Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

NetSupport trojan/hijack


  • This topic is locked This topic is locked
18 replies to this topic

#1 Hyetemplar

Hyetemplar

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 29 January 2018 - 08:17 PM

Hello, so I had a brainfart and clicked on a link I shouldn't have while watching a stream on twitch.tv, took me to a site and downloaded something on my PC. Few hours later someone remotely accessed my PC and tried to buy themselves a digital gift card using my ebay account. I panicked and turned off my internet, later ran some virus scanners but nothing showed up. I noticed NetSupport running in task manager and googled to find people use that to get into your system because it doesn't flag scanner programs. The folder for it was an empty folder when I tried to open its source from task manager. I then deleted everything I could find that was modified on the time I had my brainfart/downloaded the trojan which was at 1/28/2018 at 3:33pm to 3:35pm. Then did a system restore. I no longer see NetSupport but im not sure if there are any other lingering programs or .txt files that may have logged my keystrokes.

 

My fears are that I did not get rid of everything and also that my keystrokes were stolen because I was on ebay and paypal at the time which means they might have my account info but I'm watching any activity on those accounts. I am posting this on the PC in question with safe mode with networking and the logs were taken on safe mode so im not sure if i should be on normal mode. Any help is appreciated, thanks in advance.

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Vic (administrator) on DESKTOP-M3GLLEB (29-01-2018 16:59:50)
Running from C:\Users\Vic\Downloads
Loaded Profiles: Vic (Available Profiles: defaultuser0 & Vic)
Platform: Windows 10 Pro Version 1709 16299.192 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-07-22] (Realtek Semiconductor)
HKLM\...\Run: [NahimicMSIUILauncher] => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [740320 2015-12-04] ()
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-06-26] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\CyberLink\Power2Go8\VirtualDrive.exe [499640 2015-06-26] (CyberLink Corp.)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [4131792 2015-09-10] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1027024 2015-09-09] (MSI)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-07-21] (Razer Inc.)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-07-21] (MSI)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [17315512 2017-08-31] (Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\Run: [CorsairLink4] => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [17064656 2016-08-31] (Corsair Components, Inc.)
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1053000 2018-01-11] ()
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\Run: [Discord] => C:\Users\Vic\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-09-22]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-09-22]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e1938f2c-512b-483c-b364-9a7c850325c2}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-29] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-29] (Oracle Corporation)
 
FireFox:
========
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32.dll [2016-10-03] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-29] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default [2018-01-29]
CHR Extension: (Slides) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-22]
CHR Extension: (YouTube) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-22]
CHR Extension: (Adblock Plus) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-29]
CHR Extension: (Google Search) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-09-22]
CHR Extension: (Sheets) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-22]
CHR Extension: (Vysor) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2017-12-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-13]
CHR Extension: (Gmail) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-22]
CHR Extension: (Chrome Media Router) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-20]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [83152 2016-08-31] (Corsair Components, Inc.)
S2 CLKMSVC10_6CE1B52B; C:\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [303544 2015-07-24] (CyberLink)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [409128 2017-02-10] (EasyAntiCheat Ltd)
S2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [36008 2015-11-04] (Micro-Star Int'l Co., Ltd.)
S2 GamingHotkey_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingHotkey_Service.exe [2019792 2015-10-16] (Micro-Star INT'L CO., LTD.)
S2 HiPatchService; D:\Smite\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel® Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation)
S2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4173920 2016-06-02] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2200872 2016-02-01] (MSI) [File not signed]
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4160976 2016-04-18] (MSI)
S2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2014160 2016-03-04] (MSI)
S2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2328160 2016-07-01] (MSI)
S2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [112592 2015-09-10] (Micro-Star INT'L CO., LTD.)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-06-02] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [598112 2016-06-02] (MSI)
S2 MSI_Cloud_Service; C:\Program Files (x86)\MSI\MSI M-Cloud\MSI_Cloud_Service.exe [98640 2015-09-17] (Micro-Star Int'l Co., Ltd.)
S2 MSI_ECOSERVICE; C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [2291880 2015-08-24] (Micro-Star INT'L CO., LTD.)
S2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2295480 2017-08-31] (Micro-Star INT'L CO., LTD.)
S2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk_Service.exe [70992 2015-10-28] (Micro-Star Int'l Co., Ltd.)
S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1452360 2018-01-11] (Overwolf LTD)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-19] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-20] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-20] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare)
S2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-10-06] (Intel® Corporation)
S3 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [144456 2016-01-22] (Rivet Networks, LLC.)
S1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 cpuz139; C:\WINDOWS\TEMP\cpuz139\cpuz139_x64.sys [43328 2018-01-29] (CPUID)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
S2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-09-29] (Qualcomm Atheros, Inc.)
S2 memudrv; D:\memu\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (Microvirt Corporation)
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
S3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-09-16] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-09-16] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-09-16] (NVIDIA Corporation)
S2 RAMDriv; C:\WINDOWS\system32\DRIVERS\ramdriv.sys [81912 2012-12-27] (Micro-Star Int'l Co., Ltd.)
S2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [81912 2012-12-27] (Micro-Star Int'l Co., Ltd.)
S2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer, Inc.)
S2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-08-19] (Razer, Inc.)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [40568 2016-06-14] (SteelSeries ApS)
S1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [133064 2016-05-27] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-20] (Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-20] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-20] (Microsoft Corporation)
S1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [281544 2016-05-27] (BigNox Corporation)
S1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [281544 2016-05-27] (BigNox Corporation)
S1 MpKsl71d3ec5c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6800FA1A-7BC6-4004-A48A-568815A7A1CB}\MpKsl71d3ec5c.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-01-29 16:59 - 2018-01-29 16:59 - 000016878 _____ C:\Users\Vic\Downloads\FRST.txt
2018-01-29 16:59 - 2018-01-29 16:59 - 000000000 ____D C:\FRST
2018-01-29 16:57 - 2018-01-29 16:57 - 002393088 _____ (Farbar) C:\Users\Vic\Downloads\FRST64.exe
2018-01-29 16:54 - 2018-01-29 16:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-01-29 04:43 - 2018-01-29 16:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-01-29 04:38 - 2018-01-29 05:25 - 000000000 ____D C:\WINDOWS\pss
2018-01-28 15:34 - 2018-01-28 15:34 - 000000013 ___SH C:\Users\Vic\AppData\Roaming\zer0.bin
2018-01-13 22:49 - 2018-01-13 22:49 - 085995139 _____ C:\Users\Vic\Downloads\Warhammer_40_000_-_Codex_-_Chaos_Daemons.epub
2018-01-06 00:17 - 2018-01-06 00:17 - 000000000 ____D C:\Users\Vic\AppData\LocalLow\League of Geeks
2018-01-05 12:47 - 2018-01-01 09:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-05 12:47 - 2018-01-01 04:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-05 12:47 - 2018-01-01 04:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-05 12:47 - 2018-01-01 04:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-05 12:47 - 2018-01-01 04:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-05 12:47 - 2018-01-01 04:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-05 12:47 - 2018-01-01 04:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-05 12:47 - 2018-01-01 04:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-05 12:47 - 2018-01-01 04:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-05 12:47 - 2018-01-01 04:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-05 12:47 - 2018-01-01 04:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-05 12:47 - 2018-01-01 04:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-05 12:47 - 2018-01-01 04:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-05 12:47 - 2018-01-01 04:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-05 12:47 - 2018-01-01 04:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-05 12:47 - 2018-01-01 04:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-05 12:47 - 2018-01-01 04:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-05 12:47 - 2018-01-01 04:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-05 12:47 - 2018-01-01 04:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-05 12:47 - 2018-01-01 04:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-05 12:47 - 2018-01-01 04:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-05 12:47 - 2018-01-01 04:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-05 12:47 - 2018-01-01 04:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-05 12:47 - 2018-01-01 04:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-01-05 12:47 - 2018-01-01 04:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-01-05 12:47 - 2018-01-01 04:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-05 12:47 - 2018-01-01 04:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-05 12:47 - 2018-01-01 04:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-05 12:47 - 2018-01-01 04:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-05 12:47 - 2018-01-01 04:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-05 12:47 - 2018-01-01 04:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-05 12:47 - 2018-01-01 04:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-05 12:47 - 2018-01-01 04:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-01-05 12:47 - 2018-01-01 04:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-05 12:47 - 2018-01-01 04:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-05 12:47 - 2018-01-01 04:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-05 12:47 - 2018-01-01 04:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-05 12:47 - 2018-01-01 04:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-05 12:47 - 2018-01-01 04:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-05 12:47 - 2018-01-01 04:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-05 12:47 - 2018-01-01 04:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-05 12:47 - 2018-01-01 04:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-05 12:47 - 2018-01-01 04:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-05 12:47 - 2018-01-01 04:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-01-05 12:47 - 2018-01-01 04:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-05 12:47 - 2018-01-01 04:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-05 12:47 - 2018-01-01 04:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-05 12:47 - 2018-01-01 04:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-05 12:47 - 2018-01-01 04:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-05 12:47 - 2018-01-01 04:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-01-05 12:47 - 2018-01-01 04:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-01-05 12:47 - 2018-01-01 04:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-05 12:47 - 2018-01-01 04:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-05 12:47 - 2018-01-01 04:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-05 12:47 - 2018-01-01 04:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-05 12:47 - 2018-01-01 04:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-05 12:47 - 2018-01-01 04:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-05 12:47 - 2018-01-01 04:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-05 12:47 - 2018-01-01 04:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-05 12:47 - 2018-01-01 04:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-05 12:47 - 2018-01-01 04:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-05 12:47 - 2018-01-01 04:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-05 12:47 - 2018-01-01 04:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-01-05 12:47 - 2018-01-01 04:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-05 12:47 - 2018-01-01 04:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-05 12:47 - 2018-01-01 04:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-05 12:47 - 2018-01-01 04:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-05 12:47 - 2018-01-01 04:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-01-05 12:47 - 2018-01-01 04:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-05 12:47 - 2018-01-01 04:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-05 12:47 - 2018-01-01 04:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-05 12:47 - 2018-01-01 04:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-05 12:47 - 2018-01-01 04:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-05 12:47 - 2018-01-01 04:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-05 12:47 - 2018-01-01 04:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-05 12:47 - 2018-01-01 04:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-05 12:47 - 2018-01-01 04:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-05 12:47 - 2018-01-01 04:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-05 12:47 - 2018-01-01 04:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-05 12:47 - 2018-01-01 04:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-05 12:47 - 2018-01-01 04:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-01-05 12:47 - 2018-01-01 04:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-05 12:47 - 2018-01-01 03:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-05 12:47 - 2018-01-01 03:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-05 12:47 - 2018-01-01 03:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-05 12:47 - 2018-01-01 03:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-05 12:47 - 2018-01-01 03:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-05 12:47 - 2018-01-01 03:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-05 12:47 - 2018-01-01 03:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-05 12:47 - 2018-01-01 03:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-05 12:47 - 2018-01-01 03:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-05 12:47 - 2018-01-01 03:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-05 12:47 - 2018-01-01 03:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-05 12:47 - 2018-01-01 03:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-05 12:47 - 2018-01-01 03:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-05 12:47 - 2018-01-01 03:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-05 12:47 - 2018-01-01 03:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-05 12:47 - 2018-01-01 03:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-01-05 12:47 - 2018-01-01 03:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-01-05 12:47 - 2018-01-01 03:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-01-05 12:47 - 2018-01-01 03:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-05 12:47 - 2018-01-01 03:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-05 12:47 - 2018-01-01 03:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-05 12:47 - 2018-01-01 03:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-05 12:47 - 2018-01-01 03:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-05 12:47 - 2018-01-01 03:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-05 12:47 - 2018-01-01 03:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-05 12:47 - 2018-01-01 03:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-05 12:47 - 2018-01-01 03:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-05 12:47 - 2018-01-01 03:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-05 12:47 - 2018-01-01 03:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-05 12:47 - 2018-01-01 03:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-05 12:47 - 2018-01-01 03:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-05 12:47 - 2018-01-01 03:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-05 12:47 - 2018-01-01 03:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-05 12:47 - 2018-01-01 03:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-01-05 12:47 - 2018-01-01 03:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-05 12:47 - 2018-01-01 03:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-01-05 12:47 - 2018-01-01 03:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-05 12:47 - 2018-01-01 03:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-05 12:47 - 2018-01-01 03:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-05 12:47 - 2018-01-01 03:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2018-01-05 12:47 - 2018-01-01 03:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-05 12:47 - 2018-01-01 03:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-01-05 12:47 - 2018-01-01 03:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-05 12:47 - 2018-01-01 03:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-05 12:47 - 2018-01-01 03:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-05 12:47 - 2018-01-01 03:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-05 12:47 - 2018-01-01 03:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-05 12:47 - 2018-01-01 03:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-05 12:47 - 2018-01-01 03:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-05 12:47 - 2018-01-01 03:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-05 12:47 - 2018-01-01 03:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-05 12:47 - 2018-01-01 03:21 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-05 12:47 - 2018-01-01 03:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-05 12:47 - 2018-01-01 03:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-05 12:47 - 2018-01-01 03:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-05 12:47 - 2018-01-01 03:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-05 12:47 - 2018-01-01 03:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-05 12:47 - 2018-01-01 03:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-05 12:47 - 2018-01-01 03:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-05 12:47 - 2018-01-01 03:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-05 12:47 - 2018-01-01 03:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-05 12:47 - 2018-01-01 03:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-05 12:47 - 2018-01-01 03:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-01-05 12:47 - 2018-01-01 03:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-01-05 12:47 - 2018-01-01 03:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-05 12:47 - 2018-01-01 03:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-05 12:47 - 2018-01-01 03:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-01-05 12:47 - 2018-01-01 03:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-05 12:47 - 2018-01-01 03:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-05 12:47 - 2018-01-01 03:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-05 12:47 - 2018-01-01 03:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-05 12:47 - 2018-01-01 03:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-05 12:47 - 2018-01-01 03:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-05 12:47 - 2018-01-01 03:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-01-05 12:47 - 2018-01-01 03:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-05 12:47 - 2018-01-01 03:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-05 12:47 - 2018-01-01 03:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-05 12:47 - 2018-01-01 03:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-05 12:47 - 2018-01-01 03:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-05 12:47 - 2018-01-01 03:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-05 12:47 - 2018-01-01 03:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-05 12:47 - 2018-01-01 03:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-05 12:47 - 2018-01-01 03:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-01-05 12:47 - 2018-01-01 03:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-01-05 12:47 - 2018-01-01 03:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-05 12:47 - 2018-01-01 03:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-05 12:47 - 2018-01-01 03:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-05 12:47 - 2018-01-01 03:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-05 12:47 - 2018-01-01 03:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-05 12:47 - 2018-01-01 03:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-05 12:47 - 2018-01-01 03:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-05 12:47 - 2018-01-01 03:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-05 12:47 - 2018-01-01 03:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-05 12:47 - 2018-01-01 03:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-05 12:47 - 2018-01-01 03:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-05 12:47 - 2018-01-01 03:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-05 12:47 - 2018-01-01 03:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-05 12:47 - 2018-01-01 03:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-05 12:47 - 2018-01-01 03:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-05 12:47 - 2018-01-01 03:11 - 001955328 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-05 12:47 - 2018-01-01 03:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-05 12:47 - 2018-01-01 03:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-01-05 12:47 - 2018-01-01 03:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-05 12:47 - 2018-01-01 03:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-05 12:47 - 2018-01-01 03:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-05 12:47 - 2018-01-01 03:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-05 12:47 - 2018-01-01 03:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-01-05 12:47 - 2018-01-01 03:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-05 12:47 - 2018-01-01 03:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-05 12:47 - 2018-01-01 03:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-05 12:47 - 2018-01-01 03:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-05 12:47 - 2018-01-01 03:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-05 12:47 - 2018-01-01 03:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-05 12:47 - 2018-01-01 03:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-05 12:47 - 2018-01-01 03:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-05 12:47 - 2018-01-01 03:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-05 12:47 - 2018-01-01 03:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-01-29 16:58 - 2017-11-17 04:17 - 001082332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-29 16:54 - 2017-09-29 00:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-01-29 16:54 - 2016-09-29 00:08 - 000000000 ____D C:\Users\Vic\AppData\Local\ElevatedDiagnostics
2018-01-29 16:51 - 2017-11-17 04:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-29 16:50 - 2016-09-24 20:12 - 000000000 ____D C:\Users\Vic\AppData\Roaming\Skype
2018-01-29 16:49 - 2016-09-25 19:27 - 000000000 ____D C:\Users\Vic\AppData\Local\Overwolf
2018-01-29 16:49 - 2016-09-22 06:06 - 000000000 ____D C:\Program Files (x86)\Steam
2018-01-29 05:41 - 2017-08-07 02:16 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-29 05:35 - 2016-09-22 04:10 - 000190664 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_6CE1B52B.sys
2018-01-29 05:31 - 2016-09-25 19:27 - 000000000 ____D C:\Program Files (x86)\Overwolf
2018-01-29 05:28 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-29 05:26 - 2017-05-26 00:05 - 000000000 ____D C:\Users\Vic\AppData\Roaming\discord
2018-01-29 04:43 - 2017-11-17 04:11 - 000000000 ____D C:\Users\Vic
2018-01-29 04:41 - 2017-11-17 04:11 - 000000000 ____D C:\Users\defaultuser0
2018-01-29 04:41 - 2017-09-29 05:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-29 04:41 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-01-29 04:41 - 2017-09-29 05:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-29 04:41 - 2016-07-16 03:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-01-29 04:40 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\registration
2018-01-29 04:40 - 2016-09-22 04:20 - 000000000 ____D C:\MSI
2018-01-29 02:32 - 2017-11-17 04:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-25 11:55 - 2016-09-22 06:56 - 000000000 ____D C:\ProgramData\CLink4
2018-01-25 09:51 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-24 14:34 - 2016-09-22 06:05 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-16 09:34 - 2016-09-22 07:59 - 000000000 ____D C:\Users\Vic\Documents\My Games
2018-01-14 21:04 - 2017-10-08 13:58 - 000000000 ____D C:\Users\Vic\Desktop\40k
2018-01-11 21:56 - 2016-09-22 10:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-11 21:55 - 2017-10-12 04:53 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-11 21:55 - 2017-09-29 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-11 21:55 - 2016-09-22 10:04 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-09 21:25 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-09 17:29 - 2017-05-26 00:05 - 000002227 _____ C:\Users\Vic\Desktop\Discord.lnk
2018-01-09 17:29 - 2017-05-26 00:05 - 000000000 ____D C:\Users\Vic\AppData\Local\Discord
2018-01-06 20:32 - 2017-11-17 04:50 - 000000000 ___RD C:\Users\Vic\3D Objects
2018-01-06 20:32 - 2017-11-17 04:09 - 000238928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-06 20:32 - 2016-09-22 03:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-06 20:31 - 2017-09-29 05:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-06 20:31 - 2017-09-29 05:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-06 20:31 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-06 20:31 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-06 20:31 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-06 20:31 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-06 20:31 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-06 20:31 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-06 20:31 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-01-06 20:31 - 2017-09-29 00:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-05 12:47 - 2017-09-29 05:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-05 12:47 - 2017-09-29 05:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-05 12:47 - 2017-09-29 05:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-04 11:36 - 2016-09-22 04:27 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-04 11:36 - 2016-09-22 04:27 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
 
==================== Files in the root of some directories =======
 
2018-01-28 15:34 - 2018-01-28 15:34 - 000000013 ___SH () C:\Users\Vic\AppData\Roaming\zer0.bin
2016-09-22 06:37 - 2016-09-22 06:37 - 000000000 _____ () C:\Users\Vic\AppData\Local\Driver_LOM_8171Present.flag
 
Some files in TEMP:
====================
2018-01-18 02:40 - 2018-01-18 02:40 - 001864256 _____ (Oracle Corporation) C:\Users\Vic\AppData\Local\Temp\jre-8u161-windows-au.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
safeboot: Network => The system is configured to boot to Safe Mode <==== ATTENTION
 
