Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FRST log


  • This topic is locked This topic is locked
68 replies to this topic

#1 ChaosLupy

ChaosLupy

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:42 AM

Posted 22 February 2017 - 03:51 AM

Having some issues with my PC.  Loading games takes up 100% cpu power, then hangs, can't get malware to load, and I keep getting kicked out of security/recovery options for Windows 10.

FRST log is as follows.   What do I need to do with this?

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-02-2017
Ran by Snowball (22-02-2017 02:26:47)
Running from C:\Users\Snowball\Downloads
Windows 10 Pro Version 1607 (X64) (2017-02-17 13:03:20)
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-925108756-303190714-492092699-500 - Administrator - Disabled)
alita_000 (S-1-5-21-925108756-303190714-492092699-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-925108756-303190714-492092699-503 - Limited - Disabled)
Guest (S-1-5-21-925108756-303190714-492092699-501 - Limited - Disabled)
Snowball (S-1-5-21-925108756-303190714-492092699-1001 - Administrator - Enabled) => C:\Users\Snowball
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version:  - Triumph Studios)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-925108756-303190714-492092699-1001\...\BitTorrent) (Version: 7.9.9.43296 - BitTorrent Inc.)
calibre (HKLM-x32\...\{04882E0B-389F-4F58-B1B9-DE87371DEBDE}) (Version: 2.34.0 - Kovid Goyal)
calibre 64bit (HKLM\...\{84E37DA5-EB32-4A22-AECA-7FEC9C14CA5A}) (Version: 2.34.0 - Kovid Goyal)
Card Hunter (HKLM-x32\...\Steam App 293260) (Version:  - Blue Manchu)
Catalyst Control Center Next Localization BR (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Chantelise (HKLM\...\Steam App 70420) (Version:  - EasyGameStation)
Choice of the Pirate (HKLM\...\Steam App 476490) (Version:  - Choice of Games)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
Conquest of Champions (HKLM-x32\...\Steam App 266450) (Version:  - Kihon Inc.)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
Darwinia (HKLM\...\Steam App 1500) (Version:  - Introversion Software)
DEFCON (HKLM\...\Steam App 1520) (Version:  - Introversion Software)
Dungeon of the Endless (HKLM\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
DungeonRift Demo (HKLM-x32\...\Steam App 375560) (Version:  - RiftyGames)
Endless Legend (HKLM\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
Endless Space (HKLM\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Endless Space 2 (HKLM\...\Steam App 392110) (Version:  - AMPLITUDE Studios)
EVEMon (HKLM-x32\...\EVEMon) (Version: 2.1.0 - battleclinic.com) <==== ATTENTION
F.E.A.R. 2: Project Origin (HKLM-x32\...\Steam App 16450) (Version:  - Monolith)
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
FTL: Faster Than Light (HKLM\...\Steam App 212680) (Version:  - Subset Games)
GARPA Topographical Survey (HKLM-x32\...\{7AA8FB7A-433B-4479-9ADD-0EF777FFAB59}) (Version: 3.1.0.0 - GARPA)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studio)
Homeworld Remastered Collection (HKLM\...\Steam App 244160) (Version:  - Gearbox Software)
Imperial Glory (HKLM-x32\...\Steam App 277450) (Version:  - Pyro Studios)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.13.125.1 - Intel Security)
Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.0 - LOOT Development Team)
Magic 2015 (HKLM-x32\...\Steam App 255420) (Version:  - Stainless Games)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Magic The Gathering Online  (HKU\S-1-5-21-925108756-303190714-492092699-1001\...\35c9d60442fbb010) (Version: 3.4.90.566 - Wizards of the Coast)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-925108756-303190714-492092699-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monsters' Den: Book of Dread (HKLM\...\Steam App 502230) (Version:  - Monstrum)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
Multiwinia (HKLM\...\Steam App 1530) (Version:  - Introversion Software)
Mumble 1.2.10 (HKLM-x32\...\{63243F5C-E941-4461-A4B0-2689A9A3BF13}) (Version: 1.2.10 - Thorvald Natvig)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Online.io Application (x32 Version: 2.1.0 - Microleaves) Hidden <==== ATTENTION
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenTTD 1.6.1 (HKLM-x32\...\OpenTTD) (Version: 1.6.1 - OpenTTD)
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
Pizza Express (HKLM\...\Steam App 375250) (Version:  - Onni Interactive)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.19.0-r120634-release - Plays.tv, LLC)
Plex Media Server (HKLM-x32\...\{10d692ef-81ce-40ac-b82b-058286c058a6}) (Version: 0.9.1204 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1204 - Plex, Inc.) Hidden
Princess Maker 2 Refine (HKLM\...\Steam App 523000) (Version:  - CFK Co., Ltd.)
Python 2.7.9 (64-bit) (HKLM\...\{79F081BF-7454-43DB-BD8F-9EE596813233}) (Version: 2.7.9150 - Python Software Foundation)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Renowned Explorers: International Society (HKLM\...\Steam App 296970) (Version:  - Abbey Games)
Reus (HKLM\...\Steam App 222730) (Version:  - Abbey Games)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rock of Ages (HKLM\...\Steam App 22230) (Version:  - ACE Team)
RogueKiller version 12.9.8.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.8.0 - Adlice Software)
s5mark (HKLM-x32\...\s5mark) (Version: 2.0.2 - s5mark) <==== ATTENTION
Sakura Clicker (HKLM-x32\...\Steam App 383080) (Version:  - Winged Cloud)
SanctuaryRPG Classic (HKLM-x32\...\Steam App 338490) (Version:  - Black Shell Games)
Shadowrun: Hong Kong (HKLM-x32\...\Steam App 346940) (Version:  - Harebrained Schemes)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version:  - Firaxis)
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
Suits: A Business RPG (HKLM-x32\...\Steam App 410670) (Version:  - Technomancy Studios)
Sunless Sea (HKLM-x32\...\Steam App 304650) (Version:  - Failbetter Games)
System Requirements Lab Detection (HKLM-x32\...\{B118B16F-EBE0-434B-BDDD-BF0A286479C3}) (Version: 6.1.6.0 - Husdawg, LLC)
Tactical Genius Demo (HKLM-x32\...\Steam App 380010) (Version:  - Pixeltales.ru)
Talisman: Digital Edition (HKLM-x32\...\Steam App 247000) (Version:  - Nomad Games)
The Age of Decadence (HKLM\...\Steam App 230070) (Version:  - Iron Tower Studio)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
This Is the Police (HKLM\...\Steam App 443810) (Version:  - Weappy Studio)
Ticket to Ride (HKLM\...\Steam App 108200) (Version:  - Days of Wonder)
Tom Clancy's H.A.W.X. 2 (HKLM\...\Steam App 48160) (Version:  - Ubisoft Romania)
Total War™: WARHAMMER® (HKLM\...\Steam App 364360) (Version:  - Creative Assembly)
Traffic Exchange (x32 Version: 2.1.0 - Microleaves) Hidden <==== ATTENTION
Trine 2 (HKLM\...\Steam App 35720) (Version:  - Frozenbyte)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version:  - Haemimont Games)
True or False (HKLM\...\Steam App 521340) (Version:  - Vladimir Maslov)
TVMC (HKU\S-1-5-21-925108756-303190714-492092699-1001\...\TVMC) (Version:  - TVADDONS.ag)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UE4 Prerequisites (x64) (HKLM-x32\...\{9514471f-b41e-41f7-af03-7da1d05b279e}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.8.0 - Epic Games, Inc.) Hidden
Undertale (HKLM-x32\...\Steam App 391540) (Version:  - tobyfox)
Unity of Command (HKLM-x32\...\Unity_of_Command) (Version:  - )
Uplink (HKLM\...\Steam App 1510) (Version:  - Introversion Software)
Uplink Demo (remove only) (HKLM-x32\...\Uplink Demo) (Version:  - )
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0) (Version: 1.0.11.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM\...\Steam App 20570) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM\...\Steam App 56400) (Version:  - Relic Entertainment)
WinArchiver Virtual Drive (HKLM-x32\...\WinArchiver Virtual Drive) (Version: 2.8 - WinArchiver Computing, Inc.)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XCOM 2 (HKLM-x32\...\Steam App 268500) (Version:  - Firaxis)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {025A909E-FD1F-4488-9F77-9B0F863FB908} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {0C0EF831-C136-4BA0-93F6-1F52432273B8} - System32\Tasks\Online Application Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe  <==== ATTENTION
Task: {0ECDE4A9-FA6A-4FBF-8B8D-EC826561DCD1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0ECE0881-0E2C-4648-A92E-A73E2A6369CA} - System32\Tasks\Online Application v209 Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ATTENTION
Task: {15C50775-52DC-42FF-8F89-048BBAE9E646} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {1B6F5FD9-A2B9-4AEF-AF7C-A47E0598B86A} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-11-23] (Advanced Micro Devices, Inc.)
Task: {1F70576E-8043-41F7-B88A-B4795B884691} - System32\Tasks\Online Application Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe  <==== ATTENTION
Task: {23F7F58D-DAF2-40DC-950B-A42443E99F55} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-23] (Google Inc.)
Task: {24905292-91C5-4F38-8869-D894C938D040} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {260D4011-77BF-4BA8-B456-BBFAB65A2374} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {4EB165A3-3843-4ADF-91F8-8CAFE6F67A0A} - System32\Tasks\Online Application v2 Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe  <==== ATTENTION
Task: {5317B05B-077A-47F2-B27D-C24FCE2D0617} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe 
Task: {54F79966-725D-4EA4-9941-2241032F0F83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {5ACC9798-6796-495F-B1DF-6CC7C07BF9B3} - System32\Tasks\Traffic Exchange v2 - 3 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe  <==== ATTENTION
Task: {654DF073-E51B-4B42-BAC4-E614F4DF6A45} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {68D3607D-2198-4834-939F-52E0F330B9E2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6C6349F5-B856-402D-9119-66E013793047} - System32\Tasks\Traffic Exchange v209 - 3 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe  <==== ATTENTION
Task: {7D41299E-2779-430E-AE5D-E11BB3A04A31} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {80C62F38-1110-47E0-9252-0723736C0C05} - System32\Tasks\Traffic Exchange v209 - 2 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe  <==== ATTENTION
Task: {843EA602-BEEA-404C-A4F9-0577C98FFA47} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-23] (Google Inc.)
Task: {87108B8E-25EE-424B-95A3-3D2EEBF58516} - System32\Tasks\Traffic Exchange v2 - 2 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe  <==== ATTENTION
Task: {886F6FC8-33B5-492D-917A-CD501667B5F6} - System32\Tasks\Traffic Exchange Updater => C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe  <==== ATTENTION
Task: {8BBBF789-4631-4F46-BB28-0C65E70B7C60} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8F03D7AF-7457-4F51-A7F2-068B703A9D28} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {93553083-B0A2-4C7F-A26D-F0272B753A30} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9E651CE2-5197-47D6-9B17-6E74843D9E09} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A43F7532-4083-4804-881E-C25B91D5875F} - System32\Tasks\Traffic Exchange v2 - 1 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe  <==== ATTENTION
Task: {A50BF132-A7B5-4871-A3F4-7643FD135CE6} - System32\Tasks\Traffic Exchange Guardian => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe  <==== ATTENTION
Task: {AB9579C4-5E98-43A9-BE2C-003CAC5345F6} - System32\Tasks\Traffic Exchange Guard => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe  <==== ATTENTION
Task: {B4669686-6DFA-451B-B20A-454AEE25C677} - System32\Tasks\Online Application v2 => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe  <==== ATTENTION
Task: {CA49F675-511D-48D0-829C-C97A1E128EA1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {D6097286-D282-4A60-AE91-5E0F21FD9374} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D7234F32-B5DB-49DA-ABE2-9C30CEFC17CA} - System32\Tasks\Online Application Updater => C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe  <==== ATTENTION
Task: {D7DE4AA0-F810-44D6-95A1-9CC78D054F74} - System32\Tasks\Online Application v209 => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ATTENTION
Task: {E591016B-16F3-4BA9-B6AB-A8D3DFA2EA47} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {ECC2FF08-49C6-4B8E-8857-2297F39C762C} - System32\Tasks\Online Application => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe  <==== ATTENTION
Task: {F049E678-2F23-469A-8AC1-EA9FF158D157} - \WPD\SqmUpload_S-1-5-21-925108756-303190714-492092699-1001 -> No File <==== ATTENTION
Task: {F1705820-E75F-41C4-9357-179CF7FC8425} - System32\Tasks\Traffic Exchange v209 - 1 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe  <==== ATTENTION
Task: {F243B125-A77E-4231-89CF-977BF49AA3A5} - System32\Tasks\Traffic Exchange => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe  <==== ATTENTION
Task: {F59F0F4A-9567-406B-8ADC-E83F8EE49BAC} - System32\Tasks\Online Application v2 Guard => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe  <==== ATTENTION
Task: {FDACD99E-03F5-4DFF-BFAB-9E8698CAA774} - System32\Tasks\Online Application v209 Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ATTENTION
Task: {FF4A3318-E56E-4885-94CA-41BE9721EF55} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Online Application Updater.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application v2 Guard.job => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application v2 Guardian.job => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application v2.job => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application v209 Guard.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application v209 Guardian.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application v209.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange Updater.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 05:42 - 2016-07-16 05:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2014-05-01 08:13 - 2014-05-01 08:13 - 00470016 _____ () C:\Users\Snowball\AppData\Local\MEGAsync\ShellExtX64.dll
2016-11-20 12:11 - 2016-11-20 12:11 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-22 01:19 - 2016-09-06 11:00 - 05197312 _____ () C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2017-02-22 01:19 - 2016-09-06 11:00 - 00147456 _____ () C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
iver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2015-09-04 16:47 - 00000854 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
0.0.0.1 mssplus.mcafee.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-925108756-303190714-492092699-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Snowball\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A7472A52-C316-4485-90EC-49E5EBAFCAB5}] => (Allow) A:\steamdesk\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{F65B9C21-6DD5-43A9-8215-2C724D39E523}] => (Allow) A:\steamdesk\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{0487CF44-26F4-40F0-B8EE-BCA6F719D090}] => (Allow) A:\steamdesk\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{85C77736-301E-4071-A7C8-652FBBEEED7A}] => (Allow) A:\steamdesk\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{21EE1291-F098-40B2-A040-BCA78112E820}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5B80FCF7-3565-4B4B-9E15-B5ACBEC0DD9A}] => (Allow) A:\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{E9EB7F55-51B3-432F-978B-4B6A1A7C1C43}] => (Allow) A:\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{9E83697A-7677-41F4-A10C-4030E18CA0DB}] => (Allow) A:\steamdesk\steamapps\common\PizzaExpress\PizzaExpress.exe
FirewallRules: [{4C409009-4775-459C-9273-7EB8ECAC9D8B}] => (Allow) A:\steamdesk\steamapps\common\PizzaExpress\PizzaExpress.exe
FirewallRules: [{98D4AC69-393F-4798-94DA-A194D75B9759}] => (Allow) C:\Program Files (x86)\Daedalic Entertainment GmbH\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe
FirewallRules: [{51215B23-1219-4112-8777-3FCC1BA0AB23}] => (Allow) C:\Program Files (x86)\Daedalic Entertainment GmbH\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe
FirewallRules: [{E7C571E2-FD60-438D-8BEC-F785520A3E5E}] => (Allow) A:\steamdesk\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{4C95E1B5-284E-45FB-B964-8EDED709ECE8}] => (Allow) A:\steamdesk\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{8EFE99DF-F6CB-420F-BDCC-F62E887C5706}] => (Allow) A:\steamdesk\steamapps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{B91CC478-CA34-48DB-AC1D-56F1B1A118F6}] => (Allow) A:\steamdesk\steamapps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{CA94F274-C0D4-441F-9FCC-E6E2853160BC}] => (Allow) A:\steamdesk\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{BFEF7554-36EB-4A12-A608-EDFE1FA9D9D1}] => (Allow) A:\steamdesk\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{736C937B-6D79-4F9E-A2BD-F12E992573BD}] => (Allow) A:\steamdesk\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{2F803E8E-6480-47E5-85F4-0155FEA68EDD}] => (Allow) A:\steamdesk\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [UDP Query User{B81B5EA9-D86A-438C-893B-DCD40134BA14}A:\steamdesk\steamapps\common\aow3\aow3.exe] => (Allow) A:\steamdesk\steamapps\common\aow3\aow3.exe
FirewallRules: [TCP Query User{D4A8DE37-A408-4785-8038-02F036E0812B}A:\steamdesk\steamapps\common\aow3\aow3.exe] => (Allow) A:\steamdesk\steamapps\common\aow3\aow3.exe
FirewallRules: [{B2C326A2-65CB-4E5B-AA7E-3F6C41449A24}] => (Allow) A:\steamdesk\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{D02F4929-960A-47E6-9830-699328041A57}] => (Allow) A:\steamdesk\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{4AE167BF-BA12-426B-91BF-3D2B584A8CAC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{E37DB363-106B-469E-9FC6-148F232BA85F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{981E637E-D73E-4981-B23E-258C48A19A62}] => (Allow) A:\steamdesk\steamapps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2_DX11.exe
FirewallRules: [{AD80C3E0-F3C7-4C9D-9D77-06D7B40A8493}] => (Allow) A:\steamdesk\steamapps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2_DX11.exe
FirewallRules: [{78A4463D-92C5-44BE-8D90-074975BD5E5B}] => (Allow) A:\steamdesk\steamapps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2.exe
FirewallRules: [{0E45305D-8C00-4474-AC0B-78881CA99069}] => (Allow) A:\steamdesk\steamapps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2.exe
FirewallRules: [{CA514F94-B787-41C8-AA30-EF8B6561E327}] => (Allow) A:\steamdesk\steamapps\common\Rock of Ages\Binaries\Win32\RoA.exe
FirewallRules: [{046F4A41-D672-4877-B59E-336660A1C667}] => (Allow) A:\steamdesk\steamapps\common\Rock of Ages\Binaries\Win32\RoA.exe
FirewallRules: [{227CC5C2-3D0E-4457-81B8-6F1D071CA4A1}] => (Allow) A:\steamdesk\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DC2DE35F-36BC-4966-A088-2984D1B3E445}] => (Allow) A:\steamdesk\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7BAF9871-C619-41F1-931A-30C925BB6330}] => (Allow) A:\steamdesk\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{B84DB3EA-69EB-4E5C-A4AF-E9FB6E1A6473}] => (Allow) A:\steamdesk\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{11A0E897-09C9-4970-9817-5E8A96D2C323}] => (Allow) A:\steamdesk\steamapps\common\Galactic Civilizations III\StardockLauncher.exe
FirewallRules: [{D4F7FDCD-4C0B-485D-B47E-2EE99BE0D7FE}] => (Allow) A:\steamdesk\steamapps\common\Galactic Civilizations III\StardockLauncher.exe
FirewallRules: [{2C088F52-9ED1-445C-BA6E-05804C4D9EE7}] => (Allow) A:\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{5E18C10E-6AC3-44E7-8907-DA9449E811EE}] => (Allow) A:\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{4C1B0277-5748-4E29-A0C6-87A02814D93E}] => (Allow) A:\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{B27381D4-07B7-46EC-90DD-13FC1B4D5BC6}] => (Allow) A:\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{0F465CEA-6F61-4C74-A306-2C42E4F66D0F}] => (Allow) A:\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{9C5D97E9-2643-459E-8A89-172E3ECA2E4E}] => (Allow) A:\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{9511A50D-F291-414E-A396-424B95E8D6D6}] => (Allow) A:\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\StardockLauncher.exe
FirewallRules: [{D182952B-A031-4C72-89EB-0EF9C1D72343}] => (Allow) A:\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\StardockLauncher.exe
FirewallRules: [{4B0CAED7-2FD4-4D81-885E-391B90A19AF6}] => (Block) C:\users\snowball\downloads\ultimate general civil war\ultimate general civil war.exe
FirewallRules: [{2C007231-217F-4BA6-9051-037D299027D5}] => (Block) C:\users\snowball\downloads\ultimate general civil war\ultimate general civil war.exe
FirewallRules: [UDP Query User{2E1493F0-A549-4448-8418-3F3AD6545B5C}C:\users\snowball\downloads\ultimate general civil war\ultimate general civil war.exe] => (Allow) C:\users\snowball\downloads\ultimate general civil war\ultimate general civil war.exe
FirewallRules: [TCP Query User{C6326A7A-1CBE-4BD1-85F9-7456A194DEC0}C:\users\snowball\downloads\ultimate general civil war\ultimate general civil war.exe] => (Allow) C:\users\snowball\downloads\ultimate general civil war\ultimate general civil war.exe
FirewallRules: [{7DFEDBBF-C0B0-4096-9324-9BC5AD32F972}] => (Allow) A:\steamdesk\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{E3F2567E-B516-4562-A74E-F244D2866EED}] => (Allow) A:\steamdesk\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{DE8D12D5-4D8D-45B5-9257-CF16DCACC9D4}] => (Allow) A:\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{A1DEDFF9-D733-4BD3-92DE-BEBF133CE6B2}] => (Allow) A:\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{91275A7E-2478-403C-AF27-0B34353F1E3A}] => (Allow) A:\steamdesk\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{06D21E20-7978-430A-89CE-1DAB9DF0D75E}] => (Allow) A:\steamdesk\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{59B76845-B037-42B7-89CF-30C5E941744B}] => (Allow) A:\steamdesk\steamapps\common\Chantelise\custom.exe
FirewallRules: [{DA71B07F-6A59-4AB7-A35C-9EF065BABA81}] => (Allow) A:\steamdesk\steamapps\common\Chantelise\custom.exe
FirewallRules: [{16060DEC-6B9D-4429-961C-0743497C7A10}] => (Allow) A:\steamdesk\steamapps\common\Chantelise\chantelise.exe
FirewallRules: [{EFE1EA98-7C5D-4E74-9E01-59FED1F46D41}] => (Allow) A:\steamdesk\steamapps\common\Chantelise\chantelise.exe
FirewallRules: [{AD5C5891-1A1A-4412-8738-4B24941221CB}] => (Allow) A:\steamdesk\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{BA1F85B4-FE8F-424B-8F50-F6C0F507EF99}] => (Allow) A:\steamdesk\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{C7F5D7D5-27B4-4A50-9B78-9739994D75D9}] => (Allow) A:\steamdesk\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{518C2D41-5D32-4732-AAA9-CB668E98CFDF}] => (Allow) A:\steamdesk\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{4C5EE74E-0894-493C-8025-CAE3281CE40A}] => (Allow) A:\steamdesk\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{3E7CAD6F-CB51-4516-9EF5-93452077BB13}] => (Allow) A:\steamdesk\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{895CC704-A229-4C90-B5A7-A225819CFD11}] => (Allow) A:\steamdesk\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{FBB8F1C5-89C0-4ACE-8D8B-358B09517B4C}] => (Allow) A:\steamdesk\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{0C3DA328-4B6F-4053-B20F-83F08E6161D4}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{BB7B4AF2-B505-44F5-BD98-A4628F3266F3}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{F7EA3A47-F56C-40C2-9BD1-781A66ED8A4C}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{1326FD81-0BCD-408A-AD4D-5DFF1C233D77}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{D6C4311F-B82B-43F2-95EA-7A1D3A041154}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{08C71B14-67E6-45E9-A6C6-8E1D8712CB56}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{0AB41FC0-0429-41EE-8368-B792D3D21F78}] => (Allow) A:\steamdesk\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{6FA404F6-B997-4FD1-BD20-007DC177BE1D}] => (Allow) A:\steamdesk\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{A7B94C52-C7CB-4EE9-BC6E-95793DBA2C8C}] => (Allow) A:\steamdesk\steamapps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{E83AAEBE-016B-4CE7-BEE9-4328FE4F25F2}] => (Allow) A:\steamdesk\steamapps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{A483FA7A-0659-4918-A10E-9D5FB167B4D5}] => (Allow) A:\steamdesk\steamapps\common\Endless Space 2\EndlessSpace2.exe
FirewallRules: [{009FE603-2812-4E0C-B3FF-619686208DAC}] => (Allow) A:\steamdesk\steamapps\common\Endless Space 2\EndlessSpace2.exe
FirewallRules: [{3ADEF541-C814-4F92-858A-36CCACD8F4C3}] => (Allow) A:\steamdesk\steamapps\common\Princess Maker 2 Refine\pm2.exe
FirewallRules: [{A4C8370F-AA3C-4F6A-8305-A22EF162B46B}] => (Allow) A:\steamdesk\steamapps\common\Princess Maker 2 Refine\pm2.exe
FirewallRules: [{FDF6B976-9E7F-413F-A32E-8C4035B3CD54}] => (Allow) A:\steamdesk\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{00D7F3F7-02E8-4D75-929F-8910ED8939AA}] => (Allow) A:\steamdesk\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{44C464D9-F987-4AEC-BB4E-A4B97EABFE51}] => (Allow) A:\steamdesk\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{B203C4C3-B1B1-4546-BC9F-646A74F1F1FC}] => (Allow) A:\steamdesk\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{3F27C5A6-1025-4B5F-ADE5-0ECAA1E35849}] => (Allow) A:\steamdesk\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{93985DEA-130F-4013-8944-1BB3F86E8850}] => (Allow) A:\steamdesk\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{9C8BC5E0-F7E8-4F46-9AE0-CF5D7D6C312A}] => (Allow) A:\steamdesk\steamapps\common\Darwinia\darwinia.exe
FirewallRules: [{B9855778-3C34-4C48-AB58-B42ED6EFE20B}] => (Allow) A:\steamdesk\steamapps\common\Darwinia\darwinia.exe
FirewallRules: [{37181D13-79D0-4793-AE47-382142AF09B2}] => (Allow) A:\steamdesk\steamapps\common\Defcon\defcon.exe
FirewallRules: [{57124FE0-5C35-4F70-8581-630BC8DA0E4F}] => (Allow) A:\steamdesk\steamapps\common\Defcon\defcon.exe
FirewallRules: [{65053273-3D93-4040-9BFF-5CD61EDB80DF}] => (Allow) A:\steamdesk\steamapps\common\Multiwinia\multiwinia.exe
FirewallRules: [{7307F3FE-DBFA-4003-BAEE-E43F16BB6762}] => (Allow) A:\steamdesk\steamapps\common\Multiwinia\multiwinia.exe
FirewallRules: [{75BD2E47-3771-407F-AF14-599431E63C7F}] => (Allow) A:\steamdesk\steamapps\common\Uplink\Uplink.exe
FirewallRules: [{16C5F394-39B7-49AB-B482-D95C7F8FDDE3}] => (Allow) A:\steamdesk\steamapps\common\Uplink\Uplink.exe
FirewallRules: [{84C45AB3-F921-4856-81E4-80684FF0726C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{59EC5299-7F90-45CC-A4CD-7ED628098A28}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{9B8741D0-0079-45AB-BF85-D2D9AC599BA5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{D37BE9B4-22BF-4759-ADDD-93F08747768E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{0BDC6656-4DB0-40A2-8016-433C75913BD7}] => (Allow) A:\steamdesk\steamapps\common\Age of Decadence\AoD.exe
FirewallRules: [{C9F95D3E-A897-495B-A12E-2603B4AE6B75}] => (Allow) A:\steamdesk\steamapps\common\Age of Decadence\AoD.exe
FirewallRules: [{FF951757-B245-4408-8752-3B2057EAE166}] => (Allow) A:\steamdesk\steamapps\common\Age of Decadence\AoD64.exe
FirewallRules: [{0C3D1006-9C98-41BD-9554-6719E557E835}] => (Allow) A:\steamdesk\steamapps\common\Age of Decadence\AoD64.exe
FirewallRules: [{76D50CC7-4A32-4073-BCE8-6F891C867113}] => (Allow) A:\steamdesk\steamapps\common\Tactical Genius Demo\TacticalGenius.exe
FirewallRules: [{B29AADBF-7950-4396-815F-0E30E2DABC32}] => (Allow) A:\steamdesk\steamapps\common\Tactical Genius Demo\TacticalGenius.exe
FirewallRules: [{AFBD7601-AC74-4907-AA54-47B748C1F7E7}] => (Allow) A:\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{8473EF53-18D4-4059-9DD6-07CCAA74568C}] => (Allow) A:\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{ADE8AA93-9A9E-4C67-9680-1E6EDCA41842}] => (Allow) A:\steamdesk\steamapps\common\This is the Police\Police.exe
FirewallRules: [{1CD721F4-9FB2-4C08-AAFD-2F1BC2A932C7}] => (Allow) A:\steamdesk\steamapps\common\This is the Police\Police.exe
FirewallRules: [{928B6653-C56E-4599-A6CC-F3C313395B70}] => (Block) A:\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{E29EC5F6-906D-49BE-B90B-2133E28188B0}] => (Block) A:\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{80CEF02E-0562-455E-88E9-BB16725578FB}A:\steamdesk\steamapps\common\total war warhammer\warhammer.exe] => (Allow) A:\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{9D2678B1-C1B1-42AC-B7D6-7F4BAE791E26}A:\steamdesk\steamapps\common\total war warhammer\warhammer.exe] => (Allow) A:\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{A6F0A898-4985-485F-8D6F-D46BC635F8AF}C:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [TCP Query User{45E080AC-5834-4034-9868-EFD78DB3ED3E}C:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [{C5FC7456-DAA5-4F1F-BAD8-54E0952D715F}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{769B9202-C999-4A8E-A316-1565ED03CF80}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{5A643B53-1445-4FB4-A880-EC664C22E6C9}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{8A414463-32BF-4802-9F5D-55C5ED20BC6E}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{814EA55A-BC05-46F9-BA65-E81D5D7EEAF8}] => (Allow) A:\steamdesk\steamapps\common\True or False\TrueOrFalse.exe
FirewallRules: [{4B68F49C-D204-4384-AFBF-4F8D6317E0C1}] => (Allow) A:\steamdesk\steamapps\common\True or False\TrueOrFalse.exe
FirewallRules: [{C9825980-2101-442A-9BC9-93E8F010C670}] => (Allow) A:\steamdesk\steamapps\common\SunlessSea\Sunless Sea.exe
FirewallRules: [{BF0D9974-9253-47C5-AB7A-9ABBDD272D65}] => (Allow) A:\steamdesk\steamapps\common\SunlessSea\Sunless Sea.exe
FirewallRules: [{A67926EF-03DE-48E5-965B-9B7ECD128038}] => (Block) A:\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{9A8AE220-F037-4808-822D-4B2552732E04}] => (Block) A:\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{F5785E99-BA0C-45B4-898A-06B295446560}A:\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) A:\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{C97BB798-8AB3-445A-8573-6A1CA5C8F384}A:\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) A:\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{B8CECA7C-89E3-48A6-8383-027386E6825F}] => (Allow) A:\steamdesk\bin\steamwebhelper.exe
FirewallRules: [{12D81517-60DE-442C-8FAF-85BAC58230E9}] => (Allow) A:\steamdesk\bin\steamwebhelper.exe
FirewallRules: [{0498F946-9585-4916-87EC-3CB6418C105C}] => (Allow) A:\steamdesk\Steam.exe
FirewallRules: [{54AADAF5-777D-4F1F-9FD4-6B2C64F5DE83}] => (Allow) A:\steamdesk\Steam.exe
FirewallRules: [{DF40AB49-1661-41D9-B2AF-7FB90E41B89C}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{36983688-C2DC-4B66-82E3-D8777575B9F2}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{74BB7313-A6FA-40D7-A5D6-D0682516469E}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\True or False\TrueOrFalse.exe
FirewallRules: [{0E8D412B-B32D-43BF-90AD-7FC343F1160C}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\True or False\TrueOrFalse.exe
