Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Attempting to fully remove malware, Proxygate and Allradio?


  • This topic is locked This topic is locked
40 replies to this topic

#1 ASadTerryy

ASadTerryy

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:12 PM

Posted 21 July 2018 - 01:10 AM

Hey people at bleepingcomputer, you guys seem to be doing a great job in helping remove malware. I followed your guide to get rid of programs that I saw in my C://Program Files that I could tell did not belong there, including proxygate and allradio. After doing this by using Avast, then rkill, MalwareBytes, AdwCleaner,  and HitmanPro I believe I got rid of most of the potential problems. It uninstalled my chrome along the way which I reinstalled to write the post alongside clearing my browsing data for the day. However I still feel as if there are additional programs installed that should not be there as sometimes my Google Chrome will redirect when clicking things. As such I provide the FRST logs below and will voice my concern about my other hardrives which I believe would not be scanned by this; should I check those/is there a way to ensure those are fine also? Thanks for the help! Note: post too long, addition will be included as reply.

 

FRST LOG

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018

Ran by Tarry (administrator) on TARRY-PC (21-07-2018 01:56:00)
Running from C:\Users\Tarry\Downloads
Loaded Profiles: Tarry (Available Profiles: Tarry)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(TOSHIBA CORPORATION) C:\Windows\System32\lmewcuhsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc.) E:\Program Files\iTunes\iTunesHelper.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Spotify Ltd) C:\Users\Tarry\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Copyright © 2018 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Discord Inc.) C:\Users\Tarry\AppData\Local\Discord\app-0.0.301\Discord.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Discord Inc.) C:\Users\Tarry\AppData\Local\Discord\app-0.0.301\Discord.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Discord Inc.) C:\Users\Tarry\AppData\Local\Discord\app-0.0.301\Discord.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Discord Inc.) C:\Users\Tarry\AppData\Local\Discord\app-0.0.301\Discord.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15120504 2016-02-17] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-20] (AVAST Software)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-07-21] (Razer Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51440 2018-04-11] (Copyright © 2018 Plays.tv, LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3201312 2018-06-08] (Valve Corporation)
HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\Run: [Spotify] => C:\Users\Tarry\AppData\Roaming\Spotify\Spotify.exe [24220560 2018-07-20] (Spotify Ltd)
HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\Run: [Parsec.App.0] => C:\Users\Tarry\AppData\Roaming\Parsec\electron\parsec.exe hidden=1
HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\Run: [EpicGamesLauncher] => G:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32966032 2018-07-20] (Epic Games, Inc.)
HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\Run: [Spotify Web Helper] => C:\Users\Tarry\AppData\Roaming\Spotify\SpotifyWebHelper.exe [774544 2018-07-20] (Spotify Ltd)
HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\Run: [depute] => "C:\Program Files (x86)\eves\depute.exe" abvt
HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\Run: [marbella] => "C:\Program Files (x86)\Pale\Foetus.exe" abvt
HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\MountPoints2: F - F:\setup.exe
Startup: C:\Users\Tarry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jttdaubs.lnk [2018-07-20]
ShortcutTarget: jttdaubs.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Startup: C:\Users\Tarry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Task Scheduler Host.lnk [2018-07-20]
ShortcutTarget: Task Scheduler Host.lnk -> C:\Users\Tarry\AppData\Roaming\Task Scheduler Host\taskhost.exe (No File)
Startup: C:\Users\Tarry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vafgrcba.lnk [2018-07-20]
ShortcutTarget: vafgrcba.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
BootExecute: autocheck autochk * bootdelete
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FBA80519-306F-452A-9BAC-F42128665059}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-939175857-811873136-2089306365-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-20] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-07-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-07-03] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-29] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-07-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-20] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-07-03] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-07-20] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-03] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-20] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-20] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-07-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-07-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-21] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default [2018-07-21]
CHR Extension: (Slides) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (uBlock Origin) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-07-20]
CHR Extension: (Google Search) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Sheets) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Avast Online Security) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-20]
CHR Extension: (Cisco Webex Extension) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2018-07-05]
CHR Extension: (Grammarly for Chrome) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-07-13]
CHR Extension: (League of Legends Match History Fix) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdgeabipdapmbcpdldplafegigjhpain [2017-02-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-23]
CHR Extension: (Chrome Media Router) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-14]
CHR Profile: C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-07-20]
CHR Extension: (Google Slides) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-15]
CHR Extension: (Google Docs) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-15]
CHR Extension: (Google Drive) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-15]
CHR Extension: (YouTube) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-15]
CHR Extension: (Google Sheets) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-15]
CHR Extension: (Core) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkhcgfdghbiidgeccbldhfceleibkkpe [2016-12-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-15]
CHR Extension: (Gmail) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-15]
CHR Extension: (Chrome Media Router) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR Profile: C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-07-20]
CHR Extension: (Google Slides) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-15]
CHR Extension: (Google Docs) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-15]
CHR Extension: (Google Drive) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-15]
CHR Extension: (YouTube) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-15]
CHR Extension: (Google Sheets) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-15]
CHR Extension: (Lucky Dragon) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nfnpflkjppmckmblckilecglaebgcdck [2016-12-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-15]
CHR Extension: (Gmail) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-15]
CHR Extension: (Chrome Media Router) - C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR Profile: C:\Users\Tarry\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
HKLM\SYSTEM\CurrentControlSet\Services\wsruoimv <==== ATTENTION (Rootkit!)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-04-24] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8765104 2018-07-13] (Microsoft Corporation)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218760 2017-06-29] (DTS)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-06-18] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2015-11-03] (Hi-Rez Studios) [File not signed]
R2 HPSLPSVC; E:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-02-17] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-03] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2201920 2018-05-10] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3072328 2018-05-10] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55024 2018-04-11] (Copyright © 2018 Plays.tv, LLC)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-10-16] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-19] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
S2 MjhjMWM; rundll32.exe C:\Windows\vqlynvsuwmbqmsyl.valy ADWDmbJocuPKrZL [X]
S2 NTM3M2I0ZD; C:\Program Files\NTM3M2I0ZD\YzZlMmFkNzczZThkN.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
S2 winamgr; "C:\ProgramData\Microsoft\Windows\Audio\winamgr.exe" -s [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2018-07-21] ()
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-07-21] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112864 2018-07-21] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-07-21] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-21] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94328 2018-07-21] (Malwarebytes)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31200 2018-05-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [67432 2018-03-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [68112 2018-04-27] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [43256 2017-07-18] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137208 2017-08-19] (Razer, Inc.)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-15] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-15] (BigNox Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2018-07-21] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-07-21] (Zemana Ltd.)
S4 erglwsxi; System32\drivers\pskgdvcz.sys [X]
R3 impsvz; system32\drivers\psvzcf.sys [X]
S1 powzip; \SystemRoot\System32\drivers\powzip.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-21 01:56 - 2018-07-21 01:56 - 000025769 _____ C:\Users\Tarry\Downloads\FRST.txt
2018-07-21 01:55 - 2018-07-21 01:56 - 000000000 ____D C:\FRST
2018-07-21 01:55 - 2018-07-21 01:55 - 002412544 _____ (Farbar) C:\Users\Tarry\Desktop\FRST64.exe
2018-07-21 01:45 - 2018-07-21 01:55 - 000011009 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-07-21 01:45 - 2018-07-21 01:55 - 000009269 _____ C:\Windows\ZAM.krnl.trace
2018-07-21 01:45 - 2018-07-21 01:45 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2018-07-21 01:45 - 2018-07-21 01:45 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2018-07-21 01:45 - 2018-07-21 01:45 - 000001148 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2018-07-21 01:45 - 2018-07-21 01:45 - 000000000 ____D C:\Users\Tarry\AppData\Local\Zemana
2018-07-21 01:45 - 2018-07-21 01:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-07-21 01:45 - 2018-07-21 01:45 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-07-21 01:44 - 2018-07-21 01:44 - 006625600 _____ (Zemana Ltd. ) C:\Users\Tarry\Desktop\Zemana.AntiMalware.Setup.exe
2018-07-21 01:08 - 2018-07-21 01:08 - 000145232 ____N C:\Windows\system32\Drivers\raabfilo.sys
2018-07-21 01:07 - 2018-07-21 01:07 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-07-21 01:07 - 2018-07-21 01:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-07-21 01:07 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-07-21 00:29 - 2018-07-21 01:04 - 000055232 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2018-07-21 00:14 - 2018-07-21 00:28 - 000000320 _____ C:\Windows\system32\.crusader
2018-07-21 00:08 - 2018-07-21 00:14 - 000000000 ____D C:\ProgramData\HitmanPro
2018-07-21 00:07 - 2018-07-21 00:08 - 011576808 _____ (SurfRight B.V.) C:\Users\Tarry\Desktop\HitmanPro_x64.exe
2018-07-21 00:04 - 2018-07-21 00:04 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-07-21 00:04 - 2018-07-21 00:04 - 000002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-07-21 00:04 - 2018-07-21 00:04 - 000000000 ____D C:\Program Files (x86)\Google
2018-07-20 23:09 - 2018-07-20 23:10 - 000000000 ____D C:\AdwCleaner
2018-07-20 23:09 - 2018-07-20 23:09 - 007395536 _____ (Malwarebytes) C:\Users\Tarry\Desktop\AdwCleaner.exe
2018-07-20 23:02 - 2018-07-20 23:11 - 000003448 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 4086469641
2018-07-20 23:02 - 2018-07-20 23:11 - 000003448 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 3370276873
2018-07-20 23:01 - 2018-07-20 23:01 - 000415448 _____ C:\Windows\Minidump\072018-7971-01.dmp
2018-07-20 22:58 - 2018-07-21 01:41 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-07-20 22:58 - 2018-07-21 01:41 - 000112864 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-07-20 22:58 - 2018-07-21 01:41 - 000094328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-07-20 22:58 - 2018-07-21 01:41 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-07-20 22:58 - 2018-07-21 01:07 - 000190696 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-07-20 22:58 - 2018-07-20 22:58 - 000000000 ____D C:\Program Files\Malwarebytes
2018-07-20 22:56 - 2018-07-20 22:56 - 074288784 _____ (Malwarebytes ) C:\Users\Tarry\Desktop\mb3-setup-1878.1878-3.5.1.2522.exe
2018-07-20 22:53 - 2018-07-21 01:09 - 000003206 _____ C:\Users\Tarry\Desktop\Rkill.txt
2018-07-20 22:53 - 2018-07-20 22:53 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Tarry\Desktop\iExplore.exe
2018-07-20 22:48 - 2018-07-20 22:48 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-20 22:48 - 2018-07-20 22:48 - 000004462 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-20 22:48 - 2018-07-20 22:48 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-07-20 22:48 - 2018-07-20 22:48 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-20 17:23 - 2018-07-21 00:50 - 000000000 ____D C:\Users\Tarry\AppData\Local\AVAST Software
2018-07-20 17:23 - 2018-07-20 22:25 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-07-20 17:23 - 2018-07-20 17:23 - 001027728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000463080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000381584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000378072 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-07-20 17:23 - 2018-07-20 17:23 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000239680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000229392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000211160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000201328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000197160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000159640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000111872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000059592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-07-20 17:23 - 2018-07-20 17:23 - 000001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-07-20 17:23 - 2018-07-20 17:23 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-07-20 17:23 - 2018-07-20 17:23 - 000000000 ____D C:\Users\Tarry\AppData\Roaming\AVAST Software
2018-07-20 17:23 - 2018-07-20 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-07-20 17:23 - 2018-07-20 17:23 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-07-20 17:22 - 2018-07-20 17:22 - 000000000 ____D C:\Program Files\AVAST Software
2018-07-20 17:16 - 2018-07-20 18:26 - 000000000 ____D C:\ProgramData\AVAST Software
2018-07-20 16:45 - 2018-07-20 16:45 - 000000000 _____ C:\Windows\SysWOW64\__024B28EB__C0000005.dmp
2018-07-20 16:42 - 2018-07-20 16:42 - 002146880 _____ (Panda Security, S.L.) C:\Users\Tarry\Downloads\PANDAFREEAV.exe
2018-07-20 16:36 - 2018-07-20 16:45 - 000000000 ____D C:\Users\Tarry\AppData\Local\seeupnz
2018-07-20 16:36 - 2018-07-20 16:36 - 000000000 ____D C:\Users\Tarry\AppData\Roaming\Python
2018-07-20 16:34 - 2018-07-20 17:17 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2018-07-20 16:33 - 2018-07-20 16:52 - 000000000 ____D C:\Users\Tarry\AppData\Local\dshoelu
2018-07-20 16:33 - 2018-07-20 16:33 - 000000000 ____D C:\Users\Tarry\AppData\Local\coexgvu
2018-07-20 16:32 - 2018-07-21 01:41 - 002912256 _____ (TOSHIBA CORPORATION) C:\Windows\system32\lmewcuhsvc.exe
2018-07-20 16:32 - 2018-07-20 16:32 - 000000000 ____D C:\Windows\SysWOW64\wdezsru
2018-07-20 16:32 - 2018-07-20 16:32 - 000000000 ____D C:\Windows\system32\wdezsru
2018-07-20 16:31 - 2018-07-20 16:46 - 000929792 _____ C:\Users\Tarry\AppData\Local\sham.db
2018-07-20 16:31 - 2018-07-20 16:31 - 007631872 _____ C:\Users\Tarry\AppData\Local\agent.dat
2018-07-20 16:31 - 2018-07-20 16:31 - 001989967 _____ C:\Users\Tarry\AppData\Local\Inis.tst
2018-07-20 16:31 - 2018-07-20 16:31 - 000140800 _____ C:\Users\Tarry\AppData\Local\installer.dat
2018-07-20 16:31 - 2018-07-20 16:31 - 000126464 _____ C:\Users\Tarry\AppData\Local\noah.dat
2018-07-20 16:31 - 2018-07-20 16:31 - 000070896 _____ C:\Users\Tarry\AppData\Local\Config.xml
2018-07-20 16:31 - 2018-07-20 16:31 - 000005568 _____ C:\Users\Tarry\AppData\Local\md.xml
2018-07-20 16:31 - 2018-07-20 16:31 - 000003742 _____ C:\Windows\System32\Tasks\amor
2018-07-20 16:31 - 2018-07-20 16:31 - 000003728 _____ C:\Windows\System32\Tasks\christel
2018-07-20 16:31 - 2018-07-20 16:31 - 000003578 _____ C:\Windows\System32\Tasks\amoramor
2018-07-20 16:31 - 2018-07-20 16:31 - 000003568 _____ C:\Windows\System32\Tasks\christelchristel
2018-07-20 16:31 - 2018-07-20 16:31 - 000000000 ____D C:\Windows\System32\Tasks\cp
2018-07-20 16:30 - 2018-07-20 16:30 - 000000000 ____D C:\Users\Tarry\AppData\Local\NetSupport
2018-07-20 16:29 - 2018-07-20 16:29 - 000011776 _____ C:\Users\Tarry\AppData\Local\aemilk.dll
2018-07-20 16:29 - 2018-07-20 16:29 - 000002918 _____ C:\Windows\System32\Tasks\Chameleon Folder-Tarry
2018-07-20 16:28 - 2018-07-20 16:28 - 001698816 _____ C:\Windows\vqlynvsuwmbqmsyl.valy
2018-07-20 16:24 - 2018-07-20 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-07-19 17:20 - 2018-07-19 17:20 - 000098249 _____ C:\Windows\uninstaller.dat
2018-07-13 00:30 - 2018-07-13 00:30 - 000000000 ___HD C:\Users\Public\Shared Files
2018-07-12 16:21 - 2018-07-12 16:21 - 000000000 ____D C:\Users\Tarry\Documents\My Mods
2018-07-05 23:02 - 2018-07-05 23:02 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-05 23:02 - 2018-07-05 23:02 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-05 23:02 - 2018-07-05 23:02 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-05 23:02 - 2018-07-05 23:02 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-05 23:02 - 2018-07-05 23:02 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-05 23:02 - 2018-07-05 23:02 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-05 23:02 - 2018-05-20 13:36 - 002496480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2018-07-05 23:02 - 2018-05-20 13:36 - 002164192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2018-07-05 23:02 - 2018-05-20 13:36 - 001312224 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2018-07-05 23:02 - 2018-04-27 20:25 - 000068112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-06-29 02:01 - 2018-06-29 02:01 - 000000000 ____D C:\Users\Tarry\Documents\PCSX2
2018-06-29 01:58 - 2018-06-29 01:58 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-06-29 01:58 - 2018-06-29 01:58 - 000000000 ____D C:\Program Files (x86)\PCSX2 1.4.0
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-21 01:55 - 2009-07-13 22:34 - 017563648 _____ C:\Windows\system32\config\HARDWARE
2018-07-21 01:48 - 2009-07-14 00:45 - 000021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-21 01:48 - 2009-07-14 00:45 - 000021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-21 01:47 - 2009-07-14 01:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-21 01:47 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2018-07-21 01:43 - 2015-05-23 18:04 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-21 01:41 - 2015-10-11 23:32 - 000000000 ____D C:\Users\Tarry\AppData\Roaming\Spotify
2018-07-21 01:41 - 2015-10-11 23:32 - 000000000 ____D C:\Users\Tarry\AppData\Local\Spotify
2018-07-21 01:41 - 2015-05-23 18:20 - 000000000 ____D C:\Program Files (x86)\Steam
2018-07-21 01:41 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-21 01:07 - 2015-06-28 17:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-07-21 00:32 - 2016-01-24 15:41 - 000000000 ____D C:\Users\Tarry\AppData\Roaming\uTorrent
2018-07-21 00:04 - 2015-05-23 18:16 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-21 00:04 - 2015-05-23 18:16 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-21 00:04 - 2015-05-23 18:16 - 000000000 ____D C:\Users\Tarry\AppData\Local\Deployment
2018-07-20 23:10 - 2015-05-23 13:24 - 000001413 _____ C:\Users\Tarry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-07-20 23:01 - 2016-02-19 13:30 - 1047445404 _____ C:\Windows\MEMORY.DMP
2018-07-20 23:01 - 2016-02-19 13:30 - 000000000 ____D C:\Windows\Minidump
2018-07-20 22:48 - 2015-12-28 23:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-20 22:48 - 2015-12-28 23:19 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-20 22:48 - 2015-07-17 22:41 - 000098760 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-07-20 22:48 - 2015-07-17 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-07-20 22:48 - 2015-07-17 22:40 - 000000000 ____D C:\Program Files (x86)\Java
2018-07-20 22:48 - 2015-05-25 19:55 - 000000000 ____D C:\Users\Tarry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-07-20 22:48 - 2015-05-25 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-07-20 22:48 - 2015-05-25 19:55 - 000000000 ____D C:\Program Files\WinRAR
2018-07-20 16:47 - 2015-12-29 02:22 - 000000000 ____D C:\Users\Tarry\AppData\Local\CrashDumps
2018-07-20 16:24 - 2017-09-18 20:52 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-07-20 16:24 - 2017-09-18 20:52 - 000002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-07-20 16:24 - 2017-09-18 20:52 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-07-20 16:24 - 2017-09-18 20:52 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-07-20 16:24 - 2017-09-18 20:52 - 000002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-07-20 16:24 - 2017-09-18 20:52 - 000002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-07-20 16:24 - 2017-09-18 20:52 - 000002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-07-20 16:24 - 2017-09-18 20:52 - 000002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-07-20 16:23 - 2017-09-18 20:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-19 22:21 - 2015-09-27 22:05 - 000000000 ____D C:\Users\Tarry\AppData\Roaming\Kodi
2018-07-19 02:15 - 2017-02-13 18:30 - 000000000 ____D C:\Users\Tarry\Desktop\School
2018-07-18 22:06 - 2017-09-19 20:12 - 000003172 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-939175857-811873136-2089306365-1000
2018-07-18 22:06 - 2017-09-18 20:54 - 000000000 ___RD C:\Users\Tarry\OneDrive
2018-07-18 22:05 - 2017-09-18 20:54 - 000002118 _____ C:\Users\Tarry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-07-17 02:43 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\NDF
2018-07-13 00:30 - 2015-05-23 17:57 - 000000000 ____D C:\Intel
2018-07-13 00:24 - 2016-06-06 23:05 - 000000000 ____D C:\Users\Tarry\AppData\Local\UnrealEngine
2018-07-12 16:13 - 2015-05-23 18:52 - 000000000 ____D C:\Users\Tarry\Desktop\Gaming
2018-07-11 02:47 - 2017-10-10 01:14 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-11 02:47 - 2017-10-10 01:14 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-07-09 03:17 - 2016-05-07 13:50 - 000000000 ____D C:\Users\Tarry\.oracle_jre_usage
2018-07-06 19:52 - 2015-05-23 18:04 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-07-05 23:11 - 2015-05-23 18:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-07-05 23:02 - 2016-12-16 02:25 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-05 23:02 - 2016-11-16 00:22 - 000001370 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-07-05 23:02 - 2016-10-09 17:38 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-05 23:02 - 2016-10-09 17:38 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-05 23:02 - 2016-10-09 17:38 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-05 23:02 - 2016-10-09 17:38 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-05 23:02 - 2015-05-23 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-07-05 23:02 - 2015-05-23 18:04 - 000000000 ____D C:\Program Files\NVIDIA Corporation
 