LastRegBack: 2018-01-28 21:02
 
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Vic (29-01-2018 17:00:08)
Running from C:\Users\Vic\Downloads
Windows 10 Pro Version 1709 16299.192 (X64) (2017-11-17 12:15:23)
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1699126305-1225172096-1940794454-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1699126305-1225172096-1940794454-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1699126305-1225172096-1940794454-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1699126305-1225172096-1940794454-501 - Limited - Disabled)
Vic (S-1-5-21-1699126305-1225172096-1940794454-1001 - Administrator - Enabled) => C:\Users\Vic
WDAGUtilityAccount (S-1-5-21-1699126305-1225172096-1940794454-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.33.1 - Asmedia Technology)
AudioFXSetup (HKLM\...\{1FE5ADE2-823B-4E4C-A2D3-063822B3C794}) (Version: 1.2.1201 - Nahimic) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version:  - )
CheckDevicesConfigurator (HKLM\...\{85334C6B-E4CF-4A3C-8FE2-AF73D5DB9827}) (Version: 1.2.1201 - Nahimic) Hidden
Corsair Link 4 (HKLM-x32\...\{33593361-5FB1-4D73-BA5A-9F30392BFEE8}) (Version: 4.3.0.154 - Corsair Components, Inc.) Hidden
Corsair Link 4 (HKLM-x32\...\{43242464-db63-47fb-b75c-706bc0dcd863}) (Version: 4.3.0.154 - Corsair Components, Inc.)
Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
CPUID CPU-Z MSI 1.74 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.74 - CPUID, Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.8.3 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Killer Bandwidth Control Filter Driver (HKLM\...\{5B7A2B7B-CEA9-4E50-B0E4-E82F204CBE78}) (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer E240x Drivers (HKLM\...\{9DB2FB0F-2731-43A3-9FC7-3C90CD970096}) (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{51B5A084-A40D-4F4B-90AA-EF8354EA7D96}) (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1125 - Rivet Networks)
LauncherSetup (HKLM\...\{E9A24BF9-2AD3-46BE-A9AF-4DED8EBC124E}) (Version: 1.2.1201 - Nahimic) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
MechWarrior Online (HKLM-x32\...\{1A14AC87-9585-4AC5-BA5D-0A3A4C6AF7D4}) (Version: 1.6.1.0 - Piranha Games Inc.) Hidden
MechWarrior Online (HKLM-x32\...\{9f17023b-d04f-432b-b08a-3bb4c3a7ed3c}) (Version: 1.6.0.0 - Piranha Games Inc.)
MEmu (HKLM-x32\...\MEmu) (Version: 2.9.6 - Microvirt)
Microsoft OneDrive (HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{02A39130-2CF3-30CA-8623-30F6071A4221}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 2.0.0.36 - MSI)
MSI ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 2.0.0.9 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 5.0.0.25 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.21 - MSI)
MSI M-Cloud (HKLM-x32\...\{C2CA9595-A17F-4D28-BD6E-0E30447AF60B}}_is1) (Version: 1.0.0.20 - MSI)
MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.12 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.02 - MSI)
MSI® Intel® Extreme Tuning Utility (HKLM-x32\...\{5D85C662-99AB-4B25-A6F0-ABB9D702F552}) (Version: 6.0.2.102 - Intel Corporation) Hidden
MSI® Intel® Extreme Tuning Utility (HKLM-x32\...\{bcbf202c-9746-4173-a49b-649bfd0adca6}) (Version: 6.0.2.102 - Intel Corporation)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 1.0.0.07 - MSI)
Nahimic for MSI (HKLM-x32\...\{0c311339-9de4-4dd7-b21d-3dcfa3a2946f}) (Version: 1.2.12 - Nahimic)
NahimicSettingsConfigurator (HKLM\...\{5FFC5E3A-4A2B-4201-9132-5ED5A0453797}) (Version: 1.2.1201 - Nahimic) Hidden
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.3.0 - Duodian Technology Co. Ltd.)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.109.2.16 - Overwolf Ltd.)
ProductDaemonSetup (HKLM\...\{79CB3FC2-E67A-4C4F-8C24-874DCD38199A}) (Version: 1.2.1201 - Nahimic) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.721 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7885 - Realtek Semiconductor Corp.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 4.22.4446.0 - Hi-Rez Studios)
Smite Tactics Alpha (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF351}) (Version: 0.34.1155.0 - Hi-Rez Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.8.5 (HKLM\...\SteelSeries Engine 3) (Version: 3.8.5 - SteelSeries ApS)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UIInstallUpgrade (HKLM\...\{DEB82682-EF4C-4D3D-AEE0-51B62FEFDD21}) (Version: 1.2.1201 - Nahimic) Hidden
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Driver Package - BigNox Corporation XQHDrv System  (05/27/2016 4.3.12) (HKLM\...\94C2625000FDEC5DD549EADDF8698D48672C3037) (Version: 05/27/2016 4.3.12 - BigNox Corporation)
Windows Driver Package - Corsair Components, Inc. (SIUSBXP) USB  (10/30/2015 3.6) (HKLM\...\689CB8E4310D795D383E65C05A8F13A05D92E771) (Version: 10/30/2015 3.6 - Corsair Components, Inc.)
Windows Driver Package - Oracle Corporation (VBoxUSB) USB  (05/27/2016 4.3.12) (HKLM\...\9B8A57D7ECC2B5D3115B5A1361FAE29AC92E355B) (Version: 05/27/2016 4.3.12 - Oracle Corporation)
Windows Driver Package - Oracle Corporation VBoxUSBMon System  (05/27/2016 4.3.12) (HKLM\...\2B96D1320C797F081985B7C1EA9A2DABAC2644BF) (Version: 05/27/2016 4.3.12 - Oracle Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XSplit Gamecaster (HKLM-x32\...\{9CC369F6-8E78-4376-A55A-D2F4DC3806E0}) (Version: 2.6.1510.0726 - SplitmediaLabs)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-06-26] (Cyberlink)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-06-26] (Cyberlink)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {09459F21-58EE-41B2-B708-C711012D240F} - System32\Tasks\NahimicMSIUILauncherRun => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [2015-12-04] ()
Task: {097AE7E4-F589-43DE-A48E-A1EDAB2E6E80} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-16] (NVIDIA Corporation)
Task: {0B931B98-0F10-4DEB-A40E-696FB1719728} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-05-05] (Intel Corporation)
Task: {123B396E-5E8A-46BC-A0A0-AD95842B4B2D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel® Corporation)
Task: {1DCDCB9D-52C7-4C3F-A1BA-810A387CA0FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {268603BD-9FF0-4629-B67D-2670F69BFAD8} - System32\Tasks\NahimicMSIsvc32Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe [2015-12-04] ()
Task: {2DDFFF30-45F3-4101-AB31-6346E2D84EDF} - System32\Tasks\PDVDServ12 Task => C:\CyberLink\PowerDVD12\PDVD12Serv.exe [2015-07-21] (CyberLink Corp.)
Task: {3E85E32E-EA5F-456F-82E6-E763310EEE6A} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-16] (NVIDIA Corporation)
Task: {616096F7-0CDB-4E49-9BF4-222644B69C32} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-16] (NVIDIA Corporation)
Task: {816C978F-86A5-45EA-AC6F-DEEA509E18F4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-16] (NVIDIA Corporation)
Task: {8ABB3FCF-A1A0-4319-AEB7-CF08BB20E9A1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-16] (NVIDIA Corporation)
Task: {92F8E2D7-0692-4ABD-90E2-6F187087E936} - System32\Tasks\NahimicMSIsvc64Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIsvc64.exe [2015-12-04] ()
Task: {95801A00-A1A5-4D69-AC2A-F11E767C93A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-22] (Google Inc.)
Task: {95A0F0DF-11A0-4C12-B1EF-02BFD697AE2A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {98847FA7-96D9-4101-847B-8689983F59AC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-16] (NVIDIA Corporation)
Task: {AAB3931C-AD38-4426-A1EA-213C49B61F92} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {B4DFBFA9-78B6-4617-820E-8CF7D3A4893C} - System32\Tasks\MSISW_Host => C:\Windows\SysWoW64\muachost.exe [2015-08-18] (MSI)
Task: {B56D051D-0FEB-4457-B540-C16548F4C836} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-16] (NVIDIA Corporation)
Task: {BF2690F0-0269-4ABC-AEEF-16597ED8AA5C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {C90F33FE-CA58-4BC3-8B8E-51866BF7FFAE} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-01-11] (Overwolf LTD)
Task: {D6BF40F0-201F-46DE-A446-4162D83B1FEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-22] (Google Inc.)
Task: {F2320593-1456-4461-8907-A11B82399C86} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-16] (NVIDIA Corporation)
Task: {FF563323-381A-4219-978B-4AF0F06A53A6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-09-29 05:41 - 2017-09-29 05:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-12-13 04:01 - 2017-11-26 04:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-13 04:01 - 2017-11-26 04:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-04 11:36 - 2018-01-03 01:20 - 002873688 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\swiftshader\libglesv2.dll
2018-01-04 11:36 - 2018-01-03 01:20 - 000137048 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\swiftshader\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 03:47 - 2017-04-18 20:27 - 000000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MSI\T1 GAMING.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{10635D81-C743-4996-A85B-148452585A51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D0574730-18AB-4D23-ADC4-896B16279FD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E39CF509-F306-409D-B6EE-A44A30592328}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{143CC72F-202C-4064-B42D-1C3AE341B957}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{60EC8C5E-9EBA-49A9-9F73-BAB16B01E7BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2B3180FB-B9C4-48B4-9390-754CA5C5DB64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D2623DBB-C262-46A0-B1D4-71E7BBFC7053}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3629D4D8-D953-4B83-ACF3-5E9A9A9DBC34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A197ADFB-F004-4127-B4CF-EB8A880D62A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{45389B01-78A1-4D62-87C3-9406EFCEE0DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1E4C3B83-805E-4855-A18A-5922FD6E1E23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D4EB0EFC-C968-4A72-B50F-F7871FC689CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6D043D72-446C-4599-9D95-D4EBDA230155}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{57811B1D-9121-4FA3-B1F1-61EC31C2924C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{43B206FC-910C-4F59-8ED2-5D89DF57F0B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E0C0DD69-BFC8-46C1-BDF6-B3058785F292}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{14894EAF-C07D-43B9-A64F-AC6064EAD0D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A94AC3DF-6BBF-4CC2-93BF-E89C6F1C9140}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{55A47603-8E51-4DD8-A792-CC674AD0D4F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A7BF2D3E-14F6-4ED8-8C6A-24AAA365E66E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5F20F4F2-3B3C-4DA3-9580-89A06F42A2DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A0640404-D223-461E-99FA-375D0835FE98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1EF9C645-CC20-42A3-AC45-E6D64861EE17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DB062AC6-99AC-4030-BDE4-299BCE6B4863}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C6765E5A-A97F-4C77-BB08-C907389E6315}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{43B63A98-D856-4674-BD22-1C1F871F58F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A96D997A-3339-45E5-8902-CB92B10E96E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{81C9D457-10C9-4621-9500-12521E933482}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{50EE517B-2929-46DC-908C-3091D4A5765D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D22928F6-F5C3-4D8D-8472-79B52BD9FFEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F7E8E320-78A5-41D0-9043-49AC3CADEA71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CFED5DAB-93FA-4DF0-9BCC-6D1502AEB40E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E2B54157-EB1C-4735-8A84-571AEFF86C7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{270553F9-D0A5-4E65-8368-EEC2EC983988}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C680EC28-DE17-47BD-ABA4-6BA6BB97334F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A8A4957F-42DC-4033-ABE2-7141E9E8485E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{339D2AAF-A38C-4EE7-BD54-5B89A1CDC389}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2CDCB4FA-2087-4902-82EF-DA39C4AE44D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{33062713-0401-4354-BB7D-EB71BD1033CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9625638B-AB79-482C-B196-609A27658037}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C674FE54-8943-474D-857F-7E8B0948E4BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9293FCAD-55D9-4AB1-A674-21726DF60996}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7381BB92-DCB8-40C0-A938-74CFB06D2BD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F2CFE7C6-D88E-4EA3-B1AB-CE23CB365FBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B2ECDDE9-B84E-4443-B15D-81E4D9C694EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6A7DC424-6EB7-4B38-9D74-288877C1ACEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6BEB0071-2BA3-4AB8-A8E6-EDB239E91384}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B8691A4E-B5D7-4E65-AA89-9DB5E149C194}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F2F49E75-ABB5-4953-AA7F-5E5669C261C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{07317A3F-6916-4137-8858-7D2B327C0BDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DAB7A9FE-8287-4E86-A629-2925E804249A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EE2FE600-913B-42E8-8638-1B7F033D3CAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{26FF6826-B625-4318-91F3-A07CBA7A136D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DFB7E9DC-F71E-4980-ACA1-F6C5E337A1E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{234ED7B8-AA11-47DB-9F64-6B3BE018DA87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E85B5B9A-63A9-40B4-8837-87C731D523DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CD56A8DA-D172-45AF-A405-16DAFB99092A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6F068F2D-0FB4-48F3-90CF-2B722A4C1C51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F66A83C7-6202-4717-8D24-8BF677C3E1E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{037BF236-13DC-4F0F-A33E-24812968C2DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F7D59429-48FE-457A-98F8-77E2859ED254}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EE880107-3C0E-41FA-AEB3-BD7C0B908BE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DA118B43-3556-4F33-A477-682E25E9086E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{84688596-E3EC-434F-91EE-1D742FDAC0E4}D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe
FirewallRules: [TCP Query User{28B2F5FB-0411-49C0-9819-4903F32BA3DF}D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe
FirewallRules: [{BC2EFA7F-14EE-4DA9-B0FC-699EB4B95417}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B743BB5C-BB66-4077-87D6-0568CC9347B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{472CA3C7-2579-4CA0-9C9E-ED724928A411}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8A8B6575-01C4-413B-97A8-1D21ED20D3BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{16C231AD-9841-4456-B3E2-C25CEBDE648A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CCCD987A-D336-4AFE-99AA-72860A57CB9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FD1846E5-EA9A-494F-ADA4-C53B64BFA629}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{65710DD2-6A97-41BA-B504-0C64CDCBBD18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AAFCA6A2-2A14-40FC-B1CE-3946C2DE2002}] => (Allow) D:\SteamLibrary\steamapps\common\Bardbarian\Bardbarian.exe
FirewallRules: [{8DDD9BE7-B358-4359-9B28-4509828A1933}] => (Allow) D:\SteamLibrary\steamapps\common\Bardbarian\Bardbarian.exe
FirewallRules: [{EB98943B-231C-4732-BF16-E8F10DD9A167}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3ABDC097-71BB-49FB-85AE-3E9F521B7BDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5E1E63E3-E67A-4B55-901D-5BC6EA1BAE90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4B4EBA7D-D59C-4B95-AC92-5E33FC6F8017}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A18EA338-4CA8-4084-86A7-604A1C428CCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A9D58445-130D-48C5-9BD1-93CC10B84019}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9967E19D-766A-413B-999E-3BF7A4F53FE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{95BBF067-0DF9-4387-BF68-D59FBAD3B4F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B7055C8D-ED28-493F-AA1D-EA52977D88BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{73119334-2B82-47A0-AD5E-4F91BDB84538}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C6540A2B-D1D8-40B6-9EBF-805C152B3E98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{68DFA529-D482-4049-AB24-668B2EA78145}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{14A2ED58-9037-4FD3-A69D-FE201A303C76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D0521D70-6B6F-4D80-859E-9509BF18DD5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{05CDEA29-2CA1-4DD0-B769-CFD095F64034}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C71B3A2A-B7F0-452C-968C-274C33600548}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FDB7ADD9-EB5A-41E4-A91C-11F75A8B11E8}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{EC2DE27D-CF9D-43B7-ABB6-7F83ECC94338}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{80458707-656F-46CB-BD02-5CFE146A4493}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{49967550-99BC-47E1-9ADA-E5CBD44B00EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{15953D62-5D84-48F6-9B73-38D598BF2A37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C534EF4D-7BE6-4AAD-813D-8E01584CE288}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A6EA61EE-0A4A-47A3-9676-05E29219E551}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{581F520E-AB10-4076-9940-E19D55E34188}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DFA08760-67C3-406A-A24B-C4972FFE063C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{212351E3-BCAF-415C-8C55-DF343F33F86B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3AC6CDAB-12CE-4118-823D-C31A45FB37D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{04081DBB-6EA5-4E76-97CA-4BB775BF62E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{67B3FBC1-BD6E-4895-811C-26F3F4D8ACC0}] => (Allow) C:\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{CF0A6154-238D-4D6E-9D2D-A6B613693B55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3AE9DDB2-BC98-4860-8BFC-A77269A6E7FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE828376-E7D4-46CA-A0C5-4551606AFA77}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A3236FCF-F736-4F2A-86CC-B36EB795260F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{3E08BED3-83A5-4A67-9571-6C8FF2A40F31}C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E6DC7555-69A3-4A6E-B6BD-A947AE522B17}C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F23553E0-47BE-4DA6-988E-E087B4EF4D94}D:\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{5330DA80-4F56-46A3-84EB-A543920650A1}D:\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{BC2A29E5-FB09-4841-ACF7-0BB54B06030D}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{984CD0DA-1C02-4733-AEC6-3A63797397DA}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{36433105-D641-4BD0-A01E-48F155A99FC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{66E8A7DC-E199-47B0-B4D3-B9FF434CD4A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [TCP Query User{27FCB912-69E3-481B-BA66-7ECAF8A51A3B}C:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AC56D74D-6B3E-4FBE-9AE1-7E23DBBC7F56}C:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [{78641977-C3B5-4803-80A8-A950AB55C060}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3ABC6756-F8F3-4E67-B843-E865D81B99D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{0797F281-88AD-4EA6-B1C7-7E7F2A758C42}C:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F8D0051E-2759-476F-BC70-C560026C95E8}C:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{CAB7AE49-0F13-457B-962B-4A657A06D533}C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5D9738B5-14F3-4D94-AC92-0A39E6A1E298}C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe
FirewallRules: [{00A01374-B261-4065-A3E1-A71210DBF6F8}] => (Allow) C:\Users\Vic\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{9814CAED-B592-4274-A2DC-E4387A5038DC}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [TCP Query User{C33C8C95-53C2-4640-A46A-708B8CA288BF}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{C524A8FF-021D-4401-BF95-B36BACD0C556}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{78ED1906-81ED-4A42-9D09-D55937EE01DE}D:\blizzard\battle.net\battle.net.8142\battle.net.exe] => (Allow) D:\blizzard\battle.net\battle.net.8142\battle.net.exe
FirewallRules: [UDP Query User{8E18DC5C-6D2C-458C-ABF9-D534F39BBA81}D:\blizzard\battle.net\battle.net.8142\battle.net.exe] => (Allow) D:\blizzard\battle.net\battle.net.8142\battle.net.exe
FirewallRules: [TCP Query User{BA782F7C-E645-4D22-83B9-8B29105698B1}C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0A477639-9291-491F-8424-F014AEDA09F3}C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
FirewallRules: [{E33427C9-7E86-44F0-ABFE-841490199848}] => (Allow) D:\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{F71924E0-A242-4462-8B68-6E9F44DE2827}] => (Allow) D:\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{201BE464-B085-4E30-92CF-8DC1A20FD601}] => (Allow) D:\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{11E90526-BC26-4FBB-B9B0-16238CF00658}] => (Allow) D:\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{C4D3CE75-845B-466A-B06E-8F184D351DFE}] => (Allow) D:\SteamLibrary\steamapps\common\Rome Total War Alexander\testappa.exe
FirewallRules: [{4D301EE8-63FA-4934-A527-DA7623FB6487}] => (Allow) D:\SteamLibrary\steamapps\common\Rome Total War Alexander\testappa.exe
FirewallRules: [TCP Query User{B27BBA69-E791-4A09-A544-8F8454E86B62}C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{39AA2D34-AD01-43F1-BA38-2F56F9490FD4}C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{04A582BB-D308-4EEF-9EAF-A6DCDB355D5A}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe
FirewallRules: [UDP Query User{B8B826FB-665C-4A2D-8873-B0FB3A5D42A0}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe
FirewallRules: [TCP Query User{C55BD643-2F8D-4E51-9E1A-FA4AA220E965}C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2851DEED-018B-4207-A67E-E819D166F607}C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [{F5A55990-B087-4247-A3DB-23E0C2625ECF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2E31EB5A-ACEB-4A15-83BF-72B413BCC14F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{563A6885-F53E-4E1D-A34A-84986F2670B4}] => (Allow) D:\SteamLibrary\steamapps\common\Titan Quest Anniversary Edition\TQ.exe
FirewallRules: [{1E67DF9D-CDC7-406F-B68C-47B6D4DBADA6}] => (Allow) D:\SteamLibrary\steamapps\common\Titan Quest Anniversary Edition\TQ.exe
FirewallRules: [{0F505845-0635-4FC1-A25F-A1929BCAEC92}] => (Allow) D:\SteamLibrary\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe
FirewallRules: [{30B7F93A-F330-4C0D-86FD-8725F9BFE8EB}] => (Allow) D:\SteamLibrary\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe
FirewallRules: [TCP Query User{4378C578-79BC-4768-B72D-0AFFBB274B40}C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0F5FC631-995D-4570-AB5F-CE8499649CB2}C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{96E52441-0734-4870-8AEE-4DC88E9EDBEF}C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{21E9B5BE-29B6-4A11-8387-84C06FF73C44}C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe
FirewallRules: [{81633986-3D49-470A-8F25-C5E976CA2D77}] => (Allow) D:\SteamLibrary\steamapps\common\Gratuitous Space Battles\GSB.exe
FirewallRules: [{A99BD27D-E627-40B3-BC78-C8CEC7DF6DE5}] => (Allow) D:\SteamLibrary\steamapps\common\Gratuitous Space Battles\GSB.exe
FirewallRules: [{2F33B2C5-ABD7-46AE-838E-3F0BE8528140}] => (Allow) D:\SteamLibrary\steamapps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{8255EBAD-71BB-4DDD-9BFE-4561A993D664}] => (Allow) D:\SteamLibrary\steamapps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{6B619083-6E97-4F5C-96C3-310FE9D6DBF8}] => (Allow) D:\SteamLibrary\steamapps\common\DDDA\DDDA.exe
FirewallRules: [{93F92A12-E6F2-4FE2-A7F7-23151E810326}] => (Allow) D:\SteamLibrary\steamapps\common\DDDA\DDDA.exe
FirewallRules: [{3237864C-A784-4E1D-B468-C73711E3F8BC}] => (Allow) D:\SteamLibrary\steamapps\common\Shadowverse\Shadowverse.exe
FirewallRules: [{7AA00A4C-0701-405C-A44A-999157B2CCF1}] => (Allow) D:\SteamLibrary\steamapps\common\Shadowverse\Shadowverse.exe
FirewallRules: [TCP Query User{58A0D9F6-E075-47B3-856C-63A8316352BF}C:\program files (x86)\heroes of the storm\versions\base49076\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49076\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{8D6F949D-2DD1-4896-84B7-3BAA9052D7FE}C:\program files (x86)\heroes of the storm\versions\base49076\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49076\heroesofthestorm_x64.exe
FirewallRules: [{51989DF3-5384-40D7-873B-7C8022C4A7A2}] => (Allow) D:\SteamLibrary\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{82E022A6-AAA5-4C44-A414-4F0FED5BCC18}] => (Allow) D:\SteamLibrary\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [TCP Query User{2E76A7BE-EA3C-4891-A789-4571476AEC68}C:\program files (x86)\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E1554ADF-80D5-4B11-95E2-635F3F5E4EEC}C:\program files (x86)\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe
FirewallRules: [{285943E8-B991-408F-A3F6-C193A4F4E2F5}] => (Allow) D:\SteamLibrary\steamapps\common\Master of Orion 2\DOSBOX\DOSBox.exe
FirewallRules: [{EAB99A40-4C76-48D4-AB33-BBDE7B8576BA}] => (Allow) D:\SteamLibrary\steamapps\common\Master of Orion 2\DOSBOX\DOSBox.exe
FirewallRules: [TCP Query User{48B9B8FE-1017-423D-9520-F4A85AEE32C9}D:\smite\hirezgames\smite tactics\tactics\binaries\win64\tactics.exe] => (Allow) D:\smite\hirezgames\smite tactics\tactics\binaries\win64\tactics.exe
FirewallRules: [UDP Query User{508B55B4-C110-4C51-A3F6-4BEDDFD6BD96}D:\smite\hirezgames\smite tactics\tactics\binaries\win64\tactics.exe] => (Allow) D:\smite\hirezgames\smite tactics\tactics\binaries\win64\tactics.exe
FirewallRules: [{68A82A90-9023-489D-AC75-AEA60067B251}] => (Allow) D:\SteamLibrary\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{419AB273-80D2-4F55-ABA1-D5FC4AB1684B}] => (Allow) D:\SteamLibrary\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{E315E233-B4A5-4ECD-A3AD-A3455603BB19}] => (Allow) D:\SteamLibrary\steamapps\common\King's Bounty - The Legend\KB.exe
FirewallRules: [{7535D599-71DF-4C32-BA54-0610DBC2CC72}] => (Allow) D:\SteamLibrary\steamapps\common\King's Bounty - The Legend\KB.exe
FirewallRules: [{22A7620F-6982-426C-8658-C7C020B804EE}] => (Allow) D:\SteamLibrary\steamapps\common\King's Bounty - The Legend\save_fixer.exe
FirewallRules: [{58FCFCE3-315D-46C7-B708-D4579B1AE4E0}] => (Allow) D:\SteamLibrary\steamapps\common\King's Bounty - The Legend\save_fixer.exe
FirewallRules: [{BFE9C582-285C-4728-9922-8B5D9C039532}] => (Allow) D:\SteamLibrary\steamapps\common\The Bureau\Binaries\Win32\TheBureau.exe
FirewallRules: [{DD7DD988-7233-4423-95BD-E46B860CFE83}] => (Allow) D:\SteamLibrary\steamapps\common\The Bureau\Binaries\Win32\TheBureau.exe
FirewallRules: [{78C6B669-29B2-4CD1-8CF3-FBA2AB0FCE52}] => (Allow) D:\SteamLibrary\steamapps\common\Warlock - Master of the Arcane\Game.exe
FirewallRules: [{3E4AD60C-4AD6-40B2-8DCC-71023B4EE39E}] => (Allow) D:\SteamLibrary\steamapps\common\Warlock - Master of the Arcane\Game.exe
FirewallRules: [{F658E4D9-1E08-4CCD-9C49-19C8DBF817EE}] => (Allow) D:\SteamLibrary\steamapps\common\Warlock 2\Game.exe
FirewallRules: [{E79C500C-A407-4AF2-A130-1E673445EAC4}] => (Allow) D:\SteamLibrary\steamapps\common\Warlock 2\Game.exe
