Solved Can't remove dwm.exe and indexer.exe in APPDATA folder

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-516494932-2024577555-231657829-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

==================== Restore Points =========================

27-04-2015 17:47:38 ComboFix created restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-27 18:03 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05A0D95A-5E93-4908-A65F-5B7775E18C71} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {1EF385C0-7639-4235-808F-C8025967350D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {6D6EC657-3E76-42F1-825B-95B236472509} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6E0C17BA-FA34-47A4-8A80-5B1A3CC14194} - System32\Tasks\AdobeAAMUpdater-1.0-TOMPC-Tom => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {757DC163-F415-465D-B18D-4CA45CB56DDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-13] (Google Inc.)
Task: {849008D2-3025-40C0-8BF9-3E2C87479983} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {9E3144F1-BD3B-46BC-B29F-9C974821E82F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-10] (Microsoft Corporation)
Task: {A0DD2A05-C8C8-4684-9679-6F8895E22E51} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {BF44A012-7054-4904-A194-8D15C125717C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-13] (Google Inc.)
Task: {C250B55E-85AE-4BC0-900B-439567E17DBA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {CB51F8FA-BA08-4EDB-BB81-787823DEE043} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {DBF1025D-7B64-4DE0-9D14-2DBF74DC6697} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E00F61E2-BDC0-43CA-B2E7-9C5EDF5BE357} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {E06CEFE9-798C-4CE4-84EF-DD641E8AEA87} - System32\Tasks\{7C8AD38A-B998-4356-ACC9-1660F7E0869E} => pcalua.exe -a "C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Dependencies\dotnetfx35.exe" -d "C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Dependencies"
Task: {E1E307F8-3B92-48DC-ACB3-DE5FA26C5A9B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {F7EE0A96-4BFA-471A-AE93-458774E637E9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-01-21 23:48 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-09 21:32 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-07 00:18 - 2013-10-07 00:18 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-11-29 18:58 - 2005-04-22 06:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-10-14 20:02 - 2012-12-11 13:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2009-08-29 08:00 - 2009-08-29 08:00 - 00966656 _____ () C:\Users\Tom\Local Settings\Apps\F.lux\flux.exe
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2009-09-25 20:57 - 2009-09-25 20:57 - 00245248 _____ () C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe
2015-03-30 20:04 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-07-01 08:20 - 2015-03-10 08:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 00:47 - 2014-12-02 02:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-21 00:47 - 2014-12-02 02:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 00:47 - 2014-12-02 02:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-24 19:40 - 2015-04-14 01:44 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 09:58 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 09:58 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-30 09:58 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 09:58 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-30 09:58 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-01-14 17:53 - 2015-04-14 01:44 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-01-14 17:53 - 2015-02-25 03:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-15 18:24 - 2015-02-25 03:58 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-516494932-2024577555-231657829-1000\...\skype.com -> hxxps://apps.skype.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-516494932-2024577555-231657829-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: iOSinstallerUpdater => 2
MSCONFIG\startupfolder: C:^Users^Tom^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BambooCore => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Tom\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Tom\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: tsiVideo => C:\Windows\SysWOW64\rundll32.exe C:\Users\Tom\AppData\Local\Temp\\mdi064.dll,asdasd
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
 