==================== Files in the root of some directories =======
 
2018-07-20 16:29 - 2018-07-20 16:29 - 000011776 _____ () C:\Users\Tarry\AppData\Local\aemilk.dll
2018-07-20 16:31 - 2018-07-20 16:31 - 007631872 _____ () C:\Users\Tarry\AppData\Local\agent.dat
2018-07-20 16:31 - 2018-07-20 16:31 - 000070896 _____ () C:\Users\Tarry\AppData\Local\Config.xml
2018-07-20 16:31 - 2018-07-20 16:31 - 001989967 _____ () C:\Users\Tarry\AppData\Local\Inis.tst
2018-07-20 16:31 - 2018-07-20 16:31 - 000140800 _____ () C:\Users\Tarry\AppData\Local\installer.dat
2018-07-20 16:31 - 2018-07-20 16:31 - 000005568 _____ () C:\Users\Tarry\AppData\Local\md.xml
2018-07-20 16:31 - 2018-07-20 16:31 - 000126464 _____ () C:\Users\Tarry\AppData\Local\noah.dat
2015-07-15 01:45 - 2017-12-09 05:44 - 000007605 _____ () C:\Users\Tarry\AppData\Local\Resmon.ResmonCfg
2018-07-20 16:31 - 2018-07-20 16:46 - 000929792 _____ () C:\Users\Tarry\AppData\Local\sham.db
2018-07-20 16:32 - 2018-07-20 16:32 - 000032038 _____ () C:\Users\Tarry\AppData\Local\uninstall_temp.ico
 
Some files in TEMP:
====================
2017-12-09 20:57 - 2017-12-09 20:57 - 000000180 _____ () C:\Users\Tarry\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2018-07-20 16:34 - 2018-07-20 16:34 - 011140970 _____ () C:\Users\Tarry\AppData\Local\Temp\360TS_Setup_EN_CPI001_10.0.0.1104.exe
2018-03-29 23:56 - 2018-03-30 02:34 - 000000088 _____ () C:\Users\Tarry\AppData\Local\Temp\59154b19d020c3bec3c6b79de7d133b6.dll
2018-03-29 23:56 - 2018-03-30 03:14 - 000000000 _____ () C:\Users\Tarry\AppData\Local\Temp\5a7a7919109c97d615ad7581cd492710.dll
2018-07-20 16:30 - 2018-07-20 16:30 - 000300032 _____ () C:\Users\Tarry\AppData\Local\Temp\84D8.tmp.exe
2017-12-09 20:57 - 2018-04-07 21:20 - 000000016 _____ () C:\Users\Tarry\AppData\Local\Temp\884f0013f54ad50d01a8baa8e5fa54c8.dll
2017-05-07 19:41 - 2017-05-07 19:41 - 000637072 _____ (Acronis) C:\Users\Tarry\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
2018-07-20 16:30 - 2018-07-20 16:30 - 000073216 _____ () C:\Users\Tarry\AppData\Local\Temp\9B55.tmp.exe
2018-07-20 16:29 - 2018-07-20 23:11 - 010522026 _____ () C:\Users\Tarry\AppData\Local\Temp\allradio_4.27_portable.exe
2018-07-20 16:28 - 2018-07-20 16:28 - 000024651 _____ (MOletio) C:\Users\Tarry\AppData\Local\Temp\capi.exe
2018-07-20 16:29 - 2018-07-20 16:29 - 006860752 _____ (NeoSoft Tools                                               ) C:\Users\Tarry\AppData\Local\Temp\cexplorer.exe
2018-07-20 16:28 - 2018-07-20 16:28 - 000001536 _____ () C:\Users\Tarry\AppData\Local\Temp\d1tpauv4.cpv.exe
2015-12-22 15:23 - 2015-12-22 15:23 - 000292184 _____ (Microsoft Corporation) C:\Users\Tarry\AppData\Local\Temp\dxwebsetup.exe
2018-07-20 16:34 - 2018-07-20 16:34 - 019191511 _____ (Fast PC Optimizer) C:\Users\Tarry\AppData\Local\Temp\Fast-PC-Optimizer-Setup.exe
2009-07-17 20:12 - 2009-07-17 20:12 - 001957206 _____ (Adobe Systems Incorporated) C:\Users\Tarry\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
2018-07-20 16:36 - 2018-07-20 16:36 - 000375522 _____ () C:\Users\Tarry\AppData\Local\Temp\jmqa15njf2n.exe
2017-01-17 17:42 - 2017-01-17 17:42 - 000739904 _____ (Oracle Corporation) C:\Users\Tarry\AppData\Local\Temp\jre-8u121-windows-au.exe
2018-01-17 00:40 - 2018-01-17 00:40 - 001864256 _____ (Oracle Corporation) C:\Users\Tarry\AppData\Local\Temp\jre-8u161-windows-au.exe
2016-05-07 13:49 - 2016-05-07 13:49 - 000739904 _____ (Oracle Corporation) C:\Users\Tarry\AppData\Local\Temp\jre-8u91-windows-au.exe
2018-07-20 16:29 - 2018-07-20 23:11 - 000484352 _____ () C:\Users\Tarry\AppData\Local\Temp\lame_enc.dll
2018-07-20 16:28 - 2018-07-20 16:28 - 005871945 _____ () C:\Users\Tarry\AppData\Local\Temp\male.exe
2013-03-14 22:08 - 2018-01-03 20:01 - 000763104 _____ (NVIDIA Corporation) C:\Users\Tarry\AppData\Local\Temp\nvSCPAPI.dll
2015-08-15 13:58 - 2017-08-21 18:33 - 000873136 _____ (NVIDIA Corporation) C:\Users\Tarry\AppData\Local\Temp\nvSCPAPI64.dll
2016-02-15 15:31 - 2016-02-09 01:25 - 000426040 _____ (NVIDIA Corporation) C:\Users\Tarry\AppData\Local\Temp\nvSCPAPISvr.exe
2015-08-15 13:58 - 2015-08-07 00:23 - 000477152 _____ (NVIDIA Corporation) C:\Users\Tarry\AppData\Local\Temp\nvStereoApiI64.dll
2013-03-14 22:07 - 2018-01-03 20:01 - 000373552 _____ (NVIDIA Corporation) C:\Users\Tarry\AppData\Local\Temp\nvStInst.exe
2016-10-09 17:38 - 2016-11-17 09:45 - 001135552 _____ (NVIDIA Corporation) C:\Users\Tarry\AppData\Local\Temp\NvTelemetry.dll
2016-10-09 17:38 - 2017-01-05 21:10 - 000255032 _____ (NVIDIA Corporation) C:\Users\Tarry\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-10-09 17:38 - 2017-01-05 21:10 - 000335928 _____ (NVIDIA Corporation) C:\Users\Tarry\AppData\Local\Temp\NvTelemetryAPI64.dll
2017-04-10 01:41 - 2017-04-10 01:41 - 004482048 _____ (New Technology Studio) C:\Users\Tarry\AppData\Local\Temp\oivsetup-10042017014156.exe
2017-04-10 01:38 - 2015-12-07 22:31 - 004211712 _____ (New Technology Studio) C:\Users\Tarry\AppData\Local\Temp\ovi-uninstall.exe
2015-05-28 22:21 - 2017-09-20 00:31 - 058881488 _____ (Skype Technologies S.A.) C:\Users\Tarry\AppData\Local\Temp\SkypeSetup.exe
2011-11-03 10:13 - 2011-11-03 10:13 - 001786688 _____ () C:\Users\Tarry\AppData\Local\Temp\sonarinst.exe
2017-08-13 22:52 - 2017-08-13 22:52 - 000515584 _____ () C:\Users\Tarry\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
2018-07-20 16:28 - 2018-07-20 16:28 - 001776169 _____ () C:\Users\Tarry\AppData\Local\Temp\timy.exe
2018-07-20 16:32 - 2018-07-20 16:28 - 000104133 _____ () C:\Users\Tarry\AppData\Local\Temp\Uninstall.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\drivers\raabfilo.sys -> Access Denied <======= ATTENTION
 