FirewallRules: [TCP Query User{D76755F9-8BA3-4A3E-A76E-46BC43B7E1A8}D:\steamlibrary\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{BF7809ED-26C2-40BD-8EAC-BACE627D7A98}D:\steamlibrary\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{F6BE7BF2-B35D-4EB1-BE06-85E5EFC21938}C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [UDP Query User{235A4FC1-C1AA-4D0D-9CB6-0FE59F6203EA}C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [{92F11AA6-E734-4F74-8091-2AF78F453BCE}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2A4BEF66-194D-4CE0-A61D-EB1EC97662C3}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7E3C18B2-005F-4486-BD9C-C7BE04F517E2}] => (Allow) D:\SteamLibrary\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{A580B082-4F92-4360-ACDB-7243C1D066FB}] => (Allow) D:\SteamLibrary\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{C1B89E65-C341-4B2A-8B3E-1E0355408596}] => (Allow) D:\SteamLibrary\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{090237CB-F998-4C67-AC94-A7F36C90969F}] => (Allow) D:\SteamLibrary\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [TCP Query User{6E48CC94-0BAE-4F45-A80D-9EF837BF0FAB}C:\program files (x86)\heroes of the storm\versions\base52008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52008\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DD2FF4DD-60C7-402D-8600-C91BA9427FDE}C:\program files (x86)\heroes of the storm\versions\base52008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52008\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F4675C7A-5D10-4D57-B5F9-45EC8707E599}C:\program files (x86)\heroes of the storm\versions\base52124\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52124\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{87936717-5074-4DBB-9E69-1886C1FDA2BC}C:\program files (x86)\heroes of the storm\versions\base52124\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52124\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C202E789-2B70-45ED-B6D1-6D1E374171F9}C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2ACFC0C0-D7EB-432E-B6BA-E45B182B5E04}C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{9D9066DA-812A-44E3-9984-49DAD784EEA4}C:\program files (x86)\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5823ADC0-7C3B-45CD-BEE7-E71DCFA8CC3C}C:\program files (x86)\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{BAF940CE-3211-465F-B9B1-FB78DC05AFCA}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0E28C0F1-4CC8-4177-8917-1A65432055FA}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{7BF29312-BB92-45C3-8017-AF4521D11B60}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{178B4E31-F27C-4965-A884-D3ED3343FB06}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{525F67C9-79E9-466B-BA0F-6FBA130244D8}D:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{F1FA9E2D-051F-4B96-BB74-705A34A2E943}D:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{B737018E-C7B2-44A6-A028-9B6D58C30D64}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DF546051-B8BC-46EA-9DD3-EE5C831CA63B}] => (Allow) D:\SteamLibrary\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{BD6116F4-7E0B-4C8B-A13F-E8AA1720AAB9}] => (Allow) D:\SteamLibrary\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{2AF29F22-A6CA-4093-894C-51C265C60A0A}] => (Allow) D:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{394024B8-41A8-4007-9A6F-3064EED6801A}] => (Allow) D:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [TCP Query User{F5E289C8-1676-4A56-89FE-64E65102E33C}C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B59355BD-3292-4444-BD18-D55BCE8DCC21}C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [{88D861C5-52EE-4DB9-AEBC-912F8A5ECE45}] => (Allow) D:\SteamLibrary\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{0BFBB959-39CE-4723-95E2-E40E2F506ED5}] => (Allow) D:\SteamLibrary\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{0A40561C-FBD0-43BA-8BE0-AF59738E0945}] => (Allow) D:\SteamLibrary\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{86BB7F91-27D9-4C45-96F9-CE967B52A5C7}] => (Allow) D:\SteamLibrary\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{C55438A6-BE4E-4C32-A11C-DDF05C592FDB}] => (Allow) D:\SteamLibrary\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{6C7BAA8B-89DC-40E8-B902-DFEEC002B398}] => (Allow) D:\SteamLibrary\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{2C91F94F-23AA-4ADB-B652-A17410DC98CB}] => (Allow) D:\SteamLibrary\steamapps\common\Star Wolves\StarWolves.exe
FirewallRules: [{D11A13BB-9D2D-49F7-B9D7-E0E3979975D3}] => (Allow) D:\SteamLibrary\steamapps\common\Star Wolves\StarWolves.exe
FirewallRules: [{5E4A0151-13AE-4657-9852-86E0BDB2F3EE}] => (Allow) D:\SteamLibrary\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{7120D06D-1C30-4A03-9F08-C0EF66352528}] => (Allow) D:\SteamLibrary\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{97E9C9AB-80D3-4072-92D7-DFB6862FD499}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{BE03E1F4-1EF1-422A-BABE-DD905AC7F954}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{81C8B828-12B0-482B-AA60-5EC7B1A4EDDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6859B69C-DE9C-43FC-8E03-F24D6A84D397}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3197FCD9-151C-4D15-B72A-0F81EBD7FE5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BD37F8E6-5F60-4DD8-9D13-25912A980162}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EBE1A3BE-0616-4910-B176-23953DBD97EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{86D6B695-B11D-4C1C-ACBC-0EDD88B8100E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1CEFEC10-17DB-4564-96AE-6BDE758680F7}] => (Allow) D:\SteamLibrary\steamapps\common\BattleTech - Private Beta\BattleTech.exe
FirewallRules: [{2CAE1CA5-F857-45BD-A207-4C1187E2CC4C}] => (Allow) D:\SteamLibrary\steamapps\common\BattleTech - Private Beta\BattleTech.exe
FirewallRules: [{ADF71AE7-A296-442C-925C-337EBCE36BA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B5EDAD0B-E354-40E1-A359-54F4F042BCD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{646C6426-213A-4C12-A2D4-D035D0633E5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E7720208-4DDE-4A0D-8211-BEE9EE1FBFB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{625CA235-1D75-4E86-BE3D-47C3B0EDB16C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F8EFD683-6432-4FFE-BD9B-4D6C71826086}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{41733DA8-FD90-4013-A7D5-33F8C7ABF5E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B52811D3-A74C-4AC7-9E0C-B68A75D385F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8A9F886B-6D09-4264-B795-7AADD60B930E}] => (Allow) D:\SteamLibrary\steamapps\common\Zavix Tower\Delenar - Zavix Tower.exe
FirewallRules: [{B23FFF20-527A-4400-9DD2-602F0D3DBAF3}] => (Allow) D:\SteamLibrary\steamapps\common\Zavix Tower\Delenar - Zavix Tower.exe
FirewallRules: [{753F93A5-02DF-47D9-BE79-60D345E4CFF1}] => (Allow) D:\SteamLibrary\steamapps\common\Tyranny\Tyranny.exe
FirewallRules: [{F0E7500F-361E-410D-A8EC-587841EDEE6C}] => (Allow) D:\SteamLibrary\steamapps\common\Tyranny\Tyranny.exe
FirewallRules: [{C31B7A7F-8B30-4FEF-9864-5A1A36A6E624}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F4620DC5-557D-48D6-A04F-AC72788BA00B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{73C6605E-E926-479C-97E0-BBFC8E6C4DDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1FEF176-F396-43B2-AB7B-1E70DE8246DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{13AE1BE3-5996-411A-9420-EC624EC5AB4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{40B0BF35-D0EF-43D7-8823-1CD46C20FD8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F08CEC14-7BD7-4F5E-9F44-ED9DB90DB9FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B6E2BC7B-50F9-4EC1-BD76-C74B43988FB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{31A0E8E9-1515-450A-A02C-54EC9DD971AD}] => (Allow) D:\SteamLibrary\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{0C8EBB80-C805-4122-A8AA-F33E3518AEF2}] => (Allow) D:\SteamLibrary\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{52CF7D38-7DF9-4E07-AB91-FBF72E5CF28E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{144E2839-6ED6-4F05-AC67-F60C2F900EC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7E608D8A-B074-407C-8DD2-CAD494800679}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40000 Armageddon\autorun.exe
FirewallRules: [{8D331E5F-06EB-454F-B5F5-3272069B2E9D}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40000 Armageddon\autorun.exe
FirewallRules: [{30441F9E-B9EC-4D7C-AB0A-6A3F612B46B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B18EA6C0-CFD6-47C6-8DAE-5ABF1F2DFBE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4BD81993-4993-4110-9B81-3BDF974D3ED0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{307E909C-C3EE-41E4-AFC3-011E85229EED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FF9C89C7-1D1E-43F5-97EE-FD08D0958F99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{38A8B03F-CAB2-494B-818E-0B9E03300B18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9B934D7B-26FB-4F3E-B7C7-9DBA1EB5F11C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9813C3D1-34B6-4110-BAF3-DF738815888E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7F1E19FF-A8D9-4A69-A1F2-0055EB3993E4}] => (Allow) D:\SteamLibrary\steamapps\common\Thea The Awakening\Thea.exe
FirewallRules: [{8133DF25-2713-4D8C-90D2-79F0206EDF38}] => (Allow) D:\SteamLibrary\steamapps\common\Thea The Awakening\Thea.exe
FirewallRules: [{612D11B2-CFD5-45BE-9AA9-2B9523DBEA34}] => (Allow) D:\SteamLibrary\steamapps\common\Templar Battleforce\TemplarBattleforce.exe
FirewallRules: [{4536E9C7-E5DB-40D1-9CBB-9D6A3B2EC845}] => (Allow) D:\SteamLibrary\steamapps\common\Templar Battleforce\TemplarBattleforce.exe
FirewallRules: [{2592EE92-CB7D-420E-93D0-CB887F16FCB0}] => (Allow) D:\SteamLibrary\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe
FirewallRules: [{53C33586-184C-4A86-AE56-085AB51CC73A}] => (Allow) D:\SteamLibrary\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe
FirewallRules: [{DFDC8602-C120-426D-95E7-F6650996E5BA}] => (Allow) D:\SteamLibrary\steamapps\common\Halfway\Halfway.exe
FirewallRules: [{7485CBDE-2698-4A93-BB8B-D4E83FFD9F24}] => (Allow) D:\SteamLibrary\steamapps\common\Halfway\Halfway.exe
FirewallRules: [{8B34BA06-2F12-4704-B48A-02E7AC8898A0}] => (Allow) D:\SteamLibrary\steamapps\common\Guilty Gear XX Accent Core Plus R\GGXXACPR_Win.exe
FirewallRules: [{D3E9EE18-12EC-49DC-9732-56D777F9616F}] => (Allow) D:\SteamLibrary\steamapps\common\Guilty Gear XX Accent Core Plus R\GGXXACPR_Win.exe
FirewallRules: [{1CA990C8-30D7-4FB8-9CEB-8786C7485F13}] => (Allow) D:\SteamLibrary\steamapps\common\ChaosReborn\ChaosRebornWin64.exe
FirewallRules: [{CE076DC6-5CC2-4F33-B9AA-5D7F75F331A8}] => (Allow) D:\SteamLibrary\steamapps\common\ChaosReborn\ChaosRebornWin64.exe
FirewallRules: [{818897CC-AEE2-448E-A129-CFC8F8BE1231}] => (Allow) D:\SteamLibrary\steamapps\common\Arcanum\SierraLauncher.exe
FirewallRules: [{4E6EF667-F3B6-4B48-B71A-49E2ADF2A17E}] => (Allow) D:\SteamLibrary\steamapps\common\Arcanum\SierraLauncher.exe
FirewallRules: [{832D1130-3316-4BAF-91BE-ED6DB647A775}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0F0360B4-9F24-46A3-8A7B-49CEDD3316BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{50037C77-24A5-4B11-BCDB-5659B86EB921}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{37B54482-0DA3-482A-8AE5-A56843826357}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{568771C1-16BA-44FC-A1B3-98360422AFC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2EE02FB5-C133-4C41-83BB-844D21FC01E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{621532E3-B17A-40E8-BB9B-EDAE1142DABD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{57BAFAEE-3D7B-4F83-B280-9B014C0A48A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{158D2B8B-90A5-4994-8858-DE95D010EC2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{831DF49A-6245-4544-92E8-135B11DC187C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B826E407-5774-48CF-9C91-EFD093B3ED62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{157DA9CA-41C6-43FA-ADDA-BB62A4811ACF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1C853173-B3E2-4A6E-9B45-018DA7D9A2A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{ACED4339-354F-470E-A7F9-50EE35987A54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C740B3FC-6903-4C02-ADBE-004D7284FAD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E7ECE43D-2EE2-41C1-8F27-53B32195EC26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{610A788C-1867-43B7-8672-E424E87DD538}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5958E2FB-1B32-4F78-BE7E-8A396CFEF44E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AA1602A4-004E-4F17-845B-4EF5B8D461C7}] => (Allow) D:\SteamLibrary\steamapps\common\Space Hulk Ascension\game.exe
FirewallRules: [{E12806F0-91C4-4E5E-AF57-BEE788B226CB}] => (Allow) D:\SteamLibrary\steamapps\common\Space Hulk Ascension\game.exe
FirewallRules: [{048794C7-71C1-465F-B742-6008C7BBC6D9}] => (Allow) D:\SteamLibrary\steamapps\common\Concealed Intent\ConcealedIntent.exe
FirewallRules: [{0AE4786E-6D9C-476A-B8C8-EEFF3AE22F1B}] => (Allow) D:\SteamLibrary\steamapps\common\Concealed Intent\ConcealedIntent.exe
FirewallRules: [{7472B058-5306-491A-83B2-515024B9E5FE}] => (Allow) D:\SteamLibrary\steamapps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [{61F5C885-FAA9-44B7-9C65-92CBADDC1D49}] => (Allow) D:\SteamLibrary\steamapps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [TCP Query User{6FCEEF80-343E-416E-A4E1-88C0898CFB7D}D:\steamlibrary\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [UDP Query User{ADB3FA5C-03E2-47B6-A1CB-325FBDBF5B1F}D:\steamlibrary\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [{5E373364-40F4-47CD-BFFA-1DBF473AF6A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E80BA4DE-0198-4B2A-956A-DE317E630C14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DCABA068-7244-41C5-99E3-DB219434C219}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{04B42605-569F-4010-BD31-AC154B0CE57A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2C3282D6-B8DD-4B70-B00E-90471D84851D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{00CB47B5-37D6-4051-911B-766046AF26B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6610E146-1B71-4F0C-BC91-E862D21B71A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9B74F2FA-5EC2-4D04-87EF-AB8FF354874D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D708B6ED-FAF5-48B2-8925-2032FECDA27C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{494E0681-0401-418A-94CF-B2497B851186}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{490CBE5A-0901-4D5C-94EB-1DDB85E4E2F1}C:\program files (x86)\heroes of the storm\versions\base55288\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base55288\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C1B47E73-F663-49B5-B19A-074BF591224C}C:\program files (x86)\heroes of the storm\versions\base55288\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base55288\heroesofthestorm_x64.exe
FirewallRules: [{7D1FCC9E-7C26-4095-8232-B53E31F8FBB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{56EFCE4F-C2C6-44E4-A806-ABC561C8E2A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{841797D2-4CD0-4364-A981-5266D539BAD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{22D5CC19-87E9-46F9-910E-9D7C1227B0F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4024DA7D-97AC-4D43-B8FA-D51427689CDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4978BC9D-B5C0-4637-97AA-FAD29D27460A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{617EF3F6-94EC-469E-8A3C-A0746138D46E}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer Arcane Magic\warhammer_arcane_magic.exe
FirewallRules: [{3881D77C-5992-4849-ADB3-D05159469B97}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer Arcane Magic\warhammer_arcane_magic.exe
FirewallRules: [{382863D3-12AC-4789-B484-C2E437008E0B}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer Quest\WarhammerQuest.exe
FirewallRules: [{6CFE48B4-9225-4943-921C-994B4CFA2D0D}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer Quest\WarhammerQuest.exe
FirewallRules: [TCP Query User{AF9B0E6E-9176-4DE8-8BF4-2C957DCFE6CC}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{78DC6043-1AA9-4AAC-82AB-FD4B12678C78}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [{20B64DC7-4010-4555-B6EE-D7FF45BA3377}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7740F518-50AF-4E83-90A8-A0247123503A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{1EC91E91-81E4-460B-AA4C-0D45D2B31286}D:\steamlibrary\steamapps\common\warhammer 40,000 deathwatch - tyranid invasion\deathwatchgame\binaries\win32\deathwatchgame-win32-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\warhammer 40,000 deathwatch - tyranid invasion\deathwatchgame\binaries\win32\deathwatchgame-win32-shipping.exe
FirewallRules: [UDP Query User{5D6AF1D3-D1C0-46DA-8C8D-F53752EECBAE}D:\steamlibrary\steamapps\common\warhammer 40,000 deathwatch - tyranid invasion\deathwatchgame\binaries\win32\deathwatchgame-win32-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\warhammer 40,000 deathwatch - tyranid invasion\deathwatchgame\binaries\win32\deathwatchgame-win32-shipping.exe
FirewallRules: [{71CC3723-262A-421F-BD30-7A44952DA7C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1EA7D4E6-4BB0-4F59-AFBA-A07B02FCC14F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5614ED37-1866-4668-9E28-E37EEC7A50A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{22822F7A-C312-4D84-8C32-D4F6CA350A12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{38E62374-CBF6-4F13-9197-A41BD88B9290}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A13D280B-B0F2-497B-9F71-AA37F9620DF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2016C9B0-AAC1-4D10-B4FC-35BDD91AD7F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BA46274D-6809-4E10-8FE9-9AA02FFF0AEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{688CD454-41B5-404E-9071-C3B071866AF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6405916A-EB73-4374-94C5-BE61E47A8373}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6EF37571-FE6B-410A-8C04-3722EDB5EB3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E15BCED7-E139-407C-9A6F-CAB0E94F9A1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{217AACFD-8F0E-4D92-8BB2-C20A8D288BCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{90B7B5AE-C557-41B4-9DC2-7E6F94CE3B0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A2F40D88-52A3-4DC6-85B1-ECDB0AB51AA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AFB9203C-7BE5-4F5C-8C1D-3C4107F1DD3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{ED80AA7C-5ABB-4C99-BADD-1F942AF318CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3711A872-4D29-442B-B2FA-28F29F4752A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A7AAD40C-D892-4920-A9C6-64C6FF8D3198}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{70413186-9110-4C51-A408-8B720CEF8B8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{41736336-4845-4356-B505-C85D71880AEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{69134375-370A-4CCA-9950-707F53133540}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8FA3AD5A-2B12-4FF9-B88A-AE722BE3E121}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{96DE3726-5C6F-4254-898F-20250FFEA83E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3A88ADA4-77BE-486D-88AB-F4682E282EFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA9E6F5D-1B29-4111-A318-5CCF5DBB0FF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D6649C68-5079-4AA2-AEAA-82EBE389FDAA}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{2B74A892-1C83-4C53-94AF-68060AA4B370}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{6DED5502-0116-4B4D-B767-E439407B1E94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{687C339B-4B7B-4C1C-93C8-0FD00CCEFA19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9D546F39-6BE3-47C8-A872-04A224C91E27}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40000 Sanctus Reach\autorun.exe
FirewallRules: [{1D895FBB-0FA5-47EC-A3E9-647C47D4AA96}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40000 Sanctus Reach\autorun.exe
FirewallRules: [{0F5747FA-9027-4EDE-B801-C124245CCB30}] => (Allow) D:\SteamLibrary\steamapps\common\Endless Space 2\EndlessSpace2.exe
FirewallRules: [{2373E70A-D917-4941-B992-ECAA8776D9B5}] => (Allow) D:\SteamLibrary\steamapps\common\Endless Space 2\EndlessSpace2.exe
FirewallRules: [{0282EA9A-73D7-440E-81D5-A76B7D4EAB36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6A592398-630E-4806-B947-2C97708FDA52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FBF7FD9C-CA6F-4993-8196-16928425BDD1}] => (Allow) D:\SteamLibrary\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{E665761E-51A0-4247-A0E2-F6B4AFC86DA1}] => (Allow) D:\SteamLibrary\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{7D7EA7B1-7A1B-48D1-BF6F-9FE37068095D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1296A4BD-01D0-444D-8603-9ED0CA395FB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{81BE391C-4FFD-4F33-896F-DCB7165F0709}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3ADBBBBF-062E-499B-BDC0-98BD8406BA20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{395CA5FC-937E-4A33-94BE-DE8D74496EC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{87278B14-2FEE-4726-B579-920E877BC2DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D478BEA5-3EAF-4108-98BF-F1608A51A1F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B1E38F0B-1769-4734-820B-03A009784CD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8C832176-7CCF-453C-87D9-2CE7FDF55437}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E0130D03-DD5E-4758-95CE-A7B99A9D1BBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AB7A997C-89C9-42E8-87A6-681EFB9C9A76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FA56D809-6F4E-4ABB-ADFF-D5D6C1AD62D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9E1DEDD0-870E-4027-85C3-D85D605B3A9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{58513B0C-653A-4339-BC0E-2E98966E3B60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8D9290FA-DA44-4954-856A-72F4BC633ADB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{36732972-7AA5-4265-9C77-26ABE4F938E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{83861D32-FC55-4B33-B001-C91D9C967A7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4B25D740-530F-4C66-B4D6-B0AE69F795DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DF1B5984-EBC0-43F5-8D9A-C5A41560EC5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4DA7D480-8724-47A6-9AF9-6898689F2945}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9490AE0C-FC9A-436E-B6A4-C259895828AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{998056E3-C991-44F2-AF2D-A93EEAB218FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EE10B6E8-9B51-4120-AD40-B79EA5465500}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{967ECAC6-79B4-4FEE-9596-8AE6F9009812}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{149C014D-232B-4A29-8112-BF1E0A92FF92}] => (Allow) D:\SteamLibrary\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{42D4D1E6-99D5-4D7B-B287-25BE1BB3C193}] => (Allow) D:\SteamLibrary\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{3B76F727-A531-40F3-A73C-612C061982E7}] => (Allow) D:\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe
FirewallRules: [{D0A44E59-E66B-4A5B-B9A8-40F6ECA6F43F}] => (Allow) D:\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe
FirewallRules: [{5032676B-D52B-41CF-8B9D-A3642D14E8FB}] => (Allow) D:\SteamLibrary\steamapps\common\Brigador\brigador.exe
FirewallRules: [{54D950B5-D9CC-49CC-8E76-9D721A1AC601}] => (Allow) D:\SteamLibrary\steamapps\common\Brigador\brigador.exe
FirewallRules: [{5E74A111-456D-4E3C-8B87-1112388482E1}] => (Allow) D:\SteamLibrary\steamapps\common\Ashes of the Singularity Escalation\StardockLauncher.exe
FirewallRules: [{9574CABA-378F-4C0C-8B11-610966857783}] => (Allow) D:\SteamLibrary\steamapps\common\Ashes of the Singularity Escalation\StardockLauncher.exe
FirewallRules: [{53F96CD1-11A0-48DF-B54B-11F959BE2FD1}] => (Allow) D:\SteamLibrary\steamapps\common\Shoppe Keep\Shoppe Keep.exe
FirewallRules: [{65646E13-DA49-41DD-BA80-96C9BF459056}] => (Allow) D:\SteamLibrary\steamapps\common\Shoppe Keep\Shoppe Keep.exe
FirewallRules: [{97BB56CA-988A-403C-9080-5A28F6C11E00}] => (Allow) D:\SteamLibrary\steamapps\common\Maize\Maize\Binaries\Win64\Maize.exe
FirewallRules: [{0FFD81B1-F776-446C-A15D-59DAACF4F784}] => (Allow) D:\SteamLibrary\steamapps\common\Maize\Maize\Binaries\Win64\Maize.exe
FirewallRules: [{FB1DED7C-592C-4EA3-8553-2EA46A321CD0}] => (Allow) D:\SteamLibrary\steamapps\common\Tiny Echo\TinyEcho.exe
FirewallRules: [{D3723EE3-896C-40C0-BA16-E7100C5D505D}] => (Allow) D:\SteamLibrary\steamapps\common\Tiny Echo\TinyEcho.exe
FirewallRules: [{A98DE7C4-347F-405D-9828-09FCC17E2651}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A58B48A8-2446-442B-BF21-36E8ED9A5A42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DB7EF388-CEF7-4EE6-B01B-66DCF420DBC7}] => (Allow) D:\SteamLibrary\steamapps\common\Armello\armello.exe
FirewallRules: [{08343919-623D-4069-8093-D256F1752F03}] => (Allow) D:\SteamLibrary\steamapps\common\Armello\armello.exe
FirewallRules: [{5C7C48EC-503E-4EC7-B0B6-787EF8A53085}] => (Allow) D:\SteamLibrary\steamapps\common\Expeditions Conquistador\Expeditions Conquistador.exe
FirewallRules: [{9C2A8D99-D00F-41B6-BE6B-01745D6FBEA3}] => (Allow) D:\SteamLibrary\steamapps\common\Expeditions Conquistador\Expeditions Conquistador.exe
FirewallRules: [{4E0754BB-F906-4F72-82DD-ACA1453EBC4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{11DF0F40-7A0A-495E-A50A-283C8A7D963B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4FAC2C32-2706-4BFA-9E60-48C79A68050B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{15DFF9CC-7CCB-45B0-B0BC-44552505D20F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{81EF7697-B356-41D7-976A-89CEDFD05BA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CCA07AF6-D9F1-4AE1-86FB-A81998ECAD24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B1ACBFDC-3798-4F65-9D3A-5E0ECDC7EB55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{572A2B8E-FEB0-4682-90DB-EBAC112A1FB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F354E4E0-8B0D-4475-BFB2-2151A25BA487}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{91F04556-2AA4-49A2-AB7C-43E1893829BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2A93BE7F-F130-4335-856D-D87E601F42D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7E0FAB1C-46D5-4919-BBD4-B38F6CF95A80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7E1C758D-7B27-4171-8601-76F641A29513}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1E1FC6B-B056-4FAE-B005-2F31427C6EC4}] => (Allow) D:\SteamLibrary\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{CCB903E2-4DCE-415F-A09A-D5A6A72B2804}] => (Allow) D:\SteamLibrary\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{628EDD0E-ED98-428E-9706-9BCBFC920FF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DC9D0C2D-F44F-4A50-AE9C-7FC3D908B7C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7E213931-005D-4E45-BCB2-6FA55F4AAD1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6D77ADDB-5EFC-47C7-B207-294895527078}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3323C152-6D13-44FD-A926-5B581E2ACF0F}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{25860141-AD14-4244-BDB4-11AD4D269971}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{E534AB18-ABF0-4CA4-8354-DE6E78955F1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B9F2B003-0FE7-4779-A396-9BC513DAB63D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{46150B52-FA99-4C6C-AC81-49AE897158D8}] => (Allow) D:\SteamLibrary\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{F18312F2-423F-4A77-863C-9EBA0968D501}] => (Allow) D:\SteamLibrary\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{3554BAB3-38C9-426E-A744-F2430C2783AA}] => (Allow) LPort=24680
 