==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{5849D08B-D6DA-4218-B3E6-9E7A29FF0BA9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{486D6FEE-EDAB-4BD4-81D8-88C6E5E687EF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB525F24-FF8C-491A-AA24-C2740957611A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{44297FC4-C0C8-46F9-B625-60176F466C18}C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe
FirewallRules: [UDP Query User{6863F01D-C1ED-4639-A153-BB40B43B978B}C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe
FirewallRules: [{3547DD18-1708-4716-8ED2-1DF23EDD69CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{3307D2EE-74E5-4FD3-9D9F-B47D737B9F34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{2A977659-0BD8-4C59-8DB4-C7D521DC4A69}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{60868BFF-5AE9-4FCE-BD59-AAC78AF5F3DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{41697BCF-4BC6-40A5-9A83-BED7293E62AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3CF19728-613F-4FF2-B99D-CA87BABE23EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2AFD5658-12DB-4D4D-94BF-623C7AD87BFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{48FFFC6B-133E-4163-BD87-69166553043D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8B2DB016-AB4E-4468-86A3-BE46B56ADCA2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FEBDB75F-28FA-4A7B-8ACD-BAA9E98944E1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7BFA28DB-7AB8-4457-B5DB-B0D34EC58842}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AAC5A090-83B1-4CE5-BBE4-DF869902DF12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{4E8CDBC5-143D-481F-A0F8-79E2C92752D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{1ED320BC-611F-41E3-829E-DA96F73AA195}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3E1A2862-73D1-48A7-8D28-51712C57C4D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{AE687434-B132-4772-A098-8523B610B45C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{648F18C1-83F9-4FE1-A1B7-7DFFA5DDD697}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3BD7C268-0DCB-4F18-98DF-F1F08E4F5612}] => (Allow) C:\Users\Tom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9C669ABA-5CA3-43BF-8403-03D6045AFAD3}] => (Allow) C:\Users\Tom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FA80298F-F43A-4DA9-AAC5-D1E1EC125DAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C589DFBA-DBA0-4F93-AE9D-A393A34D57F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{056B038E-FE40-4EEE-B539-2D3F9B2814FD}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{DF24277C-8638-4779-A17E-390195706AF4}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{5393B951-07A5-40C1-AAB3-C3D7B1782B3F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5A7EB6AE-EB2F-4D01-A95C-F85B7671A50B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7972879E-5865-4CEA-B1CD-8EB464019EE0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{80D3516D-04C2-403F-A56C-1F18FB86E281}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0A936A13-CF4A-46A4-8624-184B6F8222E7}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{86BAAD9E-8F48-4CCF-8725-F4065B699C44}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{B8D81E21-A26D-42A4-886B-25C303D7D8D9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4 Beta\bf4.exe
FirewallRules: [{45E06A31-53A6-4333-A3F5-DFC631B1743F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4 Beta\bf4.exe
FirewallRules: [{EBEFFCA7-B89C-4DFC-9B62-071F8467765F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{DAB744A5-3FD7-4D65-AA61-8529E04BF09D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{7E04CBC1-1C56-45A9-AB88-A4C5F466470A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4A2FEB05-587B-421B-8AD6-40947036A677}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{EF12CC6C-13A9-488B-8F54-C991E18D9673}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F39DAF64-2089-4903-9D83-F6F53089629F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3145DA3D-BEFE-43DE-B993-5292271BC4F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{08828467-9B6F-4156-9F27-E170A55B017D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A50659FB-2004-488E-A174-4A515B6F5AB3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B7E508A4-113F-430A-8401-4011D477A661}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F8935FF6-00F7-4DB5-87C1-FA7EDE8BA863}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C3C5FA9E-13E0-428C-B219-2059BB88E1BC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{09851D39-36BF-4EE5-B6E4-C1BE699F8D20}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C230DB6A-55B5-496F-9F36-9A592A7AD41D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C3EA65FA-D843-4CCD-80D2-C380660E8F4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B14638B2-EC88-44F9-895C-67BF58360A86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A19F160D-068E-4913-8A1D-2A536B9483E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1D7E5E7E-3C47-4F80-B437-3BC9F4036147}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{107CE869-9D23-4124-AB76-368BB860E4A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{73EEBC08-96C4-4B81-AE87-AD661E9F0E11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{9BB392DC-494D-48E5-A6A0-01BD3C61C702}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A883F5B0-41E1-4429-9801-CEE7C70A1BAA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{87FA7598-7FD2-449C-B669-FE72346FF2B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{BFBA487A-7765-496C-B1AA-33C5985DC0A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{04434E3D-7FA3-48EF-BC39-48DF32EDD9E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7E2A3A50-9216-4FD9-BE12-31644BB03A95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D2849388-05F6-4D45-B17F-1F79180BACC0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A2429BB4-D0B8-4CCD-ABF2-B5BEEB86AD2C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3EB48EA9-7B7B-44C2-9A80-10E4883EC9C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{AD0F01CB-179D-44DC-83F8-7A429D32813C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{619CE71C-3978-4D4B-A670-A77394548C4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6958EAA2-49DC-4DED-8606-A8EC1B47FC68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{059AE677-1E3A-4703-A623-ECC481E5FDB1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{66E262E4-CE5B-4FFA-B3BF-636E839C5B5D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DA89BF8F-EE83-4D6D-9E0B-8364E116E9C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{080EE83D-93CE-4580-987B-EF9B2BB1D48B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{822C948A-2FAE-4FE3-8A02-0B9847EC23CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{290B5BC4-AEFF-4454-BA46-8A682514C305}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C56ED539-2FD6-49F8-AD53-082CF9E022B7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EFFAF63B-A9A5-4428-B703-677494D8C0E3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{55DD5072-9147-4AEC-90A1-195387D392C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BAE6D6FF-1445-494B-AE3C-A8D1395C6624}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A141AFF6-E1B4-4833-B19C-CCCBBD66F90C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4F93B4F8-CA78-4FA3-888C-04ACACC8AA96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{C837A47A-4C7A-4B8E-9A54-B49EEF8AC2C2}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{12EE2D93-014B-4668-BE1C-CE130AAA25DB}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{CFD44ACD-EFB1-4171-B49E-DC3620F93C33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{3BB24265-B8E3-4769-BBA8-F96202B4798F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{A7EA0441-1F97-41F7-865F-31C3DDE35345}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dollar Dash\Binaries\Win32\PKGame-Win32-Shipping.exe