LastRegBack: 2018-06-28 16:08
 
==================== End of FRST.txt ============================
 
 


BC AdBot (Login to Remove)

 


#2 ASadTerryy

ASadTerryy
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:12 PM

Posted 21 July 2018 - 01:26 AM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Tarry (21-07-2018 01:56:22)
Running from C:\Users\Tarry\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-05-23 17:24:23)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-939175857-811873136-2089306365-500 - Administrator - Disabled)
Guest (S-1-5-21-939175857-811873136-2089306365-501 - Limited - Disabled)
Tarry (S-1-5-21-939175857-811873136-2089306365-1000 - Administrator - Enabled) => C:\Users\Tarry
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\Adobe Photoshop CS6) (Version: 13.0.0.0 - © The Computer Guy Tony)
AIO_CDB_Software (HKLM-x32\...\{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version:  - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.53.31065 - Electronic Arts)
Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cuphead (HKLM-x32\...\1963513391_is1) (Version: 20170929 - GOG.com)
Darkest Dungeon (HKLM-x32\...\1450711444_is1) (Version: 2.18.0.22 - GOG.com)
Destiny 2 (HKLM-x32\...\Destiny 2) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{8F89B0CF-8144-43EE-AB9F-B7F8F23D85FB}) (Version: 1.1.135.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Git version 2.13.3 (HKLM\...\Git_is1) (Version: 2.13.3 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.77 - Riot Games, Inc.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
Hyper Light Drifter (HKLM-x32\...\1452863689_is1) (Version: 2.0.0.2 - GOG.com)
Item Set Creator 5.24 (HKLM-x32\...\Item Set Creator 5.24) (Version: 5.24 - InvertedComposer)
Item Set Creator 6.2 (HKLM-x32\...\Item Set Creator 6.2) (Version: 6.2 - League of Legends Math)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
JetBrains PyCharm Community Edition 2017.2.3 (HKLM-x32\...\PyCharm Community Edition 2017.2.3) (Version: 172.3968.37 - JetBrains s.r.o.)
Kodi (HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\Kodi) (Version:  - XBMC-Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Logitech Gaming Software 8.81 (HKLM\...\Logitech Gaming Software) (Version: 8.81.15 - Logitech Inc.)
LSI - LoL Summoner Information (HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.8.3 - Aequus Gaming Ltd.)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MGI - Monster Girl Island Demo 2 Day 1 (HKLM-x32\...\{1F5EDA4D-0035-4EA1-A7F2-82E0400127B1}) (Version: 1 - Monster Girl Island)
MGI Patreon Showcase Build - Ara (HKLM-x32\...\{2BD9B80A-6877-4D82-88E3-8AD0D067066D}) (Version: 1.1 - Monster Girl Island)
MGI Patreon Showcase Build - Mako (HKLM-x32\...\{01C9EA40-7778-4F5E-80A9-AAB43F7059F3}) (Version: 1 - Monster Girl Island)
MGI Patreon Showcase Build - Twins (HKLM-x32\...\{1E4E2CFC-6004-4D49-88B7-420489FD9ACD}) (Version: 1.1 - Monster Girl Island)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.10228.20134 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Monster Girl Island - Halloween (HKLM-x32\...\{BB541ED4-B8CC-4122-8B25-00C5CD78D7A5}) (Version: 2 - Monster Girl Island)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.0.0 - Duodian Technology Co. Ltd.)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.01 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Graphics Driver 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.01 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.19.61985 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{b18ccfc5-9391-42ee-9ca3-e89f9d89a58b}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.27.7-r126167-release - Plays.tv, LLC)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.8 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.5.3 (64-bit) (HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\{b94f45d6-8461-440c-aa4d-bf197b2c2499}) (Version: 3.5.3150.0 - Python Software Foundation)
Python 3.5.3 Core Interpreter (64-bit) (HKLM\...\{41949626-B6BA-4F14-9CF3-5A3528B51837}) (Version: 3.5.3150.0 - Python Software Foundation) Hidden
Python 3.5.3 Development Libraries (64-bit) (HKLM\...\{CD9C1FBA-6708-4FCC-91C8-BBE247C70C11}) (Version: 3.5.3150.0 - Python Software Foundation) Hidden
Python 3.5.3 Documentation (64-bit) (HKLM\...\{46676312-5DB3-4732-8672-C03C9A35F7DB}) (Version: 3.5.3150.0 - Python Software Foundation) Hidden
Python 3.5.3 Executables (64-bit) (HKLM\...\{29BFCE2E-AB24-41B6-92CB-E3B10339B02A}) (Version: 3.5.3150.0 - Python Software Foundation) Hidden
Python 3.5.3 pip Bootstrap (64-bit) (HKLM\...\{72F2DDCB-1B74-4D9E-A49C-9FDB3B602218}) (Version: 3.5.3150.0 - Python Software Foundation) Hidden
Python 3.5.3 Standard Library (64-bit) (HKLM\...\{0EAF0D8F-C9CF-4350-BD9A-07EC66929E04}) (Version: 3.5.3150.0 - Python Software Foundation) Hidden
Python 3.5.3 Tcl/Tk Support (64-bit) (HKLM\...\{D831294A-813F-44DF-A3FB-E7EE64F04BD5}) (Version: 3.5.3150.0 - Python Software Foundation) Hidden
Python 3.5.3 Test Suite (64-bit) (HKLM\...\{F051AEB1-7D5E-4833-81ED-FF3690D68E50}) (Version: 3.5.3150.0 - Python Software Foundation) Hidden
Python 3.5.3 Utility Scripts (64-bit) (HKLM\...\{EEDE1070-5CA8-4CED-9DD3-947A3EB482EB}) (Version: 3.5.3150.0 - Python Software Foundation) Hidden
Python 3.6.2 (64-bit) (HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\{f71cfe9a-4a67-48a6-844b-571a76b33d33}) (Version: 3.6.2150.0 - Python Software Foundation)
Python 3.6.2 Core Interpreter (64-bit) (HKLM\...\{DBBB1BBC-A398-4262-9C25-D7A6E9B06841}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Development Libraries (64-bit) (HKLM\...\{7EC331E8-5683-4B2B-A22B-5925DBE5E06E}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Documentation (64-bit) (HKLM\...\{978543A0-731D-4BEF-9CB6-9835B1DFFB33}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Executables (64-bit) (HKLM\...\{90A9D089-DB6E-48DC-9EEC-7F2229B2DFF0}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 pip Bootstrap (64-bit) (HKLM\...\{4FF902DF-D960-4A78-9C04-9D8E1CC33149}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Standard Library (64-bit) (HKLM\...\{1D2E9660-8DD7-4830-AFA6-5EC160F37A4E}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Tcl/Tk Support (64-bit) (HKLM\...\{27B26342-82FB-4CA4-9ADB-D09982631CB0}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Test Suite (64-bit) (HKLM\...\{9EE8E58D-3021-40C5-8FBB-BF3A91A0B44D}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Utility Scripts (64-bit) (HKLM\...\{907B8BA6-C91D-4A8E-8237-828BFAB77C63}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{2636F1E4-2BC5-4B19-BFFD-A08F72598309}) (Version: 3.6.6032.0 - Python Software Foundation)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.721 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-939175857-811873136-2089306365-1000\...\Spotify) (Version: 1.0.85.259.g4ab01679 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Driver Package - BigNox Corporation (VBoxUSB) USB  (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System  (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System  (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-939175857-811873136-2089306365-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-939175857-811873136-2089306365-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-939175857-811873136-2089306365-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-939175857-811873136-2089306365-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-939175857-811873136-2089306365-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-939175857-811873136-2089306365-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-939175857-811873136-2089306365-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Tarry\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-20] (AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-07-21] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-20] (AVAST Software)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-20] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-07-21] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-20] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {043E5050-75CF-461D-AEE3-E9525F15C4BA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-20] (Microsoft Corporation)
Task: {105AE932-5AE9-4C11-A2A0-54F6F888EE8B} - System32\Tasks\christelchristel => C:\Program Files (x86)\longtime\longtime.exe
Task: {157E98B8-1616-42DC-B947-94860DEBCD49} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-20] (NVIDIA Corporation)
Task: {15FBAB0C-FB67-495F-ACFD-F23AE2D12495} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-20] (Microsoft Corporation)
Task: {22E6AA15-F5FA-4B6D-AA02-3220CACFCA44} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-20] (NVIDIA Corporation)
Task: {29DF517C-5BC2-4CA2-BD6E-8C3ED9A21230} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {373E672E-E92E-4BF6-A286-440D3DCA58B3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-07-20] (AVAST Software)
Task: {3B4A954E-4898-46D2-9C2E-F3757F25A502} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {3C15CDCC-6C3F-476D-A526-12E360E165B4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {49B3D0CC-2841-4FA3-B158-C4CE9D8661CC} - System32\Tasks\amoramor => C:\Program Files (x86)\Examiner\investigators.exe
Task: {4BBF4789-641D-4D22-B8E3-06DB6D26C7BC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {4D986449-8F54-41B8-9C70-3F67EA320DC1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {50383B91-7A5F-451B-B554-2319A7698138} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {676AECA2-C0A6-4986-B1A0-2EBACA5A53C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-21] (Google Inc.)
Task: {69D01D6E-6581-4F36-9369-67754CE23838} - System32\Tasks\cp\cp => C:\Users\Tarry\AppData\Roaming\1.exe <==== ATTENTION
Task: {76917BD5-CDDE-4103-BE47-292AAC7C0EBA} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {7A7B9466-CB8A-4FE5-AD0B-180C7C3B409C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {82C75F03-974B-46BD-95F8-42C4DA263928} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {946A5D89-81FD-4F2E-B1A5-42B492A5C929} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-07-20] (Microsoft Corporation)
Task: {9AB66FBD-85BB-4806-9CE0-65257AD76017} - System32\Tasks\{DC222AFF-88B4-4F8A-864B-9B0806A22604} => C:\Windows\system32\pcalua.exe -a "E:\Program Files (x86)\Transistor\_CommonRedist\vcredist\2010\vcredist_x64.exe" -d "E:\Program Files (x86)\Transistor\_CommonRedist\vcredist\2010"
Task: {9CEBBBC2-2C33-4766-BED7-EF5D0AED9ED6} - System32\Tasks\Chameleon Folder-Tarry => "C:\Program Files (x86)\Chameleon Explorer\ChameleonFolder.exe" 
Task: {A12F5A55-8A1E-4BA1-91C4-F9C9B80ABD06} - System32\Tasks\amor => C:\Program Files (x86)\Examiner\investigators.exe
Task: {A7A418C6-17E3-4255-9691-F08BAC57DDA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-20] (Microsoft Corporation)
Task: {A8E34560-F00D-4A88-A0B7-E9836EDBB1F3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-20] (NVIDIA Corporation)
Task: {B8CF6F91-7B17-4332-A833-FD39ED144D7E} - \winlogon -> No File <==== ATTENTION
Task: {CF5E2ADA-B98B-403B-AA67-F7B0E22045D8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-20] (Adobe Systems Incorporated)
Task: {D3A2665E-D6E6-42D1-B278-FC76E1A3573D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-07-20] (AVAST Software)
Task: {D5B8CE77-FECB-42F9-A639-FA7C54985FEB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {D61E595E-0488-4124-B0D7-9C54DEDCFB64} - System32\Tasks\christel => C:\Program Files (x86)\longtime\longtime.exe
Task: {E845E3F9-2E9D-4862-895A-ECE416EB6355} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {EBA65E41-B04A-4982-8E87-F6016FD41799} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-07-20] (Microsoft Corporation)
Task: {EBBC0905-D2BE-4031-BABE-1D1F473BFB52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-21] (Google Inc.)
Task: {EF503655-FF82-455C-8890-2E80541E2060} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-20] (Microsoft Corporation)
Task: {F0C35CB5-B370-48B3-BAED-CE55FD850AF9} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {F431E0AC-DF69-44F2-A9E1-73D1BF44173D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-20] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\Tarry\Desktop\Gaming\GTA5 Mod Enabler.lnk -> E:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\Mod Enabler.bat ()
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-01-09 23:21 - 2018-02-24 08:46 - 000543248 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-27 12:20 - 2017-03-27 12:20 - 001354040 _____ () E:\Program Files\iTunes\libxml2.dll
2017-03-27 12:20 - 2017-03-27 12:20 - 000092472 _____ () E:\Program Files\iTunes\zlib1.dll
2018-07-05 23:02 - 2018-05-20 13:36 - 001315296 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-16 00:19 - 2016-10-16 00:19 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-07-19 18:09 - 2017-07-19 18:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2018-07-21 01:07 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-07-21 01:07 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-07-05 23:02 - 2018-05-20 13:36 - 095437792 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-07-05 23:02 - 2018-05-20 13:36 - 003029472 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-07-05 23:02 - 2018-05-20 13:36 - 000149984 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-07-05 23:02 - 2018-05-20 13:36 - 000020448 _____ () c:\program files\nvidia corporation\nvstreamsrv\detoured.dll
2018-07-21 00:04 - 2018-06-22 15:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-07-21 00:04 - 2018-06-22 15:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\AppData:CSM [470]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482]
AlternateDataStreams: C:\Users\Tarry\AppData\Local\Temp:$DATA [16]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2018-07-20 16:33 - 000001321 _____ C:\Windows\system32\Drivers\etc\hosts
 