==================== Restore Points =========================
 
19-01-2018 04:41:31 Scheduled Checkpoint
26-01-2018 14:30:54 Scheduled Checkpoint
29-01-2018 04:11:35 Restore Operation
 
==================== Faulty Device Manager Devices =============
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/29/2018 04:50:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (01/29/2018 04:50:02 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
 
Error: (01/29/2018 04:50:02 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (01/29/2018 04:50:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (01/29/2018 04:50:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (01/29/2018 04:50:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ESENT" in DLL "C:\WINDOWS\system32\esentprf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (01/29/2018 04:50:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (01/29/2018 04:49:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CorsairLink4.Service.exe, version: 4.3.0.154, time stamp: 0x57c697f6
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x2460
Faulting application start time: 0x01d399061db51e9c
Faulting application path: C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe
Faulting module path: unknown
Report Id: f5b33717-22ad-4a09-ad8d-2eef780d2d2e
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/29/2018 04:49:29 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CorsairLink4.Service.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
   at CPUIDSDK.Close()
   at CorsairLink4.Module.Dram.DramComponent.Dispose()
   at CorsairLink4.Service.Service.DevicesMonitor.Dispose()
   at CorsairLink4.Service.WindowsService.Dispose(Boolean)
   at System.ComponentModel.Component.Dispose()
   at System.ServiceProcess.ServiceBase.Run(System.ServiceProcess.ServiceBase[])
   at System.ServiceProcess.ServiceBase.Run(System.ServiceProcess.ServiceBase)
   at CorsairLink4.Service.Program.Main(System.String[])
 
Error: (01/29/2018 05:41:23 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
 
System errors:
=============
Error: (01/29/2018 05:00:11 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-M3GLLEB)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (01/29/2018 04:59:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-M3GLLEB)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (01/29/2018 04:57:21 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-M3GLLEB)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (01/29/2018 04:57:20 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-M3GLLEB)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (01/29/2018 04:57:20 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-M3GLLEB)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (01/29/2018 04:57:14 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{9E175B68-F52A-11D8-B9A5-505054503030}
 
Error: (01/29/2018 04:55:24 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-M3GLLEB)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (01/29/2018 04:55:24 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-M3GLLEB)
Description: DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
 
Error: (01/29/2018 04:55:18 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
 
Error: (01/29/2018 04:55:18 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
 
 
CodeIntegrity:
===================================
  Date: 2018-01-29 16:50:46.752
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.109.2.16\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-29 16:50:46.749
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.109.2.16\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-29 04:36:06.312
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.109.2.16\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-29 04:09:01.017
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.109.2.16\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-29 04:04:00.995
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.109.2.16\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-29 03:59:00.999
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.109.2.16\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-29 03:54:00.992
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.109.2.16\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-29 03:49:00.998
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.109.2.16\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-29 03:44:00.997
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.109.2.16\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-29 03:39:00.992
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.109.2.16\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 5%
Total physical RAM: 32727.57 MB
Available physical RAM: 30845.8 MB
Total Virtual: 37847.57 MB
Available Virtual: 36065.68 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:446.58 GB) (Free:183.3 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:1862.89 GB) (Free:1338.44 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 



BC AdBot (Login to Remove)

 


#2 King_Yoshi

King_Yoshi

  • Malware Study Hall Senior
  • 1,349 posts
  • OFFLINE
  •  
  • Local time:12:48 AM

Posted 30 January 2018 - 07:11 PM

Hello Hyetemplar,

My name is King_Yoshi and I will be helping you today.

If at any point you have any comments, questions or concerns, please do not hesitate to post them.

Allow me some time to review your post.

In the meantime please review the following rules.

Basic Rules:

1. First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts.
Please try to match our commitment to you with your patience toward us.
I try to reply as soon as possible. (Typically every 24-48 hours.)

2. Please do not run any tools or take any steps other than those I provide for you.
I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take.
If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.

3. Please perform all steps in the order they are listed, in each set of instructions. Some steps may be a bit complicated.
If things are not clear, be sure to stop and let me know.

4. Please copy and paste all logs into your post, unless directed otherwise.
Please do not re-run any programs I suggest.
If you encounter problems simply stop and tell me.

5. When you post your reply, use the 2ni7laq.jpg button.

6. In the upper right hand corner of the topic you will see the 15n7fnk.jpg button.
Please click on this then choose "Immediate E-Mail notification" and then "Proceed" and you will be sent an email once I have posted a response.

7. If you do not reply to your topic after 3 days I will bump the post. After 5 days of no reply we will assume it has been abandoned and I will close it.

8. When your computer is clean I will alert you of such.
I will also provide for you detailed information about how you can prevent and combat future infections.

#3 King_Yoshi

King_Yoshi

  • Malware Study Hall Senior
  • 1,349 posts
  • OFFLINE
  •  
  • Local time:12:48 AM

Posted 02 February 2018 - 04:16 PM

Hello Hyetemplar,


:step1: Is there a reason you had booted into safe mode to run this scan?

:step2: Please upload the following file to https://www.virustotal.com/.

A. Please go to https://www.virustotal.com/
B. Click on the "Upload and scan file" button.
virustotal.png

C. Copy the address from the code box below and select Open

C:\Users\Vic\AppData\Roaming\zer0.bin

F. Once Scanning is complete, please copy and paste the websites URL into your response.



#4 Hyetemplar

Hyetemplar
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 03 February 2018 - 10:18 PM

hey thanks for the reply, i did safe mode just out of panic so im no longer in safe mode

 

here is the url https://www.virustotal.com/#/file/12f99f53144294750fe8713d580eda286f4bd95cd9c840db8ab957def8040028/detection

 

thanks again



#5 King_Yoshi

King_Yoshi

  • Malware Study Hall Senior
  • 1,349 posts
  • OFFLINE
  •  
  • Local time:12:48 AM

Posted 05 February 2018 - 06:26 AM

Hello Hyetemplar,
 

hey thanks for the reply, i did safe mode just out of panic so im no longer in safe mode

here is the url https://www.virustotal.com/#/file/12f99f53144294750fe8713d580eda286f4bd95cd9c840db8ab957def8040028/detection

thanks again

Ahh ok. Thank you for the information. I just wanted to make sure you could operate normally.

:step1: I should have mentioned this previously, buy please make sure you have reset your Ebay password.
Additionally, if you had any financial information or other usernames/passwords saved on the computer, I would strongly suggest contacting those banks/companies and informing them of what happened.

:step2: Lets make sure everything on your computer is up to date.

1.) Please Download SecurityCheck.