FirewallRules: [{114F98A4-356C-4A00-AB40-4592B2D4922D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dollar Dash\Binaries\Win32\PKGame-Win32-Shipping.exe
FirewallRules: [{522029E2-47C3-44B4-BC4B-B1A26949FE5F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{16EB3239-348E-4641-8682-7375C717D62B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [TCP Query User{89062C75-2B7E-42A7-99A5-B44C7F057095}C:\users\tom\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tom\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DB2D7B91-EF35-46FA-9474-1997B285F46A}C:\users\tom\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tom\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9C71B6B0-7266-4D31-87AE-7EE04C6C0D5A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{7DDBAD73-0D36-4C1F-A3F8-13D401093171}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{607C8880-F140-470C-8784-FD6B98E328A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{2CB102A9-3F2D-4CF0-92AC-AFFE1A34743D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{24571384-42AE-4327-A8EE-BBE8C184A7AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{7A3BB96D-6B3D-4FCE-BE2C-5EA0B4540CA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{A6E48BCC-5B36-44AF-BAE8-A4F81E9D6C10}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{38C9373B-D174-46C3-935C-1217CB735541}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1791D99D-7FC5-44CC-B4F7-C858794FA70F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{3E5C127C-C618-4AF3-A1DA-A65ED0EED941}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{4BC1F018-FFE6-4D44-8282-A300D7F81E0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{084DF21B-3334-4646-8D84-F9092FED2B1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{5BAD98E5-418B-4897-9813-381DC63CEEAD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{28FFFBEB-4C86-4F98-BCA8-1F15692A5E2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{4689BEB7-B473-4660-8B12-6E31FB74570C}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{9F89C591-DFED-4CB3-9D1B-6FDCCD591A88}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{1A01EE13-D02D-4540-B942-A7DB64FDB701}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SplitSecond\SplitSecond.exe
FirewallRules: [{43639FA5-05F2-42A9-8FFA-47588A0025D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SplitSecond\SplitSecond.exe
FirewallRules: [{A0A510BB-8A41-4C48-98C7-2128021F7F49}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{F4CB4D81-9405-49CA-9D3B-020E0202CD3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{FCC89403-2F4C-404C-AAED-D72DAD816507}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{913EC9A3-4C3C-463C-A9CD-32377FF07194}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{4B61A11A-48B2-42A7-A9B7-426BCF60844B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{09940C00-64C3-4D73-96B7-00DAA7E436F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{0499D7CB-EB25-4099-8AD7-619A561C8825}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chompy Chomp Chomp\ChompyChompChomp.exe
FirewallRules: [{E34DBE64-40D6-4C5B-AAC8-2B7F3237A53B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chompy Chomp Chomp\ChompyChompChomp.exe
FirewallRules: [{FC975601-220E-4937-9982-21A04C6C2CEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{777F4A7D-AEB2-46F3-96D4-A06C4BC88487}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{61671562-689A-4388-B443-8FBA641B900D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{1578AB70-3D57-46DF-8920-E799C96A42D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{BE4C5E8A-1DE9-4B40-8878-B370D4D70B5A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4DDCDC1A-CE5E-4013-99BE-490F42234FF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BF3E1F21-E765-4DC6-A42C-7905F6EC2D90}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13c\FAXRX.EXE
FirewallRules: [{DA5A822B-3581-496D-8918-FB9CA5CE245F}] => (Allow) LPort=54925
FirewallRules: [{81F7F257-714A-4FDC-AE55-B554C093BB3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Crew\TheCrew.exe
FirewallRules: [{DB3B5971-CF36-45C8-8737-55C7A205A9F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Crew\TheCrew.exe
FirewallRules: [{37D6D266-D5CF-4AD2-A013-E8557967D58A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{0EAC3792-C446-4AE0-9672-1019EF9AB6FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{83877946-C10D-4550-9652-72DD919533FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Flatout 3\Flatout.exe
FirewallRules: [{BD3F4544-42BF-46E6-A8AD-6CE60AD52225}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Flatout 3\Flatout.exe
FirewallRules: [{C31216A6-0B77-490B-BC65-3D433E648FE3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT Showdown\showdown.exe
FirewallRules: [{0DD16675-1A10-405B-AFD8-0A9470FC7B7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT Showdown\showdown.exe
FirewallRules: [TCP Query User{C471439D-C23B-49A6-A8EE-6B25DBEB1C4F}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [UDP Query User{230540CB-55AC-42B1-B5DB-4198EA482037}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [{D83D1BA4-BBA7-4F21-88C1-CC5B454D977F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{72B1AFD8-89B3-4223-BF4E-B9C9ED964CE3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E656452D-4082-4FAD-9FC7-0080933433B9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{BE0A0505-BD20-41FC-ABF7-9CE3CBE50099}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{5C8F53B2-571A-4A57-8C03-83656D104FFB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{47DDFCF6-B377-4C29-9684-4D55FB7C1F43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\About Love Hate and the other ones\bin32\loveandhate.exe
FirewallRules: [{DA5FD3B7-7FB6-499F-A5C8-81BB0EBCE385}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\About Love Hate and the other ones\bin32\loveandhate.exe