162.222.193.86       aoaomo.tremorhub.com
188.95.50.62       bobomo.tremorhub.com
162.222.193.86       www.howcast.com
162.222.193.86       howcast.com
162.222.193.86       www.ustream.tv
162.222.193.86       ustream.tv
162.222.193.86       www.livestream.com
162.222.193.86       livestream.com
162.222.193.86       www.dailymotion.com
162.222.193.86       dailymotion.com
192.192.3.8       www.virustotal.com
192.192.3.8       virustotal.com
104.251.211.173 clients2.google.com 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-939175857-811873136-2089306365-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tarry\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{9808BDB2-4030-4114-A70A-597A0DCE1439}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C1C84CE2-C23D-401B-8518-565EABCE0B89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{98A21188-1903-4CE9-AB31-AE97BB8C9320}] => (Allow) C:\Users\Tarry\Desktop\Steam.exe
FirewallRules: [{20E707B0-9BCF-49EE-A839-E07F67E17778}] => (Allow) C:\Users\Tarry\Desktop\Steam.exe
FirewallRules: [{3C80DB92-045A-4D0A-9365-88950284796B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8804C0AF-8C70-4B6C-8985-E70ADDBFEEF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9331467B-E3DD-4937-8D60-DA5B173A101A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5DE01BA1-58E3-4ECE-8E9F-27A02799403B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{F393A46E-7353-4345-9397-960B9458D313}E:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{E8F7260E-C489-490E-AB0F-219AB65487D6}E:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{F664F89D-8B31-4926-91AE-D72AF7BD44B3}E:\program files (x86)\skype\phone\skype.exe] => (Allow) E:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FA2A1829-D72C-4314-AB3A-C1D21902F9F1}E:\program files (x86)\skype\phone\skype.exe] => (Allow) E:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{8ECF6A22-BC5B-43D4-B132-E492D2C923E1}C:\program files (x86)\lsi\lolsummonerinfo.exe] => (Allow) C:\program files (x86)\lsi\lolsummonerinfo.exe
FirewallRules: [UDP Query User{C269A106-C0A7-4F6F-B30A-8D55C3CAAC70}C:\program files (x86)\lsi\lolsummonerinfo.exe] => (Allow) C:\program files (x86)\lsi\lolsummonerinfo.exe
FirewallRules: [{DE69E35A-51B3-4B1B-A16A-25F5FF22D6AE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{60A3942C-2CB8-4FD5-A763-1726F388639C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{D1DDF2BA-2A28-46A9-AD74-1B6D299DB538}E:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{DE60B057-DD59-488F-9B09-B2FBDA7DA937}E:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [{AB1C8C3F-D1C5-41D4-B49D-EAEB49E4F408}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{34395703-EEBD-4641-A4B6-3E3C5E079F3A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{0A459770-4C09-4458-9AAA-F84EE3E47601}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{87B0C200-2BB4-4479-975F-287DC676C823}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{15A633EB-952D-4B55-B4DC-F0153D2C6B20}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{F9F7CE49-2433-4562-91F8-E16A050B0C92}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{13E6E179-F1EB-47C7-9C98-2B7A19C90310}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{C7AF3094-5774-4C18-839D-F688F450BBB7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{5DB5C99F-E108-4258-AEF9-7C3A0160C200}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{E99C0691-1CD1-4CCA-BA18-4F67C2D1F208}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [TCP Query User{2D736021-73A9-4047-ADFF-0CA60B74ADFC}E:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) E:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B0E38792-CA9A-438D-824B-68AA7E339262}E:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) E:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{514847BA-5A81-4CA2-8C24-8D0132CA0B4D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{643694F4-DEA8-4A1E-8066-22C726CADAD8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{0C1B5CEF-6FB6-4C83-9E70-C8A3C5660AA3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Eternal Senia\Game.exe
FirewallRules: [{8011F514-9DBB-40BA-8CF3-785A91B7CF55}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Eternal Senia\Game.exe
FirewallRules: [{3092AA5D-CDCC-491D-86FC-71F51B177307}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{289A6B3D-5B80-4FEB-83B2-8C10066FBBEA}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{70C7F821-E84F-458D-9243-292DAB70075E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{66A2328E-58EF-42D0-BE2F-C5A51B11B5A1}E:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5A437540-EC52-4EA4-8BE8-F3CF21AC7298}E:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{336CBC03-41F6-40C8-962A-FD1336ACE16F}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{B41258D9-8818-4ED6-8FDD-F32EDD8CC298}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{E3B72E89-1D83-4B5F-825B-C2011F160821}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\INK\INK.exe
FirewallRules: [{1CBDD77E-7DFB-4EFB-B706-CB9ED37AFE0C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\INK\INK.exe
FirewallRules: [{D53C6B0A-1ABF-456A-BACD-BDC04D618ECB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{0085ACDA-CFDE-4024-A0D4-3129A7A9FB10}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{C0CBA375-D165-499E-A937-97D75199E70E}E:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{08832CAB-59C0-4C7C-8BCB-E3D1FCC7CC5C}E:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{A379E66E-5ADB-47D7-A6E7-9ECEA9AF0D54}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{123120CC-989A-4A7F-AF9A-A455B2ADEC47}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{CF9A7453-A4A6-4DB7-85AA-7A3C6E7C9FA4}E:\program files (x86)\kodi\kodi.exe] => (Allow) E:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{3459047B-CAAD-46A7-9B50-3B44A8A4F63E}E:\program files (x86)\kodi\kodi.exe] => (Allow) E:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{4231C3F8-640E-4726-BC13-678F700414BA}C:\users\tarry\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tarry\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0C2C6874-B255-4EF3-BC13-7A154DDBDB67}C:\users\tarry\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tarry\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{CD7D7F65-3AED-482F-B427-CDBE1C7D694F}C:\users\tarry\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tarry\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BEA7287A-D1BA-4BF4-BDA3-7B74AA79EC9F}C:\users\tarry\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tarry\appdata\roaming\spotify\spotify.exe
FirewallRules: [{303BC73D-3635-429D-A0B4-B8E4EF08227B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Tales of Zestiria\Tales of Zestiria.exe
FirewallRules: [{5A95EEBB-6F26-427E-99F5-B73F511861D8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Tales of Zestiria\Tales of Zestiria.exe
FirewallRules: [{B343CF70-D8AD-472F-AF86-536143645FF0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8462D1CE-7E9A-4D38-AF8F-9AB3F7C3FB21}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E61623B7-FDDE-4FD9-A5CA-BA94E8AE1E8D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9B34C520-7F41-44D7-A825-009B60E0E561}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EDCAFB29-62D5-4B27-A232-15F8CF490622}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Knights of Pen and Paper\knightspp.exe
FirewallRules: [{05A01405-4268-4EAF-9F8C-DBFD46364F07}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Knights of Pen and Paper\knightspp.exe
FirewallRules: [TCP Query User{8C309630-30C5-4EC1-993E-FDB57C42D092}E:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
FirewallRules: [UDP Query User{43DE53F9-0A09-401B-9543-EB9594BFF3F6}E:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
FirewallRules: [{053E7033-8C33-4A4E-A285-BA67EC52E6A4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{9F3A1C64-B6E9-4579-9773-17F5BE7FF275}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{E582B061-C913-4ED1-B954-68A41A56CBA2}] => (Allow) C:\Program Files (x86)\PlaysTV\playstv.exe
FirewallRules: [{D10DE7BD-F62A-49A4-96DE-CC466F43E8A6}] => (Allow) C:\Program Files (x86)\PlaysTV\playstv.exe
FirewallRules: [{705E7494-B8E4-4457-A1A3-59A71EFBDC87}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{4B8B5517-BD96-422A-9540-7095C68413C7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{1F8AC58F-AF9B-4040-B904-68CF534F7190}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DeathSpank\DeathSpank.exe
FirewallRules: [{951825A9-AE75-497B-8588-2BB3A52E838C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DeathSpank\DeathSpank.exe
FirewallRules: [{1F37FB55-6564-4B27-83FA-3313E781B8E5}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{49326DF2-1229-41B9-84BF-CFC6F77E97B1}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{C5EDB487-70E1-4F67-B451-08E044FEEE6C}] => (Allow) C:\Users\Tarry\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3F1C2B6F-87CC-4286-B8C5-4BFD407B5254}] => (Allow) C:\Users\Tarry\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C1059802-9B7A-4786-9F1D-FC7B0F2BD03C}] => (Allow) C:\Users\Tarry\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0CCF40A1-77FE-4443-843C-1223D1AB7876}] => (Allow) C:\Users\Tarry\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2F44F7EB-3098-4D83-8CB4-EEB411BE802C}] => (Allow) C:\Users\Tarry\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D12B4780-AF94-4914-B09D-55EAF9734084}] => (Allow) C:\Users\Tarry\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{660B29DD-F905-4CB7-A951-15A74D266372}] => (Allow) C:\Users\Tarry\Desktop\ElDewrito_0.5.0.1_Release\eldorado.exe
FirewallRules: [{DB050F8F-7819-4A9F-BF88-04136721D037}] => (Allow) C:\Users\Tarry\Desktop\ElDewrito_0.5.0.1_Release\eldorado.exe
FirewallRules: [{1E4FA8FC-41B6-4531-97C9-218517AFD1CF}] => (Allow) C:\Users\Tarry\Desktop\ElDewrito_0.5.0.1_Release\DewritoUpdater.exe
FirewallRules: [{6ABE3196-6325-415E-8256-F5AC25ACAFDA}] => (Allow) C:\Users\Tarry\Desktop\ElDewrito_0.5.0.1_Release\DewritoUpdater.exe
FirewallRules: [{DD292170-7E72-4826-9925-1E608E832DAC}] => (Allow) C:\Users\Tarry\Desktop\ElDewrito_0.5.0.2_Release\eldorado.exe
FirewallRules: [{15F0DD83-516C-4C1F-86D8-F41DA196CE3C}] => (Allow) C:\Users\Tarry\Desktop\ElDewrito_0.5.0.2_Release\eldorado.exe
FirewallRules: [{21F04EBA-B137-4092-87E7-3A8E7B55ED2A}] => (Allow) C:\Users\Tarry\Desktop\ElDewrito_0.5.0.2_Release\DewritoUpdater.exe
FirewallRules: [{4ED7BF34-45AB-42CC-AF6A-219EB4505A2A}] => (Allow) C:\Users\Tarry\Desktop\ElDewrito_0.5.0.2_Release\DewritoUpdater.exe
FirewallRules: [TCP Query User{6CBE6F4D-CFA6-473F-AE23-6F78FC225652}C:\users\tarry\desktop\eldewrito_0.5.0.2_release\eldorado.exe] => (Allow) C:\users\tarry\desktop\eldewrito_0.5.0.2_release\eldorado.exe
FirewallRules: [UDP Query User{3101C14E-F6D8-4EBD-AB80-F22E94FA0218}C:\users\tarry\desktop\eldewrito_0.5.0.2_release\eldorado.exe] => (Allow) C:\users\tarry\desktop\eldewrito_0.5.0.2_release\eldorado.exe
FirewallRules: [{E5575635-7819-4B40-87FC-EF4883F67757}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{BE69C137-C3A1-4553-906A-DE3F6B4CBDB2}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{96A1BB95-9B4F-48C7-A6D1-87AB80A7FC82}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{D6CF9EAA-2EB7-4CA8-A0DB-CBDC32FE70C9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{DA2CD741-7830-4704-B95B-0402159351EE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{EA214529-9A3E-4127-8989-CDCABDF094DC}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [TCP Query User{3B4FB9C8-6992-44E6-A0F1-6513AFCE35C1}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{91A1CF87-9818-4DC2-BC3C-5E7C9210025B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{32A37B31-5D6E-49CF-BE97-E6341D42592C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [{BD0019E9-3C4D-4272-A56C-3CC62969621C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [{AF3214FF-19FE-44A0-9E3C-FF361E415636}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{9627E1CE-4849-45F6-9A9B-DBF3DB8246B1}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{A5942395-D21E-4D6D-BBBD-8BEFE04ADEC0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{7ABE9BD0-C0ED-4585-9C46-81D9BA564281}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [TCP Query User{2DDC21F0-C06D-403F-A726-041DA0552F49}E:\program files (x86)\steam\steamapps\common\dead by daylight alpha access\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\dead by daylight alpha access\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{A02CECC1-6511-41C9-9148-5A6432BA2B70}E:\program files (x86)\steam\steamapps\common\dead by daylight alpha access\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\dead by daylight alpha access\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{1DE78607-E595-4739-82D8-66ACE3B25984}E:\program files (x86)\overwatch\overwatch.exe] => (Allow) E:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{7983B5B2-6252-4AF8-897B-7454F56E1C84}E:\program files (x86)\overwatch\overwatch.exe] => (Allow) E:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{51F5F545-DD3E-431A-9706-C257DFC75652}] => (Allow) E:\Users\Tarry\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{C9EFA7A1-2279-4C07-BDB0-315AEA697B88}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{840178A1-AF0E-4A0B-A75F-994590577561}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{F5C8251F-987C-46C6-B1AD-4DD0FFC5E933}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{1686C6B3-5BA2-4698-B2E5-05DB05226D69}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{E09158AC-A0E8-4A75-B325-2980EC8F5088}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{4BA89120-08A3-4C67-813F-BC8579762814}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C8896CCC-8EC7-4404-852A-DA5F03EDD871}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8464B085-F315-4CA5-966F-B8AA7FAC6A8A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B02C72ED-15E5-4984-9BAA-0AF707377652}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9B477A01-2AF1-468E-947C-0F41B9C11F7C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{43C536A4-2FB8-4B48-BA49-1E52014B2F65}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{CF74E0A6-3241-4C96-8D0D-5F18081D4023}] => (Allow) E:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{74929841-1FC9-4A58-8B6F-46EFD65BACBA}] => (Allow) E:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{7DB6F65B-F720-4C0E-B817-6C31EA299F2F}] => (Allow) E:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{EB86903F-005D-4686-9440-2E3C026E18B1}] => (Allow) E:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{78B0613E-8B36-4D3C-98D6-1FD1A6222742}] => (Allow) E:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{83383FD9-3801-4CB0-95B1-2777F53E366C}] => (Allow) E:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [TCP Query User{A9146C89-2D84-45B0-BC4D-104247376602}C:\users\tarry\desktop\gaming\thefanlegacypart1\myproject\binaries\win64\myproject.exe] => (Allow) C:\users\tarry\desktop\gaming\thefanlegacypart1\myproject\binaries\win64\myproject.exe
FirewallRules: [UDP Query User{4AA043C1-C769-4B59-BB81-ABD565474F31}C:\users\tarry\desktop\gaming\thefanlegacypart1\myproject\binaries\win64\myproject.exe] => (Allow) C:\users\tarry\desktop\gaming\thefanlegacypart1\myproject\binaries\win64\myproject.exe