2.) Once the download is complete, please right click on SecurityCheck and select "Run as administrator".

Security_Check_Runas.png

3.) A Black screen should open. Please press any key on your keyboard to continue.

Pressanykey.png

4.) SecurityCheck will now scan your computer for outdated programs etc.

5.) Once SecurityCheck is finished scanning, a text file will open with the results of the sca
Please copy and paste these results into your next post.

:step3: I don't see an Anti Virus Program running on your machine

Download and install an antivirus program, and make sure that you keep it updated
New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
Three good antivirus programs free for non-commercial home use are Avast!, Bitdefender and Microsoft Security Essentials
Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.



#6 Hyetemplar

Hyetemplar
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 06 February 2018 - 07:11 AM

hi thanks again for getting back to me, i should have microsoft security essentials running... anyway here is the scan result

 

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 144  
 Java version 32-bit out of Date! 
  Adobe Flash Player 11.1.102.55 Flash Player out of Date!  
 Google Chrome (63.0.3239.132) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Windows Defender MSASCuiL.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 


#7 King_Yoshi

King_Yoshi

  • Malware Study Hall Senior
  • 1,349 posts
  • OFFLINE
  •  
  • Local time:12:48 AM

Posted 06 February 2018 - 08:39 PM

Hello Hyetemplar,


:step1: Your version of Adobe Flash is out of date.


Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.

Please follow these steps to update Adobe flash:

  • Please download the latest version of Adobe Flash from http://get.adobe.com/flashplayer/otherversions/ to your Desktop
  • Double click the file to start the installation process
  • Repeat 1. and 2. for every other browser you have installed (eg Internet Explorer / Firefox / Chrome / Safari / Opera..) as applicable.

:step2: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
- Kaspersky Lab report: Evaluating the threat level of software vulnerabilities
- Microsoft: Unprecedented Wave of Java Exploitation
- Ghosts of Java Haunt Users


Please follow these steps to remove older version Java components and update:

5teD1PQ.png

  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select (click on) the download link for your operating system (Windows: jre-9.0.4_windows-x64_bin.exe and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to > Search for the Control Panel and open it, double-click on Programs and Features (Add/Remove Programs) and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-9.0.4_windows-x64_bin.exe to install the newest version.
  • If using Windows 7/8 or 10 and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it. The McAfee Security Scan Plus may be installed unless you uncheck the McAfee installation box when updating Java.

-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version. However, be aware that the Java updater prompts you to make Yahoo Search your browser's default search engine and home page...the option is pre-checked.


:step3: Please re-run FRST and post the log again.



#8 Hyetemplar

Hyetemplar
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 07 February 2018 - 01:26 AM

okay i think i updated everything but im still getting the out of date warnings
 

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java version 32-bit out of Date!
  Adobe Flash Player 11.1.102.55 Flash Player out of Date!  
 Google Chrome (64.0.3282.140) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Windows Defender MSASCuiL.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Vic (administrator) on DESKTOP-M3GLLEB (06-02-2018 22:43:02)
Running from C:\Users\Vic\Downloads
Loaded Profiles: Vic (Available Profiles: defaultuser0 & Vic)
Platform: Windows 10 Pro Version 1709 16299.192 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingHotkey_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(Hi-Rez Studios) D:\Smite\HiPatchService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI M-Cloud\MSI_Cloud_Service.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk_Service.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSISvc32.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSISvc64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe
(Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.110.1.32\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.110.1.32\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.110.1.32\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.110.1.32\OverwolfHelper64.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(CyberLink) C:\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegister.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegister.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegister.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegister.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(CyberLink Corp.) C:\CyberLink\PowerDVD12\PDVD12Serv.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Vic\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() C:\Users\Vic\Downloads\SecurityCheck (1).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-07-22] (Realtek Semiconductor)
HKLM\...\Run: [NahimicMSIUILauncher] => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [740320 2015-12-04] ()
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-06-26] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\CyberLink\Power2Go8\VirtualDrive.exe [499640 2015-06-26] (CyberLink Corp.)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [4131792 2015-09-10] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1027024 2015-09-09] (MSI)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-07-21] (Razer Inc.)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-07-21] (MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26119352 2018-01-30] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646680 2017-12-19] (Oracle Corporation)
HKLM-x32\...\RunOnce: [DelLiveinst] => cmd.exe /c del /f /s /q /a "C:\MSI\LiveUpdate\DL_FILE\Liveinst.exe"
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\Run: [CorsairLink4] => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [17064656 2016-08-31] (Corsair Components, Inc.)
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1053000 2018-01-30] ()
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\Run: [Discord] => C:\Users\Vic\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\RunOnce: [Application Restart #2] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\RunOnce: [Application Restart #4] => C:\MSI\MSIRegister\MSIRegister.exe [4131792 2015-09-10] (Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\RunOnce: [Application Restart #9] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1581912 2018-01-31] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-09-22]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-09-22]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e1938f2c-512b-483c-b364-9a7c850325c2}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-9.0.4\bin\ssv.dll => No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-9.0.4\bin\jp2ssv.dll [2018-02-06] (Oracle Corporation)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=12.0.4.0 -> C:\Program Files\Java\jre-9.0.4\bin\dtplugin\npDeployJava1.dll [2018-02-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=12.0.4.0 -> C:\Program Files\Java\jre-9.0.4\bin\plugin2\npjp2.dll [2018-02-06] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32.dll [2016-10-03] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default [2018-02-06]
CHR Extension: (Slides) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-22]
CHR Extension: (YouTube) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-22]
CHR Extension: (Adblock Plus) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-29]
CHR Extension: (Google Search) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-09-22]
CHR Extension: (Sheets) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-22]
CHR Extension: (Vysor) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2018-02-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-13]
CHR Extension: (Gmail) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-22]
CHR Extension: (Chrome Media Router) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-06]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [83152 2016-08-31] (Corsair Components, Inc.)
S2 CLKMSVC10_6CE1B52B; C:\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [303544 2015-07-24] (CyberLink)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [409128 2017-02-10] (EasyAntiCheat Ltd)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [36008 2015-11-04] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingHotkey_Service.exe [2019792 2015-10-16] (Micro-Star INT'L CO., LTD.)
R2 HiPatchService; D:\Smite\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel® Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4173920 2016-06-02] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2200872 2016-02-01] (MSI) [File not signed]
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4160976 2016-04-18] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2014160 2016-03-04] (MSI)
S2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2328160 2016-07-01] (MSI)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [112592 2015-09-10] (Micro-Star INT'L CO., LTD.)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-06-02] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [598112 2016-06-02] (MSI)
R2 MSI_Cloud_Service; C:\Program Files (x86)\MSI\MSI M-Cloud\MSI_Cloud_Service.exe [98640 2015-09-17] (Micro-Star Int'l Co., Ltd.)
R2 MSI_ECOSERVICE; C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [2291880 2015-08-24] (Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2306232 2018-01-25] (Micro-Star INT'L CO., LTD.)
R2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk_Service.exe [70992 2015-10-28] (Micro-Star Int'l Co., Ltd.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1452360 2018-01-30] (Overwolf LTD)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-19] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-20] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-20] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-10-06] (Intel® Corporation)
S3 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [144456 2016-01-22] (Rivet Networks, LLC.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 cpuz139; C:\WINDOWS\TEMP\cpuz139\cpuz139_x64.sys [43328 2018-02-06] (CPUID)
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-09-29] (Qualcomm Atheros, Inc.)
R2 memudrv; D:\memu\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (Microvirt Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-09-16] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-09-16] (NVIDIA Corporation)
R2 RAMDriv; C:\WINDOWS\system32\DRIVERS\ramdriv.sys [81912 2012-12-27] (Micro-Star Int'l Co., Ltd.)
R2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [81912 2012-12-27] (Micro-Star Int'l Co., Ltd.)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-08-19] (Razer, Inc.)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [40568 2016-06-14] (SteelSeries ApS)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [133064 2016-05-27] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-20] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-20] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-20] (Microsoft Corporation)
S1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [281544 2016-05-27] (BigNox Corporation)
S1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [281544 2016-05-27] (BigNox Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-02-06 22:40 - 2018-02-06 22:40 - 000852798 _____ C:\Users\Vic\Downloads\SecurityCheck (1).exe
2018-02-06 22:38 - 2018-02-06 22:38 - 000144448 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-02-06 22:38 - 2018-02-06 22:38 - 000003734 _____ C:\WINDOWS\System32\Tasks\JavaUpdateSched
2018-02-06 22:38 - 2018-02-06 22:38 - 000000000 ____D C:\Users\Vic\AppData\Roaming\Sun
2018-02-06 22:38 - 2018-02-06 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-02-06 22:38 - 2018-02-06 22:38 - 000000000 ____D C:\Program Files\Java
2018-02-06 22:33 - 2018-02-06 22:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-06 22:32 - 2018-02-06 22:32 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2018-02-06 22:31 - 2018-02-06 22:31 - 101317184 _____ (Oracle Corporation) C:\Users\Vic\Downloads\jre-9.0.4_windows-x64_bin.exe
2018-02-06 22:23 - 2018-02-06 22:23 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-06 04:16 - 2018-02-06 04:19 - 000002259 _____ C:\WINDOWS\epplauncher.mif
2018-02-06 04:16 - 2018-02-06 04:16 - 012231000 _____ (Microsoft Corporation) C:\Users\Vic\Downloads\MSEInstall (1).exe
2018-02-06 04:15 - 2018-02-06 04:16 - 015065792 _____ (Microsoft Corporation) C:\Users\Vic\Downloads\MSEInstall.exe
2018-02-06 04:09 - 2018-02-06 04:09 - 000852798 _____ C:\Users\Vic\Downloads\SecurityCheck.exe
2018-01-29 17:00 - 2018-01-29 17:00 - 000107066 _____ C:\Users\Vic\Downloads\Addition.txt
2018-01-29 16:59 - 2018-02-06 22:43 - 000021890 _____ C:\Users\Vic\Downloads\FRST.txt
2018-01-29 16:59 - 2018-02-06 22:43 - 000000000 ____D C:\FRST
2018-01-29 16:57 - 2018-01-29 16:57 - 002393088 _____ (Farbar) C:\Users\Vic\Downloads\FRST64.exe
2018-01-29 04:43 - 2018-02-03 19:04 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-01-29 04:38 - 2018-01-29 05:25 - 000000000 ____D C:\WINDOWS\pss
2018-01-28 15:34 - 2018-01-28 15:34 - 000000013 ___SH C:\Users\Vic\AppData\Roaming\zer0.bin
2018-01-13 22:49 - 2018-01-13 22:49 - 085995139 _____ C:\Users\Vic\Downloads\Warhammer_40_000_-_Codex_-_Chaos_Daemons.epub
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-02-06 22:39 - 2017-11-17 04:17 - 001118432 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-06 22:36 - 2016-09-22 04:27 - 000000000 ____D C:\Program Files (x86)\MSI
2018-02-06 22:36 - 2016-09-22 04:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2018-02-06 22:33 - 2017-11-17 04:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-06 22:33 - 2017-08-07 02:16 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-06 22:33 - 2016-09-25 19:27 - 000000000 ____D C:\Users\Vic\AppData\Local\Overwolf
2018-02-06 22:33 - 2016-09-24 20:12 - 000000000 ____D C:\Users\Vic\AppData\Roaming\Skype
2018-02-06 22:33 - 2016-09-22 06:06 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-06 22:33 - 2016-09-22 04:10 - 000190664 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_6CE1B52B.sys
2018-02-06 22:32 - 2017-09-29 00:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-02-06 22:31 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-06 22:31 - 2017-09-29 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-06 22:23 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-06 22:23 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-06 22:23 - 2017-03-10 18:14 - 000000000 ____D C:\Users\Vic\AppData\Local\Adobe
2018-02-06 22:21 - 2017-09-29 06:22 - 000000000 ____D C:\ProgramData\Oracle
2018-02-06 22:19 - 2016-09-25 19:27 - 000000000 ____D C:\Program Files (x86)\Overwolf
2018-02-06 22:18 - 2016-09-22 04:27 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-06 22:18 - 2016-09-22 04:27 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-06 05:07 - 2016-09-22 06:56 - 000000000 ____D C:\ProgramData\CLink4
2018-02-06 04:12 - 2017-09-29 05:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-06 04:12 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-05 18:49 - 2017-12-16 04:58 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-05 18:49 - 2017-12-16 04:58 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-03 19:12 - 2017-11-17 04:13 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1699126305-1225172096-1940794454-1001
2018-02-03 19:12 - 2017-09-29 05:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-03 19:12 - 2016-09-22 03:49 - 000002361 _____ C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-03 19:12 - 2016-09-22 03:49 - 000000000 ___RD C:\Users\Vic\OneDrive
2018-01-29 16:54 - 2016-09-29 00:08 - 000000000 ____D C:\Users\Vic\AppData\Local\ElevatedDiagnostics
2018-01-29 05:26 - 2017-05-26 00:05 - 000000000 ____D C:\Users\Vic\AppData\Roaming\discord
2018-01-29 04:43 - 2017-11-17 04:11 - 000000000 ____D C:\Users\Vic
2018-01-29 04:41 - 2017-11-17 04:11 - 000000000 ____D C:\Users\defaultuser0
2018-01-29 04:41 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-01-29 04:41 - 2016-07-16 03:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-01-29 04:40 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\registration
2018-01-29 04:40 - 2016-09-22 04:20 - 000000000 ____D C:\MSI
2018-01-29 02:32 - 2017-11-17 04:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-24 14:34 - 2016-09-22 06:05 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-16 09:34 - 2016-09-22 07:59 - 000000000 ____D C:\Users\Vic\Documents\My Games
2018-01-14 21:04 - 2017-10-08 13:58 - 000000000 ____D C:\Users\Vic\Desktop\40k
2018-01-11 21:56 - 2016-09-22 10:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-11 21:55 - 2017-10-12 04:53 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-11 21:55 - 2016-09-22 10:04 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-09 21:25 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-09 17:29 - 2017-05-26 00:05 - 000002227 _____ C:\Users\Vic\Desktop\Discord.lnk
2018-01-09 17:29 - 2017-05-26 00:05 - 000000000 ____D C:\Users\Vic\AppData\Local\Discord
 
==================== Files in the root of some directories =======
 
2018-01-28 15:34 - 2018-01-28 15:34 - 000000013 ___SH () C:\Users\Vic\AppData\Roaming\zer0.bin
2016-09-22 06:37 - 2016-09-22 06:37 - 000000000 _____ () C:\Users\Vic\AppData\Local\Driver_LOM_8171Present.flag
 