FirewallRules: [{6D288652-28FD-44AA-8912-96C4BDF97B09}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{8F14DA1C-9B7C-4E4C-BAB9-BB28DA11D046}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [TCP Query User{E600F7E9-FDA8-45F6-A651-5F30803C8C49}C:\users\tom\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\tom\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{FEF44B99-2A7E-4CDB-AD5C-7B594AA14B53}C:\users\tom\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\tom\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{26026479-07BE-454B-8DBD-A10932E09548}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{FA6F0438-65EC-4676-BF1D-2AAC3F018432}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{B2572D28-F906-4AA6-A66E-D7C91487E4EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{9E38C611-5AFD-4536-86ED-A8C6CCE28B24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{C0DA0B08-BA8D-43AC-8C7B-0E0938AA45FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bloody Trapland\Bloody Trapland.exe
FirewallRules: [{66FC926F-C79B-43C2-85EB-E2774A66059B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bloody Trapland\Bloody Trapland.exe
FirewallRules: [{BA23D611-5E45-4B86-B496-471380BDA371}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{847BDD6C-E4C4-4604-8B0A-7F0E71CA48E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{798067C9-8186-4BFF-9EAD-48CE0DEB4754}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{48D4A1BF-DD60-4B0B-B95C-F494BF2421CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{28FF9FE2-8078-4E1F-8522-6B9BEC774F96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guacamelee\Guac.exe
FirewallRules: [{46D918D2-247B-412A-9030-0D4C5C169038}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guacamelee\Guac.exe
FirewallRules: [{FF8775BC-B3D7-4735-9ACE-4B14585FADC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{71CEF0F4-051A-4AD6-A7FD-837972FE89F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{C7521194-83B3-4440-98B8-FDE210C5AA72}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{C0E048F8-B7A9-4AB1-8AF8-D91152916F4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{560BA2A6-EC63-4712-9E76-F8B127B4372C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{1097523A-BE33-47D2-BC1D-FF186BA2B057}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{56954659-07B9-42C0-90F0-4AF239A8821F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{96933202-7FC7-4BC9-AB0D-2B6F9D686986}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{E8DA5D1E-03C0-41A5-9730-72442E1E3D5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{8C3E1A10-2BCC-4516-96E9-68EB06B3FACC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{11F8123E-E2BA-4CDE-A54F-F1549D4593E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [{82DD0AF5-3BBB-43EC-BDAF-BDC162810BCB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [{AE15200E-3E04-4E7F-8357-957C57A20FEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketbirds_hardboiled\Game.exe
FirewallRules: [{89552ACB-4B52-47B7-A3C8-834D42FC5BC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketbirds_hardboiled\Game.exe
FirewallRules: [{9413621A-CB67-40C8-9667-B5F07B204D82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WormsXHD\Launcher.exe
FirewallRules: [{BBAE8E13-8F87-4F75-ADBA-AD4271342F43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WormsXHD\Launcher.exe
FirewallRules: [{55213E23-10C2-4A7D-813A-14D9A14C3CF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{DE358CE6-61D8-41E3-9C02-C764C2DF9384}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{2B701467-6887-467A-A892-817066FB5E26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Street Fighter X Tekken\SFTK.exe
FirewallRules: [{7D33DD76-9227-4469-BFF8-51BFCEB680D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Street Fighter X Tekken\SFTK.exe
FirewallRules: [{30FB89BF-0FE2-4432-ACB3-B7A15C60E9BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{3139686E-131A-4D20-8D11-B535CB73BC55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{4AD5C8B7-C55C-419B-9D58-F6E68DE5C305}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{034AA163-83A7-4C51-9F80-CFEB0E760334}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{3DE5555A-4A41-4D8F-9811-611F1E7B6015}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MegabytePunch\MegabytePunch.exe
FirewallRules: [{0EFB4910-2F74-4571-A904-6A33AF904695}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MegabytePunch\MegabytePunch.exe
FirewallRules: [{B8585A6A-B025-4429-8EB9-B0D92C7557BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gang Beasts\Gang Beasts.exe
FirewallRules: [{9542BFDF-690D-47C5-BD23-3F7303F2E771}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gang Beasts\Gang Beasts.exe
FirewallRules: [{AE2501AC-BF6F-46FF-A02C-327A8E82A919}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCave\Cave.exe
FirewallRules: [{D75FEE53-4A5C-4142-A743-23BB42D3C6ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCave\Cave.exe
FirewallRules: [{5449067E-912B-45CC-82CE-CDBF4B1715E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chariot\Chariot.exe
FirewallRules: [{15FEC1D8-F2EC-41D0-811A-39DC9F94306C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chariot\Chariot.exe
FirewallRules: [{E0B71988-A122-463C-97FE-79993B0C4469}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{91ED868B-EE3D-4CC5-B18D-3037E3683A51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [TCP Query User{0E3A0A14-1E65-46F6-8708-3E68E022D8AD}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{04808A27-9A27-4E46-B64D-576F6B0D78A4}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{57A4E97A-5272-44CE-8156-E9507B62C1E3}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [UDP Query User{257FC23F-2319-40BA-87C8-C5693DEADCAA}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{38C5B4E0-F041-43BA-B3AD-CB3B0C543523}] => (Block) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{A5C21595-3370-436F-B012-6313209B3A37}] => (Block) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [TCP Query User{85CA12E8-58A2-4C38-93A4-E163BD5F1CDC}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5A45371F-6A07-44CA-A0AF-06FC5541C97A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{36C4016F-9BEA-43BD-9422-3CD3D6CB0C64}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{25470F9E-318A-4A89-B7CB-EE8717DE6A35}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{80C2DDF5-D83B-488A-AFC8-E8AA635C6F5F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lara Croft and the Guardian of Light\lcgol.exe
FirewallRules: [{E38BDAE1-FEFE-4A60-A47E-527B9AAE1472}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lara Croft and the Guardian of Light\lcgol.exe
FirewallRules: [{4BA696B7-304B-4D34-B981-DB408787B1DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lara Croft and the Temple of Osiris\LC2.exe
FirewallRules: [{69C74EE4-559C-4A0E-B19D-DA68545A2AF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lara Croft and the Temple of Osiris\LC2.exe
FirewallRules: [{00EA4A30-73B0-4CE8-9237-316C46F78B69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{80A84F71-DB5A-44DA-BB55-9BCB3638A8B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{7BAE47C2-CAC2-4F40-A274-027E0E2E3182}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{0F56F79C-8834-4C60-A1FB-FB642C2562BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{DBE32FBE-2F71-4E7A-B2E1-848782A5D7A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tristoy\TRISTOY.exe