FirewallRules: [{13C96926-CFCB-402A-8C75-1349F415C4CD}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{8EDF35E1-4972-410F-B053-F3F6E115A924}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{50A59F10-C248-47CD-A1AF-DBDB28554FFC}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{DDB0C2C5-9550-4A23-A1E4-A2D5EB088E89}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{0169EFEC-84A3-4932-8A39-0FDC5FE3A80D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{47BCC407-DB82-4B52-8BF6-7D1642112790}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{88B877FB-C024-4E3D-A18B-FB1CC9785253}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{DC7FC6F5-BB8F-4851-A5BF-D16F952F28C3}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{72BFAF73-9CDC-4CE9-9EDD-C0960E346B74}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{BBB5A30A-2877-42F0-8CB0-0394DFEE24AD}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{BA7494D6-2D48-4F1C-BF03-9BABACB10758}] => (Block) C:\program files (x86)\focus home interactive\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [{A13B2919-C34C-4B6E-B900-581849756E4D}] => (Block) C:\program files (x86)\focus home interactive\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [UDP Query User{CDA6631B-B978-49F8-8A15-BB706433F7CC}C:\program files (x86)\focus home interactive\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) C:\program files (x86)\focus home interactive\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [TCP Query User{09D869A4-65C8-4501-8683-31C9591B524F}C:\program files (x86)\focus home interactive\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) C:\program files (x86)\focus home interactive\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [{27A3C428-15D3-4F52-9FF9-353552042333}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\MechWarrior Online\Bin64\MWOClient.exe
FirewallRules: [{86F5EE9C-66CA-4EB0-B367-9CAEC68CCA10}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\MechWarrior Online\Bin64\MWOClient.exe
FirewallRules: [{4E73C063-06CC-4156-A47E-F9DF317D5637}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{A1FBA3CF-8743-48F5-8F86-864788B9F5FD}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{BE8E1174-2A42-476C-BDD3-57C4E0BED474}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{3E14998C-1CBF-497F-B379-776C961CE272}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{85CC1036-0E9C-4821-A494-2803666E46B9}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{13A54AF9-FEBA-419F-9C38-25E86612736C}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DB Xenoverse\DBXV.exe
FirewallRules: [UDP Query User{1EF744D3-3457-4872-92F8-F465EA813EA3}C:\users\snowball\desktop\steamdesk\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe
FirewallRules: [TCP Query User{CBCA9F9E-E1C0-4A6B-B45C-EA338B75CA94}C:\users\snowball\desktop\steamdesk\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe
FirewallRules: [{29284284-6138-4AED-8CF4-7117D5F58905}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{7200953C-2700-414D-891E-176B74262F8E}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{D577DBA0-10CC-4C79-9366-B23CAAA140DB}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Monsters' Den Book of Dread\BookOfDread.exe
FirewallRules: [{9012202A-BE58-45CC-BD37-2C53716B0096}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Monsters' Den Book of Dread\BookOfDread.exe
FirewallRules: [{7F1F4FA7-99D3-41CC-8B50-1AC9D6F109E6}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{41615240-C72F-4425-B1C6-DBFC52029A00}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [UDP Query User{B7EE8E3B-FA58-4D5A-86B2-85FBEC82FFF0}C:\gog games\dying light\dyinglightgame.exe] => (Block) C:\gog games\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{AEA0AE29-CE8E-4000-BAB8-03954DED9C45}C:\gog games\dying light\dyinglightgame.exe] => (Block) C:\gog games\dying light\dyinglightgame.exe
FirewallRules: [{E3D029D8-FB7D-437B-9701-EF6F2600A408}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{E054D2DF-EB15-4E36-95A6-8A7F9D9419F3}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{6795FEFB-BE77-45FB-9183-E92337237490}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{D6A9C6D2-73E5-43B9-994D-71C81DE57D1B}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{9A94BF85-6AE6-4B38-A864-B44F2CE76F07}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{D29C85B4-4F28-4298-B8EB-A9BECFBBDC9F}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{2473C961-049C-460E-9A37-A11B59B3F77D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{7BAF3D26-5141-497C-970E-CE6F8BCF3FF5}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{5DFC2983-F98C-4EEA-808A-BAE920F89A02}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{8C3AB634-5751-4A61-A0E1-E8DE216872A0}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{3F5E51B2-320F-4827-92AE-194559C51858}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{DD93E30C-A684-4E49-A141-90AA5CEF05D1}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{AA587D2E-6F08-4541-9B08-19DDDE0BF042}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Reus\Reus.exe
FirewallRules: [{3BB62718-3B8E-43DB-909B-850FA10F866E}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Reus\Reus.exe
FirewallRules: [{6EDBC130-F7A9-417F-ACFC-CEF60D347E12}] => (Block) C:\users\snowball\desktop\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{179D5DA1-87D5-4B18-9A39-272989C4C9F4}] => (Block) C:\users\snowball\desktop\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{0401ABBF-2A43-4EDF-AD32-2F49A4F0EDE1}C:\users\snowball\desktop\steamdesk\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{487DA5AC-F5B4-4BF2-8785-48CBFDE7D428}C:\users\snowball\desktop\steamdesk\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{AC32C893-12B6-4624-9978-6ADC2D962B1E}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Choice of the Pirate\Pirate.exe
FirewallRules: [{2E06F93F-8381-4066-8610-45E40EB4010B}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Choice of the Pirate\Pirate.exe
FirewallRules: [{DB91A174-76ED-4CD1-9DC2-C2743E061D76}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{6D8E5FF4-F5CB-4026-8DD0-B140E9EA9D38}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [UDP Query User{2E7A5646-50CE-4EFA-AA61-3D806C08F003}C:\gog games\master of orion\masteroforion.exe] => (Block) C:\gog games\master of orion\masteroforion.exe
FirewallRules: [TCP Query User{B3D37F37-5DE4-431F-AAA5-B56FD35D07B8}C:\gog games\master of orion\masteroforion.exe] => (Block) C:\gog games\master of orion\masteroforion.exe
FirewallRules: [{547E2E69-85E9-4B0C-A89B-A1C208494920}] => (Allow) C:\Program Files\StarCraft II\Versions\Base38996\SC2_x64.exe
FirewallRules: [{A57C9445-48F2-4AD1-9101-7C4D021637B8}] => (Allow) C:\Program Files\StarCraft II\Versions\Base38996\SC2_x64.exe
FirewallRules: [UDP Query User{07352CB8-F300-45E1-9FD2-3C8244938996}C:\program files (x86)\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Block) C:\program files (x86)\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [TCP Query User{1F34C244-C5A3-40DD-89A0-96F688CC7161}C:\program files (x86)\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Block) C:\program files (x86)\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [{C64F5676-844A-4E4E-908D-D10F85B2A635}] => (Allow) C:\Program Files\StarCraft II\Versions\Base38996\SC2_x64.exe
FirewallRules: [{48AC1C66-49E3-46CF-96A7-2E7B5995A98F}] => (Allow) C:\Program Files\StarCraft II\Versions\Base38996\SC2_x64.exe
FirewallRules: [{B6D005D1-345B-428D-890F-A9434ACA043D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{4F848D8E-7655-4C1D-9FD9-FF2FCDA73758}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{362822CF-848E-44C5-BB67-56E8A8BEAB45}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{F34608FE-E04B-4272-9BFE-4CFCB1E6FF25}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{8DEE0E27-AB5A-4B68-864E-42DBA4BBCB65}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Kings Bounty Crossworlds\KB.exe
FirewallRules: [{7DF88555-B993-4B27-AD42-1F44D0E31FFC}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Kings Bounty Crossworlds\KB.exe
FirewallRules: [{5BE03584-E7BC-4E82-AEA4-DD16A0F735C5}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{2AF41DDD-ED2F-4FD6-80F6-6D40649ABE23}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [UDP Query User{2139864D-DEC9-4F0D-8CFF-1201DB44C603}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Block) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [TCP Query User{76599F10-DC28-47F2-A619-730E04F1A2C4}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Block) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [{A9DFDB15-05FD-4CB4-B51A-05D7897FD1A9}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{7DEC1268-D4D7-45B0-9190-B563E893B1A8}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{F41DEE9C-961B-4A94-8A5E-945FD8D00BE6}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{F74C36F9-4685-4205-9AC0-66DF80BA3BB2}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{6946705F-6A89-4596-842C-BDBCF425E2AB}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{1D715112-BE00-495D-A3F9-834DB50DDF1B}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{AC62F716-6D62-4BDE-992B-DAA2E05A07C6}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{14A8AE42-B22D-4EF9-9C36-22D7561F306E}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Talisman\Talisman.exe
FirewallRules: [UDP Query User{D362A374-32CA-4AED-B9A9-F437005EE37D}C:\users\snowball\desktop\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{2A3A744F-9A14-4C5D-9664-B60175FC0134}C:\users\snowball\desktop\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{7383D7F0-4600-4FF5-94CC-6CC8A5C3F4AC}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{31A7D7C4-2195-448D-91A6-8BE6174878E1}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [UDP Query User{C6EC5B78-2613-4F49-990F-734D20E1FE0B}C:\users\snowball\desktop\steamdesk\steamapps\common\killerisdead\binaries\win32\kidgame.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\killerisdead\binaries\win32\kidgame.exe
FirewallRules: [TCP Query User{A240DDCA-3EBD-4722-98DE-DF4B421AE8F2}C:\users\snowball\desktop\steamdesk\steamapps\common\killerisdead\binaries\win32\kidgame.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\killerisdead\binaries\win32\kidgame.exe
FirewallRules: [{213A938C-45E6-4DDB-806D-86308B35EEA4}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sword of the Stars\Sword of the Stars.exe
FirewallRules: [{BC4E2EBA-FE0B-43DE-9D8B-F8354FB6C865}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sword of the Stars\Sword of the Stars.exe
FirewallRules: [{00965323-7776-4955-A271-DEE380A644B8}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Suits\Game.exe
FirewallRules: [{5801ABD4-0CCE-43FA-B592-FD0016A2C2D2}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Suits\Game.exe
FirewallRules: [{79CBF002-59CF-4209-8DB0-F00EC1FAC8CF}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{3CD96467-B6B8-45E5-8B11-27401D2A4FFF}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [UDP Query User{6CA0E43F-8515-4188-BA1E-6DA2364F7168}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [TCP Query User{3E5A3DAE-7D16-4223-92E9-21FA4EA0AD77}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [{115E9A59-9A8E-41F7-8573-1A75D90C2B55}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{13128C0F-5388-41AC-BB95-7A99EBDEACA0}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{F1EB280F-42F7-4B41-85B5-DA13CEE37BDF}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sakura Clicker\Sakura Clicker.exe
FirewallRules: [{D88C1EE5-5FD5-4918-9C73-670698BEE135}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sakura Clicker\Sakura Clicker.exe
FirewallRules: [{41DDDA69-E233-4F50-873A-19B05D535920}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Imperial Glory\ImperialGlory.exe
FirewallRules: [{ACD2EB16-F5C2-4977-9DEE-DBE52C70F174}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Imperial Glory\ImperialGlory.exe
FirewallRules: [{CA1A6B1D-A226-4DA3-B8E4-A460B6AB46F1}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{C17BB1E3-6795-46AA-8B96-8026EA91E06F}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [UDP Query User{34F83B14-110E-413A-93A4-74493EAA1BB9}C:\program files (x86)\tvmc\tvmc.exe] => (Allow) C:\program files (x86)\tvmc\tvmc.exe
FirewallRules: [TCP Query User{07D583F7-1C44-4F3F-9BDA-664CA150AAFC}C:\program files (x86)\tvmc\tvmc.exe] => (Allow) C:\program files (x86)\tvmc\tvmc.exe
FirewallRules: [UDP Query User{4430BBC9-148A-44ED-8606-BD3B1A5DD3D2}C:\program files (x86)\breach and clear deadline\deadline.exe] => (Block) C:\program files (x86)\breach and clear deadline\deadline.exe
FirewallRules: [TCP Query User{DEFEF4C4-67FA-4C7B-9E8E-E5CA1795BA6F}C:\program files (x86)\breach and clear deadline\deadline.exe] => (Block) C:\program files (x86)\breach and clear deadline\deadline.exe
FirewallRules: [{7E89A425-187A-463C-853A-E11BC6E82725}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{727800C3-ECAB-4EAE-9083-469DC3EE8AAF}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [UDP Query User{935ECE6D-7714-4D62-951A-D183AE9640D6}C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{658B37BC-60AB-477E-8469-594FAC680023}C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{04C4423B-953C-489E-B7C6-660272D2FD5C}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{61F23F28-BFEE-480D-B6E3-5012C126466B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{06F82C16-ECBC-4630-8BA8-6597A40733F1}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{8065E1EA-72D8-4EC1-A346-59E9071C9477}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{579C705A-D925-4052-ACEB-9C0F6CBBE52A}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Tactical Genius Demo\TacticalGenius.exe
FirewallRules: [{7DF3D5F3-1A59-4471-A000-75C1CC7FC794}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Tactical Genius Demo\TacticalGenius.exe
FirewallRules: [{4D031390-10BA-4FF2-81CE-FD98C0DA1A68}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DungeonRift Demo\DungeonRift.exe
FirewallRules: [{CCB84DD7-5772-435D-BA35-B0E5CD37D0C8}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DungeonRift Demo\DungeonRift.exe
FirewallRules: [{2A540CE2-255B-49BD-9EC7-7F991462001E}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
FirewallRules: [{45405A6B-C626-47FC-A184-A9EC8C97390F}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{84D82004-11D8-4DD3-BE9D-CC13C2C1BF3A}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{B609BF09-3A56-4453-A262-7D5EBD0360ED}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{2744D96D-F66F-4B3A-BB99-EF5974B37024}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{54323D31-08C8-4025-9B75-0CB9FC1B0903}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{26A89C02-7E60-4537-B48D-8D26F9D5B83A}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [UDP Query User{C249A069-395A-4554-82C5-7FC1BC7FC4E0}C:\program files (x86)\tvmc\tvmc.exe] => (Allow) C:\program files (x86)\tvmc\tvmc.exe
FirewallRules: [TCP Query User{F3F73383-8AAB-4DC6-910C-0AE72C681208}C:\program files (x86)\tvmc\tvmc.exe] => (Allow) C:\program files (x86)\tvmc\tvmc.exe
FirewallRules: [{13C07931-ADEF-4FEA-BAB9-37B53833E798}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\SunlessSea\Sunless Sea.exe
FirewallRules: [{26E0F3A6-CC11-42B2-AAC2-E4ACF309BD14}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\SunlessSea\Sunless Sea.exe
FirewallRules: [UDP Query User{D42C1E7B-D468-499B-8636-C1FD21FEC59D}C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe
FirewallRules: [TCP Query User{D2B817BA-2404-4BD0-8D45-57ED3E914B90}C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe
FirewallRules: [{E1CFAD62-EC0D-4E0F-BC94-6A55664E18E5}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{4F92AC4A-26F6-4C4D-A006-0E0E14694013}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{8F43CF10-4C2B-4E32-85C2-DFBAF9DB60FE}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{F80802C9-10F8-41BA-A56E-1C16AA6EE428}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{FBA29DA2-7483-4FFB-B71F-2018EDEE1904}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\Steam.exe
FirewallRules: [{ABE1C340-EADA-4CFC-8313-A4CBBEADA6F4}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\Steam.exe
FirewallRules: [{83333729-C818-4BFF-B788-3EA5569D211E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C4128FF6-8C0C-4694-B7BE-1856273E4C57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{19036131-04FD-4F4A-8412-D9FFCBB1A3C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{5C98E160-E370-4E5D-A450-0FCE5754CAE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{E908CD12-E2DD-4999-8398-BD67E244D7F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kings Bounty Crossworlds\KB.exe
FirewallRules: [{6B38635C-B3C0-40A8-90B7-1A5A83BC0293}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kings Bounty Crossworlds\KB.exe
FirewallRules: [{04039FB3-F255-4B68-B20C-1676A4739388}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5 Tribes of the East\bin\H5_Game.exe
FirewallRules: [{837A2E06-6310-4CC0-AFCE-90510D7A9409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5 Tribes of the East\bin\H5_Game.exe
FirewallRules: [{457F015C-475D-4275-860A-FA7388F95CDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{E073BABC-A020-4BEA-8F36-8A537AB8DF67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{74A80CF3-AB34-4398-ABCF-792F3DD9414D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{CC94AB8A-4908-4195-A287-AD9293584040}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{AC2EE429-2646-4D39-B7E3-AAB29AFBB3AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\heroes of might and magic 5\bin\H5_Game.exe
FirewallRules: [{B9F827B0-D9A6-49FD-9448-E5123DC1A9A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\heroes of might and magic 5\bin\H5_Game.exe
FirewallRules: [{25FD7621-DDF2-40BC-840B-91A9386757FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe
FirewallRules: [{71FD8809-8C29-4BD6-B94A-374C8970D636}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe
FirewallRules: [{64955399-F0BB-4D4C-980C-4909148DA2CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{AFA6D630-C3AB-495A-B7D7-AF1A04FCDA5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{F2C1088C-974B-4297-A0A5-CC97CCCBD62E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{965B1E6E-32A1-4D28-B6A2-907B0E974884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [UDP Query User{7A544BE7-F29E-4EBF-9A1C-D7A6171E87EE}C:\program files (x86)\far cry 4 - gold edition\bin\farcry4.exe] => (Block) C:\program files (x86)\far cry 4 - gold edition\bin\farcry4.exe
FirewallRules: [TCP Query User{6A96DF8E-474A-404E-8FF0-5AF59A1DF3DF}C:\program files (x86)\far cry 4 - gold edition\bin\farcry4.exe] => (Block) C:\program files (x86)\far cry 4 - gold edition\bin\farcry4.exe
FirewallRules: [{27427F25-0CD4-4A41-919D-146D744E1F97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kings Bounty Armored Princess\kb.exe
FirewallRules: [{ABCC6380-563A-477F-A72F-4C9C040CB684}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kings Bounty Armored Princess\kb.exe
FirewallRules: [UDP Query User{26A29B54-641F-430A-8BFB-1BC3C5FF85F2}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [TCP Query User{66593FEF-6E24-4076-B360-481627DBFE27}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{057E39B7-6ABE-4DF5-BC98-33C72FBA137C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{DEDB2BA3-7330-43E4-A0F0-1BA01AA8C1A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{82D044DB-D1A0-4888-BEE7-B6F644412C8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Higurashi When They Cry\HigurashiEp01.exe
FirewallRules: [{5F03FAED-CD90-4EB7-B9E1-0E160AABFC49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Higurashi When They Cry\HigurashiEp01.exe
FirewallRules: [{B1709239-8395-4865-90EA-E59E138AF83C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{71F7BD45-760C-47A7-92F8-DF163FE017F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{40B106BE-DCF6-410E-9BED-1CC53B013138}] => (Block) %ProgramFiles% (x86)\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe
FirewallRules: [{AE70BB49-58C4-4400-8065-FE2DAFB11D83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{ECACB98D-1B2D-415A-9E0B-2E3824FE75E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{8DF3A4E9-0167-40EE-8A24-4872A9F121DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{8ACE462C-C54D-4175-AB44-4663C2A87276}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{E83965E4-8725-4A00-8B18-6C97464662ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{EA8FED14-ECDC-4C82-80C1-7A4CDE87173A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{1C838614-6FCF-4901-9CCD-D52ACD477E37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{BA26DC7F-FF28-40DA-B78A-551FBC3A36DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{8A93A86E-4B15-4BDC-80BC-75B10E0834A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{8340921A-498F-4DD4-A775-4F9461631008}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{D6C6F051-488A-4A06-A2F0-6D65F11D1AD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{E76D3B68-A4CB-45B1-9E95-A89F9DADD64F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{34449430-7E5F-41C6-90F8-E2748DF83BB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{DB2771FD-8199-4828-AF43-8EAD874582B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{936BC024-F674-44CC-9A70-C5D70D700702}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{2AF0C49C-52AE-473D-AAE8-88DC683C7A03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{D843F51D-E505-471E-B47D-E8D6AE33F19C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{6CDBCE7F-9D09-4990-AE36-8CA38208BFDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{0E757625-9F7C-4A7D-B907-6F4A1E58877A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{8E492021-A105-4816-BA1C-E126D4015088}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{B2430F8B-0688-41ED-A310-EB841A6615BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{DF19F181-E0CB-46B9-A6E4-D32CA1E4D0AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{A3A4C38A-67A3-4E4F-ADAC-7282E1DD517B}] => (Allow) C:\Users\Snowball\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F8C394EA-D3AC-424F-BC57-E3E9B9535DCD}] => (Allow) C:\Users\Snowball\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E1D64FD5-2D37-4266-B483-75B617FD6ABE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{BAC7F50D-809A-495A-AC53-E615DDE43E0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [UDP Query User{70C7AD54-2594-4448-8481-F581BB3C780A}C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{B91C1DAC-4AA7-46D7-A9E0-36039914E4D1}C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{5844FA31-C54B-4355-B8D9-15EBA1FD087F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{47EDBF56-A16E-4289-87D4-92BC2823D399}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{AB881AEA-30E8-4C78-A28D-3C55D3792F60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{16EDBB2B-2E29-4C47-B930-BCB8FBF7379A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{7C9B342D-617D-4ED2-AFC7-544B7F515D44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{A9D61BD7-C590-49D9-A382-B25AD7CB02FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [UDP Query User{7FDCE85E-C268-440A-92F6-3CFD7BA55346}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [TCP Query User{BAECAFB0-7A4B-45A3-81E4-3C47FE560E84}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [{A9B8BF88-3FD2-4D0A-B3E6-AF02B9E9CD34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{1E8BF20E-8A02-45F6-BB83-C74389BD8301}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{5F151F43-916E-461C-B2B6-30DA402A84AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{E709A9E6-989E-44A9-92A7-BFF8EE214BB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{FDE8594B-684C-44EA-88D3-03B216CCD718}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3CD21423-C066-40CE-8F77-7637D0B71E93}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{90F1EA61-9923-4B0A-AAED-EF1FAA53EA7F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{921D6796-0A66-45CE-8742-A6837F692C22}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9300F213-950A-417A-B6A5-FF9A3246BE3E}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{D2D67A0C-4174-415D-A87C-274F59477190}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{E3C83847-2E50-448E-B378-7F11BE2B3BD3}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{E8575E6E-39CA-4369-979D-86E540E0B07B}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{60D4C963-84C2-47B6-AC5A-663A6C5AE2DF}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{7ABE571D-07F4-4D26-98D5-9947F0D93DFC}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{E83775A4-A971-4916-B3A6-5ED477BED7C8}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\ConquestOfChampions\ConquestGame.exe
FirewallRules: [{AF05FE3D-1D6E-48E1-A585-2A6733278D6D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\ConquestOfChampions\ConquestGame.exe
FirewallRules: [{67735E5E-1C19-4686-A317-50A1D34D6694}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{C558F133-3CB4-4021-BBD2-C96A7CB31ED7}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{88E8BAB9-23BD-4766-9A40-256A2F64845F}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{31CEB773-E429-41E1-9E34-7510F005F9F9}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{159C5B5B-47DC-4C68-9A73-B9EE75377756}] => (Allow) C:\Users\Snowball\Downloads\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{8F65E9BB-7BFD-4700-B4AB-12DFB05989D1}] => (Allow) C:\Users\Snowball\Downloads\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{B46D4E13-F777-4FB2-9DE2-EE8860ED66A1}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{EF1E12FF-3FD7-46B0-B009-042E7B485E41}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{370A482A-268E-4F19-9636-33D8B4CC4BA4}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{1CF28C25-37C4-4388-84EC-5991402CEA67}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{E4D7C56C-576E-41D4-9707-45BE8AEEABA0}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{8BE27395-DC2E-4477-A2DD-55FAD26CA5BA}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{CE4CCC12-F1B9-4B52-8261-9681DE3A5DCA}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{DAF4C1AB-7D37-4899-813D-04A345F5F02D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{58EE82B0-42D3-4C7C-80EC-97A8B371E37D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{03142E2B-1936-46F7-A062-51ABD8FE415F}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{AE14E45F-BA5C-4395-B937-057F568A37A7}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AoW3\AoW3.exe
FirewallRules: [{53873E2A-4EBC-4C70-B957-1D556A031D8D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AoW3\AoW3.exe
FirewallRules: [{147750F7-BC22-4FBD-A66A-F593154BF936}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{DF9AB9C1-7F64-4806-BEA2-C5C5D9354387}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{EE3B20C7-AD97-48D2-BF43-3086EC11D34A}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{CE25DDFD-55F1-49E3-9B37-AB94DF111143}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D906F3D8-6FF7-4F82-888C-77F79E607252}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Higurashi When They Cry\HigurashiEp01.exe
FirewallRules: [{04026F2A-62D6-4E8C-9EE2-BEB3C7F24FF1}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Higurashi When They Cry\HigurashiEp01.exe
FirewallRules: [{43BBCB41-5B43-4B7A-B286-05D05F43FE96}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{F8E0CB23-D14F-4B45-A409-313F04573A0B}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{32ED94AF-239D-4906-9F7A-48D94EBC7D2F}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Resident Evil 5\Launcher.exe
FirewallRules: [{A0E9BF2F-C8DD-4D4C-B2E7-1B875E22C11D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Resident Evil 5\Launcher.exe
FirewallRules: [{55852271-EB4F-4446-843C-19A9315ED445}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\FEAR2\FEAR2.exe
FirewallRules: [{06B6A33D-FD04-4154-999A-1EB227D964A5}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\FEAR2\FEAR2.exe
FirewallRules: [{7E905E4E-1766-4AF2-9555-451144A8C465}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{E18ACBDF-D13D-443B-BC9E-037BF7DD35A2}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{62A163D7-CBF0-4FD8-A980-DB6C79001411}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{F8C62029-D57F-4CFF-A318-E080E06057ED}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [TCP Query User{9D9B60B3-770A-4D39-A390-7A95E04BC8E1}C:\users\snowball\desktop\steamdesk\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\resident evil 5\re5dx9.exe
FirewallRules: [UDP Query User{26C7C825-2329-41F1-82FA-679AC13B1524}C:\users\snowball\desktop\steamdesk\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\resident evil 5\re5dx9.exe
FirewallRules: [{63B51133-81C9-46F2-9C63-C45C9D4CF3B2}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{306FA698-AE73-495B-9AE1-046C294B158A}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{D1ED5546-2C7A-47CC-A637-8D643DDFD32E}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Block) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [UDP Query User{728AAF06-5137-4253-87DE-09B32B779314}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Block) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [{DE49FB8C-C50B-4F3F-B38E-C5B1FF77DA38}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\bin\steamwebhelper.exe
FirewallRules: [{65C171FA-FA70-4CFE-B1BE-66BCC2D8533E}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\bin\steamwebhelper.exe
FirewallRules: [{0AAED517-22CB-44E6-8278-DB0923488F70}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{C2101F94-91CA-4EBF-9B93-6A7EF26671C6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{F4744407-9543-4606-B9D4-556E58C39E4A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{8685D715-3C99-4B9D-86E2-436FCD4D03C8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7EDD3ABD-8AF9-415D-B818-9AA0BD9B7475}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\SanctuaryRPG Classic\SanctuaryRPG.exe
FirewallRules: [{A4CEC6CE-1A64-4158-A9A6-68158C61AFFF}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\SanctuaryRPG Classic\SanctuaryRPG.exe
FirewallRules: [{2155388C-A812-44EC-9D93-952954E3640B}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\spore\SporebinEP1\SporeApp.exe
FirewallRules: [{30814FFF-3240-4042-B1DD-4AE2E2045099}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\spore\SporebinEP1\SporeApp.exe
FirewallRules: [{B106AD7D-2947-40B0-9D54-46D8465B7044}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\spore\runme.exe
FirewallRules: [{520FA6B2-351F-4F5C-A375-B9722E2767EF}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\spore\runme.exe
FirewallRules: [{EAE06C67-436C-4786-B318-9DED3C9A2849}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\spore\SporeBin\SporeApp.exe
FirewallRules: [{25223BBC-98FD-49C1-A58D-40F335EFC991}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\spore\SporeBin\SporeApp.exe
FirewallRules: [{4661D404-F91E-4237-9A3A-F8CD091F25B2}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{5BAD38CA-8227-4DEE-A8D8-72F4116DDD81}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [TCP Query User{DF24FEB9-9ADB-4654-AD51-8A8E1E0176D1}C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{9D220D56-12F5-4643-A58F-DC768EBF9605}C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe
FirewallRules: [{80885161-DBD3-4765-B660-FEA19D1B55A6}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Kings Bounty Armored Princess\kb.exe
FirewallRules: [{402A368C-BCD1-41AD-A7D7-5569B3F4337C}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Kings Bounty Armored Princess\kb.exe
FirewallRules: [{502F3D5D-6AC0-4D10-BE41-1860D542629F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{69F580B1-12BE-4EBF-A06B-82D3DCD0A143}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{83B2ADFE-DBA2-41B3-B448-B617696ED247}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{C1B110D4-7CF6-45B4-A0E0-7D4750954CD1}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{5AF4A82B-E0D8-4784-80DE-5593EE80622A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{C1EE1C6F-0655-4781-A8D9-C5537B3F2200}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{89C54F7D-8C15-4FEE-B03F-4DE79173C799}] => (Allow) A:\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{81BF203E-996B-4C02-99E7-96222BF9D0BA}] => (Allow) A:\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{D79E5FD2-9D85-4D7F-96A3-1E5F3D9C4478}] => (Allow) A:\steamdesk\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{E6EC1CE0-EA45-45F0-9A49-169D9ABFC1FB}] => (Allow) A:\steamdesk\steamapps\common\DarkestDungeon\_windows\Darkest.exe
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Faulty Device Manager Devices =============
 