Some files in TEMP:
====================
2018-02-06 22:19 - 2018-02-06 22:19 - 001864256 _____ (Oracle Corporation) C:\Users\Vic\AppData\Local\Temp\jre-8u161-windows-au.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-02-06 05:21
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Vic (06-02-2018 22:43:24)
Running from C:\Users\Vic\Downloads
Windows 10 Pro Version 1709 16299.192 (X64) (2017-11-17 12:15:23)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1699126305-1225172096-1940794454-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1699126305-1225172096-1940794454-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1699126305-1225172096-1940794454-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1699126305-1225172096-1940794454-501 - Limited - Disabled)
Vic (S-1-5-21-1699126305-1225172096-1940794454-1001 - Administrator - Enabled) => C:\Users\Vic
WDAGUtilityAccount (S-1-5-21-1699126305-1225172096-1940794454-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.33.1 - Asmedia Technology)
AudioFXSetup (HKLM\...\{1FE5ADE2-823B-4E4C-A2D3-063822B3C794}) (Version: 1.2.1201 - Nahimic) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version:  - )
CheckDevicesConfigurator (HKLM\...\{85334C6B-E4CF-4A3C-8FE2-AF73D5DB9827}) (Version: 1.2.1201 - Nahimic) Hidden
Corsair Link 4 (HKLM-x32\...\{33593361-5FB1-4D73-BA5A-9F30392BFEE8}) (Version: 4.3.0.154 - Corsair Components, Inc.) Hidden
Corsair Link 4 (HKLM-x32\...\{43242464-db63-47fb-b75c-706bc0dcd863}) (Version: 4.3.0.154 - Corsair Components, Inc.)
Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
CPUID CPU-Z MSI 1.74 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.74 - CPUID, Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.140 - Google Inc.)
Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.8.3 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Java 9.0.4 (64-bit) (HKLM\...\{885A3911-0760-5252-92C2-001B92997DEA}) (Version: 9.0.4.0 - Oracle Corporation)
Killer Bandwidth Control Filter Driver (HKLM\...\{5B7A2B7B-CEA9-4E50-B0E4-E82F204CBE78}) (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer E240x Drivers (HKLM\...\{9DB2FB0F-2731-43A3-9FC7-3C90CD970096}) (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{51B5A084-A40D-4F4B-90AA-EF8354EA7D96}) (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1125 - Rivet Networks)
LauncherSetup (HKLM\...\{E9A24BF9-2AD3-46BE-A9AF-4DED8EBC124E}) (Version: 1.2.1201 - Nahimic) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
MechWarrior Online (HKLM-x32\...\{1A14AC87-9585-4AC5-BA5D-0A3A4C6AF7D4}) (Version: 1.6.1.0 - Piranha Games Inc.) Hidden
MechWarrior Online (HKLM-x32\...\{9f17023b-d04f-432b-b08a-3bb4c3a7ed3c}) (Version: 1.6.0.0 - Piranha Games Inc.)
MEmu (HKLM-x32\...\MEmu) (Version: 2.9.6 - Microvirt)
Microsoft OneDrive (HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{02A39130-2CF3-30CA-8623-30F6071A4221}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 2.0.0.36 - MSI)
MSI ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 2.0.0.9 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 5.0.0.25 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.27 - MSI)
MSI M-Cloud (HKLM-x32\...\{C2CA9595-A17F-4D28-BD6E-0E30447AF60B}}_is1) (Version: 1.0.0.20 - MSI)
MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.12 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.02 - MSI)
MSI® Intel® Extreme Tuning Utility (HKLM-x32\...\{5D85C662-99AB-4B25-A6F0-ABB9D702F552}) (Version: 6.0.2.102 - Intel Corporation) Hidden
MSI® Intel® Extreme Tuning Utility (HKLM-x32\...\{bcbf202c-9746-4173-a49b-649bfd0adca6}) (Version: 6.0.2.102 - Intel Corporation)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 1.0.0.07 - MSI)
Nahimic for MSI (HKLM-x32\...\{0c311339-9de4-4dd7-b21d-3dcfa3a2946f}) (Version: 1.2.12 - Nahimic)
NahimicSettingsConfigurator (HKLM\...\{5FFC5E3A-4A2B-4201-9132-5ED5A0453797}) (Version: 1.2.1201 - Nahimic) Hidden
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.3.0 - Duodian Technology Co. Ltd.)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.110.1.32 - Overwolf Ltd.)
ProductDaemonSetup (HKLM\...\{79CB3FC2-E67A-4C4F-8C24-874DCD38199A}) (Version: 1.2.1201 - Nahimic) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.721 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7885 - Realtek Semiconductor Corp.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 4.22.4446.0 - Hi-Rez Studios)
Smite Tactics Alpha (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF351}) (Version: 0.34.1155.0 - Hi-Rez Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.8.5 (HKLM\...\SteelSeries Engine 3) (Version: 3.8.5 - SteelSeries ApS)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UIInstallUpgrade (HKLM\...\{DEB82682-EF4C-4D3D-AEE0-51B62FEFDD21}) (Version: 1.2.1201 - Nahimic) Hidden
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Driver Package - BigNox Corporation XQHDrv System  (05/27/2016 4.3.12) (HKLM\...\94C2625000FDEC5DD549EADDF8698D48672C3037) (Version: 05/27/2016 4.3.12 - BigNox Corporation)
Windows Driver Package - Corsair Components, Inc. (SIUSBXP) USB  (10/30/2015 3.6) (HKLM\...\689CB8E4310D795D383E65C05A8F13A05D92E771) (Version: 10/30/2015 3.6 - Corsair Components, Inc.)
Windows Driver Package - Oracle Corporation (VBoxUSB) USB  (05/27/2016 4.3.12) (HKLM\...\9B8A57D7ECC2B5D3115B5A1361FAE29AC92E355B) (Version: 05/27/2016 4.3.12 - Oracle Corporation)
Windows Driver Package - Oracle Corporation VBoxUSBMon System  (05/27/2016 4.3.12) (HKLM\...\2B96D1320C797F081985B7C1EA9A2DABAC2644BF) (Version: 05/27/2016 4.3.12 - Oracle Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XSplit Gamecaster (HKLM-x32\...\{9CC369F6-8E78-4376-A55A-D2F4DC3806E0}) (Version: 2.6.1510.0726 - SplitmediaLabs)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-06-26] (Cyberlink)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-06-26] (Cyberlink)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {09459F21-58EE-41B2-B708-C711012D240F} - System32\Tasks\NahimicMSIUILauncherRun => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [2015-12-04] ()
Task: {097AE7E4-F589-43DE-A48E-A1EDAB2E6E80} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-16] (NVIDIA Corporation)
Task: {0B931B98-0F10-4DEB-A40E-696FB1719728} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-05-05] (Intel Corporation)
Task: {123B396E-5E8A-46BC-A0A0-AD95842B4B2D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel® Corporation)
Task: {1DCDCB9D-52C7-4C3F-A1BA-810A387CA0FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {2126E0E2-A185-44B1-9A31-1D2E144003EF} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19] (Oracle Corporation)
Task: {268603BD-9FF0-4629-B67D-2670F69BFAD8} - System32\Tasks\NahimicMSIsvc32Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe [2015-12-04] ()
Task: {2DDFFF30-45F3-4101-AB31-6346E2D84EDF} - System32\Tasks\PDVDServ12 Task => C:\CyberLink\PowerDVD12\PDVD12Serv.exe [2015-07-21] (CyberLink Corp.)
Task: {3E85E32E-EA5F-456F-82E6-E763310EEE6A} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-16] (NVIDIA Corporation)
Task: {51C4BBC1-6AB8-4D15-9C2C-20BAD98BABDD} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {616096F7-0CDB-4E49-9BF4-222644B69C32} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-16] (NVIDIA Corporation)
Task: {816C978F-86A5-45EA-AC6F-DEEA509E18F4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-16] (NVIDIA Corporation)
Task: {8ABB3FCF-A1A0-4319-AEB7-CF08BB20E9A1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-16] (NVIDIA Corporation)
Task: {92F8E2D7-0692-4ABD-90E2-6F187087E936} - System32\Tasks\NahimicMSIsvc64Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIsvc64.exe [2015-12-04] ()
Task: {95801A00-A1A5-4D69-AC2A-F11E767C93A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-22] (Google Inc.)
Task: {95A0F0DF-11A0-4C12-B1EF-02BFD697AE2A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {98847FA7-96D9-4101-847B-8689983F59AC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-16] (NVIDIA Corporation)
Task: {AAB3931C-AD38-4426-A1EA-213C49B61F92} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {B4DFBFA9-78B6-4617-820E-8CF7D3A4893C} - System32\Tasks\MSISW_Host => C:\Windows\SysWoW64\muachost.exe [2015-08-18] (MSI)
Task: {B56D051D-0FEB-4457-B540-C16548F4C836} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-16] (NVIDIA Corporation)
Task: {BF2690F0-0269-4ABC-AEEF-16597ED8AA5C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {C90F33FE-CA58-4BC3-8B8E-51866BF7FFAE} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-01-30] (Overwolf LTD)
Task: {D6BF40F0-201F-46DE-A446-4162D83B1FEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-22] (Google Inc.)
Task: {F2320593-1456-4461-8907-A11B82399C86} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-16] (NVIDIA Corporation)
Task: {FF563323-381A-4219-978B-4AF0F06A53A6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-09-29 05:41 - 2017-09-29 05:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-07-19 14:09 - 2017-07-19 14:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-12-04 08:36 - 2015-12-04 08:36 - 000207840 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIDevProps.dll
2015-12-04 08:36 - 2015-12-04 08:36 - 000285152 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIOSD.dll
2017-12-13 04:01 - 2017-11-26 04:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-13 04:01 - 2017-11-26 04:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-04 08:31 - 2015-12-04 08:31 - 000740320 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe
2015-12-04 08:31 - 2015-12-04 08:31 - 000826880 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe
2015-12-04 08:37 - 2015-12-04 08:37 - 000275456 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIsvc64.exe
2018-02-06 22:18 - 2018-01-31 22:13 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libglesv2.dll
2018-02-06 22:18 - 2018-01-31 22:13 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libegl.dll
2018-02-06 22:40 - 2018-02-06 22:40 - 000852798 _____ () C:\Users\Vic\Downloads\SecurityCheck (1).exe
2016-09-22 06:07 - 2017-11-28 21:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-09-22 06:07 - 2017-12-15 11:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
2016-09-22 06:07 - 2016-08-31 17:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-12-13 19:39 - 2017-11-03 17:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-13 19:39 - 2017-11-03 17:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-13 19:39 - 2017-11-03 17:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-13 19:39 - 2017-11-03 17:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-13 19:39 - 2017-11-03 17:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2016-09-22 06:07 - 2016-08-31 17:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-09-22 06:07 - 2016-08-31 17:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-09-22 06:07 - 2017-12-15 11:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-12-04 08:30 - 2015-12-04 08:30 - 000177632 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIDevProps.dll
2015-12-04 08:30 - 2015-12-04 08:30 - 000252384 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIOSD.dll
2017-06-10 07:53 - 2017-09-06 18:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-13 05:11 - 2017-10-30 20:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-09-22 06:07 - 2015-09-24 15:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2018-01-30 03:12 - 2018-01-30 03:12 - 069441864 _____ () C:\Program Files (x86)\Overwolf\0.110.1.32\libcef.DLL
2018-01-30 03:12 - 2018-01-30 03:12 - 003110216 _____ () C:\Program Files (x86)\Overwolf\0.110.1.32\libglesv2.dll
2018-01-30 03:12 - 2018-01-30 03:12 - 000086856 _____ () C:\Program Files (x86)\Overwolf\0.110.1.32\libegl.dll
2016-09-22 04:07 - 2014-12-07 23:28 - 000627672 _____ () C:\CyberLink\Power2Go8\CLMediaLibrary.dll
2014-12-08 14:28 - 2014-12-08 14:28 - 000016856 _____ () C:\CyberLink\Power2Go8\CLMLSvcPS.dll
2017-01-16 03:40 - 2017-01-16 03:40 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2017-09-29 06:59 - 2017-04-13 09:58 - 050656768 _____ () C:\Users\Vic\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2017-09-29 06:59 - 2017-04-13 09:58 - 001874944 _____ () C:\Users\Vic\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2017-09-29 06:59 - 2017-04-13 09:58 - 000075264 _____ () C:\Users\Vic\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll
2016-05-25 21:52 - 2016-05-25 21:52 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2018-02-06 22:36 - 2005-07-18 13:43 - 000160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 03:47 - 2017-04-18 20:27 - 000000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1699126305-1225172096-1940794454-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MSI\T1 GAMING.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{10635D81-C743-4996-A85B-148452585A51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D0574730-18AB-4D23-ADC4-896B16279FD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E39CF509-F306-409D-B6EE-A44A30592328}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{143CC72F-202C-4064-B42D-1C3AE341B957}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{60EC8C5E-9EBA-49A9-9F73-BAB16B01E7BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2B3180FB-B9C4-48B4-9390-754CA5C5DB64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D2623DBB-C262-46A0-B1D4-71E7BBFC7053}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3629D4D8-D953-4B83-ACF3-5E9A9A9DBC34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A197ADFB-F004-4127-B4CF-EB8A880D62A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{45389B01-78A1-4D62-87C3-9406EFCEE0DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1E4C3B83-805E-4855-A18A-5922FD6E1E23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D4EB0EFC-C968-4A72-B50F-F7871FC689CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6D043D72-446C-4599-9D95-D4EBDA230155}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{57811B1D-9121-4FA3-B1F1-61EC31C2924C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{43B206FC-910C-4F59-8ED2-5D89DF57F0B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E0C0DD69-BFC8-46C1-BDF6-B3058785F292}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{14894EAF-C07D-43B9-A64F-AC6064EAD0D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A94AC3DF-6BBF-4CC2-93BF-E89C6F1C9140}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{55A47603-8E51-4DD8-A792-CC674AD0D4F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A7BF2D3E-14F6-4ED8-8C6A-24AAA365E66E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5F20F4F2-3B3C-4DA3-9580-89A06F42A2DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A0640404-D223-461E-99FA-375D0835FE98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1EF9C645-CC20-42A3-AC45-E6D64861EE17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DB062AC6-99AC-4030-BDE4-299BCE6B4863}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C6765E5A-A97F-4C77-BB08-C907389E6315}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{43B63A98-D856-4674-BD22-1C1F871F58F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A96D997A-3339-45E5-8902-CB92B10E96E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{81C9D457-10C9-4621-9500-12521E933482}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{50EE517B-2929-46DC-908C-3091D4A5765D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D22928F6-F5C3-4D8D-8472-79B52BD9FFEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F7E8E320-78A5-41D0-9043-49AC3CADEA71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CFED5DAB-93FA-4DF0-9BCC-6D1502AEB40E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E2B54157-EB1C-4735-8A84-571AEFF86C7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{270553F9-D0A5-4E65-8368-EEC2EC983988}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C680EC28-DE17-47BD-ABA4-6BA6BB97334F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A8A4957F-42DC-4033-ABE2-7141E9E8485E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{339D2AAF-A38C-4EE7-BD54-5B89A1CDC389}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2CDCB4FA-2087-4902-82EF-DA39C4AE44D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{33062713-0401-4354-BB7D-EB71BD1033CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9625638B-AB79-482C-B196-609A27658037}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C674FE54-8943-474D-857F-7E8B0948E4BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9293FCAD-55D9-4AB1-A674-21726DF60996}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7381BB92-DCB8-40C0-A938-74CFB06D2BD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F2CFE7C6-D88E-4EA3-B1AB-CE23CB365FBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B2ECDDE9-B84E-4443-B15D-81E4D9C694EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6A7DC424-6EB7-4B38-9D74-288877C1ACEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6BEB0071-2BA3-4AB8-A8E6-EDB239E91384}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B8691A4E-B5D7-4E65-AA89-9DB5E149C194}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F2F49E75-ABB5-4953-AA7F-5E5669C261C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{07317A3F-6916-4137-8858-7D2B327C0BDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DAB7A9FE-8287-4E86-A629-2925E804249A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EE2FE600-913B-42E8-8638-1B7F033D3CAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{26FF6826-B625-4318-91F3-A07CBA7A136D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DFB7E9DC-F71E-4980-ACA1-F6C5E337A1E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{234ED7B8-AA11-47DB-9F64-6B3BE018DA87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E85B5B9A-63A9-40B4-8837-87C731D523DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CD56A8DA-D172-45AF-A405-16DAFB99092A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6F068F2D-0FB4-48F3-90CF-2B722A4C1C51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F66A83C7-6202-4717-8D24-8BF677C3E1E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{037BF236-13DC-4F0F-A33E-24812968C2DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F7D59429-48FE-457A-98F8-77E2859ED254}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EE880107-3C0E-41FA-AEB3-BD7C0B908BE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DA118B43-3556-4F33-A477-682E25E9086E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{84688596-E3EC-434F-91EE-1D742FDAC0E4}D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe
FirewallRules: [TCP Query User{28B2F5FB-0411-49C0-9819-4903F32BA3DF}D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe
FirewallRules: [{BC2EFA7F-14EE-4DA9-B0FC-699EB4B95417}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B743BB5C-BB66-4077-87D6-0568CC9347B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{472CA3C7-2579-4CA0-9C9E-ED724928A411}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8A8B6575-01C4-413B-97A8-1D21ED20D3BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{16C231AD-9841-4456-B3E2-C25CEBDE648A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CCCD987A-D336-4AFE-99AA-72860A57CB9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FD1846E5-EA9A-494F-ADA4-C53B64BFA629}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{65710DD2-6A97-41BA-B504-0C64CDCBBD18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AAFCA6A2-2A14-40FC-B1CE-3946C2DE2002}] => (Allow) D:\SteamLibrary\steamapps\common\Bardbarian\Bardbarian.exe
FirewallRules: [{8DDD9BE7-B358-4359-9B28-4509828A1933}] => (Allow) D:\SteamLibrary\steamapps\common\Bardbarian\Bardbarian.exe
FirewallRules: [{EB98943B-231C-4732-BF16-E8F10DD9A167}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3ABDC097-71BB-49FB-85AE-3E9F521B7BDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5E1E63E3-E67A-4B55-901D-5BC6EA1BAE90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4B4EBA7D-D59C-4B95-AC92-5E33FC6F8017}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A18EA338-4CA8-4084-86A7-604A1C428CCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A9D58445-130D-48C5-9BD1-93CC10B84019}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9967E19D-766A-413B-999E-3BF7A4F53FE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{95BBF067-0DF9-4387-BF68-D59FBAD3B4F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B7055C8D-ED28-493F-AA1D-EA52977D88BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{73119334-2B82-47A0-AD5E-4F91BDB84538}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C6540A2B-D1D8-40B6-9EBF-805C152B3E98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{68DFA529-D482-4049-AB24-668B2EA78145}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{14A2ED58-9037-4FD3-A69D-FE201A303C76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D0521D70-6B6F-4D80-859E-9509BF18DD5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{05CDEA29-2CA1-4DD0-B769-CFD095F64034}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C71B3A2A-B7F0-452C-968C-274C33600548}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FDB7ADD9-EB5A-41E4-A91C-11F75A8B11E8}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{EC2DE27D-CF9D-43B7-ABB6-7F83ECC94338}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{80458707-656F-46CB-BD02-5CFE146A4493}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{49967550-99BC-47E1-9ADA-E5CBD44B00EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{15953D62-5D84-48F6-9B73-38D598BF2A37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C534EF4D-7BE6-4AAD-813D-8E01584CE288}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A6EA61EE-0A4A-47A3-9676-05E29219E551}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{581F520E-AB10-4076-9940-E19D55E34188}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DFA08760-67C3-406A-A24B-C4972FFE063C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{212351E3-BCAF-415C-8C55-DF343F33F86B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3AC6CDAB-12CE-4118-823D-C31A45FB37D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{04081DBB-6EA5-4E76-97CA-4BB775BF62E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{67B3FBC1-BD6E-4895-811C-26F3F4D8ACC0}] => (Allow) C:\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{CF0A6154-238D-4D6E-9D2D-A6B613693B55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3AE9DDB2-BC98-4860-8BFC-A77269A6E7FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE828376-E7D4-46CA-A0C5-4551606AFA77}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A3236FCF-F736-4F2A-86CC-B36EB795260F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{3E08BED3-83A5-4A67-9571-6C8FF2A40F31}C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E6DC7555-69A3-4A6E-B6BD-A947AE522B17}C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F23553E0-47BE-4DA6-988E-E087B4EF4D94}D:\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{5330DA80-4F56-46A3-84EB-A543920650A1}D:\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{BC2A29E5-FB09-4841-ACF7-0BB54B06030D}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{984CD0DA-1C02-4733-AEC6-3A63797397DA}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{36433105-D641-4BD0-A01E-48F155A99FC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{66E8A7DC-E199-47B0-B4D3-B9FF434CD4A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [TCP Query User{27FCB912-69E3-481B-BA66-7ECAF8A51A3B}C:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AC56D74D-6B3E-4FBE-9AE1-7E23DBBC7F56}C:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [{78641977-C3B5-4803-80A8-A950AB55C060}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3ABC6756-F8F3-4E67-B843-E865D81B99D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{0797F281-88AD-4EA6-B1C7-7E7F2A758C42}C:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F8D0051E-2759-476F-BC70-C560026C95E8}C:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{CAB7AE49-0F13-457B-962B-4A657A06D533}C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5D9738B5-14F3-4D94-AC92-0A39E6A1E298}C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe
FirewallRules: [{00A01374-B261-4065-A3E1-A71210DBF6F8}] => (Allow) C:\Users\Vic\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{9814CAED-B592-4274-A2DC-E4387A5038DC}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [TCP Query User{C33C8C95-53C2-4640-A46A-708B8CA288BF}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{C524A8FF-021D-4401-BF95-B36BACD0C556}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{78ED1906-81ED-4A42-9D09-D55937EE01DE}D:\blizzard\battle.net\battle.net.8142\battle.net.exe] => (Allow) D:\blizzard\battle.net\battle.net.8142\battle.net.exe
FirewallRules: [UDP Query User{8E18DC5C-6D2C-458C-ABF9-D534F39BBA81}D:\blizzard\battle.net\battle.net.8142\battle.net.exe] => (Allow) D:\blizzard\battle.net\battle.net.8142\battle.net.exe
FirewallRules: [TCP Query User{BA782F7C-E645-4D22-83B9-8B29105698B1}C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0A477639-9291-491F-8424-F014AEDA09F3}C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
FirewallRules: [{E33427C9-7E86-44F0-ABFE-841490199848}] => (Allow) D:\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{F71924E0-A242-4462-8B68-6E9F44DE2827}] => (Allow) D:\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{201BE464-B085-4E30-92CF-8DC1A20FD601}] => (Allow) D:\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{11E90526-BC26-4FBB-B9B0-16238CF00658}] => (Allow) D:\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{C4D3CE75-845B-466A-B06E-8F184D351DFE}] => (Allow) D:\SteamLibrary\steamapps\common\Rome Total War Alexander\testappa.exe
FirewallRules: [{4D301EE8-63FA-4934-A527-DA7623FB6487}] => (Allow) D:\SteamLibrary\steamapps\common\Rome Total War Alexander\testappa.exe
FirewallRules: [TCP Query User{B27BBA69-E791-4A09-A544-8F8454E86B62}C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{39AA2D34-AD01-43F1-BA38-2F56F9490FD4}C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{04A582BB-D308-4EEF-9EAF-A6DCDB355D5A}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe
FirewallRules: [UDP Query User{B8B826FB-665C-4A2D-8873-B0FB3A5D42A0}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe
FirewallRules: [TCP Query User{C55BD643-2F8D-4E51-9E1A-FA4AA220E965}C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2851DEED-018B-4207-A67E-E819D166F607}C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [{F5A55990-B087-4247-A3DB-23E0C2625ECF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2E31EB5A-ACEB-4A15-83BF-72B413BCC14F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{563A6885-F53E-4E1D-A34A-84986F2670B4}] => (Allow) D:\SteamLibrary\steamapps\common\Titan Quest Anniversary Edition\TQ.exe
FirewallRules: [{1E67DF9D-CDC7-406F-B68C-47B6D4DBADA6}] => (Allow) D:\SteamLibrary\steamapps\common\Titan Quest Anniversary Edition\TQ.exe
FirewallRules: [{0F505845-0635-4FC1-A25F-A1929BCAEC92}] => (Allow) D:\SteamLibrary\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe
FirewallRules: [{30B7F93A-F330-4C0D-86FD-8725F9BFE8EB}] => (Allow) D:\SteamLibrary\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe
FirewallRules: [TCP Query User{4378C578-79BC-4768-B72D-0AFFBB274B40}C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0F5FC631-995D-4570-AB5F-CE8499649CB2}C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{96E52441-0734-4870-8AEE-4DC88E9EDBEF}C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{21E9B5BE-29B6-4A11-8387-84C06FF73C44}C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe
FirewallRules: [{81633986-3D49-470A-8F25-C5E976CA2D77}] => (Allow) D:\SteamLibrary\steamapps\common\Gratuitous Space Battles\GSB.exe
FirewallRules: [{A99BD27D-E627-40B3-BC78-C8CEC7DF6DE5}] => (Allow) D:\SteamLibrary\steamapps\common\Gratuitous Space Battles\GSB.exe
FirewallRules: [{2F33B2C5-ABD7-46AE-838E-3F0BE8528140}] => (Allow) D:\SteamLibrary\steamapps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{8255EBAD-71BB-4DDD-9BFE-4561A993D664}] => (Allow) D:\SteamLibrary\steamapps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{6B619083-6E97-4F5C-96C3-310FE9D6DBF8}] => (Allow) D:\SteamLibrary\steamapps\common\DDDA\DDDA.exe
FirewallRules: [{93F92A12-E6F2-4FE2-A7F7-23151E810326}] => (Allow) D:\SteamLibrary\steamapps\common\DDDA\DDDA.exe
FirewallRules: [{3237864C-A784-4E1D-B468-C73711E3F8BC}] => (Allow) D:\SteamLibrary\steamapps\common\Shadowverse\Shadowverse.exe
FirewallRules: [{7AA00A4C-0701-405C-A44A-999157B2CCF1}] => (Allow) D:\SteamLibrary\steamapps\common\Shadowverse\Shadowverse.exe
FirewallRules: [TCP Query User{58A0D9F6-E075-47B3-856C-63A8316352BF}C:\program files (x86)\heroes of the storm\versions\base49076\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49076\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{8D6F949D-2DD1-4896-84B7-3BAA9052D7FE}C:\program files (x86)\heroes of the storm\versions\base49076\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49076\heroesofthestorm_x64.exe
FirewallRules: [{51989DF3-5384-40D7-873B-7C8022C4A7A2}] => (Allow) D:\SteamLibrary\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{82E022A6-AAA5-4C44-A414-4F0FED5BCC18}] => (Allow) D:\SteamLibrary\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [TCP Query User{2E76A7BE-EA3C-4891-A789-4571476AEC68}C:\program files (x86)\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E1554ADF-80D5-4B11-95E2-635F3F5E4EEC}C:\program files (x86)\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe
FirewallRules: [{285943E8-B991-408F-A3F6-C193A4F4E2F5}] => (Allow) D:\SteamLibrary\steamapps\common\Master of Orion 2\DOSBOX\DOSBox.exe
FirewallRules: [{EAB99A40-4C76-48D4-AB33-BBDE7B8576BA}] => (Allow) D:\SteamLibrary\steamapps\common\Master of Orion 2\DOSBOX\DOSBox.exe
FirewallRules: [TCP Query User{48B9B8FE-1017-423D-9520-F4A85AEE32C9}D:\smite\hirezgames\smite tactics\tactics\binaries\win64\tactics.exe] => (Allow) D:\smite\hirezgames\smite tactics\tactics\binaries\win64\tactics.exe