FirewallRules: [{41657DF1-500D-440E-9E9C-1B6F0A98E425}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tristoy\TRISTOY.exe
FirewallRules: [{38298352-7AB7-424E-8ADB-B22572934071}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\pressure\bin\pressure.exe
FirewallRules: [{99B26786-9CC5-44EB-B1E4-B705A938170E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\pressure\bin\pressure.exe
FirewallRules: [{FD8471EA-1131-46B9-8152-C5F0B5D9775C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LegendofDungeon\LegendofDungeon.exe
FirewallRules: [{94FFC567-217A-46DE-A15E-92520488A6DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LegendofDungeon\LegendofDungeon.exe
FirewallRules: [{4C200089-EDC7-467F-879F-09C0DE731987}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LegendofDungeon\LegendofDungeon_DirectToRift.exe
FirewallRules: [{6940C8D1-5C8D-4883-A7FC-DCB78DC1DAA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LegendofDungeon\LegendofDungeon_DirectToRift.exe
FirewallRules: [{881A9207-E07F-4659-BE11-641CF3455F81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Friendship Club\friendshipclub.exe
FirewallRules: [{390E71BD-DF59-4075-83AB-718643DE869B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Friendship Club\friendshipclub.exe
FirewallRules: [{ED91E7AD-8A22-4C24-805C-8E367453F985}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bleed\Bleed.exe
FirewallRules: [{FBC43726-C5ED-41EB-9EBF-176EA9C72881}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bleed\Bleed.exe
FirewallRules: [{3F883F31-1C40-4203-A61A-3FD28748325E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Apotheon\Apotheon.exe
FirewallRules: [{3440EE71-BAD0-4CCD-B7D4-3D3DF4700B99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Apotheon\Apotheon.exe
FirewallRules: [{549D91B9-FDC9-4FA4-BBAD-234177FFF8EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe
FirewallRules: [{02AE71D3-D70C-444A-A374-C74DEDC3EA22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe
FirewallRules: [TCP Query User{58BCD544-7692-4CE5-AE6C-2FCA136F8FD4}C:\program files (x86)\steam\steamapps\common\giana sisters twisted dreams\gsgameexe.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\giana sisters twisted dreams\gsgameexe.exe
FirewallRules: [UDP Query User{5C30A67F-5187-4D59-9FE6-4A8FAD915F24}C:\program files (x86)\steam\steamapps\common\giana sisters twisted dreams\gsgameexe.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\giana sisters twisted dreams\gsgameexe.exe
FirewallRules: [{56CBDAD9-4792-45D8-8403-C14452DDD698}] => (Block) C:\program files (x86)\steam\steamapps\common\giana sisters twisted dreams\gsgameexe.exe
FirewallRules: [{774B27A2-E150-4CB7-89AC-DBFC0B134B09}] => (Block) C:\program files (x86)\steam\steamapps\common\giana sisters twisted dreams\gsgameexe.exe
FirewallRules: [{08B0F0B5-949E-4013-BBCF-E530A97F5545}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{CF5DBF6C-FB76-497D-89D7-9914AB126477}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{22861F10-8065-48E5-8150-312261895FF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WormsGolf2010\WormsCrazyGolf.exe
FirewallRules: [{A2AFA262-A9C7-4D2C-AC88-983783FA599E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WormsGolf2010\WormsCrazyGolf.exe
FirewallRules: [{8386D495-504D-46C7-A73E-591659E78616}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{CE546949-2CB3-45CC-B76B-133F1FFE5974}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{2F71DB35-B7C4-47C1-80C2-87AA0E5616CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worms Armageddon\WA.exe
FirewallRules: [{B68E2004-72F9-4A9A-BB04-6D6E5CAA46C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worms Armageddon\WA.exe
FirewallRules: [{A53AFAA2-1706-49E8-A8C4-7E42B609E3EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TinyKeep\TinyKeep.exe
FirewallRules: [{626100B0-49D9-4060-8324-EC6DD794B6FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TinyKeep\TinyKeep.exe
FirewallRules: [{C301667A-310D-4D77-AA9D-C14772F25236}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ClusterPuck 99\ClusterPuck99.exe
FirewallRules: [{7813973F-A659-45C1-BAF5-E521FC4595CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ClusterPuck 99\ClusterPuck99.exe
FirewallRules: [{21E12CB3-0E33-4FF7-B2DB-A991E67577D0}] => (Allow) C:\Program Files (x86)\iOSinstaller\iOSinstaller.exe
FirewallRules: [{32AAFE15-2998-4CCD-9A9D-66C60B7289B5}] => (Allow) C:\Program Files (x86)\iOSinstaller\iOSinstaller.exe
FirewallRules: [{E7AEAE73-DE94-4F10-92EF-44010342DDEF}] => (Allow) C:\Program Files (x86)\iOSinstaller\iOSinstaller.exe
FirewallRules: [{BB5E8082-F1CD-498F-839E-848F31035FA5}] => (Allow) C:\Program Files (x86)\iOSinstaller\iOSinstaller.exe
FirewallRules: [{C4C46B2D-2D8A-466A-9411-C5818C4951FA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8F6D79A3-0FB4-4D72-8A8C-CC978D7816D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{BD7AD2F5-61B4-4E77-8A8E-D8316ECAC079}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{46BDD677-5CEA-4371-9F84-7BFBAD553AD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{E4156140-22FB-4687-8D10-A21F5E2321C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{8B03146A-4CDB-4FB8-A45B-7B1493CD09BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{48F87910-FEE9-46EF-81CA-DE6CDD3F41E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{122D60A0-EC06-4741-A0E2-C9AE1F5AE20F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{289067FE-4E44-44D8-8878-95341315EEFF}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{7392F12E-9F35-4993-902E-E8D97A989602}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{F8C32054-4E47-4A72-B14B-8687D0A0F2DD}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{D23F897F-BF08-4AE1-BF1D-DFED835252ED}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{85AD3407-AD4D-4A05-80A6-7D94F7936C03}] => (Allow) C:\Users\Tom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E8E2F959-7AD2-4395-90A3-9E07AB84B366}] => (Allow) C:\Users\Tom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4BA7F3FD-CB6E-4E2C-B81F-BC5E3CAE9EA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{590F1497-E352-4E1A-B376-C2F1E3E03286}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{66235A19-601D-4818-8CCE-A6944659C3DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\JumpJetRex\JumpJetRex.exe
FirewallRules: [{A798A046-2425-4AB9-9775-1CE3F5E16C91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\JumpJetRex\JumpJetRex.exe
FirewallRules: [{DC2BF502-534D-4788-9647-779C625D7D9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Parcel\Parcel.exe
FirewallRules: [{6FFBADED-765A-4EFC-B629-BAE0413146F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Parcel\Parcel.exe
FirewallRules: [{5A841F28-C328-4828-B82A-1EBBB73E3D79}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [{D73052EA-5333-4704-A56A-3CE82C324AD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worms Clan Wars\WormsClanWars.exe
 