Name: AMDA00 Interface
Description: AMDA00 Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: ASUSTeK Computer Inc.
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/22/2017 02:17:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmiprvse.exe, version: 10.0.14393.0, time stamp: 0x57899ab2
Faulting module name: NetEventPacketCapture.dll, version: 10.0.14393.206, time stamp: 0x57dacea5
Exception code: 0xc0000005
Fault offset: 0x00000000000160cc
Faulting process id: 0x1514
Faulting application start time: 0x01d28ce3f5bc153a
Faulting application path: C:\WINDOWS\system32\wbem\wmiprvse.exe
Faulting module path: C:\WINDOWS\system32\wbem\NetEventPacketCapture.dll
Report Id: ebf933a7-de7a-4e3c-a74f-f1dc8de833a4
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (02/22/2017 01:24:58 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NASIPAK)
Description: Activation of app Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/22/2017 01:00:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WindowService.exe, version: 1.0.0.0, time stamp: 0x58a9fd43
Faulting module name: KERNELBASE.dll, version: 6.2.14393.479, time stamp: 0x58256d37
Exception code: 0xe0434f4d
Fault offset: 0x000da832
Faulting process id: 0x%9
Faulting application start time: 0xWindowService.exe0
Faulting application path: WindowService.exe1
Faulting module path: WindowService.exe2
Report Id: WindowService.exe3
Faulting package full name: WindowService.exe4
Faulting package-relative application ID: WindowService.exe5
 
Error: (02/22/2017 12:50:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program XCom2.exe version 1.0.0.38128 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 5dd3c
 
Start Time: 01d28cd6e7d794a6
 
Termination Time: 93
 
Application Path: A:\steamdesk\steamapps\common\XCOM 2\Binaries\Win64\XCom2.exe
 
Report Id: 036b5d09-f8cb-11e6-82f4-086266c8884f
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/21/2017 11:33:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WindowService.exe, version: 1.0.0.0, time stamp: 0x58a9fd43
Faulting module name: KERNELBASE.dll, version: 6.2.14393.479, time stamp: 0x58256d37
Exception code: 0xe0434f4d
Fault offset: 0x000da832
Faulting process id: 0x%9
Faulting application start time: 0xWindowService.exe0
Faulting application path: WindowService.exe1
Faulting module path: WindowService.exe2
Report Id: WindowService.exe3
Faulting package full name: WindowService.exe4
Faulting package-relative application ID: WindowService.exe5
 
Error: (02/21/2017 11:31:19 PM) (Source: ESENT) (EventID: 482) (User: )
Description: DllHost (8356) WebCacheLocal: An attempt to write to the file "C:\Users\Snowball\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" at offset 3538944 (0x0000000000360000) for 32768 (0x00008000) bytes failed after 0.000 seconds with system error 1453 (0x000005ad): "Insufficient quota to complete the requested service. ".  The write operation will fail with error -1011 (0xfffffc0d).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (02/21/2017 11:31:19 PM) (Source: ESENT) (EventID: 482) (User: )
Description: DllHost (8356) WebCacheLocal: An attempt to write to the file "C:\Users\Snowball\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" at offset 1114112 (0x0000000000110000) for 32768 (0x00008000) bytes failed after 0.026 seconds with system error 1453 (0x000005ad): "Insufficient quota to complete the requested service. ".  The write operation will fail with error -1011 (0xfffffc0d).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (02/21/2017 11:31:19 PM) (Source: ESENT) (EventID: 482) (User: )
Description: DllHost (8356) WebCacheLocal: An attempt to write to the file "C:\Users\Snowball\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm" at offset 0 (0x0000000000000000) for 8192 (0x00002000) bytes failed after 0.000 seconds with system error 1453 (0x000005ad): "Insufficient quota to complete the requested service. ".  The write operation will fail with error -1011 (0xfffffc0d).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (02/21/2017 11:31:02 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe".Error in manifest or policy file "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" on line 0.
Invalid Xml syntax.
 
Error: (02/21/2017 11:31:02 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe".Error in manifest or policy file "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" on line 0.
Invalid Xml syntax.
 
 
System errors:
=============
Error: (02/22/2017 02:28:36 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (02/22/2017 02:28:22 AM) (Source: DCOM) (EventID: 10005) (User: NASIPAK)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (02/22/2017 02:25:20 AM) (Source: DCOM) (EventID: 10005) (User: NASIPAK)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (02/22/2017 02:25:04 AM) (Source: DCOM) (EventID: 10005) (User: NASIPAK)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (02/22/2017 02:24:41 AM) (Source: DCOM) (EventID: 10005) (User: NASIPAK)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (02/22/2017 02:24:26 AM) (Source: DCOM) (EventID: 10005) (User: NASIPAK)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (02/22/2017 02:24:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (02/22/2017 02:24:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (02/22/2017 02:24:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (02/22/2017 02:23:54 AM) (Source: DCOM) (EventID: 10005) (User: NASIPAK)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
 
CodeIntegrity:
===================================
  Date: 2017-02-22 01:04:44.237
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-22 01:04:36.994
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-22 01:03:41.382
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-22 00:52:34.130
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-22 00:52:33.866
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-120603.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-21 19:58:05.289
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-120603.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-21 19:58:05.288
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-120603.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-21 19:55:55.441
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-21 19:44:12.449
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-120603.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-21 19:42:22.809
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 38%
Total physical RAM: 8134.98 MB
Available physical RAM: 4966.96 MB
Total Virtual: 32710.98 MB
Available Virtual: 29106.14 MB
 
==================== Drives ================================
 
Drive a: (New Volume) (Fixed) (Total:447.13 GB) (Free:121.2 GB) NTFS
Drive c: () (Fixed) (Total:930.97 GB) (Free:124.17 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9CA66606)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: C49F44AB)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 AM

Posted 22 February 2017 - 11:59 AM

Hello ChaosLupy and Welcome to the BleepingComputer. :welcome:

My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you were doing and describe the problems you encountered as precisely as you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • Ensure your external and/or USB drives are inserted during always the scan.
  • If you can't answer for the next few days, please let me know. If you haven't answered within 5 days, I am assuming that you don't need help anymore and your topic will be closed.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • I can not guarantee that we will find and be able to remove all malware. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator the computer. How is open as administrator the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to get help here

Thanks
 
I am currently reviewing your log.I will be back with a fix for your problem as soon as possible.Please be patient with me during this time.
 