FirewallRules: [UDP Query User{508B55B4-C110-4C51-A3F6-4BEDDFD6BD96}D:\smite\hirezgames\smite tactics\tactics\binaries\win64\tactics.exe] => (Allow) D:\smite\hirezgames\smite tactics\tactics\binaries\win64\tactics.exe
FirewallRules: [{68A82A90-9023-489D-AC75-AEA60067B251}] => (Allow) D:\SteamLibrary\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{419AB273-80D2-4F55-ABA1-D5FC4AB1684B}] => (Allow) D:\SteamLibrary\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{E315E233-B4A5-4ECD-A3AD-A3455603BB19}] => (Allow) D:\SteamLibrary\steamapps\common\King's Bounty - The Legend\KB.exe
FirewallRules: [{7535D599-71DF-4C32-BA54-0610DBC2CC72}] => (Allow) D:\SteamLibrary\steamapps\common\King's Bounty - The Legend\KB.exe
FirewallRules: [{22A7620F-6982-426C-8658-C7C020B804EE}] => (Allow) D:\SteamLibrary\steamapps\common\King's Bounty - The Legend\save_fixer.exe
FirewallRules: [{58FCFCE3-315D-46C7-B708-D4579B1AE4E0}] => (Allow) D:\SteamLibrary\steamapps\common\King's Bounty - The Legend\save_fixer.exe
FirewallRules: [{BFE9C582-285C-4728-9922-8B5D9C039532}] => (Allow) D:\SteamLibrary\steamapps\common\The Bureau\Binaries\Win32\TheBureau.exe
FirewallRules: [{DD7DD988-7233-4423-95BD-E46B860CFE83}] => (Allow) D:\SteamLibrary\steamapps\common\The Bureau\Binaries\Win32\TheBureau.exe
FirewallRules: [{78C6B669-29B2-4CD1-8CF3-FBA2AB0FCE52}] => (Allow) D:\SteamLibrary\steamapps\common\Warlock - Master of the Arcane\Game.exe
FirewallRules: [{3E4AD60C-4AD6-40B2-8DCC-71023B4EE39E}] => (Allow) D:\SteamLibrary\steamapps\common\Warlock - Master of the Arcane\Game.exe
FirewallRules: [{F658E4D9-1E08-4CCD-9C49-19C8DBF817EE}] => (Allow) D:\SteamLibrary\steamapps\common\Warlock 2\Game.exe
FirewallRules: [{E79C500C-A407-4AF2-A130-1E673445EAC4}] => (Allow) D:\SteamLibrary\steamapps\common\Warlock 2\Game.exe
FirewallRules: [TCP Query User{D76755F9-8BA3-4A3E-A76E-46BC43B7E1A8}D:\steamlibrary\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{BF7809ED-26C2-40BD-8EAC-BACE627D7A98}D:\steamlibrary\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{F6BE7BF2-B35D-4EB1-BE06-85E5EFC21938}C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [UDP Query User{235A4FC1-C1AA-4D0D-9CB6-0FE59F6203EA}C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [{92F11AA6-E734-4F74-8091-2AF78F453BCE}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2A4BEF66-194D-4CE0-A61D-EB1EC97662C3}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7E3C18B2-005F-4486-BD9C-C7BE04F517E2}] => (Allow) D:\SteamLibrary\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{A580B082-4F92-4360-ACDB-7243C1D066FB}] => (Allow) D:\SteamLibrary\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{C1B89E65-C341-4B2A-8B3E-1E0355408596}] => (Allow) D:\SteamLibrary\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{090237CB-F998-4C67-AC94-A7F36C90969F}] => (Allow) D:\SteamLibrary\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [TCP Query User{6E48CC94-0BAE-4F45-A80D-9EF837BF0FAB}C:\program files (x86)\heroes of the storm\versions\base52008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52008\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DD2FF4DD-60C7-402D-8600-C91BA9427FDE}C:\program files (x86)\heroes of the storm\versions\base52008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52008\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F4675C7A-5D10-4D57-B5F9-45EC8707E599}C:\program files (x86)\heroes of the storm\versions\base52124\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52124\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{87936717-5074-4DBB-9E69-1886C1FDA2BC}C:\program files (x86)\heroes of the storm\versions\base52124\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52124\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C202E789-2B70-45ED-B6D1-6D1E374171F9}C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2ACFC0C0-D7EB-432E-B6BA-E45B182B5E04}C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{9D9066DA-812A-44E3-9984-49DAD784EEA4}C:\program files (x86)\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5823ADC0-7C3B-45CD-BEE7-E71DCFA8CC3C}C:\program files (x86)\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{BAF940CE-3211-465F-B9B1-FB78DC05AFCA}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0E28C0F1-4CC8-4177-8917-1A65432055FA}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{7BF29312-BB92-45C3-8017-AF4521D11B60}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{178B4E31-F27C-4965-A884-D3ED3343FB06}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{525F67C9-79E9-466B-BA0F-6FBA130244D8}D:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{F1FA9E2D-051F-4B96-BB74-705A34A2E943}D:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{B737018E-C7B2-44A6-A028-9B6D58C30D64}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DF546051-B8BC-46EA-9DD3-EE5C831CA63B}] => (Allow) D:\SteamLibrary\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{BD6116F4-7E0B-4C8B-A13F-E8AA1720AAB9}] => (Allow) D:\SteamLibrary\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{2AF29F22-A6CA-4093-894C-51C265C60A0A}] => (Allow) D:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{394024B8-41A8-4007-9A6F-3064EED6801A}] => (Allow) D:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [TCP Query User{F5E289C8-1676-4A56-89FE-64E65102E33C}C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B59355BD-3292-4444-BD18-D55BCE8DCC21}C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [{88D861C5-52EE-4DB9-AEBC-912F8A5ECE45}] => (Allow) D:\SteamLibrary\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{0BFBB959-39CE-4723-95E2-E40E2F506ED5}] => (Allow) D:\SteamLibrary\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{0A40561C-FBD0-43BA-8BE0-AF59738E0945}] => (Allow) D:\SteamLibrary\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{86BB7F91-27D9-4C45-96F9-CE967B52A5C7}] => (Allow) D:\SteamLibrary\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{C55438A6-BE4E-4C32-A11C-DDF05C592FDB}] => (Allow) D:\SteamLibrary\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{6C7BAA8B-89DC-40E8-B902-DFEEC002B398}] => (Allow) D:\SteamLibrary\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{2C91F94F-23AA-4ADB-B652-A17410DC98CB}] => (Allow) D:\SteamLibrary\steamapps\common\Star Wolves\StarWolves.exe
FirewallRules: [{D11A13BB-9D2D-49F7-B9D7-E0E3979975D3}] => (Allow) D:\SteamLibrary\steamapps\common\Star Wolves\StarWolves.exe
FirewallRules: [{5E4A0151-13AE-4657-9852-86E0BDB2F3EE}] => (Allow) D:\SteamLibrary\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{7120D06D-1C30-4A03-9F08-C0EF66352528}] => (Allow) D:\SteamLibrary\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{97E9C9AB-80D3-4072-92D7-DFB6862FD499}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{BE03E1F4-1EF1-422A-BABE-DD905AC7F954}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{81C8B828-12B0-482B-AA60-5EC7B1A4EDDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6859B69C-DE9C-43FC-8E03-F24D6A84D397}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3197FCD9-151C-4D15-B72A-0F81EBD7FE5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BD37F8E6-5F60-4DD8-9D13-25912A980162}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EBE1A3BE-0616-4910-B176-23953DBD97EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{86D6B695-B11D-4C1C-ACBC-0EDD88B8100E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1CEFEC10-17DB-4564-96AE-6BDE758680F7}] => (Allow) D:\SteamLibrary\steamapps\common\BattleTech - Private Beta\BattleTech.exe
FirewallRules: [{2CAE1CA5-F857-45BD-A207-4C1187E2CC4C}] => (Allow) D:\SteamLibrary\steamapps\common\BattleTech - Private Beta\BattleTech.exe
FirewallRules: [{ADF71AE7-A296-442C-925C-337EBCE36BA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B5EDAD0B-E354-40E1-A359-54F4F042BCD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{646C6426-213A-4C12-A2D4-D035D0633E5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E7720208-4DDE-4A0D-8211-BEE9EE1FBFB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{625CA235-1D75-4E86-BE3D-47C3B0EDB16C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F8EFD683-6432-4FFE-BD9B-4D6C71826086}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{41733DA8-FD90-4013-A7D5-33F8C7ABF5E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B52811D3-A74C-4AC7-9E0C-B68A75D385F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8A9F886B-6D09-4264-B795-7AADD60B930E}] => (Allow) D:\SteamLibrary\steamapps\common\Zavix Tower\Delenar - Zavix Tower.exe
FirewallRules: [{B23FFF20-527A-4400-9DD2-602F0D3DBAF3}] => (Allow) D:\SteamLibrary\steamapps\common\Zavix Tower\Delenar - Zavix Tower.exe
FirewallRules: [{753F93A5-02DF-47D9-BE79-60D345E4CFF1}] => (Allow) D:\SteamLibrary\steamapps\common\Tyranny\Tyranny.exe
FirewallRules: [{F0E7500F-361E-410D-A8EC-587841EDEE6C}] => (Allow) D:\SteamLibrary\steamapps\common\Tyranny\Tyranny.exe
FirewallRules: [{C31B7A7F-8B30-4FEF-9864-5A1A36A6E624}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F4620DC5-557D-48D6-A04F-AC72788BA00B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{73C6605E-E926-479C-97E0-BBFC8E6C4DDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1FEF176-F396-43B2-AB7B-1E70DE8246DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{13AE1BE3-5996-411A-9420-EC624EC5AB4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{40B0BF35-D0EF-43D7-8823-1CD46C20FD8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F08CEC14-7BD7-4F5E-9F44-ED9DB90DB9FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B6E2BC7B-50F9-4EC1-BD76-C74B43988FB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{31A0E8E9-1515-450A-A02C-54EC9DD971AD}] => (Allow) D:\SteamLibrary\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{0C8EBB80-C805-4122-A8AA-F33E3518AEF2}] => (Allow) D:\SteamLibrary\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{52CF7D38-7DF9-4E07-AB91-FBF72E5CF28E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{144E2839-6ED6-4F05-AC67-F60C2F900EC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7E608D8A-B074-407C-8DD2-CAD494800679}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40000 Armageddon\autorun.exe
FirewallRules: [{8D331E5F-06EB-454F-B5F5-3272069B2E9D}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40000 Armageddon\autorun.exe
FirewallRules: [{30441F9E-B9EC-4D7C-AB0A-6A3F612B46B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B18EA6C0-CFD6-47C6-8DAE-5ABF1F2DFBE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4BD81993-4993-4110-9B81-3BDF974D3ED0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{307E909C-C3EE-41E4-AFC3-011E85229EED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FF9C89C7-1D1E-43F5-97EE-FD08D0958F99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{38A8B03F-CAB2-494B-818E-0B9E03300B18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9B934D7B-26FB-4F3E-B7C7-9DBA1EB5F11C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9813C3D1-34B6-4110-BAF3-DF738815888E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7F1E19FF-A8D9-4A69-A1F2-0055EB3993E4}] => (Allow) D:\SteamLibrary\steamapps\common\Thea The Awakening\Thea.exe
FirewallRules: [{8133DF25-2713-4D8C-90D2-79F0206EDF38}] => (Allow) D:\SteamLibrary\steamapps\common\Thea The Awakening\Thea.exe
FirewallRules: [{612D11B2-CFD5-45BE-9AA9-2B9523DBEA34}] => (Allow) D:\SteamLibrary\steamapps\common\Templar Battleforce\TemplarBattleforce.exe
FirewallRules: [{4536E9C7-E5DB-40D1-9CBB-9D6A3B2EC845}] => (Allow) D:\SteamLibrary\steamapps\common\Templar Battleforce\TemplarBattleforce.exe
FirewallRules: [{2592EE92-CB7D-420E-93D0-CB887F16FCB0}] => (Allow) D:\SteamLibrary\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe
FirewallRules: [{53C33586-184C-4A86-AE56-085AB51CC73A}] => (Allow) D:\SteamLibrary\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe
FirewallRules: [{DFDC8602-C120-426D-95E7-F6650996E5BA}] => (Allow) D:\SteamLibrary\steamapps\common\Halfway\Halfway.exe
FirewallRules: [{7485CBDE-2698-4A93-BB8B-D4E83FFD9F24}] => (Allow) D:\SteamLibrary\steamapps\common\Halfway\Halfway.exe
FirewallRules: [{8B34BA06-2F12-4704-B48A-02E7AC8898A0}] => (Allow) D:\SteamLibrary\steamapps\common\Guilty Gear XX Accent Core Plus R\GGXXACPR_Win.exe
FirewallRules: [{D3E9EE18-12EC-49DC-9732-56D777F9616F}] => (Allow) D:\SteamLibrary\steamapps\common\Guilty Gear XX Accent Core Plus R\GGXXACPR_Win.exe
FirewallRules: [{1CA990C8-30D7-4FB8-9CEB-8786C7485F13}] => (Allow) D:\SteamLibrary\steamapps\common\ChaosReborn\ChaosRebornWin64.exe
FirewallRules: [{CE076DC6-5CC2-4F33-B9AA-5D7F75F331A8}] => (Allow) D:\SteamLibrary\steamapps\common\ChaosReborn\ChaosRebornWin64.exe
FirewallRules: [{818897CC-AEE2-448E-A129-CFC8F8BE1231}] => (Allow) D:\SteamLibrary\steamapps\common\Arcanum\SierraLauncher.exe
FirewallRules: [{4E6EF667-F3B6-4B48-B71A-49E2ADF2A17E}] => (Allow) D:\SteamLibrary\steamapps\common\Arcanum\SierraLauncher.exe
FirewallRules: [{832D1130-3316-4BAF-91BE-ED6DB647A775}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0F0360B4-9F24-46A3-8A7B-49CEDD3316BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{50037C77-24A5-4B11-BCDB-5659B86EB921}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{37B54482-0DA3-482A-8AE5-A56843826357}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{568771C1-16BA-44FC-A1B3-98360422AFC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2EE02FB5-C133-4C41-83BB-844D21FC01E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{621532E3-B17A-40E8-BB9B-EDAE1142DABD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{57BAFAEE-3D7B-4F83-B280-9B014C0A48A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{158D2B8B-90A5-4994-8858-DE95D010EC2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{831DF49A-6245-4544-92E8-135B11DC187C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B826E407-5774-48CF-9C91-EFD093B3ED62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{157DA9CA-41C6-43FA-ADDA-BB62A4811ACF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1C853173-B3E2-4A6E-9B45-018DA7D9A2A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{ACED4339-354F-470E-A7F9-50EE35987A54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C740B3FC-6903-4C02-ADBE-004D7284FAD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E7ECE43D-2EE2-41C1-8F27-53B32195EC26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{610A788C-1867-43B7-8672-E424E87DD538}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5958E2FB-1B32-4F78-BE7E-8A396CFEF44E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AA1602A4-004E-4F17-845B-4EF5B8D461C7}] => (Allow) D:\SteamLibrary\steamapps\common\Space Hulk Ascension\game.exe
FirewallRules: [{E12806F0-91C4-4E5E-AF57-BEE788B226CB}] => (Allow) D:\SteamLibrary\steamapps\common\Space Hulk Ascension\game.exe
FirewallRules: [{048794C7-71C1-465F-B742-6008C7BBC6D9}] => (Allow) D:\SteamLibrary\steamapps\common\Concealed Intent\ConcealedIntent.exe
FirewallRules: [{0AE4786E-6D9C-476A-B8C8-EEFF3AE22F1B}] => (Allow) D:\SteamLibrary\steamapps\common\Concealed Intent\ConcealedIntent.exe
FirewallRules: [{7472B058-5306-491A-83B2-515024B9E5FE}] => (Allow) D:\SteamLibrary\steamapps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [{61F5C885-FAA9-44B7-9C65-92CBADDC1D49}] => (Allow) D:\SteamLibrary\steamapps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [TCP Query User{6FCEEF80-343E-416E-A4E1-88C0898CFB7D}D:\steamlibrary\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [UDP Query User{ADB3FA5C-03E2-47B6-A1CB-325FBDBF5B1F}D:\steamlibrary\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [{5E373364-40F4-47CD-BFFA-1DBF473AF6A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E80BA4DE-0198-4B2A-956A-DE317E630C14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DCABA068-7244-41C5-99E3-DB219434C219}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{04B42605-569F-4010-BD31-AC154B0CE57A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2C3282D6-B8DD-4B70-B00E-90471D84851D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{00CB47B5-37D6-4051-911B-766046AF26B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6610E146-1B71-4F0C-BC91-E862D21B71A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9B74F2FA-5EC2-4D04-87EF-AB8FF354874D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D708B6ED-FAF5-48B2-8925-2032FECDA27C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{494E0681-0401-418A-94CF-B2497B851186}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{490CBE5A-0901-4D5C-94EB-1DDB85E4E2F1}C:\program files (x86)\heroes of the storm\versions\base55288\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base55288\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C1B47E73-F663-49B5-B19A-074BF591224C}C:\program files (x86)\heroes of the storm\versions\base55288\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base55288\heroesofthestorm_x64.exe
FirewallRules: [{7D1FCC9E-7C26-4095-8232-B53E31F8FBB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{56EFCE4F-C2C6-44E4-A806-ABC561C8E2A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{841797D2-4CD0-4364-A981-5266D539BAD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{22D5CC19-87E9-46F9-910E-9D7C1227B0F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4024DA7D-97AC-4D43-B8FA-D51427689CDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4978BC9D-B5C0-4637-97AA-FAD29D27460A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{617EF3F6-94EC-469E-8A3C-A0746138D46E}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer Arcane Magic\warhammer_arcane_magic.exe
FirewallRules: [{3881D77C-5992-4849-ADB3-D05159469B97}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer Arcane Magic\warhammer_arcane_magic.exe
FirewallRules: [{382863D3-12AC-4789-B484-C2E437008E0B}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer Quest\WarhammerQuest.exe
FirewallRules: [{6CFE48B4-9225-4943-921C-994B4CFA2D0D}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer Quest\WarhammerQuest.exe
FirewallRules: [TCP Query User{AF9B0E6E-9176-4DE8-8BF4-2C957DCFE6CC}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{78DC6043-1AA9-4AAC-82AB-FD4B12678C78}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [{20B64DC7-4010-4555-B6EE-D7FF45BA3377}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7740F518-50AF-4E83-90A8-A0247123503A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{1EC91E91-81E4-460B-AA4C-0D45D2B31286}D:\steamlibrary\steamapps\common\warhammer 40,000 deathwatch - tyranid invasion\deathwatchgame\binaries\win32\deathwatchgame-win32-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\warhammer 40,000 deathwatch - tyranid invasion\deathwatchgame\binaries\win32\deathwatchgame-win32-shipping.exe
FirewallRules: [UDP Query User{5D6AF1D3-D1C0-46DA-8C8D-F53752EECBAE}D:\steamlibrary\steamapps\common\warhammer 40,000 deathwatch - tyranid invasion\deathwatchgame\binaries\win32\deathwatchgame-win32-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\warhammer 40,000 deathwatch - tyranid invasion\deathwatchgame\binaries\win32\deathwatchgame-win32-shipping.exe
FirewallRules: [{71CC3723-262A-421F-BD30-7A44952DA7C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1EA7D4E6-4BB0-4F59-AFBA-A07B02FCC14F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5614ED37-1866-4668-9E28-E37EEC7A50A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{22822F7A-C312-4D84-8C32-D4F6CA350A12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{38E62374-CBF6-4F13-9197-A41BD88B9290}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A13D280B-B0F2-497B-9F71-AA37F9620DF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2016C9B0-AAC1-4D10-B4FC-35BDD91AD7F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BA46274D-6809-4E10-8FE9-9AA02FFF0AEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{688CD454-41B5-404E-9071-C3B071866AF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6405916A-EB73-4374-94C5-BE61E47A8373}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6EF37571-FE6B-410A-8C04-3722EDB5EB3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E15BCED7-E139-407C-9A6F-CAB0E94F9A1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{217AACFD-8F0E-4D92-8BB2-C20A8D288BCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{90B7B5AE-C557-41B4-9DC2-7E6F94CE3B0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A2F40D88-52A3-4DC6-85B1-ECDB0AB51AA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AFB9203C-7BE5-4F5C-8C1D-3C4107F1DD3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{ED80AA7C-5ABB-4C99-BADD-1F942AF318CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3711A872-4D29-442B-B2FA-28F29F4752A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A7AAD40C-D892-4920-A9C6-64C6FF8D3198}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{70413186-9110-4C51-A408-8B720CEF8B8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{41736336-4845-4356-B505-C85D71880AEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{69134375-370A-4CCA-9950-707F53133540}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8FA3AD5A-2B12-4FF9-B88A-AE722BE3E121}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{96DE3726-5C6F-4254-898F-20250FFEA83E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3A88ADA4-77BE-486D-88AB-F4682E282EFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA9E6F5D-1B29-4111-A318-5CCF5DBB0FF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D6649C68-5079-4AA2-AEAA-82EBE389FDAA}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{2B74A892-1C83-4C53-94AF-68060AA4B370}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{6DED5502-0116-4B4D-B767-E439407B1E94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{687C339B-4B7B-4C1C-93C8-0FD00CCEFA19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9D546F39-6BE3-47C8-A872-04A224C91E27}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40000 Sanctus Reach\autorun.exe
FirewallRules: [{1D895FBB-0FA5-47EC-A3E9-647C47D4AA96}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40000 Sanctus Reach\autorun.exe
FirewallRules: [{0F5747FA-9027-4EDE-B801-C124245CCB30}] => (Allow) D:\SteamLibrary\steamapps\common\Endless Space 2\EndlessSpace2.exe
FirewallRules: [{2373E70A-D917-4941-B992-ECAA8776D9B5}] => (Allow) D:\SteamLibrary\steamapps\common\Endless Space 2\EndlessSpace2.exe
FirewallRules: [{0282EA9A-73D7-440E-81D5-A76B7D4EAB36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6A592398-630E-4806-B947-2C97708FDA52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FBF7FD9C-CA6F-4993-8196-16928425BDD1}] => (Allow) D:\SteamLibrary\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{E665761E-51A0-4247-A0E2-F6B4AFC86DA1}] => (Allow) D:\SteamLibrary\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{7D7EA7B1-7A1B-48D1-BF6F-9FE37068095D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1296A4BD-01D0-444D-8603-9ED0CA395FB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{81BE391C-4FFD-4F33-896F-DCB7165F0709}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3ADBBBBF-062E-499B-BDC0-98BD8406BA20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{395CA5FC-937E-4A33-94BE-DE8D74496EC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{87278B14-2FEE-4726-B579-920E877BC2DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D478BEA5-3EAF-4108-98BF-F1608A51A1F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B1E38F0B-1769-4734-820B-03A009784CD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8C832176-7CCF-453C-87D9-2CE7FDF55437}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E0130D03-DD5E-4758-95CE-A7B99A9D1BBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AB7A997C-89C9-42E8-87A6-681EFB9C9A76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FA56D809-6F4E-4ABB-ADFF-D5D6C1AD62D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9E1DEDD0-870E-4027-85C3-D85D605B3A9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{58513B0C-653A-4339-BC0E-2E98966E3B60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8D9290FA-DA44-4954-856A-72F4BC633ADB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{36732972-7AA5-4265-9C77-26ABE4F938E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{83861D32-FC55-4B33-B001-C91D9C967A7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4B25D740-530F-4C66-B4D6-B0AE69F795DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DF1B5984-EBC0-43F5-8D9A-C5A41560EC5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4DA7D480-8724-47A6-9AF9-6898689F2945}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9490AE0C-FC9A-436E-B6A4-C259895828AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{998056E3-C991-44F2-AF2D-A93EEAB218FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EE10B6E8-9B51-4120-AD40-B79EA5465500}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{967ECAC6-79B4-4FEE-9596-8AE6F9009812}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{149C014D-232B-4A29-8112-BF1E0A92FF92}] => (Allow) D:\SteamLibrary\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{42D4D1E6-99D5-4D7B-B287-25BE1BB3C193}] => (Allow) D:\SteamLibrary\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{3B76F727-A531-40F3-A73C-612C061982E7}] => (Allow) D:\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe
FirewallRules: [{D0A44E59-E66B-4A5B-B9A8-40F6ECA6F43F}] => (Allow) D:\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe
FirewallRules: [{5032676B-D52B-41CF-8B9D-A3642D14E8FB}] => (Allow) D:\SteamLibrary\steamapps\common\Brigador\brigador.exe
FirewallRules: [{54D950B5-D9CC-49CC-8E76-9D721A1AC601}] => (Allow) D:\SteamLibrary\steamapps\common\Brigador\brigador.exe
FirewallRules: [{5E74A111-456D-4E3C-8B87-1112388482E1}] => (Allow) D:\SteamLibrary\steamapps\common\Ashes of the Singularity Escalation\StardockLauncher.exe
FirewallRules: [{9574CABA-378F-4C0C-8B11-610966857783}] => (Allow) D:\SteamLibrary\steamapps\common\Ashes of the Singularity Escalation\StardockLauncher.exe
FirewallRules: [{53F96CD1-11A0-48DF-B54B-11F959BE2FD1}] => (Allow) D:\SteamLibrary\steamapps\common\Shoppe Keep\Shoppe Keep.exe
FirewallRules: [{65646E13-DA49-41DD-BA80-96C9BF459056}] => (Allow) D:\SteamLibrary\steamapps\common\Shoppe Keep\Shoppe Keep.exe
FirewallRules: [{97BB56CA-988A-403C-9080-5A28F6C11E00}] => (Allow) D:\SteamLibrary\steamapps\common\Maize\Maize\Binaries\Win64\Maize.exe
FirewallRules: [{0FFD81B1-F776-446C-A15D-59DAACF4F784}] => (Allow) D:\SteamLibrary\steamapps\common\Maize\Maize\Binaries\Win64\Maize.exe
FirewallRules: [{FB1DED7C-592C-4EA3-8553-2EA46A321CD0}] => (Allow) D:\SteamLibrary\steamapps\common\Tiny Echo\TinyEcho.exe
FirewallRules: [{D3723EE3-896C-40C0-BA16-E7100C5D505D}] => (Allow) D:\SteamLibrary\steamapps\common\Tiny Echo\TinyEcho.exe
FirewallRules: [{A98DE7C4-347F-405D-9828-09FCC17E2651}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A58B48A8-2446-442B-BF21-36E8ED9A5A42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DB7EF388-CEF7-4EE6-B01B-66DCF420DBC7}] => (Allow) D:\SteamLibrary\steamapps\common\Armello\armello.exe
FirewallRules: [{08343919-623D-4069-8093-D256F1752F03}] => (Allow) D:\SteamLibrary\steamapps\common\Armello\armello.exe
FirewallRules: [{5C7C48EC-503E-4EC7-B0B6-787EF8A53085}] => (Allow) D:\SteamLibrary\steamapps\common\Expeditions Conquistador\Expeditions Conquistador.exe
FirewallRules: [{9C2A8D99-D00F-41B6-BE6B-01745D6FBEA3}] => (Allow) D:\SteamLibrary\steamapps\common\Expeditions Conquistador\Expeditions Conquistador.exe
FirewallRules: [{4E0754BB-F906-4F72-82DD-ACA1453EBC4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{11DF0F40-7A0A-495E-A50A-283C8A7D963B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{15DFF9CC-7CCB-45B0-B0BC-44552505D20F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{81EF7697-B356-41D7-976A-89CEDFD05BA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CCA07AF6-D9F1-4AE1-86FB-A81998ECAD24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B1ACBFDC-3798-4F65-9D3A-5E0ECDC7EB55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{572A2B8E-FEB0-4682-90DB-EBAC112A1FB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F354E4E0-8B0D-4475-BFB2-2151A25BA487}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{91F04556-2AA4-49A2-AB7C-43E1893829BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2A93BE7F-F130-4335-856D-D87E601F42D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7E0FAB1C-46D5-4919-BBD4-B38F6CF95A80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7E1C758D-7B27-4171-8601-76F641A29513}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1E1FC6B-B056-4FAE-B005-2F31427C6EC4}] => (Allow) D:\SteamLibrary\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{CCB903E2-4DCE-415F-A09A-D5A6A72B2804}] => (Allow) D:\SteamLibrary\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{628EDD0E-ED98-428E-9706-9BCBFC920FF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DC9D0C2D-F44F-4A50-AE9C-7FC3D908B7C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7E213931-005D-4E45-BCB2-6FA55F4AAD1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6D77ADDB-5EFC-47C7-B207-294895527078}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3323C152-6D13-44FD-A926-5B581E2ACF0F}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{25860141-AD14-4244-BDB4-11AD4D269971}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{E534AB18-ABF0-4CA4-8354-DE6E78955F1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B9F2B003-0FE7-4779-A396-9BC513DAB63D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{46150B52-FA99-4C6C-AC81-49AE897158D8}] => (Allow) D:\SteamLibrary\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{F18312F2-423F-4A77-863C-9EBA0968D501}] => (Allow) D:\SteamLibrary\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{0A19CEBD-6D0E-4F72-8E17-A332DCFF7C6C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A0447CDC-0B03-42DD-9E4D-E5EFA0D9855E}] => (Allow) LPort=24680
 