==================== Faulty Device Manager Devices =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/27/2015 07:16:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Borderlands.exe, Version: 1.5.0.0, Zeitstempel: 0x53ed3bb3
Name des fehlerhaften Moduls: Borderlands.exe, Version: 1.5.0.0, Zeitstempel: 0x53ed3bb3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x009c0fd9
ID des fehlerhaften Prozesses: 0x193c
Startzeit der fehlerhaften Anwendung: 0xBorderlands.exe0
Pfad der fehlerhaften Anwendung: Borderlands.exe1
Pfad des fehlerhaften Moduls: Borderlands.exe2
Berichtskennung: Borderlands.exe3

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 532: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 532: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 532: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 532: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (04/27/2015 06:55:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (04/27/2015 06:02:52 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/27/2015 05:57:57 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (04/27/2015 05:53:24 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/27/2015 02:00:56 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (04/27/2015 01:52:19 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Software Protection" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (04/27/2015 01:50:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/27/2015 01:50:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/27/2015 01:50:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/27/2015 01:50:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/27/2015 01:50:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDFProFiltSrvPP" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (04/27/2015 07:16:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Borderlands.exe1.5.0.053ed3bb3Borderlands.exe1.5.0.053ed3bb3c0000005009c0fd9193c01d0810de6b4f412C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exeC:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe2d25f2b8-ed01-11e4-b510-902b349d44e1