But I can not see the FRST.txt file. Please send it

Addition.txt is created by default from the first run of FRST, can you check inside this folder: C:\FRST\Logs I need to see that log before we progress. If no Addition log inside the Logs folder run FRST scan one more time, ensure "Addition" is checked in the optional scan box...

Sincerely
:hello:


Edited by olgun52, 23 February 2017 - 01:28 AM.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 olgun52

olgun52

  • Malware Response Team
  • 3,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 AM

Posted 23 February 2017 - 01:54 AM

Hi ChaosLupy,
ATTENTION: System Restore is disabled
How to Enable System Restore.
 https://support.microsoft.com/tr-tr/help/264887/how-to-enable-and-disable-system-restore?wa=wsignin1.0%3Fwa%3Dwsignin1.0
=================================================================

Kmspico is used to bypass Windows activation right?  Bleepingcomputer dose not support the use of such tools. And discussing such things here is against the rules.

Please delete:KMSpico
 
====================================================================
uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove
 
Avira Connect
McAfee Security Scan Plus
Malwarebytes3
EVEMon

Online.io Application
s5mark
Traffic Exchange
Yahoo! Toolbar

KMSpico

  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish
  • And PC restart now

Let me know when you get that done


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#4 ChaosLupy

ChaosLupy
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:42 AM

Posted 23 February 2017 - 03:05 AM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-02-2017
Ran by Snowball (22-02-2017 02:26:47)
Running from C:\Users\Snowball\Downloads
Windows 10 Pro Version 1607 (X64) (2017-02-17 13:03:20)
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-925108756-303190714-492092699-500 - Administrator - Disabled)
alita_000 (S-1-5-21-925108756-303190714-492092699-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-925108756-303190714-492092699-503 - Limited - Disabled)
Guest (S-1-5-21-925108756-303190714-492092699-501 - Limited - Disabled)
Snowball (S-1-5-21-925108756-303190714-492092699-1001 - Administrator - Enabled) => C:\Users\Snowball
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version:  - Triumph Studios)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-925108756-303190714-492092699-1001\...\BitTorrent) (Version: 7.9.9.43296 - BitTorrent Inc.)
calibre (HKLM-x32\...\{04882E0B-389F-4F58-B1B9-DE87371DEBDE}) (Version: 2.34.0 - Kovid Goyal)
calibre 64bit (HKLM\...\{84E37DA5-EB32-4A22-AECA-7FEC9C14CA5A}) (Version: 2.34.0 - Kovid Goyal)
Card Hunter (HKLM-x32\...\Steam App 293260) (Version:  - Blue Manchu)
Catalyst Control Center Next Localization BR (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Chantelise (HKLM\...\Steam App 70420) (Version:  - EasyGameStation)
Choice of the Pirate (HKLM\...\Steam App 476490) (Version:  - Choice of Games)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
Conquest of Champions (HKLM-x32\...\Steam App 266450) (Version:  - Kihon Inc.)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
Darwinia (HKLM\...\Steam App 1500) (Version:  - Introversion Software)
DEFCON (HKLM\...\Steam App 1520) (Version:  - Introversion Software)
Dungeon of the Endless (HKLM\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
DungeonRift Demo (HKLM-x32\...\Steam App 375560) (Version:  - RiftyGames)
Endless Legend (HKLM\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
Endless Space (HKLM\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Endless Space 2 (HKLM\...\Steam App 392110) (Version:  - AMPLITUDE Studios)
EVEMon (HKLM-x32\...\EVEMon) (Version: 2.1.0 - battleclinic.com) <==== ATTENTION
F.E.A.R. 2: Project Origin (HKLM-x32\...\Steam App 16450) (Version:  - Monolith)
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
FTL: Faster Than Light (HKLM\...\Steam App 212680) (Version:  - Subset Games)
GARPA Topographical Survey (HKLM-x32\...\{7AA8FB7A-433B-4479-9ADD-0EF777FFAB59}) (Version: 3.1.0.0 - GARPA)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studio)
Homeworld Remastered Collection (HKLM\...\Steam App 244160) (Version:  - Gearbox Software)
Imperial Glory (HKLM-x32\...\Steam App 277450) (Version:  - Pyro Studios)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.13.125.1 - Intel Security)
Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.0 - LOOT Development Team)
Magic 2015 (HKLM-x32\...\Steam App 255420) (Version:  - Stainless Games)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Magic The Gathering Online  (HKU\S-1-5-21-925108756-303190714-492092699-1001\...\35c9d60442fbb010) (Version: 3.4.90.566 - Wizards of the Coast)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-925108756-303190714-492092699-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monsters' Den: Book of Dread (HKLM\...\Steam App 502230) (Version:  - Monstrum)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
Multiwinia (HKLM\...\Steam App 1530) (Version:  - Introversion Software)
Mumble 1.2.10 (HKLM-x32\...\{63243F5C-E941-4461-A4B0-2689A9A3BF13}) (Version: 1.2.10 - Thorvald Natvig)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Online.io Application (x32 Version: 2.1.0 - Microleaves) Hidden <==== ATTENTION
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenTTD 1.6.1 (HKLM-x32\...\OpenTTD) (Version: 1.6.1 - OpenTTD)
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
Pizza Express (HKLM\...\Steam App 375250) (Version:  - Onni Interactive)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.19.0-r120634-release - Plays.tv, LLC)
Plex Media Server (HKLM-x32\...\{10d692ef-81ce-40ac-b82b-058286c058a6}) (Version: 0.9.1204 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1204 - Plex, Inc.) Hidden
Princess Maker 2 Refine (HKLM\...\Steam App 523000) (Version:  - CFK Co., Ltd.)
Python 2.7.9 (64-bit) (HKLM\...\{79F081BF-7454-43DB-BD8F-9EE596813233}) (Version: 2.7.9150 - Python Software Foundation)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Renowned Explorers: International Society (HKLM\...\Steam App 296970) (Version:  - Abbey Games)
Reus (HKLM\...\Steam App 222730) (Version:  - Abbey Games)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rock of Ages (HKLM\...\Steam App 22230) (Version:  - ACE Team)
RogueKiller version 12.9.8.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.8.0 - Adlice Software)
s5mark (HKLM-x32\...\s5mark) (Version: 2.0.2 - s5mark) <==== ATTENTION
Sakura Clicker (HKLM-x32\...\Steam App 383080) (Version:  - Winged Cloud)
SanctuaryRPG Classic (HKLM-x32\...\Steam App 338490) (Version:  - Black Shell Games)
Shadowrun: Hong Kong (HKLM-x32\...\Steam App 346940) (Version:  - Harebrained Schemes)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version:  - Firaxis)
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
Suits: A Business RPG (HKLM-x32\...\Steam App 410670) (Version:  - Technomancy Studios)
Sunless Sea (HKLM-x32\...\Steam App 304650) (Version:  - Failbetter Games)
System Requirements Lab Detection (HKLM-x32\...\{B118B16F-EBE0-434B-BDDD-BF0A286479C3}) (Version: 6.1.6.0 - Husdawg, LLC)
Tactical Genius Demo (HKLM-x32\...\Steam App 380010) (Version:  - Pixeltales.ru)
Talisman: Digital Edition (HKLM-x32\...\Steam App 247000) (Version:  - Nomad Games)
The Age of Decadence (HKLM\...\Steam App 230070) (Version:  - Iron Tower Studio)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
This Is the Police (HKLM\...\Steam App 443810) (Version:  - Weappy Studio)
Ticket to Ride (HKLM\...\Steam App 108200) (Version:  - Days of Wonder)
Tom Clancy's H.A.W.X. 2 (HKLM\...\Steam App 48160) (Version:  - Ubisoft Romania)
Total War™: WARHAMMER® (HKLM\...\Steam App 364360) (Version:  - Creative Assembly)
Traffic Exchange (x32 Version: 2.1.0 - Microleaves) Hidden <==== ATTENTION
Trine 2 (HKLM\...\Steam App 35720) (Version:  - Frozenbyte)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version:  - Haemimont Games)
True or False (HKLM\...\Steam App 521340) (Version:  - Vladimir Maslov)
TVMC (HKU\S-1-5-21-925108756-303190714-492092699-1001\...\TVMC) (Version:  - TVADDONS.ag)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UE4 Prerequisites (x64) (HKLM-x32\...\{9514471f-b41e-41f7-af03-7da1d05b279e}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.8.0 - Epic Games, Inc.) Hidden
Undertale (HKLM-x32\...\Steam App 391540) (Version:  - tobyfox)
Unity of Command (HKLM-x32\...\Unity_of_Command) (Version:  - )
Uplink (HKLM\...\Steam App 1510) (Version:  - Introversion Software)
Uplink Demo (remove only) (HKLM-x32\...\Uplink Demo) (Version:  - )
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0) (Version: 1.0.11.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM\...\Steam App 20570) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM\...\Steam App 56400) (Version:  - Relic Entertainment)
WinArchiver Virtual Drive (HKLM-x32\...\WinArchiver Virtual Drive) (Version: 2.8 - WinArchiver Computing, Inc.)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XCOM 2 (HKLM-x32\...\Steam App 268500) (Version:  - Firaxis)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {025A909E-FD1F-4488-9F77-9B0F863FB908} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {0C0EF831-C136-4BA0-93F6-1F52432273B8} - System32\Tasks\Online Application Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe  <==== ATTENTION
Task: {0ECDE4A9-FA6A-4FBF-8B8D-EC826561DCD1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0ECE0881-0E2C-4648-A92E-A73E2A6369CA} - System32\Tasks\Online Application v209 Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ATTENTION
Task: {15C50775-52DC-42FF-8F89-048BBAE9E646} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {1B6F5FD9-A2B9-4AEF-AF7C-A47E0598B86A} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-11-23] (Advanced Micro Devices, Inc.)
Task: {1F70576E-8043-41F7-B88A-B4795B884691} - System32\Tasks\Online Application Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe  <==== ATTENTION
Task: {23F7F58D-DAF2-40DC-950B-A42443E99F55} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-23] (Google Inc.)
Task: {24905292-91C5-4F38-8869-D894C938D040} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {260D4011-77BF-4BA8-B456-BBFAB65A2374} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {4EB165A3-3843-4ADF-91F8-8CAFE6F67A0A} - System32\Tasks\Online Application v2 Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe  <==== ATTENTION
Task: {5317B05B-077A-47F2-B27D-C24FCE2D0617} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe 
Task: {54F79966-725D-4EA4-9941-2241032F0F83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {5ACC9798-6796-495F-B1DF-6CC7C07BF9B3} - System32\Tasks\Traffic Exchange v2 - 3 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe  <==== ATTENTION
Task: {654DF073-E51B-4B42-BAC4-E614F4DF6A45} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {68D3607D-2198-4834-939F-52E0F330B9E2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6C6349F5-B856-402D-9119-66E013793047} - System32\Tasks\Traffic Exchange v209 - 3 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe  <==== ATTENTION
Task: {7D41299E-2779-430E-AE5D-E11BB3A04A31} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {80C62F38-1110-47E0-9252-0723736C0C05} - System32\Tasks\Traffic Exchange v209 - 2 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe  <==== ATTENTION
Task: {843EA602-BEEA-404C-A4F9-0577C98FFA47} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-23] (Google Inc.)
Task: {87108B8E-25EE-424B-95A3-3D2EEBF58516} - System32\Tasks\Traffic Exchange v2 - 2 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe  <==== ATTENTION
Task: {886F6FC8-33B5-492D-917A-CD501667B5F6} - System32\Tasks\Traffic Exchange Updater => C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe  <==== ATTENTION
Task: {8BBBF789-4631-4F46-BB28-0C65E70B7C60} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8F03D7AF-7457-4F51-A7F2-068B703A9D28} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {93553083-B0A2-4C7F-A26D-F0272B753A30} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9E651CE2-5197-47D6-9B17-6E74843D9E09} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A43F7532-4083-4804-881E-C25B91D5875F} - System32\Tasks\Traffic Exchange v2 - 1 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe  <==== ATTENTION
Task: {A50BF132-A7B5-4871-A3F4-7643FD135CE6} - System32\Tasks\Traffic Exchange Guardian => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe  <==== ATTENTION
Task: {AB9579C4-5E98-43A9-BE2C-003CAC5345F6} - System32\Tasks\Traffic Exchange Guard => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe  <==== ATTENTION
Task: {B4669686-6DFA-451B-B20A-454AEE25C677} - System32\Tasks\Online Application v2 => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe  <==== ATTENTION
Task: {CA49F675-511D-48D0-829C-C97A1E128EA1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {D6097286-D282-4A60-AE91-5E0F21FD9374} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D7234F32-B5DB-49DA-ABE2-9C30CEFC17CA} - System32\Tasks\Online Application Updater => C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe  <==== ATTENTION
Task: {D7DE4AA0-F810-44D6-95A1-9CC78D054F74} - System32\Tasks\Online Application v209 => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ATTENTION
Task: {E591016B-16F3-4BA9-B6AB-A8D3DFA2EA47} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {ECC2FF08-49C6-4B8E-8857-2297F39C762C} - System32\Tasks\Online Application => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe  <==== ATTENTION
Task: {F049E678-2F23-469A-8AC1-EA9FF158D157} - \WPD\SqmUpload_S-1-5-21-925108756-303190714-492092699-1001 -> No File <==== ATTENTION
Task: {F1705820-E75F-41C4-9357-179CF7FC8425} - System32\Tasks\Traffic Exchange v209 - 1 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe  <==== ATTENTION
Task: {F243B125-A77E-4231-89CF-977BF49AA3A5} - System32\Tasks\Traffic Exchange => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe  <==== ATTENTION
Task: {F59F0F4A-9567-406B-8ADC-E83F8EE49BAC} - System32\Tasks\Online Application v2 Guard => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe  <==== ATTENTION
Task: {FDACD99E-03F5-4DFF-BFAB-9E8698CAA774} - System32\Tasks\Online Application v209 Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ATTENTION
Task: {FF4A3318-E56E-4885-94CA-41BE9721EF55} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Online Application Updater.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application v2 Guard.job => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application v2 Guardian.job => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application v2.job => C:\Program Files (x86)\Microleaves\Online.io Application\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application v209 Guard.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application v209 Guardian.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application v209.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange Updater.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 05:42 - 2016-07-16 05:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2014-05-01 08:13 - 2014-05-01 08:13 - 00470016 _____ () C:\Users\Snowball\AppData\Local\MEGAsync\ShellExtX64.dll
2016-11-20 12:11 - 2016-11-20 12:11 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-22 01:19 - 2016-09-06 11:00 - 05197312 _____ () C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2017-02-22 01:19 - 2016-09-06 11:00 - 00147456 _____ () C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
iver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2015-09-04 16:47 - 00000854 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
0.0.0.1 mssplus.mcafee.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-925108756-303190714-492092699-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Snowball\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A7472A52-C316-4485-90EC-49E5EBAFCAB5}] => (Allow) A:\steamdesk\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{F65B9C21-6DD5-43A9-8215-2C724D39E523}] => (Allow) A:\steamdesk\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{0487CF44-26F4-40F0-B8EE-BCA6F719D090}] => (Allow) A:\steamdesk\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{85C77736-301E-4071-A7C8-652FBBEEED7A}] => (Allow) A:\steamdesk\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{21EE1291-F098-40B2-A040-BCA78112E820}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5B80FCF7-3565-4B4B-9E15-B5ACBEC0DD9A}] => (Allow) A:\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{E9EB7F55-51B3-432F-978B-4B6A1A7C1C43}] => (Allow) A:\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{9E83697A-7677-41F4-A10C-4030E18CA0DB}] => (Allow) A:\steamdesk\steamapps\common\PizzaExpress\PizzaExpress.exe
FirewallRules: [{4C409009-4775-459C-9273-7EB8ECAC9D8B}] => (Allow) A:\steamdesk\steamapps\common\PizzaExpress\PizzaExpress.exe
FirewallRules: [{98D4AC69-393F-4798-94DA-A194D75B9759}] => (Allow) C:\Program Files (x86)\Daedalic Entertainment GmbH\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe
FirewallRules: [{51215B23-1219-4112-8777-3FCC1BA0AB23}] => (Allow) C:\Program Files (x86)\Daedalic Entertainment GmbH\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe
FirewallRules: [{E7C571E2-FD60-438D-8BEC-F785520A3E5E}] => (Allow) A:\steamdesk\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{4C95E1B5-284E-45FB-B964-8EDED709ECE8}] => (Allow) A:\steamdesk\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{8EFE99DF-F6CB-420F-BDCC-F62E887C5706}] => (Allow) A:\steamdesk\steamapps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{B91CC478-CA34-48DB-AC1D-56F1B1A118F6}] => (Allow) A:\steamdesk\steamapps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{CA94F274-C0D4-441F-9FCC-E6E2853160BC}] => (Allow) A:\steamdesk\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{BFEF7554-36EB-4A12-A608-EDFE1FA9D9D1}] => (Allow) A:\steamdesk\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{736C937B-6D79-4F9E-A2BD-F12E992573BD}] => (Allow) A:\steamdesk\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{2F803E8E-6480-47E5-85F4-0155FEA68EDD}] => (Allow) A:\steamdesk\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [UDP Query User{B81B5EA9-D86A-438C-893B-DCD40134BA14}A:\steamdesk\steamapps\common\aow3\aow3.exe] => (Allow) A:\steamdesk\steamapps\common\aow3\aow3.exe
FirewallRules: [TCP Query User{D4A8DE37-A408-4785-8038-02F036E0812B}A:\steamdesk\steamapps\common\aow3\aow3.exe] => (Allow) A:\steamdesk\steamapps\common\aow3\aow3.exe
FirewallRules: [{B2C326A2-65CB-4E5B-AA7E-3F6C41449A24}] => (Allow) A:\steamdesk\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{D02F4929-960A-47E6-9830-699328041A57}] => (Allow) A:\steamdesk\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{4AE167BF-BA12-426B-91BF-3D2B584A8CAC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{E37DB363-106B-469E-9FC6-148F232BA85F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{981E637E-D73E-4981-B23E-258C48A19A62}] => (Allow) A:\steamdesk\steamapps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2_DX11.exe
FirewallRules: [{AD80C3E0-F3C7-4C9D-9D77-06D7B40A8493}] => (Allow) A:\steamdesk\steamapps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2_DX11.exe
FirewallRules: [{78A4463D-92C5-44BE-8D90-074975BD5E5B}] => (Allow) A:\steamdesk\steamapps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2.exe
FirewallRules: [{0E45305D-8C00-4474-AC0B-78881CA99069}] => (Allow) A:\steamdesk\steamapps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2.exe
FirewallRules: [{CA514F94-B787-41C8-AA30-EF8B6561E327}] => (Allow) A:\steamdesk\steamapps\common\Rock of Ages\Binaries\Win32\RoA.exe
FirewallRules: [{046F4A41-D672-4877-B59E-336660A1C667}] => (Allow) A:\steamdesk\steamapps\common\Rock of Ages\Binaries\Win32\RoA.exe
FirewallRules: [{227CC5C2-3D0E-4457-81B8-6F1D071CA4A1}] => (Allow) A:\steamdesk\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DC2DE35F-36BC-4966-A088-2984D1B3E445}] => (Allow) A:\steamdesk\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7BAF9871-C619-41F1-931A-30C925BB6330}] => (Allow) A:\steamdesk\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{B84DB3EA-69EB-4E5C-A4AF-E9FB6E1A6473}] => (Allow) A:\steamdesk\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{11A0E897-09C9-4970-9817-5E8A96D2C323}] => (Allow) A:\steamdesk\steamapps\common\Galactic Civilizations III\StardockLauncher.exe
FirewallRules: [{D4F7FDCD-4C0B-485D-B47E-2EE99BE0D7FE}] => (Allow) A:\steamdesk\steamapps\common\Galactic Civilizations III\StardockLauncher.exe
FirewallRules: [{2C088F52-9ED1-445C-BA6E-05804C4D9EE7}] => (Allow) A:\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{5E18C10E-6AC3-44E7-8907-DA9449E811EE}] => (Allow) A:\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{4C1B0277-5748-4E29-A0C6-87A02814D93E}] => (Allow) A:\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{B27381D4-07B7-46EC-90DD-13FC1B4D5BC6}] => (Allow) A:\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{0F465CEA-6F61-4C74-A306-2C42E4F66D0F}] => (Allow) A:\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{9C5D97E9-2643-459E-8A89-172E3ECA2E4E}] => (Allow) A:\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{9511A50D-F291-414E-A396-424B95E8D6D6}] => (Allow) A:\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\StardockLauncher.exe
FirewallRules: [{D182952B-A031-4C72-89EB-0EF9C1D72343}] => (Allow) A:\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\StardockLauncher.exe
FirewallRules: [{4B0CAED7-2FD4-4D81-885E-391B90A19AF6}] => (Block) C:\users\snowball\downloads\ultimate general civil war\ultimate general civil war.exe
FirewallRules: [{2C007231-217F-4BA6-9051-037D299027D5}] => (Block) C:\users\snowball\downloads\ultimate general civil war\ultimate general civil war.exe
FirewallRules: [UDP Query User{2E1493F0-A549-4448-8418-3F3AD6545B5C}C:\users\snowball\downloads\ultimate general civil war\ultimate general civil war.exe] => (Allow) C:\users\snowball\downloads\ultimate general civil war\ultimate general civil war.exe
FirewallRules: [TCP Query User{C6326A7A-1CBE-4BD1-85F9-7456A194DEC0}C:\users\snowball\downloads\ultimate general civil war\ultimate general civil war.exe] => (Allow) C:\users\snowball\downloads\ultimate general civil war\ultimate general civil war.exe
FirewallRules: [{7DFEDBBF-C0B0-4096-9324-9BC5AD32F972}] => (Allow) A:\steamdesk\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{E3F2567E-B516-4562-A74E-F244D2866EED}] => (Allow) A:\steamdesk\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{DE8D12D5-4D8D-45B5-9257-CF16DCACC9D4}] => (Allow) A:\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{A1DEDFF9-D733-4BD3-92DE-BEBF133CE6B2}] => (Allow) A:\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{91275A7E-2478-403C-AF27-0B34353F1E3A}] => (Allow) A:\steamdesk\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{06D21E20-7978-430A-89CE-1DAB9DF0D75E}] => (Allow) A:\steamdesk\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{59B76845-B037-42B7-89CF-30C5E941744B}] => (Allow) A:\steamdesk\steamapps\common\Chantelise\custom.exe
FirewallRules: [{DA71B07F-6A59-4AB7-A35C-9EF065BABA81}] => (Allow) A:\steamdesk\steamapps\common\Chantelise\custom.exe
FirewallRules: [{16060DEC-6B9D-4429-961C-0743497C7A10}] => (Allow) A:\steamdesk\steamapps\common\Chantelise\chantelise.exe
FirewallRules: [{EFE1EA98-7C5D-4E74-9E01-59FED1F46D41}] => (Allow) A:\steamdesk\steamapps\common\Chantelise\chantelise.exe
FirewallRules: [{AD5C5891-1A1A-4412-8738-4B24941221CB}] => (Allow) A:\steamdesk\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{BA1F85B4-FE8F-424B-8F50-F6C0F507EF99}] => (Allow) A:\steamdesk\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{C7F5D7D5-27B4-4A50-9B78-9739994D75D9}] => (Allow) A:\steamdesk\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{518C2D41-5D32-4732-AAA9-CB668E98CFDF}] => (Allow) A:\steamdesk\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{4C5EE74E-0894-493C-8025-CAE3281CE40A}] => (Allow) A:\steamdesk\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{3E7CAD6F-CB51-4516-9EF5-93452077BB13}] => (Allow) A:\steamdesk\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{895CC704-A229-4C90-B5A7-A225819CFD11}] => (Allow) A:\steamdesk\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{FBB8F1C5-89C0-4ACE-8D8B-358B09517B4C}] => (Allow) A:\steamdesk\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{0C3DA328-4B6F-4053-B20F-83F08E6161D4}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{BB7B4AF2-B505-44F5-BD98-A4628F3266F3}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{F7EA3A47-F56C-40C2-9BD1-781A66ED8A4C}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{1326FD81-0BCD-408A-AD4D-5DFF1C233D77}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{D6C4311F-B82B-43F2-95EA-7A1D3A041154}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{08C71B14-67E6-45E9-A6C6-8E1D8712CB56}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{0AB41FC0-0429-41EE-8368-B792D3D21F78}] => (Allow) A:\steamdesk\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{6FA404F6-B997-4FD1-BD20-007DC177BE1D}] => (Allow) A:\steamdesk\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{A7B94C52-C7CB-4EE9-BC6E-95793DBA2C8C}] => (Allow) A:\steamdesk\steamapps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{E83AAEBE-016B-4CE7-BEE9-4328FE4F25F2}] => (Allow) A:\steamdesk\steamapps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{A483FA7A-0659-4918-A10E-9D5FB167B4D5}] => (Allow) A:\steamdesk\steamapps\common\Endless Space 2\EndlessSpace2.exe
FirewallRules: [{009FE603-2812-4E0C-B3FF-619686208DAC}] => (Allow) A:\steamdesk\steamapps\common\Endless Space 2\EndlessSpace2.exe
FirewallRules: [{3ADEF541-C814-4F92-858A-36CCACD8F4C3}] => (Allow) A:\steamdesk\steamapps\common\Princess Maker 2 Refine\pm2.exe
FirewallRules: [{A4C8370F-AA3C-4F6A-8305-A22EF162B46B}] => (Allow) A:\steamdesk\steamapps\common\Princess Maker 2 Refine\pm2.exe
FirewallRules: [{FDF6B976-9E7F-413F-A32E-8C4035B3CD54}] => (Allow) A:\steamdesk\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{00D7F3F7-02E8-4D75-929F-8910ED8939AA}] => (Allow) A:\steamdesk\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{44C464D9-F987-4AEC-BB4E-A4B97EABFE51}] => (Allow) A:\steamdesk\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{B203C4C3-B1B1-4546-BC9F-646A74F1F1FC}] => (Allow) A:\steamdesk\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{3F27C5A6-1025-4B5F-ADE5-0ECAA1E35849}] => (Allow) A:\steamdesk\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{93985DEA-130F-4013-8944-1BB3F86E8850}] => (Allow) A:\steamdesk\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{9C8BC5E0-F7E8-4F46-9AE0-CF5D7D6C312A}] => (Allow) A:\steamdesk\steamapps\common\Darwinia\darwinia.exe
FirewallRules: [{B9855778-3C34-4C48-AB58-B42ED6EFE20B}] => (Allow) A:\steamdesk\steamapps\common\Darwinia\darwinia.exe
FirewallRules: [{37181D13-79D0-4793-AE47-382142AF09B2}] => (Allow) A:\steamdesk\steamapps\common\Defcon\defcon.exe
FirewallRules: [{57124FE0-5C35-4F70-8581-630BC8DA0E4F}] => (Allow) A:\steamdesk\steamapps\common\Defcon\defcon.exe
FirewallRules: [{65053273-3D93-4040-9BFF-5CD61EDB80DF}] => (Allow) A:\steamdesk\steamapps\common\Multiwinia\multiwinia.exe
FirewallRules: [{7307F3FE-DBFA-4003-BAEE-E43F16BB6762}] => (Allow) A:\steamdesk\steamapps\common\Multiwinia\multiwinia.exe
FirewallRules: [{75BD2E47-3771-407F-AF14-599431E63C7F}] => (Allow) A:\steamdesk\steamapps\common\Uplink\Uplink.exe
FirewallRules: [{16C5F394-39B7-49AB-B482-D95C7F8FDDE3}] => (Allow) A:\steamdesk\steamapps\common\Uplink\Uplink.exe
FirewallRules: [{84C45AB3-F921-4856-81E4-80684FF0726C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{59EC5299-7F90-45CC-A4CD-7ED628098A28}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{9B8741D0-0079-45AB-BF85-D2D9AC599BA5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{D37BE9B4-22BF-4759-ADDD-93F08747768E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{0BDC6656-4DB0-40A2-8016-433C75913BD7}] => (Allow) A:\steamdesk\steamapps\common\Age of Decadence\AoD.exe
FirewallRules: [{C9F95D3E-A897-495B-A12E-2603B4AE6B75}] => (Allow) A:\steamdesk\steamapps\common\Age of Decadence\AoD.exe
FirewallRules: [{FF951757-B245-4408-8752-3B2057EAE166}] => (Allow) A:\steamdesk\steamapps\common\Age of Decadence\AoD64.exe
FirewallRules: [{0C3D1006-9C98-41BD-9554-6719E557E835}] => (Allow) A:\steamdesk\steamapps\common\Age of Decadence\AoD64.exe
FirewallRules: [{76D50CC7-4A32-4073-BCE8-6F891C867113}] => (Allow) A:\steamdesk\steamapps\common\Tactical Genius Demo\TacticalGenius.exe
FirewallRules: [{B29AADBF-7950-4396-815F-0E30E2DABC32}] => (Allow) A:\steamdesk\steamapps\common\Tactical Genius Demo\TacticalGenius.exe
FirewallRules: [{AFBD7601-AC74-4907-AA54-47B748C1F7E7}] => (Allow) A:\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{8473EF53-18D4-4059-9DD6-07CCAA74568C}] => (Allow) A:\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{ADE8AA93-9A9E-4C67-9680-1E6EDCA41842}] => (Allow) A:\steamdesk\steamapps\common\This is the Police\Police.exe
FirewallRules: [{1CD721F4-9FB2-4C08-AAFD-2F1BC2A932C7}] => (Allow) A:\steamdesk\steamapps\common\This is the Police\Police.exe
FirewallRules: [{928B6653-C56E-4599-A6CC-F3C313395B70}] => (Block) A:\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{E29EC5F6-906D-49BE-B90B-2133E28188B0}] => (Block) A:\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{80CEF02E-0562-455E-88E9-BB16725578FB}A:\steamdesk\steamapps\common\total war warhammer\warhammer.exe] => (Allow) A:\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{9D2678B1-C1B1-42AC-B7D6-7F4BAE791E26}A:\steamdesk\steamapps\common\total war warhammer\warhammer.exe] => (Allow) A:\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{A6F0A898-4985-485F-8D6F-D46BC635F8AF}C:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [TCP Query User{45E080AC-5834-4034-9868-EFD78DB3ED3E}C:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [{C5FC7456-DAA5-4F1F-BAD8-54E0952D715F}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{769B9202-C999-4A8E-A316-1565ED03CF80}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{5A643B53-1445-4FB4-A880-EC664C22E6C9}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{8A414463-32BF-4802-9F5D-55C5ED20BC6E}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{814EA55A-BC05-46F9-BA65-E81D5D7EEAF8}] => (Allow) A:\steamdesk\steamapps\common\True or False\TrueOrFalse.exe
FirewallRules: [{4B68F49C-D204-4384-AFBF-4F8D6317E0C1}] => (Allow) A:\steamdesk\steamapps\common\True or False\TrueOrFalse.exe
FirewallRules: [{C9825980-2101-442A-9BC9-93E8F010C670}] => (Allow) A:\steamdesk\steamapps\common\SunlessSea\Sunless Sea.exe
FirewallRules: [{BF0D9974-9253-47C5-AB7A-9ABBDD272D65}] => (Allow) A:\steamdesk\steamapps\common\SunlessSea\Sunless Sea.exe
FirewallRules: [{A67926EF-03DE-48E5-965B-9B7ECD128038}] => (Block) A:\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{9A8AE220-F037-4808-822D-4B2552732E04}] => (Block) A:\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{F5785E99-BA0C-45B4-898A-06B295446560}A:\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) A:\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{C97BB798-8AB3-445A-8573-6A1CA5C8F384}A:\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) A:\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{B8CECA7C-89E3-48A6-8383-027386E6825F}] => (Allow) A:\steamdesk\bin\steamwebhelper.exe
FirewallRules: [{12D81517-60DE-442C-8FAF-85BAC58230E9}] => (Allow) A:\steamdesk\bin\steamwebhelper.exe
FirewallRules: [{0498F946-9585-4916-87EC-3CB6418C105C}] => (Allow) A:\steamdesk\Steam.exe
FirewallRules: [{54AADAF5-777D-4F1F-9FD4-6B2C64F5DE83}] => (Allow) A:\steamdesk\Steam.exe
FirewallRules: [{DF40AB49-1661-41D9-B2AF-7FB90E41B89C}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{36983688-C2DC-4B66-82E3-D8777575B9F2}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{74BB7313-A6FA-40D7-A5D6-D0682516469E}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\True or False\TrueOrFalse.exe
FirewallRules: [{0E8D412B-B32D-43BF-90AD-7FC343F1160C}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\True or False\TrueOrFalse.exe