==================== Restore Points =========================
 
19-01-2018 04:41:31 Scheduled Checkpoint
26-01-2018 14:30:54 Scheduled Checkpoint
29-01-2018 04:11:35 Restore Operation
06-02-2018 22:31:38 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/06/2018 10:33:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MSIDDRService.exe, version: 2.0.0.35, time stamp: 0x5775622f
Faulting module name: MSIDDRService.exe, version: 2.0.0.35, time stamp: 0x5775622f
Exception code: 0xc0000005
Fault offset: 0x0002645f
Faulting process id: 0xd88
Faulting application start time: 0x01d39fdd83b29097
Faulting application path: C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
Faulting module path: C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
Report Id: ed65bb3d-c3f0-4220-bfd9-dfdf57d30290
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (02/06/2018 10:28:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MSIDDRService.exe, version: 2.0.0.35, time stamp: 0x5775622f
Faulting module name: MSIDDRService.exe, version: 2.0.0.35, time stamp: 0x5775622f
Exception code: 0xc0000005
Fault offset: 0x0002645f
Faulting process id: 0xed0
Faulting application start time: 0x01d39fdcd4c61e2d
Faulting application path: C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
Faulting module path: C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
Report Id: e5214a64-7995-4a7a-b6f1-712d85bbb789
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (02/06/2018 10:14:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (02/06/2018 10:14:46 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
 
Error: (02/06/2018 10:14:46 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (02/06/2018 10:14:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (02/06/2018 10:14:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (02/06/2018 10:14:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ESENT" in DLL "C:\WINDOWS\system32\esentprf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (02/06/2018 10:14:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (02/06/2018 10:14:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
 
System errors:
=============
Error: (02/06/2018 10:36:27 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-M3GLLEB)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-M3GLLEB\Vic SID (S-1-5-21-1699126305-1225172096-1940794454-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (02/06/2018 10:33:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MSI Command Center DDR Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/06/2018 10:33:08 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-M3GLLEB)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 and APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 to the user DESKTOP-M3GLLEB\Vic SID (S-1-5-21-1699126305-1225172096-1940794454-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (02/06/2018 10:33:08 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-M3GLLEB)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 and APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 to the user DESKTOP-M3GLLEB\Vic SID (S-1-5-21-1699126305-1225172096-1940794454-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (02/06/2018 10:32:59 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: XQHDrv.sys
 
Error: (02/06/2018 10:32:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M3GLLEB)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (02/06/2018 10:28:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-M3GLLEB)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-M3GLLEB\Vic SID (S-1-5-21-1699126305-1225172096-1940794454-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (02/06/2018 10:28:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-M3GLLEB)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-M3GLLEB\Vic SID (S-1-5-21-1699126305-1225172096-1940794454-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (02/06/2018 10:28:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MSI Command Center DDR Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/06/2018 10:28:05 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: XQHDrv.sys
 
 
CodeIntegrity:
===================================
  Date: 2018-02-06 22:42:39.680
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.110.1.32\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-06 22:42:39.677
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.110.1.32\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-06 22:42:39.673
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.110.1.32\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-06 22:42:05.465
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.110.1.32\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-06 22:42:05.461
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.110.1.32\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-06 22:42:02.196
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.110.1.32\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-06 22:42:02.193
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.110.1.32\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-06 22:42:01.268
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.110.1.32\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-06 22:42:01.265
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.110.1.32\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-06 22:42:00.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.110.1.32\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 12%
Total physical RAM: 32727.57 MB
Available physical RAM: 28774.8 MB
Total Virtual: 37847.57 MB
Available Virtual: 33301 MB
 
==================== Drives ================================
 
Drive b: (RAMDisk) (Fixed) (Total:0.25 GB) (Free:0.25 GB) FAT
Drive c: () (Fixed) (Total:446.58 GB) (Free:182.27 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:1862.89 GB) (Free:1338.44 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 

Edited by Hyetemplar, 07 February 2018 - 01:44 AM.


#9 King_Yoshi

King_Yoshi

  • Malware Study Hall Senior
  • 1,349 posts
  • OFFLINE
  •  
  • Local time:12:48 AM

Posted 07 February 2018 - 10:38 PM

Hello Hytemplar,

I am now looking into why you are still getting both of those warnings in Secuitycheck.

I will get back to you as soon as possible.



#10 King_Yoshi

King_Yoshi

  • Malware Study Hall Senior
  • 1,349 posts
  • OFFLINE
  •  
  • Local time:12:48 AM

Posted 09 February 2018 - 09:15 AM

Hello Hyetemplar,

:step1: Lets uninstall the old version of Adobe Flash

  • On the Start menu, enter Control Panel in the search box and select Control Panel from the results.
  • Select Programs > Programs and Features, and then select the Adobe Flash Player 11 Plugin program.
    Please make sure that the version selected is 11.1.102.55.

:step2: You have not yet installed a anti-virus. I strongly urge you to do so.
If you get one that has "real-time protection" it could even prevent future infections due to accidentally clicking on a link.

 

:step3: How is everything running now?



#11 Hyetemplar

Hyetemplar
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 12 February 2018 - 09:46 AM

How should I check if there still is it ever was a keylogger or if the hijack programs might be lurking? Thanks

#12 King_Yoshi

King_Yoshi

  • Malware Study Hall Senior
  • 1,349 posts
  • OFFLINE
  •  
  • Local time:12:48 AM

Posted 13 February 2018 - 11:29 AM

How should I check if there still is it ever was a keylogger or if the hijack programs might be lurking? Thanks
When I looked through the FRST logs I did not see any Keyloggers or hijacking programs.
If there had been some I would have immediately spotted them. In order for them to run, they would leave traces in the logs.
More specifically, I could see a startup registry entry an executable, a dll etc. in the log, which I could then use to reference the specific malicious program.

The best way to check for and prevent keyloggers and nefarious programs would be to install a anti-virus.
Think of it this way.. A computer without a anti-virus is like not locking your door.
It may be that no one will ever try to get through the door, but in the event that someone tries to, you know the door is locked.
 


#13 Hyetemplar

Hyetemplar
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 15 February 2018 - 01:11 AM

okay i uninstalled and reinstalled 

 

Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java version 32-bit out of Date!
 Adobe Flash Player 28.0.0.161  
 Google Chrome (64.0.3282.167) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Windows Defender MSASCuiL.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
 
I'm installing avast and will run a full scan, do I need to disable windows defender?
 
*edit* ran a full scan, everything checked out fine, didnt disable windows defender, do you think i need something like malwarebytes or a registry cleaner?

Edited by Hyetemplar, 15 February 2018 - 02:49 AM.


#14 King_Yoshi

King_Yoshi

  • Malware Study Hall Senior
  • 1,349 posts
  • OFFLINE
  •  
  • Local time:12:48 AM

Posted 17 February 2018 - 11:03 AM

Hello Hyetemplar,

Thank you for all your hard work so far, we are almost there. :)
 

I'm installing avast and will run a full scan, do I need to disable windows defender?

*edit* ran a full scan, everything checked out fine, didnt disable windows defender, do you think i need something like malwarebytes or a registry cleaner?

 

:step1: Malwarebytes is a great addition and can most certainly be used. I personally use an anti-virus along with Malwarebytes.

:step2: I would stay far away from registry cleaners.
They can be very dangerous to use, since they may delete important registry entries, which could cause programs to stop working or even rendering your computer unbootable.

:step3: Usually when you install a anti-virus, Windows Defender automatically gets turned off.
It should be turned off as it could conflict with your anti-virus.

If it did not automatically turn off, or you are not sure, please do the below.
You can also follow these directions up to step "3" to check if its turned off already.
If it is not turned off, please go to step "4".

1. Open the Start menu.

2. Click/tap on Windows Defender Security Center in the All Apps list. (see screenshot below)



176317d1518198760-open-windows-defender-


3. Then select Virus & threat protection > Threat settings.

4. Turn off Real-time protection.

:step4: How is your computer running now? Do you have any additional concerns?



#15 Hyetemplar

Hyetemplar
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 17 February 2018 - 11:18 AM

it says avast antivirus, no actions needed under windows defender

 

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Avast Antivirus    
Windows Defender   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
 Adobe Flash Player 28.0.0.161  
 Google Chrome (64.0.3282.167) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSASCuiL.exe   
 avast software avast afwserv.exe  
 AVAST Software Avast AvastUI.exe  
 Oracle Java javapath AvastSvc.exe -?- 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
 
still giving me the java error even though ive uninstalled and reinstalled and it says 32 bit but im running 64 bit OS
 
 also when i try to run discord (the chat app) it gives fatal javascript error





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users