FirewallRules: [{1366522E-5392-465E-B27A-5DBF6961312D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A9978551-74B5-40FF-BEA8-8F120B72FDE2}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C3866545-6E46-4F93-A732-6930AFEC9F6F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{28A64D24-4991-472C-B41C-6ECB3C510465}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C53DC5AD-9E46-481D-B6ED-B36E74204CBF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{18CFA002-934F-4FCA-BC8F-582B247EA70D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8134BFD8-BC68-4259-B0AD-56455E087A3C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{71658F61-3A7A-4279-ABBB-CBF38AF251D7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BB65DA69-D6E5-4940-8F75-5DEF45657E76}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A22363FB-F23C-4808-B7EB-972915369DDF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{238D3A23-4648-4CCB-910B-1B7031B64755}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7010A315-CCFB-443F-B02A-E0F5AF3D9861}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B58BA11A-6D19-4931-A5F4-FEDF30155E15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D0766EF4-DEDB-4BD9-ACA9-39803D525EDE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{36FD9663-6C3A-47C6-89A8-862F8B465677}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7259DE9B-62AA-4EE8-AB5C-6002AED13811}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CDDF0861-8EFB-4FEB-952C-90BFAFD62DC8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{255E4CC1-9AF5-43DC-8C46-DE44CF9D9380}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7F999CC1-832D-47D3-8AE9-BDA017381FC6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{51C37AC8-0A98-4299-9930-B4C1B7F454C3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1788DAE4-7533-4415-B325-E10134776D72}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DEA40236-6157-4C3D-9EA8-27729B706DF9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4418404F-3050-4B8D-880B-4F49DF79A8A3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{ECF2A262-ACA8-4E54-88A6-E67B96B0A0C4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{02AEB60D-7604-4A9E-9AEB-DBD62F21521A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [TCP Query User{2657C689-CA62-47E8-8675-26DD44325511}E:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm 3 full burst\ns3fb.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm 3 full burst\ns3fb.exe
FirewallRules: [UDP Query User{E25CE194-2B0B-4534-AAA0-524DDC8F0DF8}E:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm 3 full burst\ns3fb.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm 3 full burst\ns3fb.exe
FirewallRules: [{B16BB14B-0052-411D-8A9C-7F7AF1C7538E}] => (Allow) E:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{B79D9EC4-74C4-464B-AF89-9FAF89ED225B}E:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{28798E3C-38D5-4EFF-802E-BBCE5EA42E37}E:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{E352D3F0-80EC-432B-B39D-0F27E7D44DC9}E:\program files (x86)\kodi\kodi.exe] => (Allow) E:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{07F50667-0442-4B02-A3A7-1279DDA3D4CA}E:\program files (x86)\kodi\kodi.exe] => (Allow) E:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{B1F7E754-7E09-4920-B35A-5472F3C48C83}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{8714EDC3-5A59-48AE-B7BA-EC6C66E194B1}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{2B68ADFE-31A0-411E-8A4B-720BF2EC62B5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{EBA91249-1A4B-4D96-BDF9-219E84B8EB78}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{C5EFFF40-BEAE-49BA-9515-1164FFAC3DD8}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{8D1B7BAE-36B0-44F2-8C14-9E9F24CA0F68}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{2CD468A6-5C35-4B69-BC0A-CA4DAE2F1BB7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D8D932CA-B1CC-4830-A58D-97BDDFAD67F0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C88A7498-2F0F-463E-B395-23920627606B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{AFC1985E-DFE2-4B39-A178-54CCC098CA64}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{544D1CF7-6962-4AB1-8E3F-07B3AFB396DA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{9051878A-98FB-4DB7-B382-9B279F0FFDC3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{A5D38AF9-AF18-4011-AF75-54F0A0C83ACC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{721346AE-ECA1-4D7B-B139-8F7B44363C76}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{2D73B57F-30D3-47DA-A307-266F6CCFC150}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D56081DE-3988-4B7D-9433-C3C3CFE4AABB}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8FDE31D2-7C93-44FA-AFA7-C6A549D649FA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E190D047-6C40-40BD-9363-41CFB85E8726}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1BBDD101-29B5-4C1A-81DA-83A3E8BBC1E1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{ABED1FFC-1803-4DB7-81E6-804AD445AFA6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AAA61C7C-3295-41A1-9942-92810DDFD784}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DCB8E43C-3919-4CD8-936A-843C2271AC24}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{13F96EE8-5D30-4A63-BC5C-50292E7B5F00}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8C8948D9-D74B-46FD-A896-B4A018343C01}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6AEA177D-351E-4BDA-BCB2-E5D8F6F360F1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B3862EBB-CDDF-4595-9900-2E344979A95D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6A1C8877-8466-4125-8A74-1B7F78266E1D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{95169F5A-1885-4D54-A5F8-7E06B8619308}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D6D9FCFE-A92D-46F7-BCE0-5AD12350BC7B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL REVELATIONS\rerev.exe
FirewallRules: [{4EB48EF2-2EEE-4B6A-9827-41B8ACF7C26B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL REVELATIONS\rerev.exe
FirewallRules: [{380D7CCC-F795-4A4A-B73E-17A06CA77951}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Resident Evil 5\Launcher.exe
FirewallRules: [{2850AE24-3BB2-49CC-8AD4-B3BC4320B3FC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Resident Evil 5\Launcher.exe
FirewallRules: [{E946463B-C067-4097-A3FA-DC78993209FE}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2F046EFC-E68F-4465-8DCB-6121D27058AC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{230D992A-DA34-4818-BF23-28B79C90427B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{384106E0-A970-4D72-AF71-939EF115E9B0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0D7C1EB1-EFCB-4BA9-852E-B00848E7AF6D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6AB71039-648C-4E35-B41E-782D9E463F7C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FD29FA43-01EF-4C49-8DBF-C8F752CBBA31}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{58A8DAC3-30A6-4074-B61B-050994685F20}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DA9B4697-F354-46EB-AF31-D194020F9745}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BE20F64F-B423-4C99-AED2-252FA11985C7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{77B3E14D-0658-45E9-9362-6A8800B81D29}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{427FD814-91F0-4F50-9EBB-B2AA708E6480}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{33B3DA57-FCF3-4C0D-A556-F191A87A787C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A63BF854-1813-4E46-85D9-1463FACA0DC4}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E6E038DB-9754-459E-89DC-CCB73EDFFFB9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{021A731C-B6DF-48AF-BFD8-1F0026BC9978}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BB4817B9-3E05-45D6-9478-8B8D81C60C90}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D652FCA2-D510-4867-BEB6-62D498CB3813}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1EC77C7B-1D33-497C-AA2B-A8DE879EF208}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{00F29EFA-F801-4D7D-9EE6-B4A3A2B03D69}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8F91482C-EE16-47D7-9893-646F55BDF4E6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{25918B1B-BE5C-4771-8DD2-A330F96163D3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{811712E2-1F23-4548-ADE9-2ACC88671BF7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B7FBC392-70BC-498F-8B29-0E2EFDFE62CC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3F1F8DBB-9619-4C82-A3F9-2D9246EEED1A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D128DFC7-2F2F-40FD-A2B6-83094AEB997C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9EEC4FEA-F0B5-4F7E-B6A2-AD87CA128A81}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{66CE06E0-C65E-4287-80B6-A59CE7A46243}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{12CF1A04-9F10-4ED9-BEC1-1D323B3EE16C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{34E49D3E-EB62-4F9F-B719-CC38C639C4BF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A131A2CC-ACAB-45B6-B24D-F4334CC2CA2A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F087E0C8-D1E8-4C4B-9908-576E0968C879}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FB48F9A8-FBC2-4FC9-8DA1-9508F8808051}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{007024C2-2C25-46B6-9884-3D7407E2F0BA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B8D61DA8-F114-46C5-8938-38FAF91D03D1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A6C9C715-45AA-442D-AC11-27204C16322C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4E282A08-BC36-4FC9-85E7-59479ABB4B99}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0AADC50F-112D-4FA2-8867-75F3117D3A50}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F14F9408-7980-40C1-A26F-8AE6340605FB}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C4509298-DF47-4E17-8DBE-F59416740D96}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{84F41265-A667-478F-AD96-64831CDA2A07}G:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx9.exe
FirewallRules: [UDP Query User{4A769321-0794-4668-AB97-D5D9A55BC4AE}G:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx9.exe
FirewallRules: [{A162CC68-020C-41BD-AF7C-1396EF0727E9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2E4D3A42-1EDC-4BB5-B800-5DFE0F1AFE1B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EF0E5E63-142E-4C8E-A398-4BBE369033B5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{611ACD16-BC7A-434A-BECB-0D4D1325E412}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DAC1A612-DB23-47AB-BC9D-8DA01771CD73}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6BEF5DFE-B389-489E-823E-CB542ED496FC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{13D17428-20B0-4636-85C1-B9DB07F70015}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CF2BCB3B-0DD9-4E22-8E3B-2CE84FC43926}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{018D4CFC-26A8-4321-8683-4AB2A30E6053}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{07815448-6881-4B62-A9E4-780F455B28CD}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1CBC54E-AE12-40CC-8FA6-96E47A75BA08}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{33219304-A4A1-4219-A07F-D0FFF746DD60}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{72B01DED-E854-4CB0-BA26-5432A8C9A7E7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F0BC450B-7DC9-483B-A512-EE83ACDB9518}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D054A6FD-2A74-4531-94D6-464720D4E70D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{378DB4C1-C54D-4798-9262-746734AB73B7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1A748977-C449-4407-8846-B2FE0D817999}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8D1DEB4F-F57A-45E4-B4EB-AFCB7AA7B9AC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7DFB992A-8B75-4963-8D3F-988FB94FE841}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C3CAF138-2C1E-4113-9BEF-4B65F8561FD6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7905E8C1-49DB-4304-B38F-29EB69984DBA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F316B2DC-3246-48B9-B731-E34F09EDF7F1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9CF516CB-FCB0-415F-BEED-BBB14F204333}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C9C6A790-FF39-4E40-B2E2-CFEDD3DD5DEE}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E6ECD3EB-DBA1-4973-905D-95E026EB452C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F29324D5-B469-45D2-A308-8E54AC7935F4}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8D089846-3B72-4A83-AA0B-2DBF644E0C4E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1EAAC63B-6E82-4E60-A648-C5B102DC8D5D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C353A10A-97F5-4910-AB63-B8934A0A4535}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{6A881465-C764-4409-9962-2B39851E4FA7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{479A3352-FE43-4426-8CEE-7231B33D4F68}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{0014E312-281D-4847-A67F-BE88DF9D1458}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{59555D6A-EE13-43C6-B4C1-686FDCF9C5BE}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{A88D5778-F224-48BD-B2F2-5ECD88059AC0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{B4E3AC11-F126-4908-9975-DBAFA967DC10}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7E7AD410-C56D-4E32-AC5F-19670F2A6F15}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{22B65F42-D874-4F09-9C90-218B593DF75F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{687179C8-F612-48E9-9B5F-6CECD4F8185B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{600E521C-61E5-4D59-AD83-CF64F96FD652}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1910354E-7883-4B29-A8AB-8A88E27385C0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{163F79EC-75DD-44AC-8EDA-A714F1691D6A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1628F055-1B94-4415-AE36-F66DE3C5B5C3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{750A2CAD-FB8F-4578-9E76-9F603B098990}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{272D81D3-463E-42C5-BD5C-B3038F267D2A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AB7B48A5-C5C3-4F61-9630-342B3E93F88C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{417E86D1-C0BA-4541-81A6-88707AFC82EC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B43EA30A-3F24-4A24-85DB-21E69C66BB52}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A57C3BBC-ADDD-4A2B-9AC2-439C4CF21BCA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C64202F2-9473-43A2-8E62-11DB013362B4}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{78C78A36-65A9-4DB6-B884-474D0A379C7C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F5115C13-D424-4A15-8CB2-CA745BFE1A94}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C41DC1C4-0D02-45EA-A04A-997A3DF6F928}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D3E82A33-B5C4-475C-A720-02882266FCB0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{02F2D4B1-D774-45CA-892A-6C97784F5864}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B042ED12-D13E-46E8-913A-7A938E3D66C6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{19B9D6D1-EB1F-4BEB-B3CC-3D71324F25F3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{688DE673-F163-4719-AF6E-D3970C3857D9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{4E75EC81-EDE1-4471-82ED-2D49F7FDA928}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{D8F2C52E-49FE-42FF-866A-44C0CB5BEE87}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E33E484F-6C8F-47B2-BA97-A1B31759D687}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D3C8CC0E-ECC7-4101-90FF-C771273D660F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A4A8E349-118A-42FB-B9CB-6402A5E72048}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3B751900-DDF0-471F-A2D9-2595BDB2262B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A4A42B08-2C8A-4F80-A962-DDE0D24A1F48}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{93F3E0E2-4C5F-4654-B6F3-04A7B2D16F9F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B45DACE6-6388-452B-95BA-F2FC33846FED}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5C11AEB6-5C65-4C5A-B3B6-4565D77658F8}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5717D693-A112-427F-BB0F-FDF38BF17DA2}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{329C0554-577B-40C1-9108-0EDEBF3D8D6A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B6AFB582-F868-472E-9AD8-7F0436095EC1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{265475DE-FCB3-4821-B519-4DC68EAC39CE}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5A203813-1852-4D00-ABEB-BA631953C389}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{969D57DC-8CAF-4C4F-851A-D711C4DD7881}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0FF17B0D-C811-4761-8AA7-59AB6331D3A0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2E782D8A-BE50-4D41-AC11-374AE7367F49}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3346F559-0932-4312-B348-4441F81F877E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2A7A1620-76C8-4E5E-8971-20833728F27A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DD3F118E-FBA0-4BEE-8B00-6EFEA18BAA3B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FF32CF94-AA3E-4EB7-99E0-86DB78E2679D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{413936D1-6B8B-4BBC-B10C-95570A9C8776}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FE56BE9A-A570-4D57-8894-B8C69573C4FA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Double Action\hl2.exe