FirewallRules: [{13C96926-CFCB-402A-8C75-1349F415C4CD}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{8EDF35E1-4972-410F-B053-F3F6E115A924}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{50A59F10-C248-47CD-A1AF-DBDB28554FFC}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{DDB0C2C5-9550-4A23-A1E4-A2D5EB088E89}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{0169EFEC-84A3-4932-8A39-0FDC5FE3A80D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{47BCC407-DB82-4B52-8BF6-7D1642112790}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{88B877FB-C024-4E3D-A18B-FB1CC9785253}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{DC7FC6F5-BB8F-4851-A5BF-D16F952F28C3}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{72BFAF73-9CDC-4CE9-9EDD-C0960E346B74}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{BBB5A30A-2877-42F0-8CB0-0394DFEE24AD}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{BA7494D6-2D48-4F1C-BF03-9BABACB10758}] => (Block) C:\program files (x86)\focus home interactive\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [{A13B2919-C34C-4B6E-B900-581849756E4D}] => (Block) C:\program files (x86)\focus home interactive\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [UDP Query User{CDA6631B-B978-49F8-8A15-BB706433F7CC}C:\program files (x86)\focus home interactive\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) C:\program files (x86)\focus home interactive\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [TCP Query User{09D869A4-65C8-4501-8683-31C9591B524F}C:\program files (x86)\focus home interactive\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) C:\program files (x86)\focus home interactive\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [{27A3C428-15D3-4F52-9FF9-353552042333}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\MechWarrior Online\Bin64\MWOClient.exe
FirewallRules: [{86F5EE9C-66CA-4EB0-B367-9CAEC68CCA10}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\MechWarrior Online\Bin64\MWOClient.exe
FirewallRules: [{4E73C063-06CC-4156-A47E-F9DF317D5637}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{A1FBA3CF-8743-48F5-8F86-864788B9F5FD}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{BE8E1174-2A42-476C-BDD3-57C4E0BED474}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{3E14998C-1CBF-497F-B379-776C961CE272}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{85CC1036-0E9C-4821-A494-2803666E46B9}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{13A54AF9-FEBA-419F-9C38-25E86612736C}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DB Xenoverse\DBXV.exe
FirewallRules: [UDP Query User{1EF744D3-3457-4872-92F8-F465EA813EA3}C:\users\snowball\desktop\steamdesk\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe
FirewallRules: [TCP Query User{CBCA9F9E-E1C0-4A6B-B45C-EA338B75CA94}C:\users\snowball\desktop\steamdesk\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe
FirewallRules: [{29284284-6138-4AED-8CF4-7117D5F58905}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{7200953C-2700-414D-891E-176B74262F8E}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{D577DBA0-10CC-4C79-9366-B23CAAA140DB}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Monsters' Den Book of Dread\BookOfDread.exe
FirewallRules: [{9012202A-BE58-45CC-BD37-2C53716B0096}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Monsters' Den Book of Dread\BookOfDread.exe
FirewallRules: [{7F1F4FA7-99D3-41CC-8B50-1AC9D6F109E6}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{41615240-C72F-4425-B1C6-DBFC52029A00}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [UDP Query User{B7EE8E3B-FA58-4D5A-86B2-85FBEC82FFF0}C:\gog games\dying light\dyinglightgame.exe] => (Block) C:\gog games\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{AEA0AE29-CE8E-4000-BAB8-03954DED9C45}C:\gog games\dying light\dyinglightgame.exe] => (Block) C:\gog games\dying light\dyinglightgame.exe
FirewallRules: [{E3D029D8-FB7D-437B-9701-EF6F2600A408}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{E054D2DF-EB15-4E36-95A6-8A7F9D9419F3}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{6795FEFB-BE77-45FB-9183-E92337237490}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{D6A9C6D2-73E5-43B9-994D-71C81DE57D1B}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{9A94BF85-6AE6-4B38-A864-B44F2CE76F07}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{D29C85B4-4F28-4298-B8EB-A9BECFBBDC9F}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{2473C961-049C-460E-9A37-A11B59B3F77D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{7BAF3D26-5141-497C-970E-CE6F8BCF3FF5}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{5DFC2983-F98C-4EEA-808A-BAE920F89A02}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{8C3AB634-5751-4A61-A0E1-E8DE216872A0}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{3F5E51B2-320F-4827-92AE-194559C51858}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{DD93E30C-A684-4E49-A141-90AA5CEF05D1}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{AA587D2E-6F08-4541-9B08-19DDDE0BF042}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Reus\Reus.exe
FirewallRules: [{3BB62718-3B8E-43DB-909B-850FA10F866E}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Reus\Reus.exe
FirewallRules: [{6EDBC130-F7A9-417F-ACFC-CEF60D347E12}] => (Block) C:\users\snowball\desktop\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{179D5DA1-87D5-4B18-9A39-272989C4C9F4}] => (Block) C:\users\snowball\desktop\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{0401ABBF-2A43-4EDF-AD32-2F49A4F0EDE1}C:\users\snowball\desktop\steamdesk\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{487DA5AC-F5B4-4BF2-8785-48CBFDE7D428}C:\users\snowball\desktop\steamdesk\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{AC32C893-12B6-4624-9978-6ADC2D962B1E}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Choice of the Pirate\Pirate.exe
FirewallRules: [{2E06F93F-8381-4066-8610-45E40EB4010B}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Choice of the Pirate\Pirate.exe
FirewallRules: [{DB91A174-76ED-4CD1-9DC2-C2743E061D76}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{6D8E5FF4-F5CB-4026-8DD0-B140E9EA9D38}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [UDP Query User{2E7A5646-50CE-4EFA-AA61-3D806C08F003}C:\gog games\master of orion\masteroforion.exe] => (Block) C:\gog games\master of orion\masteroforion.exe
FirewallRules: [TCP Query User{B3D37F37-5DE4-431F-AAA5-B56FD35D07B8}C:\gog games\master of orion\masteroforion.exe] => (Block) C:\gog games\master of orion\masteroforion.exe
FirewallRules: [{547E2E69-85E9-4B0C-A89B-A1C208494920}] => (Allow) C:\Program Files\StarCraft II\Versions\Base38996\SC2_x64.exe
FirewallRules: [{A57C9445-48F2-4AD1-9101-7C4D021637B8}] => (Allow) C:\Program Files\StarCraft II\Versions\Base38996\SC2_x64.exe
FirewallRules: [UDP Query User{07352CB8-F300-45E1-9FD2-3C8244938996}C:\program files (x86)\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Block) C:\program files (x86)\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [TCP Query User{1F34C244-C5A3-40DD-89A0-96F688CC7161}C:\program files (x86)\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Block) C:\program files (x86)\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [{C64F5676-844A-4E4E-908D-D10F85B2A635}] => (Allow) C:\Program Files\StarCraft II\Versions\Base38996\SC2_x64.exe
FirewallRules: [{48AC1C66-49E3-46CF-96A7-2E7B5995A98F}] => (Allow) C:\Program Files\StarCraft II\Versions\Base38996\SC2_x64.exe
FirewallRules: [{B6D005D1-345B-428D-890F-A9434ACA043D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{4F848D8E-7655-4C1D-9FD9-FF2FCDA73758}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{362822CF-848E-44C5-BB67-56E8A8BEAB45}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{F34608FE-E04B-4272-9BFE-4CFCB1E6FF25}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{8DEE0E27-AB5A-4B68-864E-42DBA4BBCB65}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Kings Bounty Crossworlds\KB.exe
FirewallRules: [{7DF88555-B993-4B27-AD42-1F44D0E31FFC}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Kings Bounty Crossworlds\KB.exe
FirewallRules: [{5BE03584-E7BC-4E82-AEA4-DD16A0F735C5}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{2AF41DDD-ED2F-4FD6-80F6-6D40649ABE23}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [UDP Query User{2139864D-DEC9-4F0D-8CFF-1201DB44C603}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Block) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [TCP Query User{76599F10-DC28-47F2-A619-730E04F1A2C4}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Block) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [{A9DFDB15-05FD-4CB4-B51A-05D7897FD1A9}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{7DEC1268-D4D7-45B0-9190-B563E893B1A8}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{F41DEE9C-961B-4A94-8A5E-945FD8D00BE6}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{F74C36F9-4685-4205-9AC0-66DF80BA3BB2}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{6946705F-6A89-4596-842C-BDBCF425E2AB}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{1D715112-BE00-495D-A3F9-834DB50DDF1B}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{AC62F716-6D62-4BDE-992B-DAA2E05A07C6}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{14A8AE42-B22D-4EF9-9C36-22D7561F306E}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Talisman\Talisman.exe
FirewallRules: [UDP Query User{D362A374-32CA-4AED-B9A9-F437005EE37D}C:\users\snowball\desktop\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{2A3A744F-9A14-4C5D-9664-B60175FC0134}C:\users\snowball\desktop\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{7383D7F0-4600-4FF5-94CC-6CC8A5C3F4AC}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{31A7D7C4-2195-448D-91A6-8BE6174878E1}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [UDP Query User{C6EC5B78-2613-4F49-990F-734D20E1FE0B}C:\users\snowball\desktop\steamdesk\steamapps\common\killerisdead\binaries\win32\kidgame.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\killerisdead\binaries\win32\kidgame.exe
FirewallRules: [TCP Query User{A240DDCA-3EBD-4722-98DE-DF4B421AE8F2}C:\users\snowball\desktop\steamdesk\steamapps\common\killerisdead\binaries\win32\kidgame.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\killerisdead\binaries\win32\kidgame.exe
FirewallRules: [{213A938C-45E6-4DDB-806D-86308B35EEA4}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sword of the Stars\Sword of the Stars.exe
FirewallRules: [{BC4E2EBA-FE0B-43DE-9D8B-F8354FB6C865}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sword of the Stars\Sword of the Stars.exe
FirewallRules: [{00965323-7776-4955-A271-DEE380A644B8}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Suits\Game.exe
FirewallRules: [{5801ABD4-0CCE-43FA-B592-FD0016A2C2D2}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Suits\Game.exe
FirewallRules: [{79CBF002-59CF-4209-8DB0-F00EC1FAC8CF}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{3CD96467-B6B8-45E5-8B11-27401D2A4FFF}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [UDP Query User{6CA0E43F-8515-4188-BA1E-6DA2364F7168}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [TCP Query User{3E5A3DAE-7D16-4223-92E9-21FA4EA0AD77}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [{115E9A59-9A8E-41F7-8573-1A75D90C2B55}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{13128C0F-5388-41AC-BB95-7A99EBDEACA0}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{F1EB280F-42F7-4B41-85B5-DA13CEE37BDF}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sakura Clicker\Sakura Clicker.exe
FirewallRules: [{D88C1EE5-5FD5-4918-9C73-670698BEE135}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sakura Clicker\Sakura Clicker.exe
FirewallRules: [{41DDDA69-E233-4F50-873A-19B05D535920}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Imperial Glory\ImperialGlory.exe
FirewallRules: [{ACD2EB16-F5C2-4977-9DEE-DBE52C70F174}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Imperial Glory\ImperialGlory.exe
FirewallRules: [{CA1A6B1D-A226-4DA3-B8E4-A460B6AB46F1}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{C17BB1E3-6795-46AA-8B96-8026EA91E06F}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [UDP Query User{34F83B14-110E-413A-93A4-74493EAA1BB9}C:\program files (x86)\tvmc\tvmc.exe] => (Allow) C:\program files (x86)\tvmc\tvmc.exe
FirewallRules: [TCP Query User{07D583F7-1C44-4F3F-9BDA-664CA150AAFC}C:\program files (x86)\tvmc\tvmc.exe] => (Allow) C:\program files (x86)\tvmc\tvmc.exe
FirewallRules: [UDP Query User{4430BBC9-148A-44ED-8606-BD3B1A5DD3D2}C:\program files (x86)\breach and clear deadline\deadline.exe] => (Block) C:\program files (x86)\breach and clear deadline\deadline.exe
FirewallRules: [TCP Query User{DEFEF4C4-67FA-4C7B-9E8E-E5CA1795BA6F}C:\program files (x86)\breach and clear deadline\deadline.exe] => (Block) C:\program files (x86)\breach and clear deadline\deadline.exe
FirewallRules: [{7E89A425-187A-463C-853A-E11BC6E82725}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{727800C3-ECAB-4EAE-9083-469DC3EE8AAF}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [UDP Query User{935ECE6D-7714-4D62-951A-D183AE9640D6}C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{658B37BC-60AB-477E-8469-594FAC680023}C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{04C4423B-953C-489E-B7C6-660272D2FD5C}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{61F23F28-BFEE-480D-B6E3-5012C126466B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{06F82C16-ECBC-4630-8BA8-6597A40733F1}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{8065E1EA-72D8-4EC1-A346-59E9071C9477}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{579C705A-D925-4052-ACEB-9C0F6CBBE52A}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Tactical Genius Demo\TacticalGenius.exe
FirewallRules: [{7DF3D5F3-1A59-4471-A000-75C1CC7FC794}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Tactical Genius Demo\TacticalGenius.exe
FirewallRules: [{4D031390-10BA-4FF2-81CE-FD98C0DA1A68}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DungeonRift Demo\DungeonRift.exe
FirewallRules: [{CCB84DD7-5772-435D-BA35-B0E5CD37D0C8}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\DungeonRift Demo\DungeonRift.exe
FirewallRules: [{2A540CE2-255B-49BD-9EC7-7F991462001E}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
FirewallRules: [{45405A6B-C626-47FC-A184-A9EC8C97390F}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{84D82004-11D8-4DD3-BE9D-CC13C2C1BF3A}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{B609BF09-3A56-4453-A262-7D5EBD0360ED}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{2744D96D-F66F-4B3A-BB99-EF5974B37024}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{54323D31-08C8-4025-9B75-0CB9FC1B0903}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{26A89C02-7E60-4537-B48D-8D26F9D5B83A}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [UDP Query User{C249A069-395A-4554-82C5-7FC1BC7FC4E0}C:\program files (x86)\tvmc\tvmc.exe] => (Allow) C:\program files (x86)\tvmc\tvmc.exe
FirewallRules: [TCP Query User{F3F73383-8AAB-4DC6-910C-0AE72C681208}C:\program files (x86)\tvmc\tvmc.exe] => (Allow) C:\program files (x86)\tvmc\tvmc.exe
FirewallRules: [{13C07931-ADEF-4FEA-BAB9-37B53833E798}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\SunlessSea\Sunless Sea.exe
FirewallRules: [{26E0F3A6-CC11-42B2-AAC2-E4ACF309BD14}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\SunlessSea\Sunless Sea.exe
FirewallRules: [UDP Query User{D42C1E7B-D468-499B-8636-C1FD21FEC59D}C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe
FirewallRules: [TCP Query User{D2B817BA-2404-4BD0-8D45-57ED3E914B90}C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe
FirewallRules: [{E1CFAD62-EC0D-4E0F-BC94-6A55664E18E5}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{4F92AC4A-26F6-4C4D-A006-0E0E14694013}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{8F43CF10-4C2B-4E32-85C2-DFBAF9DB60FE}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{F80802C9-10F8-41BA-A56E-1C16AA6EE428}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{FBA29DA2-7483-4FFB-B71F-2018EDEE1904}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\Steam.exe
FirewallRules: [{ABE1C340-EADA-4CFC-8313-A4CBBEADA6F4}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\Steam.exe
FirewallRules: [{83333729-C818-4BFF-B788-3EA5569D211E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C4128FF6-8C0C-4694-B7BE-1856273E4C57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{19036131-04FD-4F4A-8412-D9FFCBB1A3C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{5C98E160-E370-4E5D-A450-0FCE5754CAE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{E908CD12-E2DD-4999-8398-BD67E244D7F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kings Bounty Crossworlds\KB.exe
FirewallRules: [{6B38635C-B3C0-40A8-90B7-1A5A83BC0293}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kings Bounty Crossworlds\KB.exe
FirewallRules: [{04039FB3-F255-4B68-B20C-1676A4739388}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5 Tribes of the East\bin\H5_Game.exe
FirewallRules: [{837A2E06-6310-4CC0-AFCE-90510D7A9409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5 Tribes of the East\bin\H5_Game.exe
FirewallRules: [{457F015C-475D-4275-860A-FA7388F95CDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{E073BABC-A020-4BEA-8F36-8A537AB8DF67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{74A80CF3-AB34-4398-ABCF-792F3DD9414D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{CC94AB8A-4908-4195-A287-AD9293584040}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{AC2EE429-2646-4D39-B7E3-AAB29AFBB3AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\heroes of might and magic 5\bin\H5_Game.exe
FirewallRules: [{B9F827B0-D9A6-49FD-9448-E5123DC1A9A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\heroes of might and magic 5\bin\H5_Game.exe
FirewallRules: [{25FD7621-DDF2-40BC-840B-91A9386757FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe
FirewallRules: [{71FD8809-8C29-4BD6-B94A-374C8970D636}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe
FirewallRules: [{64955399-F0BB-4D4C-980C-4909148DA2CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{AFA6D630-C3AB-495A-B7D7-AF1A04FCDA5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{F2C1088C-974B-4297-A0A5-CC97CCCBD62E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{965B1E6E-32A1-4D28-B6A2-907B0E974884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [UDP Query User{7A544BE7-F29E-4EBF-9A1C-D7A6171E87EE}C:\program files (x86)\far cry 4 - gold edition\bin\farcry4.exe] => (Block) C:\program files (x86)\far cry 4 - gold edition\bin\farcry4.exe
FirewallRules: [TCP Query User{6A96DF8E-474A-404E-8FF0-5AF59A1DF3DF}C:\program files (x86)\far cry 4 - gold edition\bin\farcry4.exe] => (Block) C:\program files (x86)\far cry 4 - gold edition\bin\farcry4.exe
FirewallRules: [{27427F25-0CD4-4A41-919D-146D744E1F97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kings Bounty Armored Princess\kb.exe
FirewallRules: [{ABCC6380-563A-477F-A72F-4C9C040CB684}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kings Bounty Armored Princess\kb.exe
FirewallRules: [UDP Query User{26A29B54-641F-430A-8BFB-1BC3C5FF85F2}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [TCP Query User{66593FEF-6E24-4076-B360-481627DBFE27}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{057E39B7-6ABE-4DF5-BC98-33C72FBA137C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{DEDB2BA3-7330-43E4-A0F0-1BA01AA8C1A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{82D044DB-D1A0-4888-BEE7-B6F644412C8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Higurashi When They Cry\HigurashiEp01.exe
FirewallRules: [{5F03FAED-CD90-4EB7-B9E1-0E160AABFC49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Higurashi When They Cry\HigurashiEp01.exe
FirewallRules: [{B1709239-8395-4865-90EA-E59E138AF83C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{71F7BD45-760C-47A7-92F8-DF163FE017F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{40B106BE-DCF6-410E-9BED-1CC53B013138}] => (Block) %ProgramFiles% (x86)\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe
FirewallRules: [{AE70BB49-58C4-4400-8065-FE2DAFB11D83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{ECACB98D-1B2D-415A-9E0B-2E3824FE75E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{8DF3A4E9-0167-40EE-8A24-4872A9F121DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{8ACE462C-C54D-4175-AB44-4663C2A87276}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{E83965E4-8725-4A00-8B18-6C97464662ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{EA8FED14-ECDC-4C82-80C1-7A4CDE87173A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{1C838614-6FCF-4901-9CCD-D52ACD477E37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{BA26DC7F-FF28-40DA-B78A-551FBC3A36DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{8A93A86E-4B15-4BDC-80BC-75B10E0834A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{8340921A-498F-4DD4-A775-4F9461631008}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{D6C6F051-488A-4A06-A2F0-6D65F11D1AD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{E76D3B68-A4CB-45B1-9E95-A89F9DADD64F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{34449430-7E5F-41C6-90F8-E2748DF83BB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{DB2771FD-8199-4828-AF43-8EAD874582B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{936BC024-F674-44CC-9A70-C5D70D700702}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{2AF0C49C-52AE-473D-AAE8-88DC683C7A03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{D843F51D-E505-471E-B47D-E8D6AE33F19C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{6CDBCE7F-9D09-4990-AE36-8CA38208BFDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{0E757625-9F7C-4A7D-B907-6F4A1E58877A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{8E492021-A105-4816-BA1C-E126D4015088}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{B2430F8B-0688-41ED-A310-EB841A6615BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{DF19F181-E0CB-46B9-A6E4-D32CA1E4D0AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{A3A4C38A-67A3-4E4F-ADAC-7282E1DD517B}] => (Allow) C:\Users\Snowball\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F8C394EA-D3AC-424F-BC57-E3E9B9535DCD}] => (Allow) C:\Users\Snowball\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E1D64FD5-2D37-4266-B483-75B617FD6ABE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{BAC7F50D-809A-495A-AC53-E615DDE43E0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [UDP Query User{70C7AD54-2594-4448-8481-F581BB3C780A}C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{B91C1DAC-4AA7-46D7-A9E0-36039914E4D1}C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\snowball\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{5844FA31-C54B-4355-B8D9-15EBA1FD087F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{47EDBF56-A16E-4289-87D4-92BC2823D399}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{AB881AEA-30E8-4C78-A28D-3C55D3792F60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{16EDBB2B-2E29-4C47-B930-BCB8FBF7379A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{7C9B342D-617D-4ED2-AFC7-544B7F515D44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{A9D61BD7-C590-49D9-A382-B25AD7CB02FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [UDP Query User{7FDCE85E-C268-440A-92F6-3CFD7BA55346}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [TCP Query User{BAECAFB0-7A4B-45A3-81E4-3C47FE560E84}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [{A9B8BF88-3FD2-4D0A-B3E6-AF02B9E9CD34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{1E8BF20E-8A02-45F6-BB83-C74389BD8301}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{5F151F43-916E-461C-B2B6-30DA402A84AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{E709A9E6-989E-44A9-92A7-BFF8EE214BB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{FDE8594B-684C-44EA-88D3-03B216CCD718}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3CD21423-C066-40CE-8F77-7637D0B71E93}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{90F1EA61-9923-4B0A-AAED-EF1FAA53EA7F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{921D6796-0A66-45CE-8742-A6837F692C22}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9300F213-950A-417A-B6A5-FF9A3246BE3E}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{D2D67A0C-4174-415D-A87C-274F59477190}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{E3C83847-2E50-448E-B378-7F11BE2B3BD3}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{E8575E6E-39CA-4369-979D-86E540E0B07B}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{60D4C963-84C2-47B6-AC5A-663A6C5AE2DF}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{7ABE571D-07F4-4D26-98D5-9947F0D93DFC}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{E83775A4-A971-4916-B3A6-5ED477BED7C8}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\ConquestOfChampions\ConquestGame.exe
FirewallRules: [{AF05FE3D-1D6E-48E1-A585-2A6733278D6D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\ConquestOfChampions\ConquestGame.exe
FirewallRules: [{67735E5E-1C19-4686-A317-50A1D34D6694}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{C558F133-3CB4-4021-BBD2-C96A7CB31ED7}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{88E8BAB9-23BD-4766-9A40-256A2F64845F}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{31CEB773-E429-41E1-9E34-7510F005F9F9}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{159C5B5B-47DC-4C68-9A73-B9EE75377756}] => (Allow) C:\Users\Snowball\Downloads\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{8F65E9BB-7BFD-4700-B4AB-12DFB05989D1}] => (Allow) C:\Users\Snowball\Downloads\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{B46D4E13-F777-4FB2-9DE2-EE8860ED66A1}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{EF1E12FF-3FD7-46B0-B009-042E7B485E41}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{370A482A-268E-4F19-9636-33D8B4CC4BA4}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{1CF28C25-37C4-4388-84EC-5991402CEA67}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{E4D7C56C-576E-41D4-9707-45BE8AEEABA0}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{8BE27395-DC2E-4477-A2DD-55FAD26CA5BA}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{CE4CCC12-F1B9-4B52-8261-9681DE3A5DCA}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{DAF4C1AB-7D37-4899-813D-04A345F5F02D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{58EE82B0-42D3-4C7C-80EC-97A8B371E37D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{03142E2B-1936-46F7-A062-51ABD8FE415F}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{AE14E45F-BA5C-4395-B937-057F568A37A7}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AoW3\AoW3.exe
FirewallRules: [{53873E2A-4EBC-4C70-B957-1D556A031D8D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AoW3\AoW3.exe
FirewallRules: [{147750F7-BC22-4FBD-A66A-F593154BF936}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{DF9AB9C1-7F64-4806-BEA2-C5C5D9354387}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{EE3B20C7-AD97-48D2-BF43-3086EC11D34A}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{CE25DDFD-55F1-49E3-9B37-AB94DF111143}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D906F3D8-6FF7-4F82-888C-77F79E607252}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Higurashi When They Cry\HigurashiEp01.exe
FirewallRules: [{04026F2A-62D6-4E8C-9EE2-BEB3C7F24FF1}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Higurashi When They Cry\HigurashiEp01.exe
FirewallRules: [{43BBCB41-5B43-4B7A-B286-05D05F43FE96}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{F8E0CB23-D14F-4B45-A409-313F04573A0B}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{32ED94AF-239D-4906-9F7A-48D94EBC7D2F}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Resident Evil 5\Launcher.exe
FirewallRules: [{A0E9BF2F-C8DD-4D4C-B2E7-1B875E22C11D}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Resident Evil 5\Launcher.exe
FirewallRules: [{55852271-EB4F-4446-843C-19A9315ED445}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\FEAR2\FEAR2.exe
FirewallRules: [{06B6A33D-FD04-4154-999A-1EB227D964A5}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\FEAR2\FEAR2.exe
FirewallRules: [{7E905E4E-1766-4AF2-9555-451144A8C465}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{E18ACBDF-D13D-443B-BC9E-037BF7DD35A2}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{62A163D7-CBF0-4FD8-A980-DB6C79001411}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{F8C62029-D57F-4CFF-A318-E080E06057ED}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [TCP Query User{9D9B60B3-770A-4D39-A390-7A95E04BC8E1}C:\users\snowball\desktop\steamdesk\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\resident evil 5\re5dx9.exe
FirewallRules: [UDP Query User{26C7C825-2329-41F1-82FA-679AC13B1524}C:\users\snowball\desktop\steamdesk\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\resident evil 5\re5dx9.exe
FirewallRules: [{63B51133-81C9-46F2-9C63-C45C9D4CF3B2}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{306FA698-AE73-495B-9AE1-046C294B158A}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{D1ED5546-2C7A-47CC-A637-8D643DDFD32E}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Block) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [UDP Query User{728AAF06-5137-4253-87DE-09B32B779314}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Block) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [{DE49FB8C-C50B-4F3F-B38E-C5B1FF77DA38}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\bin\steamwebhelper.exe
FirewallRules: [{65C171FA-FA70-4CFE-B1BE-66BCC2D8533E}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\bin\steamwebhelper.exe
FirewallRules: [{0AAED517-22CB-44E6-8278-DB0923488F70}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{C2101F94-91CA-4EBF-9B93-6A7EF26671C6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{F4744407-9543-4606-B9D4-556E58C39E4A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{8685D715-3C99-4B9D-86E2-436FCD4D03C8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7EDD3ABD-8AF9-415D-B818-9AA0BD9B7475}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\SanctuaryRPG Classic\SanctuaryRPG.exe
FirewallRules: [{A4CEC6CE-1A64-4158-A9A6-68158C61AFFF}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\SanctuaryRPG Classic\SanctuaryRPG.exe
FirewallRules: [{2155388C-A812-44EC-9D93-952954E3640B}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\spore\SporebinEP1\SporeApp.exe
FirewallRules: [{30814FFF-3240-4042-B1DD-4AE2E2045099}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\spore\SporebinEP1\SporeApp.exe
FirewallRules: [{B106AD7D-2947-40B0-9D54-46D8465B7044}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\spore\runme.exe
FirewallRules: [{520FA6B2-351F-4F5C-A375-B9722E2767EF}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\spore\runme.exe
FirewallRules: [{EAE06C67-436C-4786-B318-9DED3C9A2849}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\spore\SporeBin\SporeApp.exe
FirewallRules: [{25223BBC-98FD-49C1-A58D-40F335EFC991}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\spore\SporeBin\SporeApp.exe
FirewallRules: [{4661D404-F91E-4237-9A3A-F8CD091F25B2}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{5BAD38CA-8227-4DEE-A8D8-72F4116DDD81}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [TCP Query User{DF24FEB9-9ADB-4654-AD51-8A8E1E0176D1}C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{9D220D56-12F5-4643-A58F-DC768EBF9605}C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe] => (Allow) C:\users\snowball\desktop\steamdesk\steamapps\common\total war attila\attila.exe
FirewallRules: [{80885161-DBD3-4765-B660-FEA19D1B55A6}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Kings Bounty Armored Princess\kb.exe
FirewallRules: [{402A368C-BCD1-41AD-A7D7-5569B3F4337C}] => (Allow) C:\Users\Snowball\Desktop\steamdesk\steamapps\common\Kings Bounty Armored Princess\kb.exe
FirewallRules: [{502F3D5D-6AC0-4D10-BE41-1860D542629F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{69F580B1-12BE-4EBF-A06B-82D3DCD0A143}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{83B2ADFE-DBA2-41B3-B448-B617696ED247}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{C1B110D4-7CF6-45B4-A0E0-7D4750954CD1}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{5AF4A82B-E0D8-4784-80DE-5593EE80622A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{C1EE1C6F-0655-4781-A8D9-C5537B3F2200}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{89C54F7D-8C15-4FEE-B03F-4DE79173C799}] => (Allow) A:\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{81BF203E-996B-4C02-99E7-96222BF9D0BA}] => (Allow) A:\steamdesk\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{D79E5FD2-9D85-4D7F-96A3-1E5F3D9C4478}] => (Allow) A:\steamdesk\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{E6EC1CE0-EA45-45F0-9A49-169D9ABFC1FB}] => (Allow) A:\steamdesk\steamapps\common\DarkestDungeon\_windows\Darkest.exe
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Faulty Device Manager Devices =============
 
