Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Multiple malware/adware programs keep installing, please help [Solved]

Started by Alkalidum , Aug 20 2015 02:42 PM

This topic is locked

#1
Alkalidum

Posted 20 August 2015 - 02:42 PM

Member

Member
64 posts

Hi there,

I've got some malware on my PC that keeps reinstalling itself, ive removed them all and they just keep coming back! Programs like GamesDesktop, WordSurfer, Smartweb, Flashbeat, CinemaPlus, Ive ran a scan with Avast, and also ran AdwCleaner but Avast found nothing and the cleaner removed some stuff but they still come back. Its also opening random webpages and just opened a video advert which i couldn't close. I've been removing them in control panel 'Uninstall or change a program'. It also appears to be changing my personal settings on startup, My Avast antivirus has been going crazy with reports of blocked files, this is the most recent one:

URL: http://d10huri5h4o4a.../policyname.exeInfection:FileRepMalwareProcess:C:\Users\SPEEDX~1\AppData\Local\Temp\nsm2D2.tmp

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015

Ran by Speed X8 (administrator) on SPEEDX8-PC (20-08-2015 21:51:52)

Running from C:\Users\Speed X8\Downloads

Loaded Profiles: Speed X8 (Available Profiles: Speed X8)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp

() C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs

(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe

(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe

(Microsoft Corporation) C:\Windows\vVX3000.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe

(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(OldTimer Tools) C:\Users\Speed X8\Downloads\OTL.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4318\Agent.exe

(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6087\Battle.net.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(SoftBrain Technologies Ltd.) C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe

(SoftBrain Technologies Ltd.) C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebApp.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11858536 2011-06-07] (Realtek Semiconductor)

HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)

HKLM-x32\...\Run: [InstantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [697640 2010-02-10] (CyberLink Corporation.)

HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)

HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)

HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-18] (cyberlink)

HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2011-03-01] (CyberLink Corp.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)

HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()

HKLM-x32\...\Run: [Mirroring360] => C:\Program Files (x86)\Mirroring360\Mirroring360.exe [9966416 2014-10-15] (Splashtop Inc.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-20] (AVAST Software)

HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)

HKLM-x32\...\Run: [mbot_gb_014010064] => [X]

HKLM-x32\...\Run: [gmsd_gb_005010064] => [X]

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)

HKLM-x32\...\Run: [gmsd_gb_005010065] => [X]

HKLM-x32\...\Run: [gmsd_gb_005010066] => [X]

HKLM-x32\...\Run: [SmartWeb] => C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-11-22] (Hewlett-Packard Company)

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-12] (Valve Corporation)

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [IndieCity Client] => C:\Program Files (x86)\IndieCity\Client\bin\x86\iceclient.exe -m

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-10] ()

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [GoogleChromeAutoLaunch_F1BA588C2AF109267478C15A136C8EC3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [CrashService] => "C:\Users\Speed X8\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-05-23]

ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-05-23]

ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk [2012-09-14]

ShortcutTarget: SetPointII.lnk -> C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)

Startup: C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-08-20]

ShortcutTarget: SmartWeb.lnk -> C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-20] (AVAST Software)

BootExecute: autocheck autochk * sdnclean64.exeaswBoot.exe /M:287a68907 /wow /dir:"C:\Program Files\AVAST Software\Avast"

CHR HKU\S-1-5-21-975855429-1586840072-3018677650-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7O0TWFMUDQ_gyYd4DEhS0WK9MjVKTjgRyqZZDqO9KpdeU1sNdl_pEEUjtZF1sdkCIBHlp1Hy30d2og,,

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://uk.msn.com/?ocid=iehp

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429531097&from=cor&uid=ST2000DL001-9VT156_5YD0G85QXXXX5YD0G85Q&q={searchTerms}

SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =

SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429531097&from=cor&uid=ST2000DL001-9VT156_5YD0G85QXXXX5YD0G85Q&q={searchTerms}

SearchScopes: HKU\S-1-5-21-975855429-1586840072-3018677650-1000 -> Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

SearchScopes: HKU\S-1-5-21-975855429-1586840072-3018677650-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}

BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-08] (Oracle Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-20] (AVAST Software)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)

BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-05-23] (LastPass)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-08] (Oracle Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-08] (Oracle Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-20] (AVAST Software)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)

BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-05-23] (LastPass)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-08] (Oracle Corporation)

Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)

Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-05-23] (LastPass)

Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - No File

Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-05-23] (LastPass)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254

Tcpip\..\Interfaces\{283D9FDB-27F4-4CC0-B300-A9CF3572C5A7}: [DhcpNameServer] 192.168.1.254 192.168.1.254

Tcpip\..\Interfaces\{5FECFA46-5C30-449C-90BC-691D6E34E6C0}: [DhcpNameServer] 192.168.42.129

FireFox:

========

FF ProfilePath: C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default

FF NewTab: about:newtab

FF DefaultSearchEngine: Google (avast)

FF SelectedSearchEngine: Google (avast)

FF Homepage: hxxps://www.google.com/?trackid=sp-006

FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006

FF SearchEngineOrder.1: Google (avast)

FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-08] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-08] (Oracle Corporation)

FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-05-23] (LastPass)

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-08-28] (DivX, LLC)

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-08] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-08] (Oracle Corporation)

FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-05-23] (LastPass)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-12-10] (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll [2012-04-05] (Dassault Systèmes)

FF Plugin HKU\S-1-5-21-975855429-1586840072-3018677650-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Speed X8\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-24] (Unity Technologies ApS)

FF Plugin HKU\S-1-5-21-975855429-1586840072-3018677650-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-12-10] (Pando Networks)

FF Plugin HKU\S-1-5-21-975855429-1586840072-3018677650-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-20] ()

FF SearchPlugin: C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\searchplugins\google-avast.xml [2015-08-20]

FF Extension: CinemaPlus-1.2.1V20.08 - C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\Extensions\[email protected] [2015-08-20]

FF Extension: LastPass - C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\Extensions\[email protected] [2015-05-23]

FF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST

FF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST [2015-08-20]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-12]

Chrome:

=======

CHR Profile: C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Adblock Plus) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-20]

CHR Extension: (Subscriptions Grid For YouTube™) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnjhgnfnmijfkmcddcmffeamphmmeed [2015-08-20]

CHR Extension: (AdBlock) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-20]

CHR Extension: (Avast Online Security) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-20]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-20]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-20]

CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.goog...ice/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [aaaaaaooaijelonlmbcbjkocdnicdfmo] - C:\Users\Speed X8\AppData\Local\APN\GoogleCRXs\aaaaaaooaijelonlmbcbjkocdnicdfmo_7.15.1.0.crx <not found>

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-12]

CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.goog...ice/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-20] (AVAST Software)

R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-20] (AVAST Software)

S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-20] (Avast Software)

S3 BRSptSvc; C:\programdata\bitraider\BRSptSvc.exe [938776 2013-05-17] (BitRaider, LLC)

S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-18] (CyberLink)

R2 cobomiku; C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp [137728 2015-08-19] () [File not signed]

S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-26] (EasyAntiCheat Ltd)

R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net) [File not signed]

R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)

R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2928128 2012-11-19] (PACE Anti-Piracy, Inc.) [File not signed]

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-15] ()

R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)

R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)

S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]

S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [754584 2013-06-24] (Tunngle.net GmbH) [File not signed]

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

R2 dinofiky; C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs [X]

S2 NSL; "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe" /s "NSL" /m "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll" /prefetch:1

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)

R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-20] (AVAST Software)

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-20] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-20] (AVAST Software)

R5 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-20] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-20] (AVAST Software)

R5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-20] (AVAST Software)

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-20] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-20] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-20] (AVAST Software)

R5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-20] (AVAST Software)

R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)

S3 BRDriver64; C:\programdata\bitraider\BRDriver64.sys [74024 2013-04-04] (BitRaider)

R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [167048 2011-08-09] (Symantec Corporation)

R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2009-10-07] (Cyberlink Co.,Ltd.)

R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [376304 2009-10-07] (CyberLink Corporation.)

R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)

R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)

R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)

R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)

R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)

U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)

R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)

S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-03-16] ()

R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)

R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-15] (Microsoft Corporation)

R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-15] (Microsoft Corporation)

S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]

R3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2013-09-29] (MotioninJoy) [File not signed]

R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)

R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)

R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)

R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)

R5 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-20] (AVAST Software)

R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)

R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)

R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)

R5 pciide; C:\Windows\System32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation)

R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)

R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)

R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)

R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)

R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)

R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)

R5 Tpkd; C:\Windows\System32\Drivers\Tpkd.sys [105624 2012-11-17] (PACE Anti-Piracy, Inc.)

R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-20] (Avast Software)

R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)

R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)

R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)

R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)

R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] (Microsoft Corporation)

S1 idmzwpit; \??\C:\Windows\system32\drivers\idmzwpit.sys [X]

R1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-20 21:51 - 2015-08-20 21:52 - 00037106 _____ C:\Users\Speed X8\Downloads\FRST.txt

2015-08-20 21:51 - 2015-08-20 21:51 - 02173952 _____ (Farbar) C:\Users\Speed X8\Downloads\FRST64.exe

2015-08-20 21:51 - 2015-08-20 21:51 - 00000000 ___DC C:\FRST

2015-08-20 21:49 - 2015-08-20 21:49 - 00002834 _____ C:\Windows\System32\Tasks\APSnotifierPP1

2015-08-20 21:49 - 2015-08-20 21:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP3

2015-08-20 21:49 - 2015-08-20 21:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP2

2015-08-20 21:49 - 2015-08-20 21:49 - 00001045 _____ C:\Users\Speed X8\Desktop\AnyProtect.lnk

2015-08-20 21:49 - 2015-08-20 21:49 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job

2015-08-20 21:49 - 2015-08-20 21:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job

2015-08-20 21:49 - 2015-08-20 21:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job

2015-08-20 21:49 - 2015-08-20 21:49 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup

2015-08-20 21:45 - 2015-08-20 21:49 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx

2015-08-20 21:45 - 2015-08-20 21:45 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsrEF14.tmp

2015-08-20 21:45 - 2015-08-20 21:45 - 00000000 __SHD C:\Users\Speed X8\AppData\Roaming\AnyProtectEx

2015-08-20 21:43 - 2015-08-20 21:43 - 00000000 ____D C:\Program Files (x86)\predm

2015-08-20 21:34 - 2015-08-20 21:39 - 00000348 ____H C:\Windows\Tasks\CPGIAIDSLMSETGHO.job

2015-08-20 21:34 - 2015-08-20 21:34 - 00004050 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task

2015-08-20 21:34 - 2015-08-20 21:34 - 00003388 _____ C:\Windows\System32\Tasks\CPGIAIDSLMSETGHO

2015-08-20 21:34 - 2015-08-20 21:34 - 00000000 ____D C:\Users\Speed X8\AppData\Local\SmartWeb

2015-08-20 21:33 - 2015-08-20 21:44 - 00000000 ____D C:\ProgramData\FlashBeat

2015-08-20 21:32 - 2015-08-20 21:32 - 00246100 _____ C:\Users\Speed X8\Downloads\Extras.Txt

2015-08-20 21:30 - 2015-08-20 21:30 - 00177820 _____ C:\Users\Speed X8\Downloads\OTL.Txt

2015-08-20 20:47 - 2015-08-20 20:42 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys

2015-08-20 20:46 - 2015-08-20 20:47 - 01605632 _____ C:\Users\Speed X8\Downloads\AdwCleaner (1).exe

2015-08-20 20:46 - 2015-08-20 20:46 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2015-08-20 20:45 - 2015-08-20 20:45 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr

2015-08-20 20:44 - 2015-08-20 20:44 - 00602112 _____ (OldTimer Tools) C:\Users\Speed X8\Downloads\OTL.exe

2015-08-20 20:42 - 2015-08-20 20:42 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys

2015-08-20 20:34 - 2015-08-20 20:34 - 00000000 ____D C:\Users\Speed X8\Documents\ProcAlyzer Dumps

2015-08-20 10:00 - 2015-08-20 10:00 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsr895F.tmp

2015-08-20 09:42 - 2015-08-20 09:42 - 00001504 _____ C:\ProgramData\tempimage.bmp

2015-08-19 23:54 - 2015-08-11 02:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-08-19 23:54 - 2015-08-11 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-08-19 23:54 - 2015-08-11 01:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-08-19 23:54 - 2015-08-11 01:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-08-19 20:54 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20150819-205448.backup

2015-08-19 19:55 - 2015-08-19 19:55 - 00000000 ____D C:\Program Files\Common Files\AV

2015-08-19 19:55 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe

2015-08-19 19:50 - 2015-08-19 20:50 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2015-08-19 19:50 - 2015-08-19 19:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2015-08-19 19:50 - 2015-08-19 19:50 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

2015-08-19 19:50 - 2015-08-19 19:50 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

2015-08-19 19:50 - 2015-08-19 19:50 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2015-08-19 19:50 - 2015-08-19 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2015-08-19 19:50 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe

2015-08-19 19:49 - 2015-08-19 19:49 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Speed X8\Downloads\spybot-2.4.exe

2015-08-19 19:28 - 2015-08-19 19:28 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nse5B1F.tmp

2015-08-19 18:46 - 2015-08-20 21:51 - 00000348 ____H C:\Windows\Tasks\RVSCCJTAIRYAFTMB.job

2015-08-19 18:46 - 2015-08-20 21:43 - 00000000 ____C C:\dummy.htm

2015-08-19 18:46 - 2015-08-19 18:46 - 00003388 _____ C:\Windows\System32\Tasks\RVSCCJTAIRYAFTMB

2015-08-19 18:45 - 2015-08-20 21:33 - 00000000 ____D C:\ProgramData\Service1291

2015-08-19 18:45 - 2015-08-19 18:45 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e

2015-08-19 18:42 - 2015-08-19 18:43 - 00000904 _____ C:\Windows\SysWOW64\${LOGFILE}

2015-08-19 18:41 - 2015-08-19 18:51 - 00000270 _____ C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job

2015-08-19 18:41 - 2015-08-19 18:41 - 00003154 _____ C:\Windows\System32\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}

2015-08-19 18:35 - 2015-08-19 18:56 - 00002192 _____ C:\Users\Speed X8\Desktop\chrome.lnk

2015-08-19 18:35 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak

2015-08-19 18:34 - 2015-08-19 20:51 - 00000000 ____D C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C

2015-08-19 18:32 - 2015-08-19 18:34 - 00000000 ____D C:\Program Files (x86)\baidu

2015-08-19 18:32 - 2015-08-19 18:32 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Baidu

2015-08-19 18:32 - 2015-08-19 18:32 - 00000000 ____D C:\ProgramData\Baidu

2015-08-19 18:31 - 2015-08-19 18:41 - 00000000 ____D C:\ProgramData\ToolsUpdatePlatform

2015-08-19 18:31 - 2015-08-19 18:31 - 00003200 _____ C:\Windows\System32\Tasks\crash_service

2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Speed X8\AppData\Local\MiniService

2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Public\Documents\PC Faster

2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Public\Documents\Guid

2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Public\Documents\Baidu

2015-08-19 18:30 - 2015-08-19 18:40 - 00000000 ____D C:\ProgramData\Sublight

2015-08-19 18:30 - 2015-08-19 18:30 - 00000000 ____D C:\ProgramData\Sublights

2015-08-19 16:43 - 2015-08-19 16:43 - 00003206 _____ C:\Windows\System32\Tasks\{B42D7871-5D2F-4356-A274-9660481C2BAF}

2015-08-19 16:40 - 2015-08-19 16:40 - 00000053 _____ C:\Windows\Directx.log

2015-08-19 16:26 - 1999-12-16 15:13 - 00086016 _____ (MindVision Software) C:\Windows\unvise32.exe

2015-08-18 19:43 - 2015-08-18 19:43 - 00000000 _____ C:\Users\Speed X8\apploc.msi

2015-08-18 19:31 - 2015-08-18 19:31 - 01391104 _____ C:\apploc.msi

2015-08-18 19:19 - 2015-08-18 19:19 - 00003216 _____ C:\Windows\System32\Tasks\{139121BD-9416-43B4-96AF-F08644BB5F77}

2015-08-12 00:37 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2015-08-12 00:37 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2015-08-11 21:02 - 2015-07-28 21:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2015-08-11 21:02 - 2015-07-28 21:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-08-11 21:02 - 2015-07-28 21:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-08-11 21:02 - 2015-07-28 21:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-08-11 21:02 - 2015-07-28 21:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-08-11 21:02 - 2015-07-28 21:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-08-11 21:02 - 2015-07-28 21:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-08-11 21:02 - 2015-07-28 20:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-08-11 21:02 - 2015-07-15 19:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-08-11 21:02 - 2015-07-15 19:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-08-11 21:02 - 2015-07-15 19:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-08-11 21:02 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys

2015-08-11 21:02 - 2015-07-15 19:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2015-08-11 21:02 - 2015-07-15 19:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2015-08-11 21:02 - 2015-07-15 19:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2015-08-11 21:02 - 2015-07-15 19:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2015-08-11 21:02 - 2015-07-15 19:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-08-11 21:02 - 2015-07-15 19:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-08-11 21:02 - 2015-07-15 19:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2015-08-11 21:02 - 2015-07-15 19:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-08-11 21:02 - 2015-07-15 19:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2015-08-11 21:02 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll

2015-08-11 21:02 - 2015-07-15 19:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2015-08-11 21:02 - 2015-07-15 19:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-08-11 21:02 - 2015-07-15 19:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-08-11 21:02 - 2015-07-15 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-08-11 21:02 - 2015-07-15 18:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-08-11 21:02 - 2015-07-15 18:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2015-08-11 21:02 - 2015-07-15 18:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-08-11 21:02 - 2015-07-15 18:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-08-11 21:02 - 2015-07-15 18:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-08-11 21:02 - 2015-07-15 18:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-08-11 21:02 - 2015-07-15 18:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-08-11 21:02 - 2015-07-15 18:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-08-11 21:02 - 2015-07-15 18:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-08-11 21:02 - 2015-07-15 18:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-08-11 21:02 - 2015-07-15 18:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2015-08-11 21:02 - 2015-07-15 18:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2015-08-11 21:02 - 2015-07-15 18:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-08-11 21:02 - 2015-07-15 18:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2015-08-11 21:02 - 2015-07-15 18:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2015-08-11 21:02 - 2015-07-15 18:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2015-08-11 21:02 - 2015-07-15 18:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2015-08-11 21:02 - 2015-07-15 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-08-11 21:02 - 2015-07-15 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-08-11 21:02 - 2015-07-15 18:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2015-08-11 21:02 - 2015-07-15 18:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-08-11 21:02 - 2015-07-15 18:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 17:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2015-08-11 21:02 - 2015-07-15 17:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2015-08-11 21:02 - 2015-07-15 17:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2015-08-11 21:02 - 2015-07-15 17:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2015-08-11 21:02 - 2015-07-15 17:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2015-08-11 21:02 - 2015-07-15 17:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 17:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 17:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2015-08-11 21:02 - 2015-07-15 17:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2015-08-11 21:01 - 2015-07-21 01:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-08-11 21:01 - 2015-07-21 01:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-08-11 21:01 - 2015-07-16 21:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-08-11 21:01 - 2015-07-16 21:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-08-11 21:01 - 2015-07-16 21:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-08-11 21:01 - 2015-07-16 21:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-08-11 21:01 - 2015-07-16 21:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-08-11 21:01 - 2015-07-16 21:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-08-11 21:01 - 2015-07-16 20:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-08-11 21:01 - 2015-07-16 20:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-08-11 21:01 - 2015-07-16 20:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-08-11 21:01 - 2015-07-16 20:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-08-11 21:01 - 2015-07-16 20:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-08-11 21:01 - 2015-07-16 20:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-08-11 21:01 - 2015-07-16 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-08-11 21:01 - 2015-07-16 20:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-08-11 21:01 - 2015-07-16 20:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-08-11 21:01 - 2015-07-16 20:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-08-11 21:01 - 2015-07-16 20:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-08-11 21:01 - 2015-07-16 20:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-08-11 21:01 - 2015-07-16 19:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-08-11 21:01 - 2015-07-16 19:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-08-11 21:01 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll

2015-08-11 21:01 - 2015-07-10 18:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2015-08-11 21:01 - 2015-07-10 18:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll

2015-08-11 21:01 - 2015-07-10 18:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2015-08-11 21:01 - 2015-07-10 18:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2015-08-11 21:01 - 2015-07-10 18:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2015-08-11 21:01 - 2015-07-10 18:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2015-08-11 21:00 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2015-08-11 21:00 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2015-08-11 21:00 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2015-08-11 21:00 - 2015-07-30 19:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2015-08-11 21:00 - 2015-07-30 19:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2015-08-11 21:00 - 2015-07-30 19:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2015-08-11 21:00 - 2015-07-30 19:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2015-08-11 21:00 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2015-08-11 21:00 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2015-08-11 21:00 - 2015-07-30 18:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2015-08-11 21:00 - 2015-07-30 18:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2015-08-11 21:00 - 2015-07-30 18:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2015-08-11 21:00 - 2015-07-30 18:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2015-08-11 21:00 - 2015-07-30 17:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-08-11 21:00 - 2015-07-30 17:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2015-08-11 21:00 - 2015-07-30 17:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2015-08-11 21:00 - 2015-07-16 21:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-08-11 21:00 - 2015-07-16 21:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-08-11 21:00 - 2015-07-16 21:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-08-11 21:00 - 2015-07-16 21:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-08-11 21:00 - 2015-07-16 21:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-08-11 21:00 - 2015-07-16 21:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-08-11 21:00 - 2015-07-16 21:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-08-11 21:00 - 2015-07-16 21:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-08-11 21:00 - 2015-07-16 21:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-08-11 21:00 - 2015-07-16 21:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-08-11 21:00 - 2015-07-16 21:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-08-11 21:00 - 2015-07-16 21:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-08-11 21:00 - 2015-07-16 20:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-08-11 21:00 - 2015-07-16 20:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-08-11 21:00 - 2015-07-16 20:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-08-11 21:00 - 2015-07-16 20:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-08-11 21:00 - 2015-07-16 20:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-08-11 21:00 - 2015-07-16 20:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-08-11 21:00 - 2015-07-16 20:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-08-11 21:00 - 2015-07-16 20:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-08-11 21:00 - 2015-07-16 20:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-08-11 21:00 - 2015-07-16 20:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-08-11 21:00 - 2015-07-16 20:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-08-11 21:00 - 2015-07-16 20:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-08-11 21:00 - 2015-07-16 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-08-11 21:00 - 2015-07-16 20:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-08-11 21:00 - 2015-07-16 20:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-08-11 21:00 - 2015-07-16 20:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-08-11 21:00 - 2015-07-16 20:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-08-11 21:00 - 2015-07-16 20:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-08-11 21:00 - 2015-07-16 20:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-08-11 21:00 - 2015-07-16 20:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-08-11 21:00 - 2015-07-16 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-08-11 21:00 - 2015-07-16 19:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-08-11 21:00 - 2015-07-15 04:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2015-08-11 21:00 - 2015-07-15 04:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2015-08-11 21:00 - 2015-07-15 04:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2015-08-11 21:00 - 2015-07-15 04:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2015-08-11 21:00 - 2015-07-15 03:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2015-08-11 21:00 - 2015-07-15 03:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2015-08-11 21:00 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2015-08-11 21:00 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2015-08-11 21:00 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2015-08-11 21:00 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2015-08-11 21:00 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2015-08-11 21:00 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2015-08-11 20:59 - 2015-07-20 19:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-08-11 20:59 - 2015-07-20 19:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-08-11 20:59 - 2015-07-20 19:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-08-11 20:59 - 2015-07-20 19:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-08-11 20:59 - 2015-07-20 19:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-08-11 20:59 - 2015-07-20 19:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-08-11 20:59 - 2015-07-20 19:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-08-11 20:59 - 2015-07-20 19:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-08-11 20:59 - 2015-07-20 19:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-08-11 20:59 - 2015-07-20 19:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-08-11 20:59 - 2015-07-20 19:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-08-11 20:59 - 2015-07-20 18:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-08-11 20:59 - 2015-07-20 18:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-08-11 20:59 - 2015-07-20 18:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-08-11 20:59 - 2015-07-20 18:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-08-11 20:59 - 2015-07-20 18:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-08-11 20:59 - 2015-07-10 18:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2015-08-11 20:59 - 2015-07-10 18:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2015-08-11 20:59 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe

2015-08-11 20:59 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe

2015-08-11 20:59 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

2015-08-11 20:59 - 2015-05-09 19:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll

2015-08-04 10:48 - 2015-08-04 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2015-08-04 10:48 - 2015-08-04 10:48 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi

2015-07-27 17:52 - 2015-07-27 17:52 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (9).plr

2015-07-26 18:19 - 2015-07-26 18:19 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (8).plr

2015-07-26 18:17 - 2015-07-26 18:17 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (7).plr

2015-07-26 18:13 - 2015-07-26 18:13 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (6).plr

2015-07-26 18:11 - 2015-07-26 18:11 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (5).plr

2015-07-26 18:05 - 2015-07-26 18:05 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (4).plr

2015-07-26 18:04 - 2015-07-26 18:04 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (3).plr

2015-07-26 17:54 - 2015-07-26 17:54 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (2).plr

2015-07-26 17:47 - 2015-07-26 17:47 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (1).plr

2015-07-23 16:23 - 2015-07-23 16:23 - 00000000 ____D C:\Users\Speed X8\AppData\Local\CEF

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-20 21:50 - 2014-01-14 15:08 - 00000000 ____D C:\Users\Speed X8\AppData\Local\Battle.net

2015-08-20 21:42 - 2013-11-08 13:06 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-08-20 21:33 - 2012-12-10 23:14 - 00000000 ____D C:\Users\Speed X8\AppData\Local\PMB Files

2015-08-20 21:29 - 2013-03-16 17:46 - 00000392 _____ C:\Windows\Tasks\WpsUpdateTask_Speed X8.job

2015-08-20 21:16 - 2009-07-14 05:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-08-20 21:16 - 2009-07-14 05:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-08-20 21:14 - 2012-03-14 14:10 - 01810232 _____ C:\Windows\WindowsUpdate.log

2015-08-20 21:03 - 2012-06-03 15:43 - 00000000 ____D C:\Users\Speed X8\AppData\Local\LogMeIn Hamachi

2015-08-20 21:02 - 2012-03-15 14:37 - 00000000 ____D C:\Program Files (x86)\Steam

2015-08-20 21:01 - 2014-12-30 20:48 - 00057116 _____ C:\Windows\setupact.log

2015-08-20 21:01 - 2013-11-08 13:06 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-08-20 21:01 - 2012-03-14 14:11 - 00001317 _____ C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-08-20 21:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-08-20 21:01 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2015-08-20 21:00 - 2014-12-31 11:41 - 00594710 _____ C:\Windows\PFRO.log

2015-08-20 21:00 - 2012-03-14 14:22 - 00000000 ____D C:\ProgramData\NVIDIA

2015-08-20 20:59 - 2012-03-30 13:21 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-08-20 20:58 - 2014-08-29 10:37 - 00000000 ___DC C:\AdwCleaner

2015-08-20 20:58 - 2013-11-08 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-08-20 20:58 - 2012-03-17 22:39 - 00000000 ____D C:\Program Files (x86)\Norton Safe Web Lite

2015-08-20 20:48 - 2015-05-07 16:37 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2015-08-20 20:48 - 2015-03-12 17:48 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys

2015-08-20 20:46 - 2015-03-12 17:48 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2015-08-20 20:46 - 2015-03-12 17:48 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys

2015-08-20 20:46 - 2015-03-12 17:48 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

2015-08-20 20:46 - 2015-03-12 17:48 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2015-08-20 20:46 - 2015-03-12 17:48 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2015-08-20 20:46 - 2015-03-12 17:48 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys

2015-08-20 20:46 - 2015-03-12 17:48 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys

2015-08-20 20:43 - 2015-03-12 17:48 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys

2015-08-20 20:35 - 2012-03-15 14:26 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{767B4E75-0A22-454C-8045-6C88693109B7}

2015-08-20 09:22 - 2015-04-25 22:05 - 00001135 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2015-08-20 09:22 - 2015-04-25 22:05 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-08-19 23:24 - 2012-03-17 21:45 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Mumble

2015-08-19 18:55 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

2015-08-19 18:33 - 2015-04-19 12:30 - 00000000 __SHD C:\Users\Speed X8\AppData\Local\EmieBrowserModeList

2015-08-19 18:33 - 2014-06-10 22:53 - 00000000 __SHD C:\Users\Speed X8\AppData\Local\EmieUserList

2015-08-19 18:33 - 2014-06-10 22:53 - 00000000 __SHD C:\Users\Speed X8\AppData\Local\EmieSiteList

2015-08-19 16:34 - 2014-01-14 15:10 - 00000000 ____D C:\Program Files (x86)\Hearthstone

2015-08-19 16:32 - 2014-01-14 15:07 - 00000000 ____D C:\Program Files (x86)\Battle.net

2015-08-18 21:46 - 2015-05-13 19:52 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\uTorrent

2015-08-18 19:43 - 2012-03-14 14:10 - 00000000 ____D C:\Users\Speed X8

2015-08-14 21:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache

2015-08-14 20:32 - 2012-03-15 06:04 - 00000000 ____D C:\Windows\Panther

2015-08-14 20:28 - 2015-07-10 14:39 - 00000000 ___HD C:\$Windows.~BT

2015-08-12 10:22 - 2009-07-14 05:45 - 00290992 _____ C:\Windows\system32\FNTCACHE.DAT

2015-08-12 10:19 - 2014-12-12 17:17 - 00000000 ____D C:\Windows\system32\appraiser

2015-08-12 10:19 - 2014-05-07 00:24 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-08-12 00:37 - 2013-03-14 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-08-12 00:36 - 2013-03-14 00:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2015-08-12 00:36 - 2013-03-14 00:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2015-08-12 00:32 - 2014-08-29 11:22 - 00000000 ____D C:\Windows\system32\MRT

2015-08-12 00:26 - 2014-08-29 11:22 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-08-11 21:59 - 2012-03-30 13:21 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-08-11 21:59 - 2012-03-30 13:20 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-08-11 21:59 - 2012-03-22 20:30 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-08-10 11:07 - 2015-04-24 10:45 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2015-08-10 10:36 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2015-08-04 10:48 - 2012-06-03 15:42 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk

2015-08-03 12:12 - 2012-06-28 11:58 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys

2015-07-31 18:45 - 2014-05-17 18:29 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\.minecraft

==================== Files in the root of some directories =======

2015-05-23 23:43 - 2015-05-23 23:43 - 16258616 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe

2013-06-17 18:22 - 2013-06-17 18:21 - 0001160 _____ () C:\Users\Speed X8\AppData\Roaming\mods - Shortcut.lnk

2014-06-28 18:47 - 2015-04-25 22:19 - 0002031 _____ () C:\Users\Speed X8\AppData\Roaming\SpeedRunnersLog.txt

2015-04-25 22:20 - 2015-04-25 22:21 - 0002608 _____ () C:\Users\Speed X8\AppData\Roaming\TargetInvocationLog.txt

2013-06-17 18:22 - 2013-06-17 18:23 - 0047104 ___SH () C:\Users\Speed X8\AppData\Roaming\Thumbs.db

2013-09-30 09:34 - 2013-09-30 09:34 - 0000097 _____ () C:\Users\Speed X8\AppData\Roaming\WB.CFG

2012-05-03 12:12 - 2012-05-03 12:12 - 0000532 _____ () C:\Users\Speed X8\AppData\Local\datos.txt

2015-08-19 19:28 - 2015-08-19 19:28 - 0613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nse5B1F.tmp

2015-08-20 10:00 - 2015-08-20 10:00 - 0613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsr895F.tmp

2015-08-20 21:45 - 2015-08-20 21:45 - 0613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsrEF14.tmp

2015-04-25 14:36 - 2015-04-25 14:36 - 0006605 _____ () C:\Users\Speed X8\AppData\Local\recently-used.xbel

2012-09-11 14:37 - 2012-07-13 14:37 - 0000032 ____R () C:\ProgramData\hash.dat

2014-08-31 23:22 - 2014-08-31 23:22 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

2015-08-20 09:42 - 2015-08-20 09:42 - 0001504 _____ () C:\ProgramData\tempimage.bmp

Files to move or delete:

====================

C:\ProgramData\hash.dat

C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job

Some files in TEMP:

====================

C:\Users\Speed X8\AppData\Local\Temp\fsd2A6A.exe

C:\Users\Speed X8\AppData\Local\Temp\fsd5D6B.exe

C:\Users\Speed X8\AppData\Local\Temp\fsd9B74.exe

C:\Users\Speed X8\AppData\Local\Temp\fsdAB6C.exe

C:\Users\Speed X8\AppData\Local\Temp\sqlite3.dll

C:\Users\Speed X8\AppData\Local\Temp\Uninstall.exe

C:\Users\Speed X8\AppData\Local\Temp\vau22C4.tmp.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-14 21:22

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-08-2015

Ran by Speed X8 (2015-08-20 21:52:21)

Running from C:\Users\Speed X8\Downloads

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-975855429-1586840072-3018677650-500 - Administrator - Disabled)

Guest (S-1-5-21-975855429-1586840072-3018677650-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-975855429-1586840072-3018677650-1003 - Limited - Enabled)

Speed X8 (S-1-5-21-975855429-1586840072-3018677650-1000 - Administrator - Enabled) => C:\Users\Speed X8

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)

µTorrent (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)

3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)

7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps)

AChat 1.18 (HKLM-x32\...\AChat_is1) (Version: - AChat Animation Studios)

Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)

Airline Tycoon 2 (HKLM-x32\...\Steam App 201490) (Version: - )

Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - )

Antares Auto-Tune 7 VST (HKLM\...\{8E7715AA-E19B-44E8-AE4C-FB5B37B7E2D9}) (Version: 7.05.0004 - Antares Audio Technologies)

AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION

Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ARMA 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)

ARMA 2 Dedicated Server (HKLM-x32\...\Steam App 33905) (Version: - Bohemia Interactive)

Arma 2: Operation Arrowhead - Dedicated Server (HKLM-x32\...\Steam App 33935) (Version: - Bohemia Interactive)

ARMA 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)

Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)

Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)

AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)

AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden

Auto-Tune EFX 2 (HKLM\...\{CCF89E7D-8BFC-4B3C-8C9C-8C4E9EF8BA45}) (Version: 2.1 - Antares Audio Technologies)

Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)

Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)

BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )

BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version: - Gaijin Games)

BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.3.1 - BitRaider, LLC)

Bloody Trapland (HKLM-x32\...\Steam App 257750) (Version: - 2Play)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

BurnInTest v7.0 Pro (HKLM\...\BurnInTest_is1) (Version: 7.0 - Passmark Software)

Carmageddon: Reincarnation (HKLM-x32\...\Steam App 249380) (Version: - Stainless Games Ltd)

Castle Story (HKLM-x32\...\Steam App 227860) (Version: - )

CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)

Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)

Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)

Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)

Crawl (HKLM-x32\...\Steam App 293780) (Version: - Powerhoof)

Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)

CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: - )

CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3721 - CyberLink Corp.)

CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.6210 - CyberLink Corp.)

CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)

CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1423 - CyberLink Corp.)

CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)

CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.6023 - CyberLink Corp.)

CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3518.52 - CyberLink Corp.)

CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DayZ Commander (HKLM-x32\...\{BAD8395E-CE31-44AA-B9FE-A14FCD0ABE4A}) (Version: 0.9.110 - Dotjosh Studios)

Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)

Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)

DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)

Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)

Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - )

DUNGEONS - Steam Special Edition (HKLM-x32\...\Steam App 57650) (Version: - Realmforge Studios)

DUNGEONS - The Dark Lord (Steam Special Edition) (HKLM-x32\...\Steam App 200550) (Version: - )

Dungeons of Dredmor (HKLM-x32\...\Steam App 98800) (Version: - )

Dustforce (HKLM-x32\...\Steam App 65300) (Version: - Hitbox Team)

Easy Tune 6 B11.0630.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)

Easy Tune 6 B11.0630.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden

erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden

ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)

FaceTrackNoIR version 1.7 (HKLM-x32\...\FaceTrackNoIR_is1) (Version: 1.7 - FaceTrackNoIR Team)

Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version: - Sports Interactive)

Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)

Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.3.815 - Foxit Corporation)

Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )

FreeTrack v2.2.0.279 (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\FreeTrack v2.2.0.279) (Version: - )

From Dust (HKLM-x32\...\Steam App 33460) (Version: - )

FrostWire 5.3.5 (HKLM-x32\...\FrostWire 5) (Version: 5.3.5.0 - FrostWire Team)

Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version: - )

FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - )

Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)

Game Dev Tycoon version 1.3.2 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.3.2 - Greenheart Games Pty. Ltd.)

GameFly (HKLM-x32\...\GameFly) (Version: 1.2.378 - GameFly, Inc.)

Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)

Gang Beasts (HKLM-x32\...\Steam App 285900) (Version: - Boneloaf)

Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Team Garry)

Gauntlet™ (HKLM-x32\...\Steam App 258970) (Version: - Arrowhead Game Studios)

GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)

Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden

Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)

Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto)

Gratuitous Space Battles (HKLM-x32\...\Steam App 41800) (Version: - Positech Games)

Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)

Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)

Hidden in Plain Sight (HKLM-x32\...\Steam App 303590) (Version: - Adam Spragg)

Hyrule Total War 3 Patch (HKLM-x32\...\{90D07AB1-663A-4F45-8BB8-E0763C8C8D1A}) (Version: 1.0.0 - Parallel Process)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)

iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)

Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)

Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)

Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)

Java™ 6 Update 39 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416039FF}) (Version: 6.0.390 - Oracle)

Java™ 6 Update 39 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216039FF}) (Version: 6.0.390 - Oracle)

JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)

join.me (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\JoinMe) (Version: 1.17.1.162 - LogMeIn, Inc.)

Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version: - )

Kingsoft Spreadsheets (8.1.0.3030) (HKLM-x32\...\Kingsoft Spreadsheets) (Version: 8.1.0.3030 - Kingsoft Corp.)

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )

LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)

League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)

Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)

LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)

LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)

Logitech SetPoint 5.20 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.20 - Logitech)

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden

Magic The Gathering Online (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\9f2df17776476c05) (Version: 3.4.77.332 - Wizards of the Coast)

Magic: The Gathering - Duels of the Planeswalkers (HKLM-x32\...\Steam App 49400) (Version: - Stainless Games Ltd)

March of War: Face Off (HKLM-x32\...\Steam App 323900) (Version: - ISOTX)

Marvel Heroes (HKLM-x32\...\marvelheroesbeta) (Version: 1.8.0.302 - Gazillion Entertainment)

Marvel Heroes (HKLM-x32\...\Steam App 226320) (Version: - )

Marvel Puzzle Quest: Dark Reign (HKLM-x32\...\Steam App 234330) (Version: - )

Mashed (HKLM-x32\...\Steam App 281280) (Version: - Supersonic Software)

Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version: - The Creative Assembly)

Medieval II: Total War Kingdoms (HKLM-x32\...\Steam App 4780) (Version: - The Creative Assembly)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)

Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)

Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)

Mini Metro (HKLM-x32\...\Steam App 287980) (Version: - Dinosaur Polo Club)

Mirroring360 (HKLM-x32\...\{2143C7CF-6CBA-4513-AC73-D410DEC57BFC}) (Version: 1.2.0.4 - Splashtop Inc.)

MNR -2litres - Horndean (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\MNR -2litres - Horndean) (Version: - )

Mobiloid Demo (HKLM-x32\...\IndieCity-{43591a95-bcfd-478c-86ca-003a99d5ae0b}) (Version: - Montrezina)

Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games)

Mortal Kombat Kollection (HKLM-x32\...\Steam App 205350) (Version: - Other Ocean Interactive)

MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)

Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - Taleworlds Entertainment)

Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Mozilla Firefox 37.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-GB)) (Version: 37.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)

Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)

NBTExplorer (HKLM-x32\...\{06107EDA-5B85-4CEC-AB1E-8350DEC15231}) (Version: 2.7.4.0 - Justin Aquadro)

Next Car Game Sneak Peek 2.0 (HKLM-x32\...\Steam App 272860) (Version: - Bugbear)

Next Car Game: Wreckfest (HKLM-x32\...\Steam App 228380) (Version: - Bugbear)

NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)

NVIDIA Graphics Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)

ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )

OpenAL (HKLM-x32\...\OpenAL) (Version: - )

Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)

Orcs Must Die 2 Workshop Tool (HKLM-x32\...\Steam App 242150) (Version: - )

Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - )

Orcs Must Die! Unchained (HKLM-x32\...\{8EBA33AF-48E0-4207-A4EE-96029415AD76}_is1) (Version: - Gameforge 4D GmbH)

Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)

Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22479 - Grinding Gear Games)

PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)

Peggle Deluxe (HKLM-x32\...\Steam App 3480) (Version: - PopCap)

Peggle Nights (HKLM-x32\...\Steam App 3540) (Version: - PopCap)

Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version: - Vitali Kirpu)

Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version: - PopCap)

PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version: - PokerStars.uk)

Primal Carnage (HKLM-x32\...\Steam App 215470) (Version: - )

Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)

Razer Surround Driver Installer version 1.5 (HKLM-x32\...\{11B11FA5-41ED-43C1-AB4B-905DDEDC72A2}_is1) (Version: 1.5 - inXile Entertainment)

Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - )

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6387 - Realtek Semiconductor Corp.)

RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)

Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)

Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) <==== ATTENTION

RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version: - Chris Sawyer Productions)

RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version: - Frontier)

RPG Maker XP (HKLM-x32\...\RPG Maker XP_is1) (Version: 1.04 - Enterbrain)

Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)

Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media)

SecondLifeBetaViewer (remove only) (HKLM-x32\...\SecondLifeBetaViewer) (Version: - )

SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - )

Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - )

Shatter (HKLM-x32\...\Steam App 20820) (Version: - Sidhe)

SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden

Sid Meier's Pirates! (HKLM-x32\...\Steam App 3920) (Version: - Firaxis Games)

Silent Storm (HKLM-x32\...\Steam App 254960) (Version: - Nival)

Silent Storm Sentinels (HKLM-x32\...\Steam App 254980) (Version: - )

Six Updater (HKLM-x32\...\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}) (Version: 2.09.7016 - Six Projects)

Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

Smart 6 B11.0512.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)

Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version: - )

SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)

Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)

SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

Tenda Wireless LAN Card (HKLM-x32\...\{192BCCC6-C47B-4473-B187-5164185A413C}) (Version: 1.0.0.0 - Tenda)

Terraria (HKLM-x32\...\Steam App 105600) (Version: - )

TerraTech Demo (HKLM-x32\...\Steam App 313990) (Version: - Payload Studios)

The Banner Saga (HKLM-x32\...\Steam App 237990) (Version: - Stoic)

The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - )

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)

Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version: - )

Total War: Arena (HKLM-x32\...\Steam App 227520) (Version: - Creative Assembly)

Towns (HKLM-x32\...\Steam App 221020) (Version: - )

Toy Soldiers (HKLM-x32\...\Steam App 98300) (Version: - Signal Studios)

TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version: - Nadeo)

Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - )

Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

Unity Web Player (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)

Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)

Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)

User's Guides (HKLM\...\{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}) (Version: 1.20.0000 - Logitech)

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)

VST Bridge 1.1 (HKLM-x32\...\VST Bridge_is1) (Version: - )

War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)

Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic)

Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version: - Ino-Co Plus)

Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version: - inXile Entertainment)

Winamp (HKLM-x32\...\Winamp) (Version: 5.66 - Nullsoft, Inc)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10650 - WinZip Computing, S.L. )

Wizorb (HKLM-x32\...\Steam App 207420) (Version: - )

Worms Clan Wars (HKLM-x32\...\Steam App 233840) (Version: - Team17 Digital Ltd)

Worms Reloaded Demo (HKLM-x32\...\Steam App 22690) (Version: - Team17)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

19-08-2015 18:40:43 Windows Defender Checkpoint

19-08-2015 23:54:21 Windows Update

20-08-2015 20:40:11 avast! antivirus system restore point

20-08-2015 20:49:10 Device Driver Package Install: Avast Network Service

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-08-19 20:54 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 1000gratisproben.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

127.0.0.1 www.100sexlinks.com

127.0.0.1 100sexlinks.com

127.0.0.1 10sek.com

127.0.0.1 www.10sek.com

127.0.0.1 www.1-2005-search.com

127.0.0.1 1-2005-search.com

127.0.0.1 123fporn.info

127.0.0.1 www.123fporn.info

127.0.0.1 123haustiereundmehr.com

127.0.0.1 www.123haustiereundmehr.com

127.0.0.1 123moviedownload.com

There are 1000 more lines.

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04AEBEC7-7A68-4592-8A41-65A436199A00} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION

Task: {0793DEB0-D40C-4788-9C44-C530DE22B040} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)

Task: {1531C316-5DD4-43F5-8BB7-D1094259E97B} - System32\Tasks\{286FED16-89AD-41FA-B336-C878763B2EBC} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)

Task: {1C28571E-B8F9-4751-9B62-5DCACC1EBBE1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)

Task: {1D855AD1-E04A-4E97-B733-8256DD0834C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)

Task: {335296FD-CB04-489C-9898-B29B4A19CAF4} - System32\Tasks\RVSCCJTAIRYAFTMB => C:\ProgramData\Service1291\Service1291.exe [2015-08-20] () <==== ATTENTION

Task: {351EED9F-F898-461A-8A89-2F1F96EAE91B} - System32\Tasks\{015CF1CB-F6C9-49FB-A90E-982A10B08A69} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)

Task: {45A77E71-D2FC-4752-98D7-6768701A40B2} - System32\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200} => C:\ProgramData\ToolsUpdatePlatform\CallBackInstall.exe [2015-06-16] ()

Task: {49CB8988-1A24-440D-88C0-19C4AFBEC1BC} - System32\Tasks\{0807DA71-B6F4-49B9-BBB0-E0854F2ABFC0} => C:\Program Files (x86)\Mumble\mumble.exe [2013-06-02] (Thorvald Natvig)

Task: {69C2FB89-A68C-41D5-B6A8-AF1028C409C0} - System32\Tasks\{9289B819-C4CD-43A3-953F-675C1133513F} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)

Task: {6E04465B-6C12-4E56-93B0-2AB6FB9A0C7A} - System32\Tasks\{A03ADA05-3C49-42AF-9AA8-4F4D4799D68B} => pcalua.exe -a "C:\Users\Speed X8\Downloads\HorndeanRX.exe" -d "C:\Users\Speed X8\Downloads"

Task: {7FD075DA-E5A1-4DD6-BB1C-AEFB8DBF07C1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser

Task: {83D175D2-F77D-4A18-AF1E-FF5C3F70A2A7} - System32\Tasks\{B42D7871-5D2F-4356-A274-9660481C2BAF} => pcalua.exe -a "C:\Users\Speed X8\Desktop\New folder (2)\BUNNYUST.EXE" -d "C:\Users\Speed X8\Desktop\New folder (2)"

Task: {8B4EF551-A928-422A-87B8-8D606236BDED} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION

Task: {8D60D829-1425-4384-A7E6-12B8056DB5F5} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION

Task: {9473A819-07C7-4DE4-A5A9-D2E85121F58B} - System32\Tasks\{139121BD-9416-43B4-96AF-F08644BB5F77} => pcalua.exe -a "C:\Users\Speed X8\Desktop\JX^€Ch3D\Installer.exe" -d "C:\Users\Speed X8\Desktop\JX^€Ch3D"

Task: {97A20080-6D51-4DD1-8B9C-3A2F118F0613} - System32\Tasks\crash_service => C:\Users\Speed X8\AppData\Local\BoBrowser\Application\crash_service.exe

Task: {9876CA81-F86B-4066-ADAF-F2113D0B9E96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)

Task: {99E4B1C5-560A-4A7C-9F29-8AD8C308D0C0} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION

Task: {9A166EB4-E047-4F95-A1D7-3E93A73322C3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {A06419F4-D3A9-4255-A4FA-72451E12A59B} - System32\Tasks\{35EFDB9A-0F99-4935-81C2-571069624150} => pcalua.exe -a "C:\Users\Speed X8\Downloads\forge-1.7.2-10.12.1.1075-installer-win.exe" -d "C:\Users\Speed X8\Downloads"

Task: {AA6DB421-83C3-446D-B99F-6F4D648F5C9C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)

Task: {B2760364-CF81-4BDB-B568-B1ABF51C49AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)

Task: {B4B6995A-60FD-4CF8-9BDE-CDE10962C7B2} - System32\Tasks\{94946A22-1B4E-4768-8F4C-08540FEB21F6} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)

Task: {C2CE4F4E-BE46-41CF-BBB8-EBE279108B47} - System32\Tasks\{9D8E0C13-765B-4D19-BC69-2137BE3AABFB} => pcalua.exe -a "C:\Users\Speed X8\Downloads\forge-1.7.2-10.12.1.1060-installer-win.exe" -d "C:\Users\Speed X8\Downloads"

Task: {C76EF0BB-5A14-45D7-989E-64E242B30425} - System32\Tasks\CPGIAIDSLMSETGHO => C:\ProgramData\Service1291\Service1291.exe [2015-08-20] () <==== ATTENTION

Task: {CFB3BA4B-8C6A-4783-BB44-B320D35B5063} - System32\Tasks\{1A4338B1-89FF-4018-B394-19B364430E88} => C:\Program Files (x86)\Mumble\mumble.exe [2013-06-02] (Thorvald Natvig)

Task: {DD959D27-44EE-4B06-A828-F9132D437B3B} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)

Task: {F1CF0726-424C-4A74-BF6A-D135AFABC4CE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)

Task: {FBF6EAD0-1555-45C6-8525-F36E7BE6394E} - System32\Tasks\{49BC5B3B-F531-493B-BB3D-34464A9E50E3} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)

Task: {FC6E5ED8-4083-42BD-B512-A8100B08055E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-20] (AVAST Software)

Task: {FC88C451-A7A0-4EA4-94B3-E6F839EEA182} - System32\Tasks\WpsUpdateTask_Speed X8 => C:\Program Files (x86)\Kingsoft\Kingsoft Spreadsheets\office6\wpsupdate.exe [2013-06-05] (Kingsoft Corp. Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\Windows\Tasks\CPGIAIDSLMSETGHO.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\RVSCCJTAIRYAFTMB.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION

Task: C:\Windows\Tasks\WpsUpdateTask_Speed X8.job => C:\Program Files (x86)\Kingsoft\Kingsoft Spreadsheets\office6\wpsupdate.exe

Task: C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job => C:\ProgramData\ToolsUpdatePlatform\CallBackInstall.exe

==================== Loaded Modules (Whitelisted) ==============

2011-04-08 00:19 - 2015-05-12 04:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2012-03-14 14:51 - 2012-03-14 14:51 - 00008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll

2015-08-19 18:35 - 2015-08-19 18:35 - 00137728 _____ () C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp

2015-08-19 17:12 - 2015-08-19 17:12 - 00761344 _____ () C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs

2013-08-15 18:59 - 2013-08-15 19:30 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2013-08-29 01:23 - 2013-08-29 01:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

2015-08-20 20:45 - 2015-08-20 20:45 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll

2015-08-20 20:44 - 2015-08-20 20:44 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll

2015-08-20 20:25 - 2015-08-20 20:25 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15082001\algo.dll

2012-05-30 21:06 - 2012-05-30 21:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2012-05-30 21:06 - 2012-05-30 21:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2015-08-19 19:50 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2015-08-19 19:50 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

2015-08-19 19:50 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2015-08-19 19:50 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

2015-08-19 19:50 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2015-05-26 17:09 - 2015-05-23 02:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

2010-11-22 15:00 - 2010-11-22 15:00 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll

2010-11-22 15:00 - 2010-11-22 15:00 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll

2010-11-22 15:00 - 2010-11-22 15:00 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll

2013-03-12 18:10 - 2015-07-03 17:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2015-01-21 18:59 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll

2015-01-21 18:59 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll

2015-01-21 18:59 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll

2014-05-22 09:05 - 2015-08-12 19:26 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll

2014-08-29 10:32 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll

2014-08-29 10:32 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll

2014-08-29 10:32 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll

2014-08-29 10:32 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll

2014-08-29 10:32 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll

2012-03-15 14:39 - 2015-08-12 19:26 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2015-07-23 16:19 - 2015-07-27 02:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll

2012-03-14 14:18 - 2010-02-09 11:52 - 33735976 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll

2009-11-02 15:20 - 2009-11-02 15:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

2009-11-02 15:23 - 2009-11-02 15:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

2015-03-12 17:47 - 2015-03-12 17:48 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2012-03-15 14:39 - 2015-07-03 17:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

2015-08-13 21:11 - 2015-08-08 01:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll

2015-08-13 21:11 - 2015-08-08 01:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll

2015-08-14 13:06 - 2015-08-14 13:06 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libcef.dll

2015-08-14 13:06 - 2015-08-14 13:06 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libGLESv2.dll

2015-08-14 13:06 - 2015-08-14 13:06 - 00909312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\platforms\qwindows.dll

2015-08-14 13:06 - 2015-08-14 13:06 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libEGL.dll

2015-08-14 13:06 - 2015-08-14 13:06 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qgif.dll

2015-08-14 13:06 - 2015-08-14 13:06 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qico.dll

2015-08-14 13:06 - 2015-08-14 13:06 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qjpeg.dll

2015-08-14 13:06 - 2015-08-14 13:06 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qmng.dll

2015-08-14 13:06 - 2015-08-14 13:06 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qsvg.dll

2015-08-14 13:06 - 2015-08-14 13:06 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qtiff.dll

2015-08-14 13:06 - 2015-08-14 13:06 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQuick.2\qtquick2plugin.dll

2015-08-14 13:06 - 2015-08-14 13:06 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQuick\Layouts\qquicklayoutsplugin.dll

2015-08-14 13:06 - 2015-08-14 13:06 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQml\Models.2\modelsplugin.dll

2015-03-12 17:47 - 2015-03-12 17:47 - 00985600 _____ () C:\Program Files\AVAST Software\Avast\ffmpegsumo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com

IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com

IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com

IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com

IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com

IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com

IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7867 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.1.254

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E528057C-938E-43E5-9FDB-DE2DB07E55C5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

FirewallRules: [{6251B399-2E05-4524-AB2D-16BAA99A18B0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

FirewallRules: [{73764358-75E6-49C5-B778-2F5E79DEAD2B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe

FirewallRules: [{5F997292-EECE-47EE-834C-FC5CC8261ED1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE

FirewallRules: [{7A98A401-F656-43CF-ADD7-474C02C47119}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{A9801C62-DA99-434D-888A-A9839046872F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{DAB9FCF2-1FCA-4961-9754-6474889D26A7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{2B552B55-8EBE-4A51-A64D-C2108407E473}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{B0AFD7DC-72AA-46C0-A5F3-F30D34B2F92B}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe

FirewallRules: [{40988CBB-CB4D-4C26-AC50-82FBCBF5BB63}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe

FirewallRules: [{AEC7A404-E3AC-47FF-8505-D9EFFAE166A5}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe

FirewallRules: [{684F9C77-810C-42B5-B728-D8DBB2B216C4}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe

FirewallRules: [{1BC0D7DC-E56D-462E-A900-27AAC6ABC0A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\realm of the mad god\Realm of the Mad God.exe

FirewallRules: [{D2E23F12-50C1-491F-9C53-F8E0397FC229}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\realm of the mad god\Realm of the Mad God.exe

FirewallRules: [TCP Query User{A24F3768-42C7-4ABB-8913-215FB62ED5E7}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe

FirewallRules: [UDP Query User{A324D5D7-F8E0-42AD-A41D-3738AC7116DC}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe

FirewallRules: [{B94848B4-9263-4EB0-A42C-CD24CF09E5F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\peggle nights\PeggleNights.exe

FirewallRules: [{F3AC4BCC-658F-4FEC-9F6D-B81A9A63E244}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\peggle nights\PeggleNights.exe

FirewallRules: [{CA5BE3A8-FCBA-4D10-B35C-376383450C76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\peggle deluxe\Peggle.exe

FirewallRules: [{C87364C5-45F9-4C50-8FD5-1AD495EDFFFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\peggle deluxe\Peggle.exe

FirewallRules: [{598D987C-49F0-4C2F-B634-EC7499EC608E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe

FirewallRules: [{BEF6952D-72FC-488D-87D5-40A69EA5A0DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe

FirewallRules: [{87239FFA-84AF-4B52-B4F3-A49D63D726A9}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe

FirewallRules: [{372E8EBA-FE3F-4FC6-9296-5852FAE43DC8}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe

FirewallRules: [{B8CC3937-7D5A-4747-ABBC-EB6E31276238}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\trine 2\trine2_launcher.exe

FirewallRules: [{D33B91CB-8EDF-4A7A-A11B-A8F2A45C72AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\trine 2\trine2_launcher.exe

FirewallRules: [{0C69FB8B-677A-4121-B0FE-899C0F4136C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\plants vs zombies\PlantsVsZombies.exe

FirewallRules: [{17FF37B5-3D21-48E9-8338-822E14FC3420}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\plants vs zombies\PlantsVsZombies.exe

FirewallRules: [{09C4CA9C-2161-4866-8EBE-2DE940EDE10C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html

FirewallRules: [{AA471F03-DFF3-4A4B-AF7A-5BE0BD546B9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html

FirewallRules: [{3D497F1D-4F6E-4938-B7CB-8129190003FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat

FirewallRules: [{0AC8134E-E4E1-4798-BA2D-2E8EFBA08CE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat

FirewallRules: [{D4ECE4E7-6A7B-41D4-93BA-43149EABAB29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{79EE4150-24C1-446B-9939-E12CC61BA27B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{81FB0055-963A-4313-B249-2D93D43852A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe

FirewallRules: [{D319466C-B564-42B5-BC8C-E31358A90A68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe

FirewallRules: [TCP Query User{D848B8F7-F80E-44C9-93ED-835C017AF3C3}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe

FirewallRules: [UDP Query User{214DB58C-E1CE-4FA7-8A04-3C7D6FFA9364}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe

FirewallRules: [{8F1B5865-BA7D-4894-834C-199109987DB9}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe

FirewallRules: [{7A6811ED-8D77-4F05-B725-6D31C93DFD77}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe

FirewallRules: [{C4F2FFCB-125E-4E11-97AE-B35202FC499A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons - the dark lord\DungeonsTheDarkLord.exe

FirewallRules: [{71C17031-D20B-4B01-BE7F-87553E76F5D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons - the dark lord\DungeonsTheDarkLord.exe

FirewallRules: [{90EA8C20-08AD-4E2E-8311-15E1C3B881B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons\DungeonsStarter.exe

FirewallRules: [{30444B52-5E3A-46DA-B89B-7338290AFCED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons\DungeonsStarter.exe

FirewallRules: [TCP Query User{A36B116F-0620-472F-BB34-AA3FF2426B9C}C:\program files (x86)\1clickdownload\1clickdownloader.exe] => (Allow) C:\program files (x86)\1clickdownload\1clickdownloader.exe

FirewallRules: [UDP Query User{87E5210C-BEEE-412F-B6BF-1DC7A3BA820A}C:\program files (x86)\1clickdownload\1clickdownloader.exe] => (Allow) C:\program files (x86)\1clickdownload\1clickdownloader.exe

FirewallRules: [{4741DF63-ED9A-4A00-9D67-A917BB0868D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\frozen synapse\FrozenSynapse.exe

FirewallRules: [{64019E3D-2F8B-4E99-A7BC-B8054BAC9738}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\frozen synapse\FrozenSynapse.exe

FirewallRules: [TCP Query User{077BF817-C025-4E9A-9620-5F899ACE6C30}C:\program files (x86)\secondlifebetaviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifebetaviewer\slvoice.exe

FirewallRules: [UDP Query User{A4EB5F72-2EE4-43CB-9845-AA43D860AA55}C:\program files (x86)\secondlifebetaviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifebetaviewer\slvoice.exe

FirewallRules: [{C99FC08B-3B71-4E35-BAA4-CFD0B3F79E34}] => (Block) C:\program files (x86)\secondlifebetaviewer\slvoice.exe

FirewallRules: [{879110A5-38AE-4077-B685-577D8AB13B88}] => (Block) C:\program files (x86)\secondlifebetaviewer\slvoice.exe

FirewallRules: [{E575ABBC-6C4D-42BB-907A-E7D3762332D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2\ArmA2Server.exe

FirewallRules: [{A864C873-1A66-4DDB-B82A-76E7FFD19816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2\ArmA2Server.exe

FirewallRules: [TCP Query User{8292376D-A88B-4F95-9A98-15F7D9A061F0}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe] => (Allow) C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe

FirewallRules: [UDP Query User{73582DA1-8A47-40D6-8B02-66DEAC88F241}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe] => (Allow) C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe

FirewallRules: [{69B44F26-3ACF-4CDE-8437-79C34963C180}] => (Block) C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe

FirewallRules: [{5F476CE7-8207-48C4-A269-B445D35C61B9}] => (Block) C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe

FirewallRules: [TCP Query User{CBDB5335-0DAF-4A15-8DB3-657F6F26159A}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe

FirewallRules: [UDP Query User{4E6DFED7-2CC6-45D8-8A71-E00CF660B37A}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe

FirewallRules: [{95D80433-3510-42F3-BB11-C233E1DF5CB1}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe

FirewallRules: [{2F847598-EA42-4CC8-8E04-28D645A06293}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe

FirewallRules: [{198C3164-239C-4E06-BC61-89971A0D82AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\from dust\From_Dust.exe

FirewallRules: [{275CBB66-ECD4-4BF6-8A0E-CB1924363A15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\from dust\From_Dust.exe

FirewallRules: [{F90ECF64-35BA-4621-AECF-C3DDE10F0A7B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{CE449A65-F301-42D7-A695-F07CDBD921B6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{F0A3E8D1-4D4D-489D-A768-CBFB29BBEAD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dead island\DeadIslandGame.exe

FirewallRules: [{5127CAA5-41B6-4363-9806-429E0133E16B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dead island\DeadIslandGame.exe

FirewallRules: [{5D09925B-6BEF-4213-B203-19EBC4454463}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\airline tycoon 2\AirlineTycoon2.exe

FirewallRules: [{39A5DCD4-5810-4416-89C6-2AF8E50E490A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\airline tycoon 2\AirlineTycoon2.exe

FirewallRules: [{7DCF813C-79CA-445E-A783-BCC8CBD1D779}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dawn of war 2\DOW2.exe

FirewallRules: [{C5F0EEA0-A371-4762-B4C0-2A0F79F89365}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dawn of war 2\DOW2.exe

FirewallRules: [{F9F9A128-F0F1-4A3A-A176-078818EFDB37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ARMA2OASERVER.exe

FirewallRules: [{958C4895-6DA1-43F5-B352-374A522051E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ARMA2OASERVER.exe

FirewallRules: [TCP Query User{DA829A1A-B491-429E-8EA5-8389387D4B92}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe

FirewallRules: [UDP Query User{A68E2D27-94ED-4590-A8AD-80AE8673F81E}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe

FirewallRules: [{7A0427AD-1746-4E19-AE73-47DAD27541E1}] => (Block) C:\program files\java\jre6\bin\javaw.exe

FirewallRules: [{33F03766-FD38-4A68-B673-160573F4B9FC}] => (Block) C:\program files\java\jre6\bin\javaw.exe

FirewallRules: [TCP Query User{F638FE09-D09E-41FA-BFC9-BDAB1C80060D}C:\program files (x86)\steam\steamapps\kris008\garrysmod\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\kris008\garrysmod\hl2.exe

FirewallRules: [UDP Query User{F424E7E4-3B80-4E8E-A731-C5DC7822C995}C:\program files (x86)\steam\steamapps\kris008\garrysmod\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\kris008\garrysmod\hl2.exe

FirewallRules: [TCP Query User{D85B16B3-9136-46F2-9ACA-A86663FDE5CD}C:\program files (x86)\steam\steamapps\kris008\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\kris008\team fortress 2\hl2.exe

FirewallRules: [UDP Query User{A28F650A-3E3F-4819-8B8A-6D19ABFF92E4}C:\program files (x86)\steam\steamapps\kris008\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\kris008\team fortress 2\hl2.exe

FirewallRules: [{FBDB8585-4862-4AE6-94AD-2E1C041B6842}] => (Block) C:\program files (x86)\steam\steamapps\kris008\team fortress 2\hl2.exe

FirewallRules: [{AB4E649F-87A1-4DD0-B02C-F954FC0C9621}] => (Block) C:\program files (x86)\steam\steamapps\kris008\team fortress 2\hl2.exe

FirewallRules: [{7FD37894-C299-4D54-B497-63C4E0CF65F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe

FirewallRules: [{EF6EDE81-1390-4A3E-AEB5-A1A8569EF5D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe

FirewallRules: [{A719665A-5F20-4F74-BBD3-BD849D7005BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe

FirewallRules: [{BA62F06B-229A-4B50-929A-08A752BD4AD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe

FirewallRules: [{C62980B4-0813-40A5-B44D-8E04D4ADC2FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\_runA2CO.cmd

FirewallRules: [{AC5AFB59-1543-4B1D-B0F4-420C5B2AC311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\_runA2CO.cmd

FirewallRules: [{083A221A-6762-44BB-9E87-4A3FF583C41B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe

FirewallRules: [{4B4C8B26-35AC-4FDB-AD01-20384F45173C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe

FirewallRules: [TCP Query User{4FF13148-A91C-4680-9786-E60049155474}C:\program files (x86)\indiecity\client\bin\x86\iceclient.exe] => (Block) C:\program files (x86)\indiecity\client\bin\x86\iceclient.exe

FirewallRules: [UDP Query User{AA519D95-9E77-4DC1-B9F8-C56AB35180C9}C:\program files (x86)\indiecity\client\bin\x86\iceclient.exe] => (Block) C:\program files (x86)\indiecity\client\bin\x86\iceclient.exe

FirewallRules: [{3606515F-90B4-4A78-9546-A4A9529C9082}] => (Allow) C:\Program Files (x86)\IndieCity\Client\bin\x86\iceclient.exe

FirewallRules: [{350C5DF1-D04F-4618-829D-11D45F3E080B}] => (Allow) C:\Program Files (x86)\IndieCity\Client\bin\x86\iceclient.exe

FirewallRules: [TCP Query User{DF20C7A4-1067-44EB-8402-C7BE0E951F19}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe

FirewallRules: [UDP Query User{FC9EBFB6-2B6B-4616-B6CB-328BE920F890}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe

FirewallRules: [{100F005F-6756-4B25-B209-9249E100E859}] => (Block) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe

FirewallRules: [{BD453B11-24B0-42C3-A9A4-2CC3E673A199}] => (Block) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe

FirewallRules: [TCP Query User{9A48845A-50BC-44CA-BFFB-D949AE112A62}C:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe

FirewallRules: [UDP Query User{A4AEE893-3EA6-49E8-AB51-152DE95E7B1B}C:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe

FirewallRules: [{2442FDFA-90D0-4F37-91A7-3B032C4452BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shatter\Shatter.exe

FirewallRules: [{DE4B2D7E-06EE-45F6-AAFB-679CADFFE405}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shatter\Shatter.exe

FirewallRules: [{F8597131-04CA-4115-A10B-1C2C70A9AEA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shatter\ShatterSettingsEditor.exe

FirewallRules: [{72C3CAE2-52F0-4D62-BAE4-E86D5DFD28E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shatter\ShatterSettingsEditor.exe

FirewallRules: [{CBAA0881-C5E4-4916-8FB2-0CD6DF1F8005}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\space pirates and zombies\SpazGame.exe

FirewallRules: [{28582270-3D5F-4465-A315-E08DEDAC93F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\space pirates and zombies\SpazGame.exe

FirewallRules: [{CBECC7B5-5F7C-488E-ABE6-F1ACAC738BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wizorb\Wizorb.exe

FirewallRules: [{4B206748-B7EB-475D-817F-A5A9E78F63BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wizorb\Wizorb.exe

FirewallRules: [{657716B7-8F63-4681-9B49-69450EE1244A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe

FirewallRules: [{C3480F27-CA3F-4042-B8DE-EC9F96C80347}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe

FirewallRules: [TCP Query User{8638BEBF-D6BB-4A3D-940B-71D327798158}C:\users\speed x8\appdata\local\temp\gw2.exe] => (Allow) C:\users\speed x8\appdata\local\temp\gw2.exe

FirewallRules: [UDP Query User{0A2E5C14-FD5C-49AD-AB83-D8BC9B5E6C4C}C:\users\speed x8\appdata\local\temp\gw2.exe] => (Allow) C:\users\speed x8\appdata\local\temp\gw2.exe

FirewallRules: [{F13A9907-ADB8-439C-9A1B-51A9CAB19551}] => (Block) C:\users\speed x8\appdata\local\temp\gw2.exe

FirewallRules: [{16F4EB16-620A-4F90-B433-AFFE2F8ED33F}] => (Block) C:\users\speed x8\appdata\local\temp\gw2.exe

FirewallRules: [TCP Query User{405DAC53-B724-4FC8-B907-87F685FBF37D}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe

FirewallRules: [UDP Query User{3FE24075-455A-40AF-AD65-73BD3D728D90}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe

FirewallRules: [{01B9AB47-937F-4A79-BC13-FCCF56C01061}] => (Block) C:\program files (x86)\guild wars 2\gw2.exe

FirewallRules: [{36C655D9-0D00-4960-8B74-2ED2936AAFE4}] => (Block) C:\program files (x86)\guild wars 2\gw2.exe

FirewallRules: [{FED821C4-76BE-457A-BF47-4ED3B00A0E70}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe

FirewallRules: [{3D47478E-D003-4EB1-80B8-314F46B0FEC1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{B1286E20-EFDB-4E34-8B6B-38EDAC4679BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{8529D80E-E998-45AD-90C1-ABDC71026C53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{21514D57-CCE0-418E-9605-2B778CF9EE58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{5C53228F-1AE0-49E2-B52B-2866F31122DA}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe

FirewallRules: [{C59CFCA2-CD39-49DD-8E91-84A09DD9A21E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\saints row the third\saintsrowthethird.exe

FirewallRules: [{2CDC07C8-2878-40AC-BE17-488B8BCE6E0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\saints row the third\saintsrowthethird.exe

FirewallRules: [{2ABA7FDD-BAC0-4E8A-A505-5B9E57C03A36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe

FirewallRules: [{FC08FC34-4C34-4500-BC5E-878F761446AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe

FirewallRules: [{D0826730-9FD9-4632-9768-D596AC669976}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

FirewallRules: [{BE2272B1-68CE-480A-87F8-3B8F92C3AC9A}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

FirewallRules: [{07116D36-7BC2-4F82-AA82-2D68FC25BD5F}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

FirewallRules: [{1984E1A3-8A59-4512-8AD1-3B69C06D1ABC}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

FirewallRules: [{448C8022-A39D-47C2-AD24-4FC5B4A12F06}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

FirewallRules: [{83712844-530D-4ABF-8E38-BBB9031582D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe

FirewallRules: [{63C35C25-84EF-4924-8BC7-40C80C73D7CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe

FirewallRules: [{8384E5C1-A993-4B6A-99B8-C386433F58D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\toy soldiers\GameSW.exe

FirewallRules: [{3E2F3AC1-8471-4CC5-9CFC-CAD126F83714}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\toy soldiers\GameSW.exe

FirewallRules: [{DDD902CC-7699-4CED-A44B-56694183F6D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\toy soldiers\Game.exe

FirewallRules: [{24E683CB-B304-4D98-A36E-E9BA969F2EE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\toy soldiers\Game.exe

FirewallRules: [{808ABDC5-4590-437F-B6A7-C701B41978EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2\arma2.exe

FirewallRules: [{16E5E465-B7E8-4569-89DA-56DDBDFAC2EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2\arma2.exe

FirewallRules: [TCP Query User{29FDB839-F6CC-472C-904B-7C2F14339DE4}C:\program files (x86)\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe] => (Block) C:\program files (x86)\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe

FirewallRules: [UDP Query User{5A2A8E37-45C7-496D-BE09-8C7E804CFFBF}C:\program files (x86)\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe] => (Block) C:\program files (x86)\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe

FirewallRules: [{1923415C-CC72-47BB-9713-A43B8F89B670}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe

FirewallRules: [{2D9FFB76-F6C6-48CD-A390-BF9FBC33E247}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe

FirewallRules: [{C20EE5BC-DF72-4809-B867-CBDCEA037098}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\worms reloaded\WormsReloaded.exe

FirewallRules: [{562DA249-1BB8-48D3-855C-F09FCE975357}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\worms reloaded\WormsReloaded.exe

FirewallRules: [{3DDD924A-455E-41D9-87DC-F4CCFEB548BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\saints row the third\game_launcher.exe

FirewallRules: [{BA19D18B-CB9A-4180-B96E-BF8C7C587B1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\saints row the third\game_launcher.exe

FirewallRules: [{E4B1FF1A-B219-4CCF-A96E-AC6245398747}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thomaswasalone\ThomasWasAlone.exe

FirewallRules: [{B67784C8-D022-4A11-8BFC-A22D1F18B02E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thomaswasalone\ThomasWasAlone.exe

FirewallRules: [{111DBB15-1475-465D-88B1-0167A05DBFBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe

FirewallRules: [{6A90F568-3A46-416E-AF2B-EBA76F1B0E7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe

FirewallRules: [{4F4670A8-CF94-4B52-B3CE-837CEDE5D125}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gratuitous Space Battles\GSB.exe

FirewallRules: [{03B270D7-C6D3-4969-B59A-80F91F3AEC53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gratuitous Space Battles\GSB.exe

FirewallRules: [{7B0277C8-FBE8-486B-8D8A-C2A8ADDA4993}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe

FirewallRules: [{96CF3274-6B91-40A7-96FD-AC19EF12B8DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe

FirewallRules: [{E28DA886-1C26-457F-86BC-BA549A99847A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe

FirewallRules: [{871FF7BB-ACB6-4917-B674-689521F7B8B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe

FirewallRules: [{E5F5EFC8-5005-49DD-87DB-2B5D66E21556}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2 Workshop Tool\build\modtool\workshop.exe

FirewallRules: [{63EE1B6E-A7AB-402F-A237-742926CB11B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2 Workshop Tool\build\modtool\workshop.exe

FirewallRules: [TCP Query User{230117D1-EAB8-4260-94CD-19EB921166AA}C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe

FirewallRules: [UDP Query User{2FB3154D-9AB7-4060-91C2-BC7F783F0AF3}C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe

FirewallRules: [{4F6E4E39-2D55-4F41-A70C-48737BCD58EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe

FirewallRules: [{C8741E1D-8A5C-4086-A7B9-05B4C2BABD84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe

FirewallRules: [TCP Query User{BE0EB798-7498-46A2-8F7F-6B829160376D}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe

FirewallRules: [UDP Query User{1B086015-4082-4A29-9F7A-71460A531AA7}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe

FirewallRules: [{C5C8E1D4-D7CB-4F0B-8DFB-11493DD15BC0}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe

FirewallRules: [{18110A50-B0FA-43E6-9E1C-1F9D1DAF6AEC}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe

FirewallRules: [{1CB2C659-D736-4060-A7D3-4A1B9261760B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe

FirewallRules: [{C9F4063A-5CD4-4961-9915-0CD395315C29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe

FirewallRules: [{12C3FB8D-2D56-4285-9CC6-E3263668F08B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe

FirewallRules: [{6FEFA1C5-684A-4564-A13D-A12E1AC97550}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe

FirewallRules: [TCP Query User{062895CF-F2B4-4710-849D-66AF194144D8}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe

FirewallRules: [UDP Query User{422DE155-CCF9-4CAB-8F43-73DE555BC054}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe

FirewallRules: [{0E178307-251C-40CD-B3EE-3891B26B7F9D}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe

FirewallRules: [{F3933296-1E16-41CD-8347-C6D387D36653}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe

FirewallRules: [{FC722D02-18FA-49CF-8D81-C80EBA940710}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe

FirewallRules: [{F71D9108-07E7-4445-9DE4-14DFA9ADBFE3}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe

FirewallRules: [{AC232D38-D17E-41CF-AF95-3D22A5832982}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe

FirewallRules: [{B1281EF6-0A28-4261-9E61-EA0848CA8AAA}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe

FirewallRules: [{4D359F99-9587-477A-AD80-2AA21874BC4C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe

FirewallRules: [{E5046B41-22C9-4D70-9D62-D291E91DC2CC}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe

FirewallRules: [{D238F1CD-71A9-4C94-BC6A-6CE878CF470C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe

FirewallRules: [{4FA89517-3462-41C9-ADC2-0A5E372FC20F}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe

FirewallRules: [TCP Query User{61977C79-735F-467B-BABA-94C33602A933}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe

FirewallRules: [UDP Query User{60C07A8F-7BBE-4018-B763-8101EDBF428F}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe

FirewallRules: [{F0F47415-BD03-4AD3-9151-FE4669F71CC8}] => (Block) C:\program files (x86)\cube world\server.exe

FirewallRules: [{8C7AA935-FD50-47C5-90BD-4E857397B8D1}] => (Block) C:\program files (x86)\cube world\server.exe

FirewallRules: [{9971F81E-A5FF-431A-B970-B44A12E46DC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe

FirewallRules: [{0AFE5880-3E05-4ACC-81AF-2EB88B015422}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe

FirewallRules: [TCP Query User{818A2907-8EE1-4FAF-BD75-6869232CC749}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe

FirewallRules: [UDP Query User{0FEBDE0F-68F1-49AE-9698-D3579DBAEA75}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe

FirewallRules: [{AC4A71BE-AC6B-4F9D-8EBD-20B5B7283722}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe

FirewallRules: [{F1565FA9-230F-436A-B197-0E4C7E8FC733}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe

FirewallRules: [{D765A0E8-5207-4ED8-930B-D792F55085A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{4C071243-6ED3-46B3-9BAD-C892901E7F0A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{9254B947-D86C-423C-BCB1-6C33094E19F4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{4A86C955-CD05-45BE-A0F1-66FEDBAC790F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{54C68378-86FB-487D-8CC8-EC01147A9280}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{110D33DF-BC06-492A-AE2C-BDE2058F5C46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{EFF7C366-5B91-44A5-894E-4096E13B6F95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{789C6946-5694-4268-82AC-97B5A6155722}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [TCP Query User{DDB6CFEE-9BEA-411B-B1E3-74204A5D11D8}C:\users\speed x8\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\speed x8\appdata\local\google\chrome\application\chrome.exe

FirewallRules: [UDP Query User{DA90F069-A7B3-4301-B244-D3162B9DB787}C:\users\speed x8\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\speed x8\appdata\local\google\chrome\application\chrome.exe

FirewallRules: [{404EE391-A988-427B-9F53-82362737D731}] => (Block) C:\users\speed x8\appdata\local\google\chrome\application\chrome.exe

FirewallRules: [{DD22D4D4-75D3-4EFF-8ABE-F182747F26B7}] => (Block) C:\users\speed x8\appdata\local\google\chrome\application\chrome.exe

FirewallRules: [TCP Query User{891963FF-671E-4BAE-84F1-7DCFD1DA67A7}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe

FirewallRules: [UDP Query User{9BCD8031-89B1-4291-AA8F-2A281504611D}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe

FirewallRules: [{2F3B3855-EDBB-4E8D-8A4C-0BD7AF3C6EFA}] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe

FirewallRules: [{2433AB65-E6A3-4527-B7AF-671F1D1727D1}] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe

FirewallRules: [{DB92FC82-06A4-4769-9467-4E7638145BDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic The Gathering - Duels of the Planeswalkers\DotP.exe

FirewallRules: [{F97DC0F1-F0E0-40A4-A87C-37C9EAB4007E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic The Gathering - Duels of the Planeswalkers\DotP.exe

FirewallRules: [{90D88F2E-3029-4D64-8820-3C96EED12ABA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\towns\Towns.exe

FirewallRules: [{B83B660E-F515-41EA-A070-488F817800FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\towns\Towns.exe

FirewallRules: [{D738D644-1F5A-406E-A4A5-C9DABC723ACF}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe

FirewallRules: [{116DC740-165A-472B-AC1F-737D9DE59654}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe

FirewallRules: [TCP Query User{C4B64F08-45D4-4FCC-B56E-4446189AB0C3}C:\program files (x86)\gazillion entertainment\marvel heroes (test center)\unrealengine3\binaries\win32\marvelgame.exe] => (Allow) C:\program files (x86)\gazillion entertainment\marvel heroes (test center)\unrealengine3\binaries\win32\marvelgame.exe

FirewallRules: [UDP Query User{1590375E-B6E1-4FA4-9D59-DEE7807E2835}C:\program files (x86)\gazillion entertainment\marvel heroes (test center)\unrealengine3\binaries\win32\marvelgame.exe] => (Allow) C:\program files (x86)\gazillion entertainment\marvel heroes (test center)\unrealengine3\binaries\win32\marvelgame.exe

FirewallRules: [{E1647157-9E14-461E-A92F-EDAE2542F219}] => (Block) C:\program files (x86)\gazillion entertainment\marvel heroes (test center)\unrealengine3\binaries\win32\marvelgame.exe

FirewallRules: [{A7DA7039-105C-4299-A310-78A33A46F91C}] => (Block) C:\program files (x86)\gazillion entertainment\marvel heroes (test center)\unrealengine3\binaries\win32\marvelgame.exe

FirewallRules: [{6D17D265-1EF8-44F6-99FA-31DBC628E818}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe

FirewallRules: [{9EDA1CD0-D999-45FC-BE9D-03604649A714}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe

FirewallRules: [{B11444A4-49C1-4CF6-8ADE-697405952E41}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{918B0D20-8107-44A4-B631-2B6EEEFBBFF8}] => (Allow) LPort=2869

FirewallRules: [{0F788669-A6B1-40F4-AC95-DCDEA218207D}] => (Allow) LPort=1900

FirewallRules: [{3E379C41-E3F8-4C13-95B7-C44231D7F739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scribblenauts\Scribble.exe

FirewallRules: [{2AE007F3-B846-4B74-8823-B1BF5738ABBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scribblenauts\Scribble.exe

FirewallRules: [{42FB39AC-DAD9-46C6-95D8-80F0F019274B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{2E2043DD-B0FA-4727-88FC-CD5436754F42}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{E5ABE3BF-8C15-411F-B413-F9304ED05264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\kris008\garrysmod\hl2.exe

FirewallRules: [{6C257671-C2CA-4C1C-815B-93FC1C7BF50C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\kris008\garrysmod\hl2.exe

FirewallRules: [{CBF87C94-F47F-446D-9657-A8CEB5EC1127}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html

FirewallRules: [{97ECA764-4B4E-40F0-9ABD-09F4A8946791}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html

FirewallRules: [{33BA99C0-E695-4383-90C0-5EE9820DD601}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{B5213485-DA69-4B51-9F3D-295F96652BDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{0EF33F40-E255-4EF6-93BF-78CF2F9CAFE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{681DB789-8AFB-4B07-A822-AA43C0095D0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{DAD2B8E8-C79E-407E-A325-E6367E9E3A38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat

FirewallRules: [{1800F384-1DB8-4B97-AE93-23E17B6C0BB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat

FirewallRules: [{BBD442A1-EC32-42E9-B21C-FB6E7895B4F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{BB81E8BE-AB9B-4796-8BD6-DF461F98E74E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{619EA40D-720C-4F1E-99FD-DAC18DD99060}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{2031C435-F0C4-4A8C-BED0-9EC33F0C6896}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{077ECDF8-A1AE-4223-9818-C41B5C1C0A83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe

FirewallRules: [{D32533C8-8A6D-42AE-8B02-3396C18C6469}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe

FirewallRules: [{3667D240-F4DC-4064-8C5D-2B9695381718}] => (Allow) C:\Program Files (x86)\Steam\steamapps\kris008\garrysmod\hl2.exe

FirewallRules: [{6D717367-0645-4B2B-A294-CDFB026AC0A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\kris008\garrysmod\hl2.exe

FirewallRules: [{FF49F265-6F83-4E33-9EE2-54F979B96F88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mortal Kombat Arcade Kollection\BINARIES\WIN32\MKHDGame.exe

FirewallRules: [{63636B8C-0A05-4458-92D9-91989636391B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mortal Kombat Arcade Kollection\BINARIES\WIN32\MKHDGame.exe

FirewallRules: [{039871D4-E930-4046-84F9-951D47EB7EE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dustforce\dustforce.exe

FirewallRules: [{6713843D-9E35-4337-88D0-2BFEB7CAE573}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dustforce\dustforce.exe

FirewallRules: [TCP Query User{AFF70AD7-A3B5-428C-8714-95F06925E3D7}C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe

FirewallRules: [UDP Query User{F187F877-B4CB-4F48-B2CD-6165CFD76353}C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe

FirewallRules: [{3247961C-E16A-4FAE-8E3E-D63990BA4B93}] => (Block) C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe

FirewallRules: [{7796E584-D288-40D8-B2F4-288FFFE167A7}] => (Block) C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe

FirewallRules: [{13D5C788-41F4-4127-A35C-87914585389F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe

FirewallRules: [{9A6AAABA-390D-4595-BE84-F352BE47748F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe

FirewallRules: [{3ADE83AB-9132-4AF0-94D7-B8B1B90AEF4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe

FirewallRules: [{3CCA14CA-B55E-4E7A-8ABB-3030E62C2411}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe

FirewallRules: [{5E1C6162-F48E-40B7-BEF3-FD3B0B946637}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe

FirewallRules: [{1812F2D4-8DFA-42A5-97C9-E88D5F7A9899}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe

FirewallRules: [{85F93F99-B02B-492E-9EC1-075D50CD4FE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{4E51AC0F-13ED-442E-85F7-D0CAC2925BDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{85F02392-2300-4948-818A-5111105860BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html

FirewallRules: [{DE119C75-C630-409A-87CF-E314EC7EA173}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html

FirewallRules: [{E7804679-A660-44B2-8414-1085851D74E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{877A9C71-C4A5-4812-8A58-3BEDDB1AD411}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{BC83D54F-E7FE-4729-8F2C-C07CC7D5ABB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{2DA2C853-636D-4E88-A7CB-BBA8BE0CC4DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{D9B52CB8-3F05-4A80-A5F8-A10342C336E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat

FirewallRules: [{E6E9B266-9030-4A27-9769-A3FF2C8A5B44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat

FirewallRules: [{316E6DB9-5C6F-414A-9322-01B05C4CE072}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{8EE615A4-A340-4584-A5C8-FF29B3524E9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{A0C39657-E587-4E33-A027-D5DFA88A2119}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{CF44CF1E-D48F-442F-AD34-3895483F4758}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat

FirewallRules: [{6C5FCB36-E87F-408C-B687-955CC4B77E32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe

FirewallRules: [{859447DB-CA0F-43C2-BD66-295CFDC55CD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe

FirewallRules: [{0CCC13E2-B6A2-4DF9-8F2D-85C9A2E9963C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe

FirewallRules: [{4960B8D3-1E24-41CD-93BE-DB70D8341FD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe

FirewallRules: [{3D5B77C9-EFE8-4AF3-925F-45ECAE89E389}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe

FirewallRules: [{4316FE49-72D3-4DC7-B844-ABF7A36EE64D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe

FirewallRules: [{1EE0089A-A94D-4899-855B-5FDF80F719A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe

FirewallRules: [{039F7929-5863-4A46-8C6B-D8693F40025D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe

FirewallRules: [{C77CD401-CE15-4B2E-A34C-93469AE42D5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe

FirewallRules: [{3D666BDF-57F0-4419-AF70-7677E814BE77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe

FirewallRules: [{E14397CC-40B1-46F7-B0E2-9C49C415325A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe

FirewallRules: [{36E92A08-C14C-4D89-85CC-E21275AE1C8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe

FirewallRules: [{CD91CF2D-44FE-4661-B434-F83909329EA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe

FirewallRules: [{0035304B-4FEC-44EC-9737-6FB17FE87DDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe

FirewallRules: [{BA719AA8-DE33-461F-8576-86DEA07325AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\terraria\Terraria.exe

FirewallRules: [{AFB37D60-2E16-4D5D-98C1-27B59F19B1F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\terraria\Terraria.exe

FirewallRules: [{23A64E78-D4C5-4FFA-998B-DC8F710923D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Castle Story\Castle Story Prototype.exe

FirewallRules: [{971A013C-A13B-44DB-9CB3-9B7712521710}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Castle Story\Castle Story Prototype.exe

FirewallRules: [{12D173D1-041A-433E-94FE-60112BFD7D6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\Launcher.exe

FirewallRules: [{B3A50F56-5601-4658-AF02-84CFE75FC4E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\Launcher.exe

FirewallRules: [{5886A0BE-0E8D-43E4-AB4B-3F629B168B86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\Launcher.exe

FirewallRules: [{F42CCFCA-A85B-4AB7-BA63-162C4D3A1B07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\Launcher.exe

FirewallRules: [{31CDB285-B4CC-4F17-BB8B-DE8347C5E404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe

FirewallRules: [{5F8E8371-9DC0-4951-A97A-CAB0138A1020}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe

FirewallRules: [{14E0FDD7-8C60-40BF-9C0B-6B01F1DAB624}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe

FirewallRules: [{D1DAF126-4A72-43C0-B3C3-12FA38EAC31A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe

FirewallRules: [{37E8F381-1A0E-4941-B57E-777A68B216AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe

FirewallRules: [{83FEC552-E3FE-4AE4-A930-3D4418062FE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe

FirewallRules: [{7C7F65E8-1B0E-4756-A86B-A829AB4EC3FE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe

FirewallRules: [{1777A6CA-CEFA-4BF1-A212-3331A7A23FE0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe

FirewallRules: [{24768329-70B8-45D5-8CA0-754CEC858083}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe

FirewallRules: [{5BBF636C-CF37-43D2-89DC-A1FE0DE085F7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe

FirewallRules: [{1800AF20-61F1-4A1A-8076-BF4B39953F30}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [{FC7E7271-14FC-4A69-8747-792FEEC03295}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [{8CC71D9B-0F35-4E2A-9F5B-EA4F87AD03E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe

FirewallRules: [{D17E68F9-15E9-47B0-9637-A87730FFF5FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe

FirewallRules: [{D3D05383-7B9D-4FF3-8863-EFF8F495CD13}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe

FirewallRules: [{0B442F03-A353-44C3-9792-7FB7F4E7E124}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe

FirewallRules: [{42D0D8AF-7F5A-4299-A443-EE8461C42F14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\frozen synapse\FrozenSynapse.exe

FirewallRules: [{FBBE4357-AA17-46AC-AD3F-094C49641979}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\frozen synapse\FrozenSynapse.exe

FirewallRules: [{2995B2A7-E566-48A1-AE2E-8B72865238D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe

FirewallRules: [{4FFC3931-22DA-4289-A68D-A9F539F93F90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe

FirewallRules: [{600FCB67-7690-469D-A4EB-BD39BA1789B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe

FirewallRules: [{0B38911E-6E62-4119-B73F-D5E9EFB21B95}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe

FirewallRules: [{E5726269-6E1C-4CC6-ACE3-D40D80D8DC0F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{5A722A47-CF50-4C04-8F67-7517D6EAF618}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{DC09CFC4-92E2-4408-8A69-F143A07E6CA9}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe

FirewallRules: [{E3717BE2-1D72-40CA-AC74-7AE203C53B9B}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe

FirewallRules: [{043454C3-874C-448C-AEFF-D35D7BF2FFF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pixel Piracy\PixelPiracy.exe

FirewallRules: [{972022AC-88FE-4B15-87B4-36354EAB4C56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pixel Piracy\PixelPiracy.exe

FirewallRules: [{36C78D50-5A84-4722-BE5B-13F920CD474A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [TCP Query User{F3BD4356-90D9-453E-B40C-7042F3E535E1}C:\pylo\mcreator\jdk\bin\java.exe] => (Allow) C:\pylo\mcreator\jdk\bin\java.exe

FirewallRules: [UDP Query User{7825F6E9-B526-4D62-96D0-FDF097414EF4}C:\pylo\mcreator\jdk\bin\java.exe] => (Allow) C:\pylo\mcreator\jdk\bin\java.exe

FirewallRules: [{74499494-A301-4AB0-B206-410A1018EABE}] => (Block) C:\pylo\mcreator\jdk\bin\java.exe

FirewallRules: [{2ED2EB46-3024-4060-BC32-A98571C32919}] => (Block) C:\pylo\mcreator\jdk\bin\java.exe

FirewallRules: [TCP Query User{C68C77FB-7272-4DF8-9114-B5A9295D4F35}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe

FirewallRules: [UDP Query User{F10DB00A-AAD5-413A-BCB8-67C5F7EDB77F}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe

FirewallRules: [{33B25653-03E3-4DBB-865F-C5B65AF6B3A6}] => (Block) C:\program files\java\jre8\bin\javaw.exe

FirewallRules: [{30017E46-E84D-49B3-869B-3F4C1F1CE463}] => (Block) C:\program files\java\jre8\bin\javaw.exe

FirewallRules: [{FBC4D2A9-C33C-49E3-89AF-AD1B611E1895}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe

FirewallRules: [{7B1769F1-D88F-4C80-A651-AD441BBCAA68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe

FirewallRules: [{C6C52F06-C534-4A89-8DFD-53426CC4636F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe

FirewallRules: [{90B438BC-732F-4CA5-AB38-B217D7F31A2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe

FirewallRules: [TCP Query User{E0ACA62E-6E27-4ABE-B591-42F618F1D0A8}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe

FirewallRules: [UDP Query User{D38CF95F-B490-4688-A398-10A6693E9128}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe

FirewallRules: [{1BB93890-510B-4205-8C8A-95B9AF52E213}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe

FirewallRules: [{8953CAB9-ACE9-4D4D-A87C-0D801D7D0CCD}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe

FirewallRules: [{88F62E43-6D9A-4FC7-BC0F-3202BC32486D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [{72FF0A20-A835-4C91-9588-F70AC8FA565E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [{D53D5ABB-D491-476F-8F50-3041769C6690}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2014\fm.exe

FirewallRules: [{C9D18E0D-82EF-48AF-9EDC-F72EAAF798BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2014\fm.exe

FirewallRules: [{FA1FB9B1-21AB-492F-A4FE-DCCF0B349493}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe

FirewallRules: [{C7AF831B-03B5-47ED-AA60-E2CCACDD6081}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe

FirewallRules: [{CF3011FB-E348-4CED-8896-F9E78C8A1727}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe

FirewallRules: [{3E73BE0B-A452-494E-801D-270BE1D04A8A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe

FirewallRules: [{2B516729-6712-4BFF-B8A4-7ED0CFD24307}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe

FirewallRules: [{C1EB74E4-B486-4F43-891F-E0F5A485E697}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe

FirewallRules: [{E8E35D5C-772E-46C8-B3F5-2A9440C7D177}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe

FirewallRules: [{57706DBD-8859-4A48-A216-A4002F083BDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe

FirewallRules: [{E07B57D2-CE91-41CB-8BF2-F37379C38823}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe

FirewallRules: [{84B12980-A531-48FA-9105-298E489B6F40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe

FirewallRules: [{4144B518-9697-4EA1-9FEB-704257DA314F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe

FirewallRules: [{6EB84C17-DC8E-45F6-B042-686F2C69FA68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe

FirewallRules: [{7A83AEBC-29B5-4DD0-B5A8-56DC57CD362C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe

FirewallRules: [{BC9140E6-B5E6-40A5-9427-C46552CB2FB0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe

FirewallRules: [{6A5B68DC-5687-4DC3-871A-AB88DE71649C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{3009FB24-C927-4670-B731-49EFB70F1120}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [TCP Query User{A453E6AC-462D-4F62-9FEA-7330662205C2}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Block) C:\program files (x86)\secondlifeviewer\slvoice.exe

FirewallRules: [UDP Query User{4E97F766-23BF-4074-BE38-71DAA2C2A407}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Block) C:\program files (x86)\secondlifeviewer\slvoice.exe

FirewallRules: [TCP Query User{E79B4009-D09B-4C5B-B757-8F0898876F7A}C:\users\speed x8\desktop\opensim-0.8\bin\opensim.exe] => (Allow) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.exe

FirewallRules: [UDP Query User{619D045D-EA73-464D-8C27-2C85B108754A}C:\users\speed x8\desktop\opensim-0.8\bin\opensim.exe] => (Allow) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.exe

FirewallRules: [{22CDBC06-1813-4122-9F2A-7BF7992F29B7}] => (Block) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.exe

FirewallRules: [{50983A76-DD59-42BA-9BCB-85AD3937DAB0}] => (Block) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.exe

FirewallRules: [TCP Query User{053940BD-614C-4A67-B31A-97669DD73B4E}C:\users\speed x8\desktop\opensim-0.8\bin\opensim.32bitlaunch.exe] => (Allow) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.32bitlaunch.exe

FirewallRules: [UDP Query User{AC5F1939-7760-49E3-BC68-CE4099FA6E7F}C:\users\speed x8\desktop\opensim-0.8\bin\opensim.32bitlaunch.exe] => (Allow) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.32bitlaunch.exe

FirewallRules: [{028D36D1-E6BF-4F52-9AEE-26226DAB41A9}] => (Block) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.32bitlaunch.exe

FirewallRules: [{EC06397C-6D49-4FD5-BF76-C4765390C358}] => (Block) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.32bitlaunch.exe

FirewallRules: [TCP Query User{C3FD0FC5-8D50-40EB-94B3-99236FD734DF}C:\users\speed x8\appdata\local\temp\rar$exa0.303\opensim-0.8\bin\opensim.exe] => (Allow) C:\users\speed x8\appdata\local\temp\rar$exa0.303\opensim-0.8\bin\opensim.exe

FirewallRules: [UDP Query User{4DE4EB4D-4543-4549-855C-625983226BA2}C:\users\speed x8\appdata\local\temp\rar$exa0.303\opensim-0.8\bin\opensim.exe] => (Allow) C:\users\speed x8\appdata\local\temp\rar$exa0.303\opensim-0.8\bin\opensim.exe

FirewallRules: [{B4E8A3A8-E8FD-4D93-B799-5C455485425E}] => (Block) C:\users\speed x8\appdata\local\temp\rar$exa0.303\opensim-0.8\bin\opensim.exe

FirewallRules: [{6BEAB6A4-D529-468F-9A42-89460AA8D525}] => (Block) C:\users\speed x8\appdata\local\temp\rar$exa0.303\opensim-0.8\bin\opensim.exe

FirewallRules: [TCP Query User{13202520-4F43-429E-AC75-AB0DD7A2D20C}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe] => (Allow) C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe

FirewallRules: [UDP Query User{038E5BA8-5BEB-4DC3-B369-63FE7F0B894F}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe] => (Allow) C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe

FirewallRules: [{24639AB0-3F89-44AF-8148-CAAAD05ECEE2}] => (Block) C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe

FirewallRules: [{7E6487D5-0DD6-44D7-AD3B-5A2EA9593037}] => (Block) C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe

FirewallRules: [{E0651CE6-8B7F-4964-9AED-3DE1BB66AD5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe

FirewallRules: [{01418C28-678E-4A03-BC33-9B922A095171}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe

FirewallRules: [{8A430610-CA3E-4AA8-B34F-8F7ECD55F7FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe

FirewallRules: [{CFD4542D-5089-4FD9-BC06-18D74A8BF811}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe

FirewallRules: [{4D200544-32AF-4350-9611-197E96BC38A6}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe

FirewallRules: [TCP Query User{F218BAB7-0813-4FD2-9AE0-7E25B72AE095}C:\program files (x86)\GameforgeLive\Games\GBR_eng\Orcs Must Die! Unchained\OMDU.exe] => (Allow) C:\program files (x86)\GameforgeLive\Games\GBR_eng\Orcs Must Die! Unchained\OMDU.exe

FirewallRules: [UDP Query User{FEB8FF54-F458-4083-AC2E-F4F7319757D0}C:\program files (x86)\GameforgeLive\Games\GBR_eng\Orcs Must Die! Unchained\OMDU.exe] => (Allow) C:\program files (x86)\GameforgeLive\Games\GBR_eng\Orcs Must Die! Unchained\OMDU.exe

FirewallRules: [{A7C4F607-FBA9-46DD-85AF-22DCBB9D22F7}] => (Block) C:\program files (x86)\GameforgeLive\Games\GBR_eng\Orcs Must Die! Unchained\OMDU.exe

FirewallRules: [{80EF9C81-69B5-48BE-BA45-1C206CDE1799}] => (Block) C:\program files (x86)\GameforgeLive\Games\GBR_eng\Orcs Must Die! Unchained\OMDU.exe

FirewallRules: [TCP Query User{8340FBD4-EED3-44CC-B567-064FB2378DE7}C:\program files (x86)\gameforgelive\games\gbr_eng\orcs must die! unchained\binaries\win64\spitfiregame.exe] => (Allow) C:\program files (x86)\gameforgelive\games\gbr_eng\orcs must die! unchained\binaries\win64\spitfiregame.exe

FirewallRules: [UDP Query User{FB8C7529-9852-450C-9FAA-662D69093729}C:\program files (x86)\gameforgelive\games\gbr_eng\orcs must die! unchained\binaries\win64\spitfiregame.exe] => (Allow) C:\program files (x86)\gameforgelive\games\gbr_eng\orcs must die! unchained\binaries\win64\spitfiregame.exe

FirewallRules: [{1FF4230A-7E36-44FD-A45B-E2EADA5B4111}] => (Block) C:\program files (x86)\gameforgelive\games\gbr_eng\orcs must die! unchained\binaries\win64\spitfiregame.exe

FirewallRules: [{4597DE5C-3CC5-4C59-96ED-48BCCA49BCFD}] => (Block) C:\program files (x86)\gameforgelive\games\gbr_eng\orcs must die! unchained\binaries\win64\spitfiregame.exe

FirewallRules: [{ACD488E0-7852-4BAB-B504-940E4F9EF7F4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe

FirewallRules: [{F4073C15-9210-41A7-9AA6-33899A1A324C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe

FirewallRules: [{422C79C2-92FA-4C2F-8C43-89BEFED35CAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HiddenInPlainSight\HiddenInPlainSight.exe