FirewallRules: [{99CC74DD-8E79-4AAC-A421-4BC445CB66A6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Double Action\hl2.exe
FirewallRules: [{BB7538F2-C12F-41E7-A94A-D52916D126CC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A6DF51C9-F583-4378-A107-F76D61FFA102}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9F49A784-D9C8-4B36-8349-084C36DCD795}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0BB6A977-8C85-40CB-87C6-536DE8C51D8F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B6BFDF8C-7C25-440D-B0A2-334E0DCC89B2}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{2C0A0D7F-C25E-412F-8047-DE4C437CD1B9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{3A6A09BD-84B3-4C5C-828D-94AE7A36979A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{11E38D10-AA37-4502-855E-1C00C999064A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{17388B31-F964-4C1D-845C-6ED133BB0873}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C269CB94-FAC1-44B9-9F26-620E2C138C52}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F5F319A7-8B38-41C6-A2CD-087BA2B837B8}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\For Honor\forhonor.exe
FirewallRules: [{DCA892BF-66EB-46AE-92A3-F5AC65FFEF9D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\For Honor\forhonor.exe
FirewallRules: [TCP Query User{4A2B8DF8-4133-42FA-9700-A0D71991EDF5}G:\downloads\java\jre1.8.0_131\bin\java.exe] => (Allow) G:\downloads\java\jre1.8.0_131\bin\java.exe
FirewallRules: [UDP Query User{80C7B495-6D60-43F0-AFA6-C9C2940E2869}G:\downloads\java\jre1.8.0_131\bin\java.exe] => (Allow) G:\downloads\java\jre1.8.0_131\bin\java.exe
FirewallRules: [TCP Query User{5427146D-DE6E-4107-AE80-C7220887F0F3}C:\users\tarry\desktop\xmage\java\jre1.8.0_131\bin\java.exe] => (Allow) C:\users\tarry\desktop\xmage\java\jre1.8.0_131\bin\java.exe
FirewallRules: [UDP Query User{91045D23-AF86-4A3F-B3B2-6891843E66DE}C:\users\tarry\desktop\xmage\java\jre1.8.0_131\bin\java.exe] => (Allow) C:\users\tarry\desktop\xmage\java\jre1.8.0_131\bin\java.exe
FirewallRules: [TCP Query User{39EBC9A6-F370-4F3E-9C14-EFF6D18CA9E7}C:\users\tarry\desktop\gaming\xmage\java\jre1.8.0_131\bin\java.exe] => (Allow) C:\users\tarry\desktop\gaming\xmage\java\jre1.8.0_131\bin\java.exe
FirewallRules: [UDP Query User{C5F3D726-CC20-402F-A6A1-D46BDBFD47FE}C:\users\tarry\desktop\gaming\xmage\java\jre1.8.0_131\bin\java.exe] => (Allow) C:\users\tarry\desktop\gaming\xmage\java\jre1.8.0_131\bin\java.exe
FirewallRules: [{6F1494BB-92F1-430F-9401-6B840948D3BD}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DA1466BA-6808-487E-B9D0-27C4AE614E35}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0CC93F65-5A20-4FB8-A94F-3796B839482B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{B24D714A-649C-4380-95C9-6D515A8B1563}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{F104A4C9-C82F-4FEA-98E0-7EA0FFE9A23F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9F5CFB18-5DAC-4926-A09E-31A75CE42D79}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{05711447-DE22-4AD6-8A64-68ABB5D862DB}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EF05BAC7-7F12-4E94-A739-E48DA67A5CFD}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9FBD2141-5042-40A4-9186-1598C1935BCD}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{31E432D2-17F6-4FBD-9170-913C3959A658}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{35AE60B5-0ECF-489C-8508-BEFCBCA3F5D0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{19B0690E-DE93-4549-9802-438D56375D4C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C98206E0-E3AF-431F-8F03-8DBC9ED23ECE}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7156CE57-9E10-4B58-AA82-A8C2F57227B7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2B1DA790-6DF7-459B-A9C1-9CE4B3F84D59}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\dlc\NSUNS3.exe
FirewallRules: [{E44A478A-E0DE-487B-BE22-10F91FA90A18}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\dlc\NSUNS3.exe
FirewallRules: [{0FEFDBCC-A570-4E48-9CDB-2B529465A03A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{96D76577-9B45-4F60-8CF5-DB6929699B31}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{F5BAD0F9-97CB-47A6-97ED-7FF2A3D3EF9A}E:\program files (x86)\destiny 2\destiny2.exe] => (Allow) E:\program files (x86)\destiny 2\destiny2.exe
FirewallRules: [UDP Query User{B6ED9EA4-4787-4F50-9DFF-7D749B188013}E:\program files (x86)\destiny 2\destiny2.exe] => (Allow) E:\program files (x86)\destiny 2\destiny2.exe
FirewallRules: [{46F978CF-4993-47A8-A8FB-5B6F288ED36A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{39F6667E-8C72-47EE-8B71-165DE063ECD7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5DE38562-0250-4276-8106-4BB373843FED}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DF4C6732-8C57-4ACA-A57F-7FDC190C7A5C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B2B193A8-E8AE-427E-985B-1B5D516B2C4D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C8024C8E-DA7A-41D0-AB6B-1B504BCFCE06}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{6891DC71-3EB6-464C-B3D6-99D5928AC668}C:\program files\jetbrains\pycharm community edition 2017.2.3\bin\pycharm64.exe] => (Block) C:\program files\jetbrains\pycharm community edition 2017.2.3\bin\pycharm64.exe
FirewallRules: [UDP Query User{90EC3B6C-A286-44E3-B72F-13385632395B}C:\program files\jetbrains\pycharm community edition 2017.2.3\bin\pycharm64.exe] => (Block) C:\program files\jetbrains\pycharm community edition 2017.2.3\bin\pycharm64.exe
FirewallRules: [{E69A18AE-A50E-4170-9C51-923857C6F3BB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{45DD9F8F-5008-4447-8D01-AFA88AC8867F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{9292ADD7-AE65-43AA-B8A1-509826C9C687}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{49F2BA44-AC8D-48B7-83CB-B3C546B7796C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8F85B270-388B-4A9D-B275-B64325EAB1F9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{07735780-3F73-4B8C-A06D-EF4D1844A33B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{01D2C7D3-ECA7-4637-9AC1-B8C6A8EF1F53}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{ECA7A17D-91C4-4945-A905-974FE802355D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{574EBB8A-DF4F-4B50-A3D2-2C82E26E40E7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe
FirewallRules: [{258EA668-DFD3-4F79-AF31-620079B3F284}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe
FirewallRules: [TCP Query User{5348028D-C2BF-41BB-BD60-85511CC63DEB}G:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{677B3076-4472-484C-B63B-22F5D1E68914}G:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{9B19EE6E-6622-47E9-8084-1A25624B2373}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D9952FF7-504A-4995-8531-F11B924C0F09}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C15A3D5E-1996-462B-A85A-D2CD70663C96}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4AAFC4C2-6ECC-49EB-8DBC-47322277B0D5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F5E8D660-5E55-4E7F-8776-ECD535D36354}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{716EF541-9B20-43B2-8DBC-640E3067D8D7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DBC4ACDF-A335-45D4-BF60-97AE05EC4687}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2A56CB08-78E8-4DA7-A1E3-957CE0EF6A53}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9CD88E32-A6B1-450D-87F7-C9930CCD7AF5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{208E3971-60A1-4716-9F7A-55AF77F84C66}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6C01ABCA-878A-4D97-B2CC-94E3C24F75A5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F0DE226C-1A27-4D1C-9F56-7529C3375932}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1C43EB6F-5EB6-4316-813D-7912888F5B1D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{38D9C06E-5D80-46BC-ABA6-319C3280BA28}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8CD6BC6D-E00B-41B1-A06C-A676903B3BD5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7AFB83E3-BE4D-42DB-A1F6-9A87E83D2AC0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{469225D2-D38B-4B5E-A260-54697EA8E245}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C759E1CB-1DF3-4AEA-A16F-FF793CBCE980}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FFDD7ACD-389A-4BD2-A1DB-42C05C661460}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C3B2E0AF-5E94-42DD-B1E8-64EDB62C3E8E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{87AFF557-E0ED-4470-A7E2-98062B885FB5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{764FD8DC-20D8-4A90-9C36-D2516DC802C3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6BB37E70-8A72-4F9F-913A-746AC4E29B53}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{36E15FB9-203B-41D9-9C44-760826CB0157}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{82591608-BFFB-4F8F-8FD8-65F7D8176C8E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0D1F14C5-CF45-4B78-86E8-F2AE980E490A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{972A20D7-DB1C-43B4-84C2-5BB4625234D0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2164BFA2-2010-4B83-8D6C-CB89A180AFBF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C6BB60D9-27D5-4BE9-938E-6F69C8A7F60A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A4387AAD-3AFD-4EA7-8375-25B8422B347B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6981BB1B-472C-42E9-B0B7-49D16F79EB6F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{7ADE6119-B5DE-4F06-AFCF-BCFA53086888}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{EA893D81-999B-403C-929A-6754067CD6F6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{805E5701-84C1-4D17-9A73-5FDA121A7D5B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{585DAFD6-5BDE-47C9-873D-A81C373AC810}G:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{3C77D89E-C32C-4942-B85F-DA2197D3C603}G:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{8588694F-82CB-4746-8C50-E63D54781802}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E85C1A88-7C55-48B5-86EA-A2DBED66C2F1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D4C4225D-4553-43E2-B20D-9B4DFAE64B01}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1064B83E-319D-4B30-952A-96C2F37DD954}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DCB2AA1C-2C14-4ECA-BA07-C1E2166EAE88}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{84BAF51D-F494-49C3-AF99-C9C74BC55D62}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1939818A-0DA0-4DE6-BEE1-52A5B064ECE7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5852D40C-6C4C-4DC8-BE71-6881BFA4F725}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{787269A5-9624-474B-861C-C0A2F96275E6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B92A532C-0B0E-4010-A93D-5314BC355A57}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{9E31B4B4-B902-41A7-BFC1-EA71E9B59C28}G:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) G:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{B1ABF9C5-72FE-4178-A3A9-DCB90350562A}G:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) G:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{9A9A96B1-65AA-4E71-84B9-41267B9DDCD9}G:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) G:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{ACF1C061-D55A-4E7E-8ED0-FAB2A346CD0D}G:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) G:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{ED36BDF2-3D55-42D4-96EC-FAB4FAE46EE0}G:\program files (x86)\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) G:\program files (x86)\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{D3EA74D4-EF90-4D71-AEF0-76D3C1E79440}G:\program files (x86)\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) G:\program files (x86)\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{76628187-96C1-4607-BDF9-E722F910FA78}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{08B6412F-AF3C-418B-B739-779C0FC532F0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4F606406-484A-47F0-BF60-9717F9180341}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DEC0E33B-475C-428C-8CF7-F4CF6076F99D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9F6D00D1-7370-400C-9A15-390B3F08BF73}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BFB58C34-4BA4-4312-B9E9-D0755820EE57}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{656BBD75-D725-4923-A570-2F95732C229B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{83BCD519-8711-4B14-872A-004B818E095B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D27AA661-6921-416E-99AF-169E249C7B3C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F4B7F2C6-0735-4DF1-B405-B47D644AE377}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{579106FD-8213-4E30-8888-C2AAFF5C393D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DAB3584D-0159-41F0-88E9-56174CCE0540}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3EFB6032-8A42-45EE-8195-9400BA0BF48C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CB16354D-F9D7-4C9D-A0D1-E58C39B1923C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AAB96377-CEC9-4F8F-9C7D-1746D95B0565}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EB6C58AE-7FBC-42CC-A70E-D2ED18B453A7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D39007C8-5B1F-456F-8680-C90F55287507}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A78FC6D3-3DCC-4153-91A3-499A128524C3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8D290E09-939D-4BAA-8BCE-A3F352EF1F18}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1F6F0D5B-0D5F-4AFB-AC68-5D698B69B0C9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{003C609F-CE29-4AEE-B93E-425ABD047A10}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA97C7B7-FC0F-4164-AB7F-8EB536214FF0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AA8E808A-D609-4FAE-890B-E5C3EC4439B0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1BADDAAF-A964-4850-8B7B-86B74BF4047E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{873D40DE-06B5-4AE8-B1CA-8A9BC77D41CB}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{50BCA43D-5755-4EA4-A867-640F18BA8C70}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DB711A81-5311-4660-BC8E-DAB12D4FCDD6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8BEB8B20-57F1-455D-88EB-DB8328F29E0E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FED12AFA-5BF1-4250-A426-A292A2110E7A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{29CDF151-E451-4993-9E1F-CE8F4079F9EB}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{149D5264-A684-4606-AD2C-4313907337F2}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E626F5D5-D44E-4F79-ACB9-096F46C65B28}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9BD94B22-033F-4BF6-A0E0-A90BEFCF04D1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{6DF449D2-7BEF-44EE-95A1-309D4691A1FE}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{AA5FD4A6-A43F-443F-A99B-EB7294890024}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{64907EAA-7A98-4E87-9BC2-358648608748}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{898F8997-DC5C-493F-9E86-6D32D61E35AC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DCBFBE76-A343-4D76-896E-CB7DA93F266B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{45E41A31-421E-46BE-9A5A-B121893AAC87}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CFCCBCF4-7063-4EDC-B325-DC80EA2BEC0B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{918293EA-7648-4B5B-8C44-E9C40C9A6F91}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{BE06C2A4-3086-4F51-A36D-18C0D4860AA8}] => (Allow) E:\Riot Games\League of Legends\LeagueClient.exe
FirewallRules: [{B379CB5C-2FD9-4174-AD69-6DCC2CC000EE}] => (Allow) E:\Riot Games\League of Legends\LeagueClient.exe
FirewallRules: [{0D58C028-7A80-410A-9373-C5F8498BAE80}] => (Allow) E:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
FirewallRules: [{56A13610-764D-4490-9446-A0826A8D8C9A}] => (Allow) E:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