Name: AMDA00 Interface
Description: AMDA00 Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: ASUSTeK Computer Inc.
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/22/2017 02:17:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmiprvse.exe, version: 10.0.14393.0, time stamp: 0x57899ab2
Faulting module name: NetEventPacketCapture.dll, version: 10.0.14393.206, time stamp: 0x57dacea5
Exception code: 0xc0000005
Fault offset: 0x00000000000160cc
Faulting process id: 0x1514
Faulting application start time: 0x01d28ce3f5bc153a
Faulting application path: C:\WINDOWS\system32\wbem\wmiprvse.exe
Faulting module path: C:\WINDOWS\system32\wbem\NetEventPacketCapture.dll
Report Id: ebf933a7-de7a-4e3c-a74f-f1dc8de833a4
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (02/22/2017 01:24:58 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NASIPAK)
Description: Activation of app Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/22/2017 01:00:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WindowService.exe, version: 1.0.0.0, time stamp: 0x58a9fd43
Faulting module name: KERNELBASE.dll, version: 6.2.14393.479, time stamp: 0x58256d37
Exception code: 0xe0434f4d
Fault offset: 0x000da832
Faulting process id: 0x%9
Faulting application start time: 0xWindowService.exe0
Faulting application path: WindowService.exe1
Faulting module path: WindowService.exe2
Report Id: WindowService.exe3
Faulting package full name: WindowService.exe4
Faulting package-relative application ID: WindowService.exe5
 
Error: (02/22/2017 12:50:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program XCom2.exe version 1.0.0.38128 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 5dd3c
 
Start Time: 01d28cd6e7d794a6
 
Termination Time: 93
 
Application Path: A:\steamdesk\steamapps\common\XCOM 2\Binaries\Win64\XCom2.exe
 
Report Id: 036b5d09-f8cb-11e6-82f4-086266c8884f
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/21/2017 11:33:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WindowService.exe, version: 1.0.0.0, time stamp: 0x58a9fd43
Faulting module name: KERNELBASE.dll, version: 6.2.14393.479, time stamp: 0x58256d37
Exception code: 0xe0434f4d
Fault offset: 0x000da832
Faulting process id: 0x%9
Faulting application start time: 0xWindowService.exe0
Faulting application path: WindowService.exe1
Faulting module path: WindowService.exe2
Report Id: WindowService.exe3
Faulting package full name: WindowService.exe4
Faulting package-relative application ID: WindowService.exe5
 
Error: (02/21/2017 11:31:19 PM) (Source: ESENT) (EventID: 482) (User: )
Description: DllHost (8356) WebCacheLocal: An attempt to write to the file "C:\Users\Snowball\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" at offset 3538944 (0x0000000000360000) for 32768 (0x00008000) bytes failed after 0.000 seconds with system error 1453 (0x000005ad): "Insufficient quota to complete the requested service. ".  The write operation will fail with error -1011 (0xfffffc0d).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (02/21/2017 11:31:19 PM) (Source: ESENT) (EventID: 482) (User: )
Description: DllHost (8356) WebCacheLocal: An attempt to write to the file "C:\Users\Snowball\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" at offset 1114112 (0x0000000000110000) for 32768 (0x00008000) bytes failed after 0.026 seconds with system error 1453 (0x000005ad): "Insufficient quota to complete the requested service. ".  The write operation will fail with error -1011 (0xfffffc0d).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (02/21/2017 11:31:19 PM) (Source: ESENT) (EventID: 482) (User: )
Description: DllHost (8356) WebCacheLocal: An attempt to write to the file "C:\Users\Snowball\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm" at offset 0 (0x0000000000000000) for 8192 (0x00002000) bytes failed after 0.000 seconds with system error 1453 (0x000005ad): "Insufficient quota to complete the requested service. ".  The write operation will fail with error -1011 (0xfffffc0d).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (02/21/2017 11:31:02 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe".Error in manifest or policy file "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" on line 0.
Invalid Xml syntax.
 