FirewallRules: [{17F00E5C-C67A-45E0-BA4C-8873CBC319C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HiddenInPlainSight\HiddenInPlainSight.exe

FirewallRules: [{F4DC9E1A-4CA1-4998-9BB5-02FFA81ACC68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crawl\Crawl.exe

FirewallRules: [{270D55EB-1298-40A7-BD74-327543A2CEEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crawl\Crawl.exe

FirewallRules: [{29A383DF-DAD3-49CB-AD9F-F8BD93F58761}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{3872E2DC-DA8F-4D4C-9A4D-B8130D50D39A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{B6AFDF59-7B41-4097-893C-304C809B5565}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe

FirewallRules: [{BD573484-7DCB-4391-9B68-07DC7387FFA7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe

FirewallRules: [{6C3CB385-4CBF-4167-8AE3-B27C816FBDF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warlock - Master of the Arcane\Game.exe

FirewallRules: [{8E2A6F2B-3459-4CCC-9088-C438195073C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warlock - Master of the Arcane\Game.exe

FirewallRules: [{C581AFF2-72B2-4545-864C-9D30A3EE1770}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe

FirewallRules: [{4F8934D5-F337-4B40-AAE0-656FF1BCDF2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe

FirewallRules: [{D6C30A93-97DF-4B1F-A329-1A293F7C0A2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MiniMetro\MiniMetro.exe

FirewallRules: [{3633C427-0930-4BAA-893F-CCEECCF42709}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MiniMetro\MiniMetro.exe

FirewallRules: [{B028FE13-5410-487D-9392-DBCBC3F1621E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe

FirewallRules: [{16B0557D-5B2E-4F33-A616-C74C7061630C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe

FirewallRules: [{118B5754-BA79-46FB-88B6-BBA9C01D15C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe

FirewallRules: [{BF9D76A0-F12B-4E5E-8AD1-D15EDCD2AE39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe

FirewallRules: [TCP Query User{86538025-B537-475D-98BF-CE227B73D5C9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

FirewallRules: [UDP Query User{9DDB24DF-CDAB-4929-A738-FA64C9D7EC9C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

FirewallRules: [{D9557825-97ED-4609-9718-EC88AC684C01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wasteland 2\Build\WL2.exe

FirewallRules: [{51AC18DD-6132-458C-BC0F-ED114509EA23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wasteland 2\Build\WL2.exe

FirewallRules: [{E842E4E2-6FFD-430A-838F-D76E1F43F19F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silent Storm Sentinels\Sentinels.exe

FirewallRules: [{C3CFC40A-6D8C-42F9-8194-821988B45B01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silent Storm Sentinels\Sentinels.exe

FirewallRules: [{8662EE4C-0CCE-4054-B5ED-FBB85262AF5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silent Storm\game.exe

FirewallRules: [{37DC15F5-C330-4535-8312-6942BB035CC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silent Storm\game.exe

FirewallRules: [{C363D4FC-5912-457D-A365-B24A4FD68B9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Clan Wars\WormsClanWars.exe

FirewallRules: [{BFA465F6-D5D1-4F15-A7A4-E615FDFD61A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Clan Wars\WormsClanWars.exe

FirewallRules: [{6DF066AE-5FE6-485D-9AB0-57D6CD4E5DC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugbear Entertainment\Wreckfest.exe

FirewallRules: [{51E879D0-B103-4045-9A6C-36E7A41D8B28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugbear Entertainment\Wreckfest.exe

FirewallRules: [{49B7C16F-7ABA-4B19-B81A-98BCBA89946C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Next Car Game Sneak Peek 2.0\Next Car Game Technology Sneak Peek.exe

FirewallRules: [{7726DDF3-E084-42A6-B902-8D335A0870CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Next Car Game Sneak Peek 2.0\Next Car Game Technology Sneak Peek.exe

FirewallRules: [{BEF232D5-D339-4996-95F1-9BF5BAF445D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gauntlet\binaries\gauntlet.exe

FirewallRules: [{4CCF08D8-C3CC-4F67-8F2D-7B6A0803CF78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gauntlet\binaries\gauntlet.exe

FirewallRules: [{F7D9B23E-5CAD-4B7E-B9E2-8A5D96D87D3A}] => (Allow) LPort=27015

FirewallRules: [{BCB03840-7BA8-4A7A-A594-D61B6FAD243B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Amnesia.exe

FirewallRules: [{26A0CD83-EA61-415A-999C-6ED10F38CB45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Amnesia.exe

FirewallRules: [{C5B6D847-696C-4E82-9D16-DE41ACEDC546}] => (Allow) C:\Program Files (x86)\Mirroring360\Mirroring360.exe

FirewallRules: [{A26B7858-171B-41CF-B436-41B015AF3E32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Castle Story\Castle Story.exe

FirewallRules: [{972137CF-B97E-4A26-8E97-869F2288D8DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Castle Story\Castle Story.exe

FirewallRules: [{E2A50709-B834-4D46-AC4E-E72D91E57A13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe

FirewallRules: [{5680C358-EF64-4142-BD39-367A232CC228}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe

FirewallRules: [{703131B7-8148-4226-B985-C7EAC5AC00DF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe

FirewallRules: [{3ABD9FB1-7214-4059-948D-C11A09846305}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe

FirewallRules: [{465FFF82-92AD-4E63-A385-B853EB88B58C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TerraTech Demo\TerraTechWin64.exe

FirewallRules: [{168F8E06-C7A1-4315-A8CC-A23A0E1F41BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TerraTech Demo\TerraTechWin64.exe

FirewallRules: [{7662AB0E-A673-43C9-B459-72C98B4AE181}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe

FirewallRules: [{BCD63986-F254-48B4-93F1-7B98BEA37767}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe

FirewallRules: [TCP Query User{EC0C7C6F-C17E-4A74-A333-BCDB96949DA9}C:\users\speed x8\appdata\local\temp\heat.bin] => (Allow) C:\users\speed x8\appdata\local\temp\heat.bin

FirewallRules: [UDP Query User{F9888208-7847-43E1-BB1F-777714C125F6}C:\users\speed x8\appdata\local\temp\heat.bin] => (Allow) C:\users\speed x8\appdata\local\temp\heat.bin

FirewallRules: [{C11EFBDD-A77D-4BD6-9ED3-4ADA9B499313}] => (Block) C:\users\speed x8\appdata\local\temp\heat.bin

FirewallRules: [{3FE178DE-DFF2-4DCF-9EF9-AB17B903949C}] => (Block) C:\users\speed x8\appdata\local\temp\heat.bin

FirewallRules: [{C0DEAB61-DC04-4775-9C47-80AFCEB3FE75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe

FirewallRules: [{874CB043-C377-4066-BC49-5FC559059074}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe

FirewallRules: [{60CBE8BF-656D-4013-A1DF-041E194AAE38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe

FirewallRules: [{B89369DC-E8CD-4239-8518-1BD1DB67EBD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe

FirewallRules: [{106A85E8-5370-4CCD-A8DD-0347DF8CE3D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe

FirewallRules: [{A4E880B3-64FE-4842-8AC6-8E1BE48EDF31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe

FirewallRules: [TCP Query User{F43AE078-BD94-441B-BAA4-47AA2FDC2D47}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe

FirewallRules: [UDP Query User{6D327256-D72E-4208-B78F-8431D30D624B}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe

FirewallRules: [{01204FDA-B03C-4358-8494-5DD9920CADAD}] => (Block) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe

FirewallRules: [{D3B355B6-482B-47C4-BA54-A5154E29A5CB}] => (Block) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe

FirewallRules: [{71CFB769-28AC-4250-AE2E-7E88BA90EBC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\realm of the mad god\Realm of the Mad God.exe

FirewallRules: [{368B4582-24D5-48D6-BA2F-802DDB2C71EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\realm of the mad god\Realm of the Mad God.exe

FirewallRules: [TCP Query User{EB0F5DDF-E0D5-495B-9486-4D4D57C879BF}C:\users\speed x8\desktop\thief town\bin\jre7\bin\javaw.exe] => (Allow) C:\users\speed x8\desktop\thief town\bin\jre7\bin\javaw.exe

FirewallRules: [UDP Query User{818EE92F-4845-43F4-A29F-748AADF53B53}C:\users\speed x8\desktop\thief town\bin\jre7\bin\javaw.exe] => (Allow) C:\users\speed x8\desktop\thief town\bin\jre7\bin\javaw.exe

FirewallRules: [{658E515F-6BFB-4532-B56E-507B63143915}] => (Block) C:\users\speed x8\desktop\thief town\bin\jre7\bin\javaw.exe

FirewallRules: [{FB858046-DB02-4909-980B-03D65B44A28F}] => (Block) C:\users\speed x8\desktop\thief town\bin\jre7\bin\javaw.exe

FirewallRules: [TCP Query User{25CAE35F-D07B-4AEE-8504-1CF08BB02C4F}C:\users\speed x8\desktop\trinusgyreserver\tgserver.exe] => (Allow) C:\users\speed x8\desktop\trinusgyreserver\tgserver.exe

FirewallRules: [UDP Query User{15F888D0-78A5-4442-929D-18E7EE0C0847}C:\users\speed x8\desktop\trinusgyreserver\tgserver.exe] => (Allow) C:\users\speed x8\desktop\trinusgyreserver\tgserver.exe

FirewallRules: [{6507CFC7-C98D-4E68-BD80-496302C21335}] => (Block) C:\users\speed x8\desktop\trinusgyreserver\tgserver.exe

FirewallRules: [{DA8A3CF1-1471-4189-A296-125E15B2D6C9}] => (Block) C:\users\speed x8\desktop\trinusgyreserver\tgserver.exe

FirewallRules: [{2A97B60E-7992-43B4-BD3C-03388B49E4F3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe

FirewallRules: [{49B839C6-AE19-4CF0-A9D7-6C36A051C3A5}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe

FirewallRules: [{0F14F2EA-8B12-456C-BA26-F279931461C6}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe

FirewallRules: [{E000F171-BCBA-486E-9401-02D8816DD6CE}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe

FirewallRules: [{CDBC4F09-4C18-4BC8-B54A-94B3940572AC}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe

FirewallRules: [{390F8498-1C42-42B2-BCFF-E2EAEB83AA80}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe

FirewallRules: [{0E0F760C-D81E-40DB-9A12-B44137FB01F3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe

FirewallRules: [{D7027310-87C4-4835-BC80-E6B51FD6A7A1}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe

FirewallRules: [TCP Query User{DC6575D1-9D37-4719-8186-DF3D50FCC425}C:\users\speed x8\desktop\trinusgyreserver\ext\facetracknoir.exe] => (Allow) C:\users\speed x8\desktop\trinusgyreserver\ext\facetracknoir.exe

FirewallRules: [UDP Query User{202EE49D-2539-4C26-8030-495421661896}C:\users\speed x8\desktop\trinusgyreserver\ext\facetracknoir.exe] => (Allow) C:\users\speed x8\desktop\trinusgyreserver\ext\facetracknoir.exe

FirewallRules: [{EA6D767E-6AD0-445B-BFEF-9F43AA3C3177}] => (Block) C:\users\speed x8\desktop\trinusgyreserver\ext\facetracknoir.exe

FirewallRules: [{69AB5CA4-A054-41F6-9260-4177F3F6E0A7}] => (Block) C:\users\speed x8\desktop\trinusgyreserver\ext\facetracknoir.exe

FirewallRules: [{3537C0EC-976F-424D-BE85-8F500D08EF1F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{6BB2BE34-B884-4B2A-B407-2ABF84292705}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe

FirewallRules: [{422E0D56-10CC-4C3B-AC60-836FEDABAD94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe

FirewallRules: [TCP Query User{7D377E66-4B86-43A2-ACB8-8921D3079505}C:\program files (x86)\steam\steamapps\common\carmageddon_reincarnation\bin\carmageddon_reincarnation.exe] => (Block) C:\program files (x86)\steam\steamapps\common\carmageddon_reincarnation\bin\carmageddon_reincarnation.exe

FirewallRules: [UDP Query User{4C951F66-4762-4876-9C40-93FCAE995CA0}C:\program files (x86)\steam\steamapps\common\carmageddon_reincarnation\bin\carmageddon_reincarnation.exe] => (Block) C:\program files (x86)\steam\steamapps\common\carmageddon_reincarnation\bin\carmageddon_reincarnation.exe

FirewallRules: [{2A8AB55B-9BD4-47E6-97E0-115179236C65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of WarFace Off\game.exe

FirewallRules: [{951CE029-D70A-4F62-B709-2AE93A1DB9BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of WarFace Off\game.exe

FirewallRules: [{F3578405-CE94-4A32-B489-4212C3E586BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons\DungeonsStarter.exe

FirewallRules: [{E3F6EDC1-FA5C-4BCC-8C13-7244FF618FF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons\DungeonsStarter.exe

FirewallRules: [TCP Query User{80B1C00B-7EE9-4501-95E3-7B4BFAAEA4D8}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe

FirewallRules: [UDP Query User{78C98EB8-FD84-4719-B296-B23C94ADAC4A}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe

FirewallRules: [{1E53301B-F925-463B-AC29-7F6F88726941}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe

FirewallRules: [{E8FE2C73-81CA-469E-BA12-0F88C00A8FB6}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe

FirewallRules: [{42957E35-5F25-474D-B445-5F2DCB668372}] => (Allow) C:\Users\Speed X8\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{7A348E49-E897-44BD-BEB3-5011618F884E}] => (Allow) C:\Users\Speed X8\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{C800E4C3-0E31-4549-B7EE-C64F67582D1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Carmageddon_Reincarnation\bin\Carmageddon_Reincarnation.exe

FirewallRules: [{9396A75A-FF4A-44D4-B930-5D4E36CFBA04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Carmageddon_Reincarnation\bin\Carmageddon_Reincarnation.exe

FirewallRules: [{275F2DBF-C938-46D6-9696-ED605AA29E67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Pirates!\Pirates!.exe

FirewallRules: [{10463DBA-7264-4B44-85EB-B09D2EF7211F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Pirates!\Pirates!.exe

FirewallRules: [TCP Query User{8DBD034F-049F-4B21-91AC-F52AF493631E}C:\users\speed x8\appdata\local\temp\rar$exa0.338\ygopro-1.033.4v2-percy\ygopro_vs.exe] => (Allow) C:\users\speed x8\appdata\local\temp\rar$exa0.338\ygopro-1.033.4v2-percy\ygopro_vs.exe

FirewallRules: [UDP Query User{1AF90409-E96A-441E-9674-DB093BF55F02}C:\users\speed x8\appdata\local\temp\rar$exa0.338\ygopro-1.033.4v2-percy\ygopro_vs.exe] => (Allow) C:\users\speed x8\appdata\local\temp\rar$exa0.338\ygopro-1.033.4v2-percy\ygopro_vs.exe

FirewallRules: [{CC1B1062-BE61-41F7-A5C8-E47EEA0CFD51}] => (Block) C:\users\speed x8\appdata\local\temp\rar$exa0.338\ygopro-1.033.4v2-percy\ygopro_vs.exe

FirewallRules: [{449E4F34-0D5D-4842-B848-3843B1AF06B3}] => (Block) C:\users\speed x8\appdata\local\temp\rar$exa0.338\ygopro-1.033.4v2-percy\ygopro_vs.exe

FirewallRules: [{E3B49933-6B65-4F67-AD42-90D8B7AAEBA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe

FirewallRules: [{3B5E0706-F4F4-4EBC-B742-F6341FE0B0A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe

FirewallRules: [{E910285B-0CEB-4069-A3D0-B4713A8E75ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe

FirewallRules: [{581365B6-6F9B-428B-AD20-2D5379943028}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe

FirewallRules: [{0647DADA-C279-4704-BA1B-0D7BDA449516}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tbs\win32\The Banner Saga.exe

FirewallRules: [{4089569F-739A-417E-8CCB-73867DD0E6BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tbs\win32\The Banner Saga.exe

FirewallRules: [{87B09D3C-90D8-4FA6-96AB-85CA51CF182E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugbear Entertainment\Wreckfest_x64.exe

FirewallRules: [{64727AD4-AE2E-4E24-BA25-B1BE1ED6537D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugbear Entertainment\Wreckfest_x64.exe

FirewallRules: [{2CB08154-C8F5-4994-B2A5-B50A460A84E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloody Trapland\Bloody Trapland.exe

FirewallRules: [{1DB42E25-7C09-40F6-9A60-D869D8330D3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloody Trapland\Bloody Trapland.exe

FirewallRules: [TCP Query User{57BC5FB0-B251-4E90-8098-B267D6D78BFD}C:\program files (x86)\gigabyte\@bios\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\updexe.exe

FirewallRules: [UDP Query User{881B7CB3-2FB0-4F29-BA9D-E7779A746AB8}C:\program files (x86)\gigabyte\@bios\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\updexe.exe

FirewallRules: [{5D8BEB6F-B46B-4900-919E-06B420D7C3E4}] => (Block) C:\program files (x86)\gigabyte\@bios\updexe.exe

FirewallRules: [{5E180DBC-5ED8-4FD9-925A-42B19787C5FA}] => (Block) C:\program files (x86)\gigabyte\@bios\updexe.exe

FirewallRules: [TCP Query User{C0CC8EFF-5F29-4BAC-8848-4223A400DB7B}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe

FirewallRules: [UDP Query User{D8B3F723-31B0-4B31-9118-1F8D2B373219}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe

FirewallRules: [{39FE7AC0-BBA0-4296-AE7A-BAF5C0D3B8BD}] => (Block) C:\program files (x86)\gigabyte\@bios\gbtupd.exe

FirewallRules: [{8382602A-04C2-48FB-A92D-EE0DE22AA70D}] => (Block) C:\program files (x86)\gigabyte\@bios\gbtupd.exe

FirewallRules: [{00CF2874-983C-4C92-9864-7D5D0EAC1666}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe

FirewallRules: [{3C648F43-0C73-46B1-9B22-6AC09D85ADC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe

FirewallRules: [{157F1228-429C-452B-823F-9D733CA1FDC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE

FirewallRules: [{FC42A3E4-F547-4381-A2AA-B16158157AB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE

FirewallRules: [{AC2C148F-C687-4B0B-A41E-5A69312EEDE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe

FirewallRules: [{14A8A30F-D093-439E-BF96-32D5F6550235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe

FirewallRules: [{64D293B8-022E-42E2-ADF9-94802EC489BA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{A7CCBBC6-23A9-44EE-8A65-8F9974EF6334}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{DE25E8F6-31B1-486C-AB94-362BC936DECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{F766C05D-B753-40BF-BE9C-CCD8BD51A2C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mashed\MASHED.exe

FirewallRules: [{90145B7B-D213-4F2D-9889-8FE2C7F9565F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mashed\MASHED.exe

FirewallRules: [{A6C3A062-94CC-4368-90D8-2AB85CEA2E0B}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe

FirewallRules: [{FAB3A11C-997E-4CE8-ACD3-FF348ED5EE08}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe

FirewallRules: [{50584BF8-E92D-481A-848A-B60846E518FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe

FirewallRules: [{279190D4-68CD-414D-AA96-E79002C000AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name: VirtualBox Host-Only Ethernet Adapter

Description: VirtualBox Host-Only Ethernet Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Oracle Corporation

Service: VBoxNetAdp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Teredo Tunneling Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:

==================

Error: (08/20/2015 09:02:05 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2015 09:01:34 PM) (Source: ESENT) (EventID: 215) (User: )

Description: WinMail (2732) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (08/20/2015 08:21:06 PM) (Source: CoupoonService64) (EventID: 1) (User: )

Description: CoupoonService64SvcInit, failed to connect to driver, status: -1

failed with 2

Error: (08/20/2015 08:19:43 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2015 08:18:47 PM) (Source: ESENT) (EventID: 215) (User: )

Description: WinMail (2216) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (08/20/2015 10:00:49 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: svchost.exe_DiagTrack, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1

Faulting module name: ntdll.dll, version: 6.1.7601.18933, time stamp: 0x55a6a196

Exception code: 0xc000000d

Fault offset: 0x000000000006eea2

Faulting process id: 0x9a4

Faulting application start time: 0xsvchost.exe_DiagTrack0

Faulting application path: svchost.exe_DiagTrack1

Faulting module path: svchost.exe_DiagTrack2

Report Id: svchost.exe_DiagTrack3

Error: (08/20/2015 09:07:11 AM) (Source: CoupoonService64) (EventID: 1) (User: )

Description: CoupoonService64SvcInit, failed to connect to driver, status: -1

failed with 2

Error: (08/20/2015 09:05:29 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2015 09:03:39 AM) (Source: ESENT) (EventID: 215) (User: )

Description: WinMail (2888) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (08/19/2015 06:54:48 PM) (Source: CoupoonService64) (EventID: 1) (User: )

Description: CoupoonService64SvcInit, failed to connect to driver, status: -1

failed with 2

System errors:

=============

Error: (08/20/2015 09:08:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Windows Update service hung on starting.

Error: (08/20/2015 09:06:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AvastVBox COM Service service failed to start due to the following error:

%%1053

Error: (08/20/2015 09:06:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the AvastVBox COM Service service to connect.

Error: (08/20/2015 09:06:55 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1053AvastVBoxSvc{F319F1B8-7587-4146-AF9C-0D6D77819BF1}

Error: (08/20/2015 09:01:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Norton Safe Web Lite service failed to start due to the following error:

%%2

Error: (08/20/2015 09:01:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error:

%%2

Error: (08/20/2015 09:00:50 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \SystemRoot\SysWow64\drivers\libusb0.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/20/2015 09:00:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Windows Modules Installer service failed to start due to the following error:

%%3

Error: (08/20/2015 09:00:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Norton Safe Web Lite service failed to start due to the following error:

%%2

Error: (08/20/2015 08:58:37 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:

%%1056

Microsoft Office:

=========================

Error: (08/20/2015 09:02:05 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2015 09:01:34 PM) (Source: ESENT) (EventID: 215) (User: )

Description: WinMail2732WindowsMail0:

Error: (08/20/2015 08:21:06 PM) (Source: CoupoonService64) (EventID: 1) (User: )

Description: CoupoonService64SvcInit, failed to connect to driver, status: -1

failed with 2

Error: (08/20/2015 08:19:43 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2015 08:18:47 PM) (Source: ESENT) (EventID: 215) (User: )

Description: WinMail2216WindowsMail0:

Error: (08/20/2015 10:00:49 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.1893355a6a196c000000d000000000006eea29a401d0db1eae507018C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllf2f4dbf2-4719-11e5-935a-50e54946680c

Error: (08/20/2015 09:07:11 AM) (Source: CoupoonService64) (EventID: 1) (User: )

Description: CoupoonService64SvcInit, failed to connect to driver, status: -1

failed with 2

Error: (08/20/2015 09:05:29 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2015 09:03:39 AM) (Source: ESENT) (EventID: 215) (User: )

Description: WinMail2888WindowsMail0:

Error: (08/19/2015 06:54:48 PM) (Source: CoupoonService64) (EventID: 1) (User: )

Description: CoupoonService64SvcInit, failed to connect to driver, status: -1

failed with 2

==================== Memory info ===========================

Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz

Percentage of memory in use: 25%

Total physical RAM: 16367.3 MB

Available physical RAM: 12112.73 MB

Total Virtual: 32732.81 MB

Available Virtual: 27791.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1303.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D2DB4A79)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==================== End of log ============================

Edited by Alkalidum, 20 August 2015 - 04:51 PM.

#2
pystryker

Posted 20 August 2015 - 07:10 PM

Trusted Helper

Malware Removal
3,912 posts

Hello and welcome to Geeks To Go! My nickname is Pystryker

, and I will be helping you with your issue today.

Before we get started, I have a few things I need to go over with you

If you are receiving help for this issue at another forum, please let me know so I can close this thread.
Please download to and run all requested tools from your Desktop.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
If you are unsure of an instruction I give you, or if something unexpected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way.

Now, let's get started, shall we? :thumbsup:

Hello, let's start showing your unwelcome guests the door.

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Step 1: P2P Warning and Program Uninstalls

The Dangers of P2P Programs

I noticed that you have a P2P file sharing program on your computer . I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more likely than not infected with trojans, malware, rootkits, etc.

You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.

There are also new infections out there such as CryptoWall 3.0 and CryptoLocker. When infected with these, all of your personal files on any drive connected to your computer will be affected. These infections copy all your files, encrypt them, and then delete the originals, leaving you with the encrypted copies. You are then presented with a screen telling you you have a certain amount of time to pay the ransom for the decryption code to decrypt your files. Even if you pay the ransom, there decryption process usually results in corrupt and unusable files.

There is nothing we can do to decrypt the files, as they use very sophisticated encryption techniques. Please consider this when using P2P programs. Malware and ransomware writers use P2P to spread their infections.

Here are some information sources about the dangers of P2P programs:

FBI - Peer to Peer Scams

USA Today Artticle on P2P Programs

File Sharing Infects 500,000 Computers

I very much recommend you uninstall this program from your machine. If not, I can guarantee you will be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.

It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.

Program Uninstalls

Please uninstall the following programs from your machine as they are adware/malware related. If one of the programs fails to uninstall, please move on to the next one in the list.

AnyProtect
Pando Media Networks
Rocket League

Step 2: Fix with FRST

Note: Before executing this step, please move FRST64.exe from C:\Users\Speed X8\Downloads to your Desktop or the fix will not work.

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
Right-click in the open notepad and select Paste).
Save it on the desktop as fixlist.txt

NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
CreateRestorePoint:
CloseProcesses:
() C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp
() C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs
C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C
C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C
(SoftBrain Technologies Ltd.) C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe
(SoftBrain Technologies Ltd.) C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebApp.exe
C:\Users\Speed X8\AppData\Local\SmartWeb
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [mbot_gb_014010064] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010064] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010065] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010066] => [X]
HKLM-x32\...\Run: [SmartWeb] => C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [CrashService] => "C:\Users\Speed X8\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window
C:\Users\Speed X8\AppData\Local\BoBrowser
Startup: C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-08-20]
ShortcutTarget: SmartWeb.lnk -> C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
CHR HKU\S-1-5-21-975855429-1586840072-3018677650-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7O0TWFMUDQ_gyYd4DEhS0WK9MjVKTjgRyqZZDqO9KpdeU1sNdl_pEEUjtZF1sdkCIBHlp1Hy30d2og,,
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429531097&from=cor&uid=ST2000DL001-9VT156_5YD0G85QXXXX5YD0G85Q&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429531097&from=cor&uid=ST2000DL001-9VT156_5YD0G85QXXXX5YD0G85Q&q={searchTerms}
SearchScopes: HKU\S-1-5-21-975855429-1586840072-3018677650-1000 -> Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-975855429-1586840072-3018677650-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - No File
FF NewTab: about:newtab
FF Extension: CinemaPlus-1.2.1V20.08 - C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\Extensions\[email protected] [2015-08-20]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaaooaijelonlmbcbjkocdnicdfmo] - C:\Users\Speed X8\AppData\Local\APN\GoogleCRXs\aaaaaaooaijelonlmbcbjkocdnicdfmo_7.15.1.0.crx <not found>
C:\Users\Speed X8\AppData\Local\APN
R2 cobomiku; C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp [137728 2015-08-19] () [File not signed]
R2 dinofiky; C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs [X]
S1 idmzwpit; \??\C:\Windows\system32\drivers\idmzwpit.sys [X]
R1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]
015-08-20 21:49 - 2015-08-20 21:49 - 00002834 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-20 21:49 - 2015-08-20 21:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-20 21:49 - 2015-08-20 21:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-20 21:49 - 2015-08-20 21:49 - 00001045 _____ C:\Users\Speed X8\Desktop\AnyProtect.lnk
2015-08-20 21:49 - 2015-08-20 21:49 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 21:49 - 2015-08-20 21:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 21:49 - 2015-08-20 21:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 21:49 - 2015-08-20 21:49 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-08-20 21:45 - 2015-08-20 21:49 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-20 21:45 - 2015-08-20 21:45 - 00000000 __SHD C:\Users\Speed X8\AppData\Roaming\AnyProtectEx
2015-08-20 21:45 - 2015-08-20 21:45 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsrEF14.tmp
2015-08-20 21:34 - 2015-08-20 21:34 - 00004050 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-08-20 21:34 - 2015-08-20 21:34 - 00003388 _____ C:\Windows\System32\Tasks\CPGIAIDSLMSETGHO
2015-08-20 21:34 - 2015-08-20 21:34 - 00000000 ____D C:\Users\Speed X8\AppData\Local\SmartWeb
2015-08-20 21:34 - 2015-08-20 21:39 - 00000348 ____H C:\Windows\Tasks\CPGIAIDSLMSETGHO.job
2015-08-20 10:00 - 2015-08-20 10:00 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsr895F.tmp
2015-08-19 19:28 - 2015-08-19 19:28 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nse5B1F.tmp
2015-08-19 18:46 - 2015-08-20 21:51 - 00000348 ____H C:\Windows\Tasks\RVSCCJTAIRYAFTMB.job
2015-08-19 18:46 - 2015-08-19 18:46 - 00003388 _____ C:\Windows\System32\Tasks\RVSCCJTAIRYAFTMB
2015-08-19 18:45 - 2015-08-20 21:33 - 00000000 ____D C:\ProgramData\Service1291
2015-08-19 18:45 - 2015-08-20 21:33 - 00000000 ____D C:\ProgramData\Service1291
2015-08-19 18:32 - 2015-08-19 18:34 - 00000000 ____D C:\Program Files (x86)\baidu
2015-08-19 18:32 - 2015-08-19 18:32 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Baidu
2015-08-19 18:32 - 2015-08-19 18:32 - 00000000 ____D C:\ProgramData\Baidu
Task: {04AEBEC7-7A68-4592-8A41-65A436199A00} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION
Task: {335296FD-CB04-489C-9898-B29B4A19CAF4} - System32\Tasks\RVSCCJTAIRYAFTMB => C:\ProgramData\Service1291\Service1291.exe [2015-08-20] () <==== ATTENTION
Task: {8B4EF551-A928-422A-87B8-8D606236BDED} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {8D60D829-1425-4384-A7E6-12B8056DB5F5} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION
Task: {99E4B1C5-560A-4A7C-9F29-8AD8C308D0C0} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION
Task: {C76EF0BB-5A14-45D7-989E-64E242B30425} - System32\Tasks\CPGIAIDSLMSETGHO => C:\ProgramData\Service1291\Service1291.exe [2015-08-20] () <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\CPGIAIDSLMSETGHO.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: C:\Windows\Tasks\RVSCCJTAIRYAFTMB.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
End

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.

Step 3: Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Step 4: AdwCleaner

Download ADWcleaner by clicking here. Please save it to your Desktop

Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
Once AdwCleaner's control panel is open and it says "Waiting for Action", click on Options at the top of the control panel.
Please Uncheck the following options:
- Reset Proxy Settings
- Reset Winsock Settings
Please Check the following options:
- Reset TCP/IP Settings
- Reset Firewall Settings
- Reset IPSec Settings
- Reset BITS Queue
- Reset Internet Explorer Policies
- Reset Chrome Policies
Close any open windows or browsers.
Pause your Anti-Virus program if it is running.
Once it starts, click on the Scan button.
Let the scan complete itself. This may take a few minutes.
Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Cleaning button. When finished, it will ask to reboot. Please reboot.
When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
- Click the Logfile button and the log will open. Copy and Paste the contents of the log file into your next reply.
This report is also saved at C:\

Step 5: Fresh FRST Scan

Start Farbar's Recovery Scan Tool and press the Scan button.
FRST will scan your system and produce one log this time. Please post it in your next reply.

Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Fixlog.txt Log

Junkware Removal Tool Log

AdwCleaner Log

Fresh FRST.txt Log

#3
Alkalidum

Posted 21 August 2015 - 04:27 AM

Member

Topic Starter
Member
64 posts

Hi,

Thanks for the fast response!

Fix result of Farbar Recovery Scan Tool (x64) Version:20-08-2015

Ran by Speed X8 (2015-08-21 10:46:25) Run:1

Running from C:\Users\Speed X8\Desktop

Loaded Profiles: Speed X8 (Available Profiles: Speed X8)

Boot Mode: Normal

==============================================

fixlist content:

*****************

Start

CreateRestorePoint:

CloseProcesses:

() C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp

() C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs

C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C

(SoftBrain Technologies Ltd.) C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe

(SoftBrain Technologies Ltd.) C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebApp.exe

C:\Users\Speed X8\AppData\Local\SmartWeb

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [mbot_gb_014010064] => [X]

HKLM-x32\...\Run: [gmsd_gb_005010064] => [X]

HKLM-x32\...\Run: [gmsd_gb_005010065] => [X]

HKLM-x32\...\Run: [gmsd_gb_005010066] => [X]

HKLM-x32\...\Run: [SmartWeb] => C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [CrashService] => "C:\Users\Speed X8\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window

C:\Users\Speed X8\AppData\Local\BoBrowser

Startup: C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-08-20]

ShortcutTarget: SmartWeb.lnk -> C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)

CHR HKU\S-1-5-21-975855429-1586840072-3018677650-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429531097&from=cor&uid=ST2000DL001-9VT156_5YD0G85QXXXX5YD0G85Q&q={searchTerms}

SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429531097&from=cor&uid=ST2000DL001-9VT156_5YD0G85QXXXX5YD0G85Q&q={searchTerms}

SearchScopes: HKU\S-1-5-21-975855429-1586840072-3018677650-1000 -> Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - No File

FF NewTab: about:newtab

FF Extension: CinemaPlus-1.2.1V20.08 - C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\Extensions\[email protected] [2015-08-20]

CHR HKLM-x32\...\Chrome\Extension: [aaaaaaooaijelonlmbcbjkocdnicdfmo] - C:\Users\Speed X8\AppData\Local\APN\GoogleCRXs\aaaaaaooaijelonlmbcbjkocdnicdfmo_7.15.1.0.crx <not found>

C:\Users\Speed X8\AppData\Local\APN

R2 cobomiku; C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp [137728 2015-08-19] () [File not signed]

R2 dinofiky; C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs [X]

S1 idmzwpit; \??\C:\Windows\system32\drivers\idmzwpit.sys [X]

R1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]

015-08-20 21:49 - 2015-08-20 21:49 - 00002834 _____ C:\Windows\System32\Tasks\APSnotifierPP1