FirewallRules: [{7ED9680B-BF25-464D-B17C-FC9E9D55AF9B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{07020C04-333A-4843-B8AA-C50EFA307D10}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5CC32E65-EE79-4E4A-97C4-42C101E88984}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A38432F5-6772-4F9A-8555-D7393A21C217}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{66EE4E4F-CA5D-405B-A4B1-13620FE1C5CA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6D729CB6-5E71-4E04-82DC-F469A4FFDB42}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{76B8DF30-4E23-49EB-A7A4-47772B835451}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{25A1D367-A3DC-4A54-B1C8-4EFA19E009F5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B4E11AFE-62E6-4A56-8411-837115A88AC9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1DB67D9E-4675-4566-B746-3E9BEF575AE4}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{574F43F9-FCED-4459-AFE1-EAAEF2AED78A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E557706D-BECC-42A0-A83A-F4A9865186D7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5DF4D2E7-1819-439A-84C2-0C174DB73585}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{068B6A5E-5142-46C3-810C-D8D99F49D6A2}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EDC7A0C5-338E-43B1-97FC-226230FF8A3F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XV PLAYABLE DEMO\ffxv_s.exe
FirewallRules: [{2DA7C8BC-9D46-408D-985C-E7B337CBEB44}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XV PLAYABLE DEMO\ffxv_s.exe
FirewallRules: [{68D40920-A64D-4DE8-8F17-D4E2C7004F20}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{991693E9-1455-4F55-B481-B14976FA440C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{089B838C-FB7C-44AD-A826-4EF408367EE7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{50AF4E97-136C-4BEA-B8B4-B06CB0C57105}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{20C4AA85-B5D3-4447-A3C9-E8939BA68486}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [UDP Query User{496B5200-D1D2-476C-A8CD-81CE86FB746A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [TCP Query User{B6E623A4-155F-486E-9D6F-B88D932E3BA3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [UDP Query User{7D0BC1A1-B760-4C20-89B0-22360F3AA8A9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [{BE24601E-1BC3-43B0-A310-AB1F0862AD23}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F730EC7E-CE76-4977-98DF-4B8C50503B8E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{30598238-1928-4333-9A4E-2904995FF81C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{670CC643-BD76-4910-BA81-329C53990018}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FEE08960-F1CD-4817-8434-5C3C042B0BCC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6F2BAE3C-749C-417C-872F-0E99B5A3D803}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{2A13957B-E4BA-4C4E-BEEF-A2C1B732C6F3}G:\downloads\transistor-codex\1\botn_public_06441a_windows_x64_dx11\radiant\binaries\win64\radiant-win64-shipping.exe] => (Allow) G:\downloads\transistor-codex\1\botn_public_06441a_windows_x64_dx11\radiant\binaries\win64\radiant-win64-shipping.exe
FirewallRules: [UDP Query User{3BCF9A01-BD6A-4652-A8D8-2434D221C0F8}G:\downloads\transistor-codex\1\botn_public_06441a_windows_x64_dx11\radiant\binaries\win64\radiant-win64-shipping.exe] => (Allow) G:\downloads\transistor-codex\1\botn_public_06441a_windows_x64_dx11\radiant\binaries\win64\radiant-win64-shipping.exe
FirewallRules: [{A9AAC5BE-5EF9-4AFB-A2ED-EB1E964579CD}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\SoulWorker\SoulWorker.exe
FirewallRules: [{702E37B4-7165-4257-992D-B6DA8EEA8FCE}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\SoulWorker\SoulWorker.exe
FirewallRules: [{59A0E6DC-DFC2-4781-B40B-6C57FC23B8E2}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A87A5053-F96E-448F-986C-AA2AD1A23C87}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E7A8362D-CBA9-4C02-8C2D-1C016CAAD7DA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F96EDC1F-6474-465B-B7AF-B053BE7322D0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{8AECFAED-89E9-4D97-89D0-8D31A3C1266A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe
FirewallRules: [UDP Query User{45C83A93-E738-4F99-8D8F-3F65B0606C5A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe
FirewallRules: [TCP Query User{DE94E480-778F-4EBB-933D-663CA5262F30}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [UDP Query User{299289ED-934F-47A4-914A-5FC6FB41CC05}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [{E54EA987-8A5B-46C3-B432-AE9013A2ABD8}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{22D6F665-C58C-4FAB-8C94-F8BD6E215760}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DA5ED025-482E-4832-9CA8-5F51694C048B}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{7DE0030A-4F2F-4952-A7B2-6433F381B710}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{EB9F8037-8FDC-464B-91F9-532C4B6F528C}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{A97F7619-00AB-4829-AF7F-A64D37132D06}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{76F59643-8261-4866-8C17-18592CFE8143}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{7F222FA0-2EBA-467E-9317-12BA4E70BEF5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{127E871E-7A1F-487E-A993-997B975FF02F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{F23B456A-D659-41F2-8061-F24CB5E15D1B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [TCP Query User{63223EF5-82D6-4733-AF64-FDDBC1042AEA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [UDP Query User{175A190B-49CE-4199-97CC-CF359DC3B53D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [{D5A9CCAF-4B2B-46AB-850C-9149038039C9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Double Action\bin\hammer.exe
FirewallRules: [{2BA41DC2-924B-4154-A54B-8949591BD304}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Double Action\bin\hammer.exe
FirewallRules: [TCP Query User{C1FABA57-130D-4127-8AB9-2CA589D22A23}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [UDP Query User{62D60A03-D594-4797-8FB9-4A599CC0CA9F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [TCP Query User{47154380-D56F-48AB-8673-4EBA03F420A2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [UDP Query User{AF72FF2F-F873-4206-BBED-87D5DC076BA9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [{A587712F-D663-425F-8070-01A662889DBA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\We Were Here\We Were Here.exe
FirewallRules: [{960CE77F-95DF-4710-AA98-F272D93B68EB}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\We Were Here\We Were Here.exe
FirewallRules: [{837742A4-71D4-43B9-9A79-3685A4B18D80}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\We Were Here\We Were Here VR.exe
FirewallRules: [{70DB7338-CCD9-4F6B-A9D6-5695998C54A2}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\We Were Here\We Were Here VR.exe
FirewallRules: [TCP Query User{8EA99DB0-5A0E-49B1-ABEA-258A6C1500DD}C:\users\tarry\desktop\gaming\halo\eldorado.exe] => (Allow) C:\users\tarry\desktop\gaming\halo\eldorado.exe
FirewallRules: [UDP Query User{642E6C62-98C1-4BCC-B30E-25C8DEC7DB75}C:\users\tarry\desktop\gaming\halo\eldorado.exe] => (Allow) C:\users\tarry\desktop\gaming\halo\eldorado.exe
FirewallRules: [{F93A333A-EAE2-49BE-95E2-AFCF4B6F2640}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{CF64B2C5-DE78-47C6-8128-1312A9548CB7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{AA787B7B-13EC-4AAE-A7D2-7E05FFF68A04}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{36A7CD48-8FE2-4E6A-A400-8D9068F28AC0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DB6AE4CE-5118-4B53-9205-86714B773C91}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{AEC0FEF0-0B89-474C-9A6B-5F6123AA98B6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{FFA7712A-A4C5-48B8-ACC9-01FE00145ABA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{5AFB81DB-4426-47F3-B2FC-91E6E64B6DF6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{FCA20CE7-B9E6-426F-B593-E82CE35319A7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [UDP Query User{1CF6D697-0112-46B8-898E-146F48D237F3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [TCP Query User{DD4FA3F9-421A-431B-AA8C-F85CA74854EB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [UDP Query User{4294016D-9D5E-4CDC-895A-3B496F112318}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [TCP Query User{FC96638F-143E-4F3A-BC66-9FF9529478A3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
FirewallRules: [UDP Query User{08D8CBB0-D425-438C-98F3-87A1FB08693C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
FirewallRules: [TCP Query User{C3683ECE-CA7C-4634-BC88-21EFBF3478E7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [UDP Query User{7C9E8673-35BD-477C-A164-912C1E216F88}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [TCP Query User{79092E03-B1A9-42C5-8EED-DAD343AE2FA8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.145\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.145\deploy\leagueclient.exe
FirewallRules: [UDP Query User{25C55391-D605-4518-9A37-8D45CF3209A2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.145\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.145\deploy\leagueclient.exe
FirewallRules: [TCP Query User{A2E79004-760D-4E48-B48B-C24BB439F3CF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.146\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.146\deploy\leagueclient.exe
FirewallRules: [UDP Query User{CA08D1B1-73E0-4CA6-B37D-2C531E54C77D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.146\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.146\deploy\leagueclient.exe
FirewallRules: [{87222FC3-2178-4C2D-8D2D-5F077ECA22C9}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{97FB0BA8-5399-4336-B638-EF7EED5486D4}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [TCP Query User{E3496312-E3B5-4B5D-8BD9-9F1C5EFD74DA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [UDP Query User{8617E204-9D72-49C6-A804-AF3D1B021413}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [TCP Query User{BCE70D59-73EC-48E7-86CC-7570DE132B2E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe
FirewallRules: [UDP Query User{EC5BA063-3E4B-4938-8DDF-3BCB3E5A8BD3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe
FirewallRules: [{E3C38F47-0466-478A-ADDB-D3890150258A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Faeria\Faeria.exe
FirewallRules: [{1BFDA740-36D8-4E27-A572-E4A7BCFDE67B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Faeria\Faeria.exe
FirewallRules: [TCP Query User{61C06907-8B31-4534-BBA9-EC9ABB90A41C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [UDP Query User{93ACD67D-0C3F-4972-B5F5-241461EC92C4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [TCP Query User{53E29C81-3977-4185-B364-F467629078D2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe
FirewallRules: [UDP Query User{8A0FB3D0-E144-4FF1-B3E0-310326617E00}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe
FirewallRules: [TCP Query User{F7C393A2-D4DE-4AA5-BB8B-C54F3A5E3379}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [UDP Query User{9D496D90-2CA4-495C-8C51-A02B6ECDE5EF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [{3DE76688-0173-47AE-8A24-B04EED24E307}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Darwin Project\Darwin.exe
FirewallRules: [{4ED71F8E-3383-4B57-9EDE-BD96ACFC4EA2}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Darwin Project\Darwin.exe
FirewallRules: [{2FDA51E5-6846-4B5E-BE6F-6D1CC58F6099}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Darwin Project\Darwin\Binaries\Win64\Darwin-Win64-Shipping.exe
FirewallRules: [{736D6B23-0923-4263-94F2-F459E3EFC036}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Darwin Project\Darwin\Binaries\Win64\Darwin-Win64-Shipping.exe
FirewallRules: [TCP Query User{C177871F-CAED-4610-B445-35F2302DB658}C:\users\tarry\desktop\gaming\n64\project 64 1.7\project64.exe] => (Allow) C:\users\tarry\desktop\gaming\n64\project 64 1.7\project64.exe
FirewallRules: [UDP Query User{3E2E0E6D-AF27-4C15-9E45-31D1DBD07F3A}C:\users\tarry\desktop\gaming\n64\project 64 1.7\project64.exe] => (Allow) C:\users\tarry\desktop\gaming\n64\project 64 1.7\project64.exe
FirewallRules: [TCP Query User{F3903573-90B1-4797-89B5-71861CFFF4AB}G:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) G:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{F5A816B6-3B67-4F16-9AB0-67BA661CD24B}G:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) G:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{66E868E0-F415-425D-BF7F-BEF3E538E47E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
FirewallRules: [UDP Query User{DDDA0349-B023-471C-A9C5-8C97B323862E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
FirewallRules: [TCP Query User{AD393291-A14C-4B05-BA33-E8379AB8C4F0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [UDP Query User{21439EE6-E524-45AE-9BE5-26B36097ED08}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [{C34FC940-08A2-438D-B65D-C5C9FA1448FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A0D4C4C2-0831-4C8B-8727-99891F0A93C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CE0E0BFA-CB85-4FE4-B6D5-37CDE6DEF183}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5D51BFC4-0054-4CCC-90BD-0FBCAD99C712}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{69F8C7A3-6435-49ED-BF7E-3BE4AE1D670C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D2AD4EBF-ADB7-4468-90B4-8B0EA9E9FA34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EE3652B6-6323-4611-8BF0-5965350EAF89}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tales of Symphonia\TOS.exe
FirewallRules: [{21696C51-E7A1-4681-8E9B-A0BBB4F7AD5F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tales of Symphonia\TOS.exe
FirewallRules: [{0BA6FC2A-AE3D-4BD5-A076-612E343AE9D1}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{9D924315-B657-45E0-8A94-7453D3BB564A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{BECDE336-ABCD-483E-8275-081F761FE15E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{7666AC4F-DE79-4A3B-BD4B-E608D1121B41}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [TCP Query User{A30D5410-B371-450D-8AD2-3529F23D595C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe
FirewallRules: [UDP Query User{4EB55AE4-02E6-42C2-8B40-241537A81D70}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe
FirewallRules: [{BBFA1F63-D01B-4FED-857B-6B0DD18442A1}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [TCP Query User{1AEDB9F5-5EAE-4E0C-A6DD-95F1A3522A80}C:\users\tarry\appdata\roaming\codeintegrity\client32.exe] => (Block) C:\users\tarry\appdata\roaming\codeintegrity\client32.exe
FirewallRules: [UDP Query User{64F9C352-9FC9-4B81-988B-06C09D36A021}C:\users\tarry\appdata\roaming\codeintegrity\client32.exe] => (Block) C:\users\tarry\appdata\roaming\codeintegrity\client32.exe
FirewallRules: [{CDC99D97-F1DC-442E-8807-436C63A96C02}] => (Allow) C:\Users\Tarry\AppData\Roaming\CodeIntegrity\CLIENT32.exe
FirewallRules: [{59821C6B-5CD8-4F96-A3C3-90C6E02EEDE2}] => (Allow) C:\Users\Tarry\AppData\Roaming\CodeIntegrity\CLIENT32.exe
FirewallRules: [{8BF18232-7458-4194-818A-3930606C41F2}] => (Allow) C:\Program Files (x86)\Pale\Foetus.exe
FirewallRules: [{2D828388-2845-499B-99EF-4EED3F50C77C}] => (Allow) C:\Program Files (x86)\Tania\Foetus.exe
FirewallRules: [{D47FF80F-4E81-4A78-BCC7-A4767CADB681}] => (Allow) C:\Program Files (x86)\llanos\Mcluhan.exe
FirewallRules: [{C583AEA5-0E44-4BB5-AF7F-1F5739636685}] => (Allow) C:\Program Files (x86)\Tania\Mcluhan.exe
FirewallRules: [{79E51A9B-F7D0-4B92-BB11-F06BE1E365C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: powzip
Description: powzip
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: powzip
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/21/2018 01:43:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (07/21/2018 01:32:09 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/21/2018 01:32:09 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/21/2018 01:10:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (07/21/2018 01:06:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (07/21/2018 12:31:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (07/21/2018 12:24:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (07/21/2018 12:21:31 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (07/21/2018 01:45:16 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
 