Error: (02/21/2017 11:31:02 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe".Error in manifest or policy file "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" on line 0.
Invalid Xml syntax.
 
 
System errors:
=============
Error: (02/22/2017 02:28:36 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (02/22/2017 02:28:22 AM) (Source: DCOM) (EventID: 10005) (User: NASIPAK)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (02/22/2017 02:25:20 AM) (Source: DCOM) (EventID: 10005) (User: NASIPAK)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (02/22/2017 02:25:04 AM) (Source: DCOM) (EventID: 10005) (User: NASIPAK)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (02/22/2017 02:24:41 AM) (Source: DCOM) (EventID: 10005) (User: NASIPAK)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (02/22/2017 02:24:26 AM) (Source: DCOM) (EventID: 10005) (User: NASIPAK)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (02/22/2017 02:24:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (02/22/2017 02:24:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (02/22/2017 02:24:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (02/22/2017 02:23:54 AM) (Source: DCOM) (EventID: 10005) (User: NASIPAK)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
 
CodeIntegrity:
===================================
  Date: 2017-02-22 01:04:44.237
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-22 01:04:36.994
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-22 01:03:41.382
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-22 00:52:34.130
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-22 00:52:33.866
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-120603.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-21 19:58:05.289
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-120603.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-21 19:58:05.288
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-120603.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-21 19:55:55.441
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-21 19:44:12.449
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-120603.dll that did not meet the Store signing level requirements.
 
  Date: 2017-02-21 19:42:22.809
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 38%
Total physical RAM: 8134.98 MB
Available physical RAM: 4966.96 MB
Total Virtual: 32710.98 MB
Available Virtual: 29106.14 MB
 
==================== Drives ================================
 
Drive a: (New Volume) (Fixed) (Total:447.13 GB) (Free:121.2 GB) NTFS
Drive c: () (Fixed) (Total:930.97 GB) (Free:124.17 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9CA66606)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: C49F44AB)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#5 olgun52

olgun52

  • Malware Response Team
  • 3,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 AM

Posted 23 February 2017 - 03:38 AM

Ahh I am so sorry.Forgive me pleaseI wrote wrong. I want the FRST.txt log. :scratchhead:


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#6 ChaosLupy

ChaosLupy
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:42 AM

Posted 23 February 2017 - 03:52 AM

Items have either disappeared or been deleted (evemon is a commonly used program for EVE Online- it's legit, but I don't use it so no loss there.)   I have 7(?) items in  kmspico/certs that refuse to be uninstalled.    Demands admin access even though I'm using admin account.  I think this may be from before the free update to windows 10.  



#7 ChaosLupy

ChaosLupy
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:42 AM

Posted 23 February 2017 - 03:55 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-02-2017
Ran by Snowball (administrator) on NASIPAK (22-02-2017 02:25:09)
Running from C:\Users\Snowball\Downloads
Loaded Profiles: Snowball (Available Profiles: Snowball)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Snowball\Downloads\FRST64 (1).exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029576 2016-11-23] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-11-20] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKLM-x32\...\Run: [WAHELPER.EXE] => C:\Program Files (x86)\WinArchiver Virtual Drive\WAHELPER.EXE [475136 2012-01-12] (WinArchiver Computing, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51928 2017-02-15] (Copyright © 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [cpx] => "C:\Program Files (x86)\cpx\cpx.exe" -starup <===== ATTENTION
HKLM-x32\...\Run: [svcvmx] => C:\Program Files (x86)\svcvmx\svcvmx.exe [896512 2017-01-13] ()
HKU\S-1-5-21-925108756-303190714-492092699-1001\...\Run: [BitTorrent] => C:\Users\Snowball\AppData\Roaming\BitTorrent\BitTorrent.exe [1984200 2017-02-04] (BitTorrent Inc.)
HKU\S-1-5-21-925108756-303190714-492092699-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5973640 2015-06-11] (Plex, Inc.)
HKU\S-1-5-21-925108756-303190714-492092699-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3044848 2017-02-08] (Electronic Arts)
HKU\S-1-5-21-925108756-303190714-492092699-1001\...\Run: [GoogleChromeAutoLaunch_C164CA7B4547AB0A35C8A017613AAFF8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.)
HKU\S-1-5-18\...\Run: [] => [X]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Snowball\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Snowball\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Snowball\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Snowball\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Snowball\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Snowball\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-04-26]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-01-27]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
GroupPolicy\User: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{185242dd-ceb3-424d-8138-b121698f9790}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{6d95544b-386d-4e78-b6dc-7fcc878724b8}: [DhcpNameServer] 192.168.0.1 192.168.0.1
 
Internet Explorer:
==================
HKU\S-1-5-21-925108756-303190714-492092699-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-925108756-303190714-492092699-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yourclassifiedsnow.com/?source=239204&uid=869fbd1f-150b-41b3-91a1-0bb368346268&uc=20170221&ap=AppFocus33&i_id=classifieds__1.30
URLSearchHook: HKU\S-1-5-21-925108756-303190714-492092699-1001 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-925108756-303190714-492092699-1001 -> DefaultScope {20E4AE0F-5D6A-48A2-A7E6-A9C87CB1B3E1} URL = hxxp://search.yourclassifiedsnow.com/s?source=239204&uid=869fbd1f-150b-41b3-91a1-0bb368346268&uc=20170221&ap=AppFocus33&i_id=classifieds__1.30&query={searchTerms}
SearchScopes: HKU\S-1-5-21-925108756-303190714-492092699-1001 -> {20E4AE0F-5D6A-48A2-A7E6-A9C87CB1B3E1} URL = hxxp://search.yourclassifiedsnow.com/s?source=239204&uid=869fbd1f-150b-41b3-91a1-0bb368346268&uc=20170221&ap=AppFocus33&i_id=classifieds__1.30&query={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll => No File
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-08] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-08] (Oracle Corporation)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll => No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll No File
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc.)
 