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 532: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 532: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 532: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 532: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (04/27/2015 07:10:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (04/27/2015 06:55:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe


CodeIntegrity Errors:
===================================
Date: 2015-04-27 17:57:57.228
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-04-27 17:57:57.168
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-04-05 02:13:07.998
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-04-05 02:13:07.938
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-04-05 02:12:54.697
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-04-05 02:12:54.637
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-04-05 02:12:23.524
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-04-05 02:12:23.464
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-04-05 02:11:17.368
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\$Recycle.Bin\S-1-5-21-516494932-2024577555-231657829-1000\$RRPX365.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-04-05 02:11:17.308
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\$Recycle.Bin\S-1-5-21-516494932-2024577555-231657829-1000\$RRPX365.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: AMD FX(tm)-6100 Six-Core Processor
Percentage of memory in use: 25%
Total physical RAM: 8173.24 MB
Available physical RAM: 6089.43 MB
Total Pagefile: 16344.68 MB
Available Pagefile: 14118.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:953.77 GB) (Free:456.35 GB) NTFS
Drive f: (MUSIC) (Fixed) (Total:465.76 GB) (Free:435.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 953.9 GB) (Disk ID: A4F8232C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=953.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 33CD0748)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    1.8 KB · Views: 1
Fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-04-2015
Ran by Tom at 2015-04-29 17:50:15 Run:1
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available profiles: Tom)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-516494932-2024577555-231657829-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-516494932-2024577555-231657829-1000 -> URL http://search.conduit.com/Results.a...-4EEB-8E06-C0E63C708AFC&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-516494932-2024577555-231657829-1000 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3321902&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP219831FF-3812-4EEB-8E06-C0E63C708AFC&SSPV=
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [X]
S3 cpuz137; \??\C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [X]
2014-10-10 16:40 - 2014-10-10 16:40 - 0000132 _____ () C:\Users\Tom\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen
2014-10-10 16:39 - 2014-10-10 16:39 - 0000132 _____ () C:\Users\Tom\AppData\Roaming\Adobe IllExport-Filter CC - Voreinstellungen
2014-10-10 16:38 - 2015-03-31 13:29 - 0000132 _____ () C:\Users\Tom\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-06-24 15:16 - 2014-09-20 20:26 - 0000034 _____ () C:\Users\Tom\AppData\Roaming\AdobeWLCMCache.dat
2013-09-16 19:37 - 2013-09-23 11:54 - 0011477 _____ () C:\Users\Tom\AppData\Roaming\LogBuch.txt
2013-09-14 15:29 - 2013-09-23 11:56 - 0003129 _____ () C:\Users\Tom\AppData\Roaming\PData.MM1
2013-09-14 15:29 - 2013-09-23 11:56 - 0003129 _____ () C:\Users\Tom\AppData\Roaming\PData.MMM
2014-12-07 20:12 - 2014-12-07 20:20 - 0001456 _____ () C:\Users\Tom\AppData\Local\Adobe Für Web speichern 13.0 Prefs