Error: (07/21/2018 01:45:16 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
 
Error: (07/21/2018 01:45:16 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
 
Error: (07/21/2018 01:45:16 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
 
Error: (07/21/2018 01:45:16 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
 
Error: (07/21/2018 01:45:16 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
 
Error: (07/21/2018 01:45:16 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
 
Error: (07/21/2018 01:45:16 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
 
 
Windows Defender:
===================================
Date: 2016-06-05 12:26:41.253
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{821D2E97-446A-426B-B25C-65848C63C059}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
 
CodeIntegrity:
===================================
 
Date: 2018-07-21 01:41:19.478
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-07-21 01:16:16.763
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-07-21 01:08:52.242
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-07-21 01:04:41.529
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-07-21 01:03:43.284
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-07-21 00:57:39.381
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-07-21 00:29:59.520
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-07-21 00:23:26.042
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 37%
Total physical RAM: 8168.89 MB
Available physical RAM: 5097.36 MB
Total Virtual: 16335.97 MB
Available Virtual: 12995.63 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:223.47 GB) (Free:72.32 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:698.54 GB) (Free:113.57 GB) NTFS
Drive g: (Local Disk) (Fixed) (Total:1863.01 GB) (Free:1153.62 GB) NTFS
 
\\?\Volume{2b10f8ab-0189-11e5-ac32-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: D7D08D6D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 34098FE1)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: A4039702)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,449 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:12 AM

Posted 23 July 2018 - 02:58 PM

Greetings ASadTerryy and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me just a bit of time to review what you have posted.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,449 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:12 AM

Posted 23 July 2018 - 03:23 PM

Greetings and thank you for your patience.

Do you have a 7 Home Premium Service Pack 1 (X64) Installation Disk?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#5 ASadTerryy

ASadTerryy
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:12 PM

Posted 23 July 2018 - 03:25 PM

Hey Gary thanks for the response and apologies for the other post. No, I do not have a Windows 7 installation disk. Is there an alternative?

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,449 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:12 AM

Posted 23 July 2018 - 03:30 PM

That's OK, I understand. Your computer is still not feeling well.

Follow the instructions here to create a disk or USB. If at all possible use a clean computer. Once we have a disk or USB you will need a second USB in order to complete the steps we will be taking.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#7 ASadTerryy

ASadTerryy
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:12 PM

Posted 23 July 2018 - 03:51 PM

Alright will do, is there a size requirement for the second USB drive? I believe the second one I have is 2GB

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,449 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:12 AM

Posted 23 July 2018 - 04:13 PM

8 GB?

The second one is fine.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#9 ASadTerryy

ASadTerryy
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:12 PM

Posted 23 July 2018 - 04:46 PM

Alright, I have put the Windows 7 Home Premium ISO onto my flash drive. What's next?

#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,449 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:12 AM

Posted 23 July 2018 - 05:01 PM

Very good.

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
  • The information will be copied invisibly and will be "pasted" into FRST automatically when you click Fix as instructed below
Start::
CreateRestorePoint:
cmd: bcdedit /set recoveryenabled Yes
cmd: bcdedit
End::
  • Click Fix
  • Please copy and paste the contents of Fixlog.txt in your reply

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#11 ASadTerryy

ASadTerryy
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:12 PM

Posted 23 July 2018 - 05:27 PM

Okay, here is the log below:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 21.07.2018
Ran by Tarry (23-07-2018 18:24:34) Run:1
Running from C:\Users\Tarry\Downloads
Loaded Profiles: Tarry (Available Profiles: Tarry)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
cmd: bcdedit /set recoveryenabled Yes
cmd: bcdedit
 
*****************
 
Restore point was successfully created.
 
========= bcdedit /set recoveryenabled Yes =========
 
The operation completed successfully.
 
========= End of CMD: =========
 
 
========= bcdedit =========
 
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {6eb27b7b-0191-11e5-a8d8-9295e88aa589}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {6eb27b7d-0191-11e5-a8d8-9295e88aa589}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {6eb27b7b-0191-11e5-a8d8-9295e88aa589}
nx                      OptIn
 
========= End of CMD: =========
 
 
==== End of Fixlog 18:24:40 ====


#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,449 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:12 AM

Posted 23 July 2018 - 05:38 PM

Excellent, this is next.

===================================================

FRST Scan Using Windows 10 Operating System USB Device

--------------------

For this procedure you will need a second USB device in addition to your USB device containing the Windows 10 Operating System.
  • On a clean computer download Farbar Recover Scan Tool for 64 bit systems and save it to a USB device which does not contain your Windows Operating System
  • Remove the USB device
  • Insert your second USB device containing the Windows Operating System into your compromised computer
  • Click Start, type Recovery, then click Restart now
  • Click Use a device
  • Select USB Drive (UEFI)
  • After the computer boots to the USB device at the Windows screen click Next
  • Select Repair your computer
  • Select Use a device
  • Select Command Prompt
  • Insert the USB drive containing FRST into the compromised computer
  • In the command window type in Notepad and press Enter.
  • Click File then Open
  • In the lower right hand corner change Text Documents (*.txt) to All Files (*.*)
  • On the left side locate and double click on the USB device containing FRST (the FRST icon should be visible)
  • Right click on the FRST icon and select Run as administrator
  • Click Yes on the Disclaimer
  • Press Scan button.
  • When completed a (FRST.txt) file will be created on the flash drive. Please copy and paste the contents in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#13 ASadTerryy

ASadTerryy
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:12 PM

Posted 23 July 2018 - 05:50 PM

When I type recovery into the start menu, the first result is system restore. When I click Open System Restore, I do not get the administrator prompt and nothing happens. How should I proceed?  



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,449 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:12 AM

Posted 23 July 2018 - 05:55 PM

Review these options.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#15 ASadTerryy

ASadTerryy
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:12 PM

Posted 23 July 2018 - 06:21 PM

When attempting to boot from the USB from boot options, it seems as if my computer starts up normally. Would it have to do with differences from windows 7 and windows 10?

 

Edit: Would like to note I am using option 2 from the article you linked. I press F8 as I start my computer and choose UEFI USB drive to boot. 


Edited by ASadTerryy, 23 July 2018 - 06:24 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users