirewallRules: [{C9A76A07-610F-4FB9-B319-FF8BCE4B8E37}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe

FirewallRules: [{9A49609F-BD58-44C9-8C82-051648AF318E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\gamemaker_studio\GameMakerPlayer.exe

FirewallRules: [{E66B0DE2-91C2-44D3-82AC-8CB780395DA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\gamemaker_studio\GameMakerPlayer.exe

FirewallRules: [TCP Query User{D1D3CCEC-7DC4-44D2-A4D5-64181D11FFBE}C:\program files (x86)\steam\steamapps\common\gamemaker_studio\runner.exe] => (Block) C:\program files (x86)\steam\steamapps\common\gamemaker_studio\runner.exe

FirewallRules: [uDP Query User{FFB67AC0-796F-400D-B2C3-1C6B63CB9DA7}C:\program files (x86)\steam\steamapps\common\gamemaker_studio\runner.exe] => (Block) C:\program files (x86)\steam\steamapps\common\gamemaker_studio\runner.exe

FirewallRules: [{83603B31-60B5-47E0-8FD0-FF50E649EFA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe

FirewallRules: [{047F9C2A-3A7E-41B2-98EF-12BC015B4FB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe

FirewallRules: [{B773D5F5-BE23-417F-ABF3-84073E6F259E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe

FirewallRules: [{F29963F8-8EA0-4987-A8B3-DBE555DAA100}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe

FirewallRules: [{8163F657-9023-4093-B496-A6DB727ADADC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Receiver\Receiver.exe

FirewallRules: [{C7D36CA9-9883-4969-A6E4-BC9297316576}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Receiver\Receiver.exe

FirewallRules: [{6721A0F3-3A4C-47EC-8C8E-916176CC97BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe

FirewallRules: [{607BBEB0-DB87-4FCD-8EC6-F66E898AE6F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe

FirewallRules: [{7674D2FF-E0AC-47F3-8D9A-FFC705E8AD57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reassembly\win32\ReassemblyRelease.exe

FirewallRules: [{BC1516E1-9A50-4EBC-B7B2-6489B0AD0EF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reassembly\win32\ReassemblyRelease.exe

FirewallRules: [{7F4E4620-CC7D-43E5-8585-276DF9F4B65D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six 3 Gold\system\RavenShield.exe

FirewallRules: [{EC69AEFE-5255-4DAD-8312-721C36FFD1D8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six 3 Gold\system\RavenShield.exe

FirewallRules: [{25678343-141A-4E86-AC58-820C937F26E0}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Game.exe

FirewallRules: [{F4670B35-EB11-41FB-B05C-B723DB500A53}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Game.exe

FirewallRules: [{8153CB16-E453-463D-AD78-542CA7EC7329}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Launcher.exe

FirewallRules: [{486063B7-7261-4021-B10F-4B1917F5B463}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Launcher.exe

FirewallRules: [{B0676995-7D4E-4508-9F05-766A00E38011}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe

FirewallRules: [{78433767-617F-4C7F-BA0E-230608A7696E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe

FirewallRules: [{D00DB655-B97B-45B1-9C89-2E8E3DDB690C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lambda Wars\lambdawars.exe

FirewallRules: [{FE4CD2B0-5073-41B1-BEE7-E44F51B1D220}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lambda Wars\lambdawars.exe

FirewallRules: [{62B61111-CDBA-4F29-ABC9-7F86B180BF28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe

FirewallRules: [{595FB533-8AD9-4072-A984-386C28527E81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe

FirewallRules: [{70B61DC0-2BE1-4A63-9AFC-04B04F37FB9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe

FirewallRules: [{44DF5937-BD79-4D89-A0D9-F5A3A228CEE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe

FirewallRules: [{CDC4256B-61F2-4CA4-9AAE-F2FC0C6EF820}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (09/27/2015 01:53:17 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (09/27/2015 09:48:49 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (09/26/2015 03:21:44 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (09/26/2015 11:58:53 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: FoxGame-Win32-Shipping.exe, version: 1.2.0.0, time stamp: 0x55d5311d

Faulting module name: ntdll.dll, version: 6.1.7601.18939, time stamp: 0x55afd843

Exception code: 0xc0000005

Fault offset: 0x0003d968

Faulting process id: 0x1bbc

Faulting application start time: 0xFoxGame-Win32-Shipping.exe0

Faulting application path: FoxGame-Win32-Shipping.exe1

Faulting module path: FoxGame-Win32-Shipping.exe2

Report Id: FoxGame-Win32-Shipping.exe3

 

Error: (09/26/2015 10:21:31 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (09/25/2015 08:05:05 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: FoxGame-Win32-Shipping.exe, version: 1.2.0.0, time stamp: 0x55d5311d

Faulting module name: ntdll.dll, version: 6.1.7601.18939, time stamp: 0x55afd843

Exception code: 0xc0000005

Fault offset: 0x0003d968

Faulting process id: 0x2274

Faulting application start time: 0xFoxGame-Win32-Shipping.exe0

Faulting application path: FoxGame-Win32-Shipping.exe1

Faulting module path: FoxGame-Win32-Shipping.exe2

Report Id: FoxGame-Win32-Shipping.exe3

 