FireFox:
========
FF ProfilePath: C:\Users\Snowball\AppData\Roaming\Mozilla\Firefox\Profiles\ikd7Kdsz.default [2015-04-23]
FF Extension: (Avira Browser Safety) - C:\Users\Snowball\AppData\Roaming\Mozilla\Firefox\Profiles\ikd7Kdsz.default\Extensions\abs@avira.com [2015-04-23] [not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-08] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-925108756-303190714-492092699-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-21] ()
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxp://radiooooo.com/#
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default [2017-02-22]
CHR Extension: (Google Slides) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-23]
CHR Extension: (Google Docs) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-23]
CHR Extension: (Google Drive) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Adguard AdBlocker) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2017-01-01]
CHR Extension: (Poper Blocker) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-02-15]
CHR Extension: (YouTube) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Sad Panda) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2016-09-02]
CHR Extension: (Adblock Plus) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-27]
CHR Extension: (Steam Inventory Helper) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-02-10]
CHR Extension: (Google Search) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-01]
CHR Extension: (Google Sheets) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-23]
CHR Extension: (Google Docs Offline) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Snowball\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
S2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
S2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249328 2015-06-24] (DTS, Inc)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-08] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-08] (Electronic Arts)
S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-15] (Copyright © 2017 Plays.tv, LLC)
S2 qdcomsvc; C:\Program Files (x86)\qdcomsvc\qdcomsvc.exe [755200 2017-02-16] (qdcomsvc Inc.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-11-20] (Microsoft Corporation)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996824 2017-02-06] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-02-06] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-02-06] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S2 WinArchiver Service; C:\Program Files (x86)\WinArchiver Virtual Drive\WAService.exe [196608 2012-01-12] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 windowsmanagementservice; C:\Users\Snowball\AppData\Local\Temp\20170221\ct.exe [722432 2017-02-19] (ct Corp.) [File not signed] <==== ATTENTION <==== ATTENTION
S2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
S3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309114.inf_amd64_9133a0f6cb9c56bb\atikmdag.sys [26569872 2016-11-28] (Advanced Micro Devices, Inc.)
S3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309114.inf_amd64_9133a0f6cb9c56bb\atikmpag.sys [529440 2016-11-28] (Advanced Micro Devices, Inc.)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices)
R1 drmkpro64; C:\WINDOWS\System32\drivers\drmkpro64.sys [51784 2017-02-21] () [File not signed]
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-11] ()
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2015-06-04] (REALiX™)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-02-22] ()
R0 WAEMU; C:\WINDOWS\System32\Drivers\waemu.sys [141368 2012-01-12] (WinArchiver Computing, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S2 WinisoCDBus; C:\WINDOWS\System32\drivers\WinisoCDBus.sys [204032 2014-02-26] (WinISO.com)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-02-22 02:25 - 2017-02-22 02:26 - 00020510 _____ C:\Users\Snowball\Downloads\FRST.txt
2017-02-22 02:23 - 2017-02-22 02:23 - 05659775 _____ (Swearware) C:\Users\Snowball\Downloads\ComboFix (2).exe
2017-02-22 02:23 - 2017-02-22 02:23 - 02422784 _____ (Farbar) C:\Users\Snowball\Downloads\FRST64 (1).exe
2017-02-22 01:49 - 2017-02-22 02:25 - 00000000 ____D C:\FRST
2017-02-22 01:49 - 2017-02-22 01:49 - 02422784 _____ (Farbar) C:\Users\Snowball\Downloads\FRST64.exe
2017-02-22 01:49 - 2017-02-22 01:49 - 01764864 _____ (Farbar) C:\Users\Snowball\Downloads\FRST.exe
2017-02-22 01:45 - 2017-02-22 01:45 - 05659775 _____ (Swearware) C:\Users\Snowball\Downloads\ComboFix (1).exe
2017-02-22 01:40 - 2017-02-22 01:41 - 05659775 _____ (Swearware) C:\Users\Snowball\Downloads\ComboFix.exe
2017-02-22 01:33 - 2017-02-22 01:33 - 01663040 _____ (Malwarebytes) C:\Users\Snowball\Downloads\JRT.exe
2017-02-22 01:31 - 2017-02-22 01:31 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-02-22 01:31 - 2017-02-22 01:31 - 00000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-02-22 01:31 - 2017-02-22 01:31 - 00000000 ____D C:\ProgramData\RogueKiller
2017-02-22 01:31 - 2017-02-22 01:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-02-22 01:31 - 2017-02-22 01:31 - 00000000 ____D C:\Program Files\RogueKiller
2017-02-22 01:30 - 2017-02-22 01:30 - 34820824 _____ (Adlice Software ) C:\Users\Snowball\Downloads\setup (1).exe
2017-02-22 01:21 - 2017-02-22 01:25 - 00002089 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-22 01:21 - 2017-02-22 01:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-22 01:21 - 2017-02-22 01:21 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-22 01:21 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-22 01:20 - 2017-02-22 01:20 - 55566792 _____ (Malwarebytes ) C:\Users\Snowball\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-21 20:12 - 2017-02-22 01:01 - 00000000 ____D C:\Users\Snowball\AppData\LocalLow\BitTorrent
2017-02-21 20:08 - 2017-02-21 20:08 - 00000000 ____D C:\ProgramData\dbg
2017-02-21 20:00 - 2017-02-22 02:22 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-02-21 19:59 - 2017-02-21 19:59 - 00000000 ____D C:\WINDOWS\pss
2017-02-21 19:57 - 2017-02-21 20:15 - 00000000 ____D C:\Program Files (x86)\svcvmx
2017-02-21 19:57 - 2017-02-21 20:14 - 00000000 ____D C:\Users\Snowball\AppData\Local\llssoft
2017-02-21 19:29 - 2017-02-21 19:29 - 00000000 ____D C:\Program Files (x86)\winscr
2017-02-21 19:24 - 2017-02-21 19:24 - 00000000 _____ C:\Users\Snowball\Downloads\clipgrab-3.5.6 (1).exe
2017-02-21 17:45 - 2017-02-21 17:45 - 01852928 _____ (splsrv Corp.) C:\WINDOWS\SysWOW64\splsrv.exe
2017-02-21 17:45 - 2017-02-21 17:45 - 00000025 _____ C:\WINDOWS\TEMPcoral.vbs
2017-02-21 17:45 - 2017-02-21 17:45 - 00000000 ____D C:\Program Files (x86)\qdcomsvc
2017-02-21 17:45 - 2017-02-21 17:45 - 00000000 ____D C:\Program Files (x86)\dataup
2017-02-21 17:44 - 2017-02-21 17:44 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\c
2017-02-21 17:44 - 2017-02-21 17:44 - 00000000 ____D C:\ProgramData\1487720691
2017-02-21 17:43 - 2017-02-21 17:43 - 01800192 _____ C:\Users\Snowball\Downloads\A Little Lily Princess Full Version (1).iso
2017-02-21 17:43 - 2017-02-21 17:43 - 00000000 ____D C:\Users\Snowball\Downloads\A Little Lily Princess Full Version (1)
2017-02-21 14:54 - 2017-02-21 14:54 - 00051784 _____ C:\WINDOWS\system32\Drivers\drmkpro64.sys
2017-02-21 02:55 - 2017-02-21 02:56 - 00000000 ____D C:\ProgramData\Microleaves
2017-02-21 02:53 - 2017-02-21 17:46 - 00000390 ____H C:\WINDOWS\Tasks\Traffic Exchange Updater.job
2017-02-21 02:53 - 2017-02-21 17:46 - 00000348 _____ C:\WINDOWS\Tasks\Traffic Exchange v209 - 3.job
2017-02-21 02:53 - 2017-02-21 17:46 - 00000348 _____ C:\WINDOWS\Tasks\Traffic Exchange v209 - 2.job
2017-02-21 02:53 - 2017-02-21 17:46 - 00000348 _____ C:\WINDOWS\Tasks\Traffic Exchange v209 - 1.job
2017-02-21 02:53 - 2017-02-21 17:46 - 00000338 _____ C:\WINDOWS\Tasks\Traffic Exchange v2 - 3.job
2017-02-21 02:53 - 2017-02-21 17:46 - 00000338 _____ C:\WINDOWS\Tasks\Traffic Exchange v2 - 2.job
2017-02-21 02:53 - 2017-02-21 17:46 - 00000338 _____ C:\WINDOWS\Tasks\Traffic Exchange v2 - 1.job
2017-02-21 02:53 - 2017-02-21 02:53 - 00003722 _____ C:\WINDOWS\System32\Tasks\Online Application Guardian
2017-02-21 02:53 - 2017-02-21 02:53 - 00003716 _____ C:\WINDOWS\System32\Tasks\Online Application Guard
2017-02-21 02:53 - 2017-02-21 02:53 - 00003708 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Guardian
2017-02-21 02:53 - 2017-02-21 02:53 - 00003704 _____ C:\WINDOWS\System32\Tasks\Online Application
2017-02-21 02:53 - 2017-02-21 02:53 - 00003702 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Guard
2017-02-21 02:53 - 2017-02-21 02:53 - 00003690 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange
2017-02-21 02:53 - 2017-02-21 02:53 - 00003278 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Updater
2017-02-21 02:53 - 2017-02-21 02:53 - 00003240 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange v209 - 3
2017-02-21 02:53 - 2017-02-21 02:53 - 00003240 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange v209 - 2
2017-02-21 02:53 - 2017-02-21 02:53 - 00003240 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange v209 - 1
2017-02-21 02:53 - 2017-02-21 02:53 - 00003226 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange v2 - 3
2017-02-21 02:53 - 2017-02-21 02:53 - 00003226 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange v2 - 2
2017-02-21 02:53 - 2017-02-21 02:53 - 00003226 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange v2 - 1
2017-02-21 02:53 - 2017-02-21 02:53 - 00000000 ____D C:\Program Files (x86)\Microleaves
2017-02-21 02:52 - 2017-02-21 17:46 - 00000404 _____ C:\WINDOWS\Tasks\Online Application Updater.job
2017-02-21 02:52 - 2017-02-21 17:46 - 00000358 _____ C:\WINDOWS\Tasks\Online Application v209.job
2017-02-21 02:52 - 2017-02-21 17:46 - 00000358 _____ C:\WINDOWS\Tasks\Online Application v209 Guardian.job
2017-02-21 02:52 - 2017-02-21 17:46 - 00000358 _____ C:\WINDOWS\Tasks\Online Application v209 Guard.job
2017-02-21 02:52 - 2017-02-21 17:46 - 00000348 _____ C:\WINDOWS\Tasks\Online Application v2.job
2017-02-21 02:52 - 2017-02-21 17:46 - 00000348 _____ C:\WINDOWS\Tasks\Online Application v2 Guardian.job
2017-02-21 02:52 - 2017-02-21 17:46 - 00000348 _____ C:\WINDOWS\Tasks\Online Application v2 Guard.job
2017-02-21 02:52 - 2017-02-21 02:53 - 00003250 _____ C:\WINDOWS\System32\Tasks\Online Application v2 Guardian
2017-02-21 02:52 - 2017-02-21 02:53 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-02-21 02:52 - 2017-02-21 02:53 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-02-21 02:52 - 2017-02-21 02:52 - 00003298 _____ C:\WINDOWS\System32\Tasks\Online Application Updater
2017-02-21 02:52 - 2017-02-21 02:52 - 00003264 _____ C:\WINDOWS\System32\Tasks\Online Application v209 Guardian
2017-02-21 02:52 - 2017-02-21 02:52 - 00003258 _____ C:\WINDOWS\System32\Tasks\Online Application v209 Guard
2017-02-21 02:52 - 2017-02-21 02:52 - 00003246 _____ C:\WINDOWS\System32\Tasks\Online Application v209
2017-02-21 02:52 - 2017-02-21 02:52 - 00003244 _____ C:\WINDOWS\System32\Tasks\Online Application v2 Guard
2017-02-21 02:52 - 2017-02-21 02:52 - 00003232 _____ C:\WINDOWS\System32\Tasks\Online Application v2
2017-02-21 02:51 - 2017-02-21 02:52 - 00001536 __RSH C:\Users\Snowball\ntuser.pol
2017-02-21 02:48 - 2017-02-21 19:27 - 00000000 ____D C:\Users\Snowball\Downloads\A Little Lily Princess Full Version
2017-02-21 02:48 - 2017-02-21 02:48 - 01218560 _____ C:\Users\Snowball\Downloads\A Little Lily Princess Full Version.iso
2017-02-20 01:32 - 2017-02-20 02:21 - 00675153 _____ C:\Users\Snowball\Desktop\Form1A-2016.pdf
2017-02-17 10:51 - 2016-12-21 01:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-02-17 10:51 - 2016-12-20 22:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-02-17 10:33 - 2017-02-18 00:27 - 00000000 ____D C:\Users\Snowball\AppData\Local\ConnectedDevicesPlatform
2017-02-17 10:33 - 2017-02-17 10:33 - 00000020 ___SH C:\Users\Snowball\ntuser.ini
2017-02-17 08:24 - 2017-02-17 07:03 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-17 08:21 - 2017-02-17 08:22 - 00000000 ____D C:\Windows.old
2017-02-17 08:19 - 2017-02-17 08:19 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-02-17 08:19 - 2017-02-17 08:19 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-02-17 08:19 - 2017-02-17 08:19 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-02-17 08:19 - 2017-02-17 08:19 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-02-17 08:19 - 2017-02-17 08:19 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-02-17 08:19 - 2017-02-17 08:19 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-02-17 08:19 - 2017-02-17 08:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-02-17 08:19 - 2017-02-17 08:19 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-02-17 08:19 - 2017-02-17 08:19 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-02-17 08:19 - 2017-02-17 08:19 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2017-02-17 08:19 - 2017-02-17 08:19 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2017-02-17 08:19 - 2017-02-17 08:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-02-17 08:19 - 2017-02-17 08:19 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-02-17 08:19 - 2017-02-17 08:19 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2017-02-17 08:19 - 2017-02-17 08:19 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-02-17 08:19 - 2017-02-17 08:19 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-02-17 08:18 - 2017-02-17 08:18 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-02-17 08:18 - 2017-02-17 08:18 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-02-17 08:18 - 2017-02-17 08:18 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-02-17 08:18 - 2017-02-17 08:18 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2017-02-17 08:18 - 2017-02-17 08:18 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2017-02-17 08:18 - 2017-02-17 08:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2017-02-17 08:18 - 2017-02-17 08:18 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2017-02-17 08:07 - 2017-02-17 08:07 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-02-17 08:04 - 2017-02-17 08:04 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-02-17 08:04 - 2017-02-17 08:04 - 00000000 ____D C:\Program Files\MSBuild
2017-02-17 08:04 - 2017-02-17 08:04 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-02-17 08:04 - 2017-02-17 08:04 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-17 08:04 - 2016-05-25 16:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-02-17 08:04 - 2016-05-25 16:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-02-17 08:04 - 2016-05-25 16:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-02-17 08:04 - 2016-05-25 13:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-02-17 08:04 - 2016-05-25 13:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-02-17 08:04 - 2016-05-25 13:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-02-17 07:03 - 2017-02-17 07:03 - 00000000 _SHDL C:\Users\Default\My Documents
2017-02-17 07:03 - 2017-02-17 07:03 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2017-02-17 07:03 - 2017-02-17 07:03 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2017-02-17 07:03 - 2017-02-17 07:03 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2017-02-17 07:03 - 2017-02-17 07:03 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2017-02-17 07:03 - 2017-02-17 07:03 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2017-02-17 07:03 - 2017-02-17 07:03 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2017-02-17 07:00 - 2017-02-17 07:02 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-02-17 07:00 - 2017-02-17 07:02 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-02-17 06:54 - 2017-02-17 06:54 - 00003764 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2017-02-17 06:54 - 2017-02-17 06:54 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-02-17 06:54 - 2017-02-17 06:54 - 00003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-17 06:54 - 2017-02-17 06:54 - 00003294 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FA86B1A3-B89F-4447-A6A7-6268F5BD09E3}
2017-02-17 06:54 - 2017-02-17 06:54 - 00003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-17 06:54 - 2017-02-17 06:54 - 00002934 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-925108756-303190714-492092699-1001
2017-02-17 06:54 - 2017-02-17 06:54 - 00002778 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2017-02-17 06:54 - 2017-02-17 06:54 - 00002766 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-17 06:54 - 2017-02-17 06:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-02-17 06:42 - 2017-02-17 06:42 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-17 06:42 - 2017-02-17 06:42 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2017-02-17 06:42 - 2017-02-17 06:42 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2017-02-17 06:42 - 2017-02-17 06:42 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2017-02-17 06:42 - 2017-02-17 06:42 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2017-02-17 06:38 - 2017-02-17 06:44 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-02-17 06:35 - 2017-02-22 01:05 - 00000000 ____D C:\Users\Snowball
2017-02-17 06:35 - 2017-02-17 06:35 - 00000000 _SHDL C:\Users\Snowball\My Documents
2017-02-17 06:35 - 2017-02-17 06:35 - 00000000 _SHDL C:\Users\Snowball\Documents\My Videos
2017-02-17 06:35 - 2017-02-17 06:35 - 00000000 _SHDL C:\Users\Snowball\Documents\My Pictures
2017-02-17 06:35 - 2017-02-17 06:35 - 00000000 _SHDL C:\Users\Snowball\Documents\My Music
2017-02-17 06:30 - 2017-02-17 06:30 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-02-17 06:30 - 2017-02-17 06:30 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-02-17 06:29 - 2017-02-22 01:05 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-02-17 06:29 - 2017-02-17 06:44 - 00000000 ____D C:\Program Files\AMD
2017-02-17 06:29 - 2017-02-17 06:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-02-17 06:29 - 2017-02-17 06:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-02-17 06:29 - 2017-02-17 06:29 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-02-17 06:29 - 2017-02-17 06:29 - 00000000 ____D C:\Program Files\Realtek
2017-02-17 06:29 - 2017-02-17 06:29 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-02-17 06:29 - 2017-02-17 06:29 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-02-17 06:29 - 2013-07-04 04:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-02-17 06:29 - 2013-07-04 04:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-02-17 06:28 - 2017-02-17 06:28 - 00000000 ____D C:\Program Files\ASUS
2017-02-14 03:30 - 2017-02-14 03:30 - 00377496 _____ C:\Users\Snowball\Downloads\2016-12-17-statements-5278.pdf
2017-02-14 03:29 - 2017-02-14 03:29 - 00342164 _____ C:\Users\Snowball\Downloads\2017-01-17-statements-5278 (1).pdf
2017-02-14 03:28 - 2017-02-14 03:28 - 00342164 _____ C:\Users\Snowball\Downloads\2017-01-17-statements-5278.pdf
2017-02-08 02:13 - 2017-02-17 06:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mordheim City of the Damned
2017-02-08 02:13 - 2017-02-08 02:13 - 00000802 _____ C:\Users\Snowball\Desktop\Mordheim City of the Damned.lnk
2017-02-06 21:59 - 2017-02-06 21:59 - 00180150 _____ C:\Users\Snowball\Desktop\TaxReturn2017.pdf
2017-02-06 08:17 - 2017-02-06 08:33 - 00000000 ____D C:\Users\Snowball\Downloads\Sid.Meiers.Starships.RIP.MULTI10-ALiAS
2017-02-05 00:32 - 2017-02-05 11:37 - 00000000 ____D C:\Users\Snowball\AppData\Local\Sid Meier's Starships
2017-02-05 00:28 - 2017-02-05 00:32 - 00000000 ____D C:\Program Files (x86)\Sid Meier's Starships
2017-02-05 00:28 - 2017-02-05 00:31 - 00000904 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sid Meier's Starships.lnk
2017-02-05 00:28 - 2017-02-05 00:31 - 00000892 _____ C:\Users\Public\Desktop\Sid Meier's Starships.lnk
2017-02-04 23:53 - 2017-02-05 00:28 - 00000000 ____D C:\Users\Snowball\Downloads\Sid.Meiers.Starships-RELOADED
2017-02-04 23:52 - 2017-02-04 23:52 - 00015302 _____ C:\Users\Snowball\Downloads\Sid.Meiers.Starships-RELOADED [IPT].torrent
2017-02-04 23:51 - 2017-02-04 23:51 - 00006941 _____ C:\Users\Snowball\Downloads\Sid.Meiers.Starships.RIP.MULTI10-ALiAS [IPT].torrent
2017-02-01 15:21 - 2017-02-08 02:01 - 00000000 ____D C:\Users\Snowball\Downloads\Mordheim.City.of.the.Damned.Witch.Hunter-CODEX
2017-02-01 15:21 - 2017-02-01 15:21 - 00192956 _____ C:\Users\Snowball\Downloads\Mordheim.City.of.the.Damned.Witch.Hunter-CODEX [IPT].torrent
2017-02-01 09:45 - 2017-02-01 09:45 - 00001205 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-01-30 02:26 - 2017-01-30 02:26 - 00000000 ____D C:\Users\Snowball\AppData\LocalLow\Daedalic Entertainment GmbH
2017-01-30 02:26 - 2017-01-30 02:26 - 00000000 ____D C:\Users\Snowball\AppData\Local\Daedalic Entertainment GmbH
2017-01-30 02:18 - 2017-02-17 06:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daedalic Entertainment GmbH
2017-01-30 02:07 - 2017-01-30 02:07 - 00000000 ____D C:\Program Files (x86)\Daedalic Entertainment GmbH
2017-01-30 01:02 - 2017-01-30 02:05 - 00000000 ____D C:\Users\Snowball\Downloads\Shadow_Tactics_Blades_of_the_Shogun-FLT
2017-01-30 01:01 - 2017-01-30 01:01 - 00093198 _____ C:\Users\Snowball\Downloads\Shadow_Tactics_Blades_of_the_Shogun-FLT [IPT].torrent
2017-01-28 02:11 - 2017-01-28 02:11 - 00016006 _____ C:\Users\Snowball\Downloads\welcome.htm
2017-01-27 17:47 - 2017-02-17 06:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-01-27 00:00 - 2017-01-27 00:03 - 00000000 ____D C:\Users\Snowball\Downloads\Warhammer.40.000.Sanctus.Reach-CODEX
2017-01-26 23:48 - 2017-01-26 23:48 - 00012900 _____ C:\Users\Snowball\Downloads\Warhammer.40.000.Sanctus.Reach-CODEX [IPT].torrent
2017-01-26 21:07 - 2017-01-26 21:08 - 00118569 _____ C:\Users\Snowball\Downloads\335946877-Laddaner-Gathering-Storm-Fall-of-Cadia-Enhanced-Edition-PDF-EPUB-MOBI-POCKET-Games-Workshop.pdf
2017-01-23 01:12 - 2017-01-23 01:12 - 02047710 _____ C:\Users\Snowball\Downloads\Homeworld_-_Manual_-_PC.pdf
2017-01-23 01:10 - 2017-01-23 01:12 - 16886404 _____ C:\Users\Snowball\Downloads\Unconfirmed 259690.crdownload
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-02-22 02:21 - 2016-07-16 00:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-22 02:18 - 2015-08-31 04:31 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2017-02-22 02:17 - 2015-08-31 04:31 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Yahoo!
2017-02-22 02:17 - 2015-04-23 14:26 - 00000000 ____D C:\Program Files\KMSpico
2017-02-22 02:09 - 2016-11-20 12:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-22 01:21 - 2016-02-29 15:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-22 01:05 - 2016-11-20 12:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-22 01:05 - 2015-05-02 00:38 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\BitTorrent
2017-02-22 01:05 - 2015-04-26 23:25 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Raptr
2017-02-22 01:01 - 2016-03-10 14:34 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\PlaysTV
2017-02-22 01:01 - 2015-08-31 00:28 - 00000000 ____D C:\ProgramData\Origin
2017-02-21 20:10 - 2015-04-23 13:09 - 00000000 ____D C:\Program Files (x86)\Avira
2017-02-21 20:03 - 2016-07-25 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-02-21 20:03 - 2015-04-23 13:09 - 00000000 ____D C:\ProgramData\Avira
2017-02-21 19:45 - 2016-11-20 12:51 - 00989002 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-21 19:37 - 2016-04-06 19:16 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-02-21 19:37 - 2016-04-06 19:07 - 00000000 ____D C:\Program Files\TrueKey
2017-02-21 19:26 - 2016-01-21 21:41 - 00000000 ____D C:\Program Files\Tharsis
2017-02-21 18:34 - 2016-07-16 05:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-21 18:27 - 2016-07-16 05:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-21 18:22 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-21 02:51 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-02-21 02:51 - 2013-08-22 09:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-02-20 02:38 - 2016-03-25 00:10 - 00000000 ____D C:\Users\Snowball\Downloads\PopcornTime
2017-02-20 01:22 - 2015-07-30 03:42 - 00000140 _____ C:\Users\Snowball\Desktop\credit card.txt
2017-02-19 23:18 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-18 10:00 - 2016-07-16 05:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-18 04:12 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\appcompat
2017-02-17 17:45 - 2016-11-20 12:40 - 00194224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-17 10:51 - 2015-04-23 14:28 - 00000000 ____D C:\Users\Snowball\AppData\Local\Packages
2017-02-17 10:42 - 2015-08-15 10:24 - 00002368 _____ C:\Users\Snowball\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-17 10:42 - 2015-04-23 02:41 - 00000000 __RDO C:\Users\Snowball\SkyDrive
2017-02-17 10:41 - 2015-08-15 10:18 - 00000000 ____D C:\Users\Snowball\AppData\Local\Comms
2017-02-17 10:33 - 2016-11-20 12:54 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-17 08:24 - 2016-07-16 05:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-02-17 08:20 - 2016-07-16 05:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-02-17 08:20 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-02-17 08:20 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-02-17 08:20 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-02-17 08:20 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-02-17 08:20 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-02-17 08:20 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-02-17 08:20 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-02-17 08:20 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\servicing
2017-02-17 08:16 - 2016-07-16 05:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-02-17 08:04 - 2016-07-16 05:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-02-17 08:04 - 2016-07-16 05:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-02-17 08:04 - 2016-07-16 05:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-02-17 08:04 - 2016-07-16 05:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-02-17 07:02 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-17 07:00 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-02-17 07:00 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\Registration
2017-02-17 07:00 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-02-17 06:53 - 2015-08-15 06:39 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-02-17 06:52 - 2016-07-16 05:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-17 06:48 - 2015-04-23 14:58 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-17 06:44 - 2017-01-01 20:41 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2017-02-17 06:44 - 2017-01-01 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-02-17 06:44 - 2016-12-10 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-02-17 06:44 - 2016-11-20 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Batman - The Telltale Series [GOG.com]
2017-02-17 06:44 - 2016-10-15 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD
2017-02-17 06:44 - 2016-09-25 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2
2017-02-17 06:44 - 2016-09-25 03:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3
2017-02-17 06:44 - 2016-09-25 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FINAL FANTASY IX
2017-02-17 06:44 - 2016-09-17 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4
2017-02-17 06:44 - 2016-08-29 02:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master of Orion [GOG.com]
2017-02-17 06:44 - 2016-08-29 01:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Attack on Titan Wings of Freedom
2017-02-17 06:44 - 2016-08-03 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marvel Ultimate Alliance
2017-02-17 06:44 - 2016-07-19 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I am Setsuna
2017-02-17 06:44 - 2016-07-16 05:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-02-17 06:44 - 2016-07-16 00:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-17 06:44 - 2016-07-06 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dying Light [GOG.com]
2017-02-17 06:44 - 2016-06-24 04:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VA-11 Hall-A - Cyberpunk Bartender Action [GOG.com]
2017-02-17 06:44 - 2016-06-19 02:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop Dungeons [GOG.com]
2017-02-17 06:44 - 2016-05-21 01:35 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unity of Command
2017-02-17 06:44 - 2016-04-20 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Banner Saga 2
2017-02-17 06:44 - 2016-03-22 16:08 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uplink Demo
2017-02-17 06:44 - 2016-02-29 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-02-17 06:44 - 2016-02-17 15:11 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizards of the Coast
2017-02-17 06:44 - 2016-02-17 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-02-17 06:44 - 2016-01-24 02:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2017-02-17 06:44 - 2015-12-17 04:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2017-02-17 06:44 - 2015-11-01 03:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2017-02-17 06:44 - 2015-09-15 03:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warhammer 40000 Regicide
2017-02-17 06:44 - 2015-09-08 01:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Invisible Inc [GOG.com]
2017-02-17 06:44 - 2015-09-04 16:03 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2017-02-17 06:44 - 2015-09-03 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-02-17 06:44 - 2015-08-31 04:30 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-02-17 06:44 - 2015-08-28 23:29 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVEMon
2017-02-17 06:44 - 2015-08-24 02:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GARPA Topographical Survey
2017-02-17 06:44 - 2015-08-19 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2017-02-17 06:44 - 2015-08-13 03:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2017-02-17 06:44 - 2015-08-13 02:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2017-02-17 06:44 - 2015-08-08 03:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-17 06:44 - 2015-07-28 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
2017-02-17 06:44 - 2015-07-22 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aspell
2017-02-17 06:44 - 2015-07-20 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2017-02-17 06:44 - 2015-07-14 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild of Dungeoneering
2017-02-17 06:44 - 2015-07-01 02:38 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVMC
2017-02-17 06:44 - 2015-06-20 03:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOOT
2017-02-17 06:44 - 2015-06-19 02:29 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-17 06:44 - 2015-06-19 02:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-17 06:44 - 2015-06-16 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2017-02-17 06:44 - 2015-06-10 02:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4 - Gold Edition
2017-02-17 06:44 - 2015-06-10 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinArchiver Virtual Drive
2017-02-17 06:44 - 2015-06-08 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2017-02-17 06:44 - 2015-06-04 02:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
2017-02-17 06:44 - 2015-05-18 12:50 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISO
2017-02-17 06:44 - 2015-05-16 01:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2017-02-17 06:44 - 2015-05-13 02:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx
2017-02-17 06:44 - 2015-05-10 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Boob Wars!! ~Big Breasts vs Flat Chests~
2017-02-17 06:44 - 2015-05-08 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate General Gettysburg
2017-02-17 06:44 - 2015-05-03 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dungeons 2
2017-02-17 06:44 - 2015-04-27 12:37 - 00000000 ____D C:\Program Files\Classic Shell
2017-02-17 06:44 - 2015-04-27 02:11 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2017-02-17 06:44 - 2015-04-27 02:10 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2017-02-17 06:44 - 2015-04-26 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2017-02-17 06:44 - 2015-04-23 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-17 06:44 - 2015-04-23 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-02-17 06:42 - 2015-10-30 00:28 - 00000000 ____D C:\Users\Default.migrated
2017-02-17 06:41 - 2016-11-20 05:16 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-02-17 06:41 - 2016-10-07 01:25 - 00000000 ____D C:\WINDOWS\system32\P
2017-02-17 06:41 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-02-17 06:41 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-17 06:41 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-02-17 06:41 - 2015-11-01 03:06 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2017-02-17 06:41 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-02-17 06:41 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-02-17 06:40 - 2016-11-20 05:16 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-02-17 06:39 - 2017-01-01 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-02-17 06:39 - 2016-10-27 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2017-02-17 06:39 - 2016-08-17 00:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focus Home Interactive
2017-02-17 06:39 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-02-17 06:39 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\InputMethod
2017-02-17 06:39 - 2016-07-10 03:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KOEI TECMO GAMES CO LTD
2017-02-17 06:39 - 2016-06-18 00:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock Entertainment
2017-02-17 06:39 - 2016-04-05 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2017-02-17 06:39 - 2015-10-18 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2017-02-17 06:39 - 2015-09-26 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2017-02-17 06:39 - 2015-08-20 22:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2017-02-17 06:39 - 2015-08-11 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winter Wolves
2017-02-17 06:39 - 2015-06-01 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media Digital
2017-02-17 06:39 - 2015-04-26 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2017-02-17 06:38 - 2016-07-16 05:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-17 06:34 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-17 05:48 - 2016-11-21 05:31 - 00000000 ___HD C:\$WINDOWS.~BT
2017-02-17 00:51 - 2015-04-27 12:38 - 00000000 ____D C:\Users\Snowball\AppData\Local\ClassicShell
2017-02-14 13:56 - 2015-07-01 02:40 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\TVMC
2017-02-14 11:37 - 2016-04-06 19:16 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-02-14 04:16 - 2015-06-02 16:45 - 00000000 ____D C:\Users\Snowball\AppData\Local\Adobe
2017-02-14 01:45 - 2015-06-02 01:24 - 00000000 ____D C:\Users\Snowball\Documents\Darkest
2017-02-08 12:00 - 2015-09-03 20:02 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-08 11:57 - 2015-12-15 15:27 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-08 02:16 - 2015-04-24 03:30 - 00000000 ____D C:\Users\Snowball\Documents\My Games
2017-02-06 16:11 - 2015-08-15 06:34 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 13:48 - 2016-07-16 05:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 13:48 - 2016-07-16 05:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 00:32 - 2015-05-19 21:29 - 00000000 ____D C:\Users\Snowball\AppData\Roaming\FiraxisLive
2017-02-01 15:21 - 2016-09-24 00:01 - 00000000 ____D C:\Users\Snowball\Downloads\Mass Effect Trilogy
2017-02-01 14:45 - 2015-06-01 15:23 - 00002749 _____ C:\Users\Snowball\Desktop\potato.ini
2017-02-01 14:45 - 2015-05-19 22:41 - 00000000 ____D C:\Users\Snowball\Desktop\worlds
2017-01-27 17:47 - 2015-11-22 23:46 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-01-27 17:47 - 2015-06-02 16:47 - 00002009 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
 
==================== Files in the root of some directories =======
 
2015-08-31 03:10 - 2015-08-31 04:26 - 0000009 _____ () C:\Users\Snowball\AppData\Roaming\update.dat
2015-08-31 03:10 - 2015-08-31 03:10 - 261744128 _____ () C:\Users\Snowball\AppData\Roaming\Update.fg3
2015-05-04 00:07 - 2015-05-04 00:07 - 0007602 _____ () C:\Users\Snowball\AppData\Local\Resmon.ResmonCfg
2017-02-17 06:30 - 2017-02-17 06:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
2017-02-22 01:31 - 2017-02-17 08:19 - 1886344 _____ (Microsoft Corporation) C:\Users\Snowball\AppData\Local\Temp\dllnt_dump.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-02-17 07:05
 
==================== End of FRST.txt ============================


#8 olgun52

olgun52

  • Malware Response Team
  • 3,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 AM

Posted 23 February 2017 - 07:19 AM

Hi again,

C:\Users\Snowball\AppData\Roaming\c

Do you recognize this folder?
======================================================
 
Please delete it:
I see on the İE browser ==> search.yourclassifiedsnow.com
C:\Program Files (x86)\Yahoo
McAfee Security Scan Plus
 
PC restart now
=======================================================
Step 1:
FRST Script:
Please download this attached Attached File  Fixlist.txt   20.56KB   10 downloads  and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

NOT : It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
and fixlist.txt are in the same location or the fix will not work.

 

Step 2:

Scan with Zemana AntiMalware Free:

  • Turn off the real time scanner of any existing antivirus and firewall programs while performing scan
  • Please download and install Zemana AntiMalware Free
  • Double-click software shortcut on the desktop and follow the prompts to install the program .
  • If an update is available, click the Update now button.
  • At the end Click Settings > Advanced > ''I have read the warning an wish to proceed anyway'' Click
  • Auto Launch > Untick the box next
  • Scan type > Smart scan (Default)
  • Close all open files, folders and browsers
  • Click scan now ''Run as Administrator'' and a threat Scan will begin.
  • When the scan is complete, Press report and send me report.
  • Please PC restart now.

Any issue ?

 

Have a nice day.

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#9 ChaosLupy

ChaosLupy
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:42 AM

Posted 23 February 2017 - 12:47 PM

appdata/c is holding all the appdata from my SSD (drive C).  That stays! 



#10 olgun52

olgun52

  • Malware Response Team
  • 3,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 AM

Posted 23 February 2017 - 06:12 PM

Not sure what you mean.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#11 ChaosLupy

ChaosLupy
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:42 AM

Posted 24 February 2017 - 02:27 AM

The folder you want me to delete has all my appdata from my steam account.  Probably not a good idea to delete that.

 

I can't install zemana.  'the parameter is incorrect'


Edited by ChaosLupy, 24 February 2017 - 02:31 AM.


#12 olgun52

olgun52

  • Malware Response Team
  • 3,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 AM

Posted 24 February 2017 - 03:19 AM

The folder you want me to delete has all my appdata from my steam account.  Probably not a good idea to delete that.

Is that so. What lines or files?

I can't install zemana.  'the parameter is incorrect'

This can with  harmful reasons.Did you run as an administrator ?


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#13 ChaosLupy

ChaosLupy
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:42 AM

Posted 24 February 2017 - 03:20 AM

You asked me to delete 

 

Hi again,

C:\Users\Snowball\AppData\Roaming\c

Do you recognize this folder?
======================================================
 
Please delete it:

 

 

but this is my app data for steam.  So it's probably not a good idea to delete this.    
And yes, I tried installing Zemana with admin mode. It's not working.  Is this due to the virus trying to protect itself?


Edited by ChaosLupy, 24 February 2017 - 03:23 AM.


#14 olgun52

olgun52

  • Malware Response Team
  • 3,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 AM

Posted 24 February 2017 - 03:45 AM

Please delete it:
I see on the İE browser ==> search.yourclassifiedsnow.com

 You got it wrong.  I just wanted you to delete this information

Is this due to the virus trying to protect itself?

Probably.

 

C:\Users\Snowball\AppData\Roaming\c

 

Is this familiar to you? What is in the c folder? Is he clean?


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#15 ChaosLupy

ChaosLupy
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:42 AM

Posted 24 February 2017 - 10:56 AM

Yes.   Appdata/roaming/c is clean.  It's my appdata for steam.   You know, the platform that gives you silly hats for team fortress 2. 

I don't know anything about Edge - I never use it.  How do I delete  search.yourclassifiedsnow.com

how do I get rid of the virus?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users