Error: (09/25/2015 06:50:04 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: FoxGame-Win32-Shipping.exe, version: 1.2.0.0, time stamp: 0x55d5311d

Faulting module name: ntdll.dll, version: 6.1.7601.18939, time stamp: 0x55afd843

Exception code: 0xc0000005

Fault offset: 0x0003d968

Faulting process id: 0x10cc

Faulting application start time: 0xFoxGame-Win32-Shipping.exe0

Faulting application path: FoxGame-Win32-Shipping.exe1

Faulting module path: FoxGame-Win32-Shipping.exe2

Report Id: FoxGame-Win32-Shipping.exe3

 

Error: (09/25/2015 05:34:35 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program UNKNOWN version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 1ba0

 

Start Time: 01d0f7873667a323

 

Termination Time: 1315

 

Application Path: UNKNOWN

 

Report Id: 880d9c8e-6392-11e5-9980-d850e6537e9d

 

Error: (09/25/2015 02:33:44 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: FoxGame-Win32-Shipping.exe, version: 1.2.0.0, time stamp: 0x55d5311d

Faulting module name: ntdll.dll, version: 6.1.7601.18939, time stamp: 0x55afd843

Exception code: 0xc0000005

Fault offset: 0x0003d968

Faulting process id: 0x1358

Faulting application start time: 0xFoxGame-Win32-Shipping.exe0

Faulting application path: FoxGame-Win32-Shipping.exe1

Faulting module path: FoxGame-Win32-Shipping.exe2

Report Id: FoxGame-Win32-Shipping.exe3

 

Error: (09/25/2015 01:28:04 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

System errors:

=============

Error: (09/26/2015 08:20:44 PM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: \Device\Video7Graphics Exception: ESR 0x405840=0xa0061a0c

 

Error: (09/26/2015 08:20:44 PM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: \Device\Video7Graphics Exception: Shader Program Header 18 Error

 

Error: (09/26/2015 08:20:44 PM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: \Device\Video7Graphics Exception: Shader Program Header 17 Error

 

Error: (09/26/2015 08:20:44 PM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: \Device\Video7Graphics Exception: Shader Program Header 12 Error

 

Error: (09/26/2015 08:20:44 PM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: \Device\Video7Graphics Exception: Shader Program Header 11 Error

 

Error: (09/26/2015 08:20:44 PM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: \Device\Video7Graphics Exception: Shader Program Header 9 Error

 

Error: (09/26/2015 08:20:44 PM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: \Device\Video7Graphics Exception: Shader Program Header 3 Error

 

Error: (09/26/2015 08:20:44 PM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: \Device\Video7Graphics Exception: Shader Program Header 2 Error

 

Error: (09/26/2015 03:20:12 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 3:19:08 PM on ‎9/‎26/‎2015 was unexpected.

 

Error: (09/25/2015 01:36:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.207.973.0).

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i7-3770K CPU @ 3.50GHz

Percentage of memory in use: 39%

Total physical RAM: 8136.76 MB

Available physical RAM: 4890.93 MB

Total Virtual: 16271.72 MB

Available Virtual: 12506.37 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:1862.92 GB) (Free:795.56 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 111.8 GB) (Disk ID: 000A646F)

Partition 1: (Active) - (Size=103.8 GB) - (Type=83)

Partition 2: (Not Active) - (Size=7.9 GB) - (Type=05)

 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: CAE1832B)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

 

==================== End of Addition.txt ============================

Link to post
Share on other sites

RogueKiller V10.10.6.0 [sep 21 2015] by Adlice Software





 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : LasseWho [Administrator]

Started from : C:\Users\LasseWho\Desktop\RogueKiller.exe

Mode : Scan -- Date : 09/27/2015 15:30:23

 

¤¤¤ Processes : 0 ¤¤¤

 

¤¤¤ Registry : 9 ¤¤¤

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 62.241.198.246 62.241.198.245 ([FINLAND (FI)][FINLAND (FI)])  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 62.241.198.246 62.241.198.245 ([FINLAND (FI)][FINLAND (FI)])  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 62.241.198.246 62.241.198.245 ([FINLAND (FI)][FINLAND (FI)])  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0282D0F4-2302-43B1-9023-16BC51FA47D3} | DhcpNameServer : 62.241.198.245 62.241.198.246 ([FINLAND (FI)][FINLAND (FI)])  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{032B4B4B-68C0-481D-9BC2-4B22C4DEA63A} | DhcpNameServer : 62.241.198.246 62.241.198.245 ([FINLAND (FI)][FINLAND (FI)])  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{0282D0F4-2302-43B1-9023-16BC51FA47D3} | DhcpNameServer : 62.241.198.245 62.241.198.246 ([FINLAND (FI)][FINLAND (FI)])  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{032B4B4B-68C0-481D-9BC2-4B22C4DEA63A} | DhcpNameServer : 62.241.198.246 62.241.198.245 ([FINLAND (FI)][FINLAND (FI)])  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{0282D0F4-2302-43B1-9023-16BC51FA47D3} | DhcpNameServer : 62.241.198.245 62.241.198.246 ([FINLAND (FI)][FINLAND (FI)])  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{032B4B4B-68C0-481D-9BC2-4B22C4DEA63A} | DhcpNameServer : 62.241.198.246 62.241.198.245 ([FINLAND (FI)][FINLAND (FI)])  -> Found

 

¤¤¤ Tasks : 0 ¤¤¤

 

¤¤¤ Files : 0 ¤¤¤

 

¤¤¤ Hosts File : 0 [Too big!] ¤¤¤

 

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ MBR Check : ¤¤¤

+++++ PhysicalDrive0: Samsung SSD 840 EVO 120GB ATA Device +++++

--- User ---

[MBR] c61cbaf43615206e8e1db8581f099bbb

[bSP] 9af87f32d1544db162465dfdc6c5a1e3 : Linux|Legit.Unknown|VT.Unknown MBR Code

Partition table:

0 - [ACTIVE] LINUX (0x83) [VISIBLE] Offset (sectors): 2048 | Size: 106336 MB

1 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 217780222 | Size: 8135 MB

User = LL1 ... OK

User = LL2 ... OK

 

+++++ PhysicalDrive1: WDC WD2002FAEX-00MJRA0 ATA Device +++++

--- User ---

[MBR] c9dcf1f06a1bb8c630cdf4a2bedfce8e

[bSP] 868787dd5aa31d550d70783010e1f2b9 : Windows Vista/7/8|VT.Unknown MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]

1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 1907627 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]

User = LL1 ... OK

User = LL2 ... OK
Link to post
Share on other sites

Do not see any obvious malware or infection in your logs, run one more indepth scan to ensure we check your full system...

 

ESETOnline.png Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.

Click there Run ESET Online Scanner.

If using Internet Explorer:

  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.

If using Mozilla Firefox or Google Chrome:
  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.


To perform the scan:

  • Make sure that Remove found threats is unchecked.
  • Scan archives is checked.
  • In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
  • Under “Enable Stealth Technology select “Change” select any extra drives in that window.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.



Please include this logfile in your next reply.

Don't forget to re-enable security software!
 

Thank you,

 

Kevin...

Link to post
Share on other sites

Fraidoflie,   who is your internet provider, is it verizon?

 

I have seen this similar post over and over on these forums.  In fact this morning first thing I got your very same warning for that ip.  God bless the internet, the knee jerk reaction is always that you have a rootkey virus.  Spending way too much time on this, the common thread of these fairly recent malicious website blockages that are outbound is that the people getting them have verizon as their service provider.  I am surprised that Malwarebytes hasn't contacted them yet about it since it clearly is an issue that Verizon is doing.

I have never heard of Verizon, i dont live in USA or UK or where ever that is. My internet provider is "DNA" if remember correct. but i have never had this shii  

Link to post
Share on other sites

How do you wish to progress, run ESET or clean up and close out. If the latter do the following:

 

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:



  •    
  • Remove disinfection tools
       
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
       
  • Reset system settings



Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…
 

Cheers,

 

Kevin.....

Link to post
Share on other sites

Logs usually saved here:

"C:\Program Files\ESET\EsetOnlineScanner\log.txt" (on 64-bit systems this directory will be "C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt")

 

If ESET returned nothing found there is no need to post the log....

 

What is the current status of your system, are there any remaining issues or concerns..

 

Thank you,

 

Kevin...
 

Link to post
Share on other sites

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=38c4aef1b730f94ca4498438a23a46db

# end=init

# utc_time=2015-10-04 06:36:33

# local_time=2015-10-04 09:36:33 (+0200, FLE Daylight Time)

# country="United States"

# osver=6.1.7601 NT Service Pack 1

Update Init

Update Download

Update Finalize

Updated modules version: 26066

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=38c4aef1b730f94ca4498438a23a46db

# end=updated

# utc_time=2015-10-04 06:37:00

# local_time=2015-10-04 09:37:00 (+0200, FLE Daylight Time)

# country="United States"

# osver=6.1.7601 NT Service Pack 1

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7777

# api_version=3.1.1

# EOSSerial=38c4aef1b730f94ca4498438a23a46db

# engine=26066

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2015-10-04 11:08:47

# local_time=2015-10-04 02:08:47 (+0200, FLE Daylight Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode_1='avast! Antivirus'

# compatibility_mode=783 16777213 71 88 355822 16238689 0 0

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 93880 195586777 0 0

# scanned=629864

# found=0

# cleaned=0

# scan_time=16306

Link to post
Share on other sites

Thanks for the log, if no remaining issues or concerns run the following to clean up...

 

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:



  •    
  • Remove disinfection tools
       
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
       
  • Reset system settings



Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and bst Practices

Do I need a Registry Cleaner?

Take care and surf safe

 

Kevin... ;)


 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.