*****************

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-516494932-2024577555-231657829-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-516494932-2024577555-231657829-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value deleted successfully.
HKU\S-1-5-21-516494932-2024577555-231657829-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => value deleted successfully.
Chrome HomePage deleted successfully.
catchme => Service deleted successfully.
cpuz136 => Service deleted successfully.
cpuz137 => Service deleted successfully.
C:\Users\Tom\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen => Moved successfully.
C:\Users\Tom\AppData\Roaming\Adobe IllExport-Filter CC - Voreinstellungen => Moved successfully.
C:\Users\Tom\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen => Moved successfully.
C:\Users\Tom\AppData\Roaming\AdobeWLCMCache.dat => Moved successfully.
C:\Users\Tom\AppData\Roaming\LogBuch.txt => Moved successfully.
C:\Users\Tom\AppData\Roaming\PData.MM1 => Moved successfully.
C:\Users\Tom\AppData\Roaming\PData.MMM => Moved successfully.
C:\Users\Tom\AppData\Local\Adobe Für Web speichern 13.0 Prefs => Moved successfully.

==== End of Fixlog 17:50:15 ====
 
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.

redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
Checkup.txt

Results of screen317's Security Check version 1.00
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SpyHunter 4
Java 7 Update 67
Java 8 Update 25
Java version 32-bit out of Date!
Adobe Flash Player 17.0.0.169
Adobe Reader XI
Mozilla Firefox 33.1 Firefox out of Date!
Google Chrome (42.0.2311.135)
Google Chrome (42.0.2311.90)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
 
FSS.txt

Farbar Service Scanner Version: 17-01-2015
Ran by Tom (administrator) on 30-04-2015 at 02:06:27
Running from "C:\Users\Tom\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
 
Sophos log

2015-04-30 00:10:29.211 Sophos Virus Removal Tool version 2.5.4
2015-04-30 00:10:29.211 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2015-04-30 00:10:29.211 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2015-04-30 00:10:29.211 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 WOW64
2015-04-30 00:10:29.211 Checking for updates...
2015-04-30 00:10:36.793 Option all = no
2015-04-30 00:10:36.793 Option recurse = yes
2015-04-30 00:10:36.793 Option archive = no
2015-04-30 00:10:36.793 Option service = yes
2015-04-30 00:10:36.793 Option confirm = yes
2015-04-30 00:10:36.793 Option sxl = yes
2015-04-30 00:10:36.809 Option max-data-age = 35
2015-04-30 00:10:36.809 Option EnableSafeClean = yes
2015-04-30 00:10:37.932 Option vdl-logging = yes
2015-04-30 00:10:37.932 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2015-04-30 00:10:37.932 Machine ID: bb2377eea81e4febbcabafdad5d6bd07
2015-04-30 00:10:37.947 Component SVRTcli.exe version 2.5.4
2015-04-30 00:10:37.947 Component control.dll version 2.5.4
2015-04-30 00:10:37.947 Component SVRTservice.exe version 2.5.4
2015-04-30 00:10:37.947 Component engine\osdp.dll version 1.44.1.2200
2015-04-30 00:10:37.947 Component engine\veex.dll version 3.60.0.2200
2015-04-30 00:10:37.947 Component engine\savi.dll version 8.1.7.2200
2015-04-30 00:10:37.947 Component rkdisk.dll version 1.5.30.0
2015-04-30 00:10:37.947 Version info: Product version 2.5.4
2015-04-30 00:10:37.947 Version info: Detection engine 3.60.0
2015-04-30 00:10:37.947 Version info: Detection data 5.13
2015-04-30 00:10:37.947 Version info: Build date 31.03.2015
2015-04-30 00:10:37.947 Version info: Data files added 337
2015-04-30 00:10:37.947 Version info: Last successful update (not yet updated)
2015-04-30 00:10:54.109 Update progress: proxy server not available
2015-04-30 00:11:09.662 Downloading updates...
2015-04-30 00:11:09.662 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2015-04-30 00:11:09.662 Update progress: [I49502] Found supplement SAVIW32 LATEST
2015-04-30 00:11:09.662 Update progress: [I49502] Found supplement IDE514 LATEST
2015-04-30 00:11:09.662 Update progress: [I49502] Found supplement IDE515 LATEST
2015-04-30 00:11:09.662 Update progress: [I49502] Found supplement IDE516 LATEST
2015-04-30 00:11:09.662 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2015-04-30 00:11:09.662 Update progress: [I19463] Syncing product SAVIW32 53
2015-04-30 00:11:10.489 Update progress: [I19463] Syncing product IDE514 161
2015-04-30 00:11:10.863 Update progress: [I19463] Syncing product IDE515 171
2015-04-30 00:11:10.863 Update progress: [I19463] Syncing product IDE516 12
2015-04-30 00:11:11.004 Installing updates...
2015-04-30 00:11:11.612 Error level 1
2015-04-30 00:11:16.027 Update successful
2015-04-30 00:11:23.811 Option all = no
2015-04-30 00:11:23.811 Option recurse = yes
2015-04-30 00:11:23.811 Option archive = no
2015-04-30 00:11:23.811 Option service = yes
2015-04-30 00:11:23.811 Option confirm = yes
2015-04-30 00:11:23.811 Option sxl = yes
2015-04-30 00:11:23.811 Option max-data-age = 35
2015-04-30 00:11:23.811 Option EnableSafeClean = yes
2015-04-30 00:11:23.858 Option vdl-logging = yes
2015-04-30 00:11:23.858 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2015-04-30 00:11:23.858 Machine ID: bb2377eea81e4febbcabafdad5d6bd07
2015-04-30 00:11:23.858 Component SVRTcli.exe version 2.5.4
2015-04-30 00:11:23.858 Component control.dll version 2.5.4
2015-04-30 00:11:23.858 Component SVRTservice.exe version 2.5.4
2015-04-30 00:11:23.858 Component engine\osdp.dll version 1.44.1.2200
2015-04-30 00:11:23.858 Component engine\veex.dll version 3.60.0.2200
2015-04-30 00:11:23.858 Component engine\savi.dll version 8.1.7.2200
2015-04-30 00:11:23.858 Component rkdisk.dll version 1.5.30.0
2015-04-30 00:11:23.858 Version info: Product version 2.5.4
2015-04-30 00:11:23.858 Version info: Detection engine 3.60.0
2015-04-30 00:11:23.858 Version info: Detection data 5.13G
2015-04-30 00:11:23.858 Version info: Build date 31.03.2015
2015-04-30 00:11:23.858 Version info: Data files added 339
2015-04-30 00:11:23.858 Version info: Last successful update 30.04.2015 02:11:16

2015-04-30 00:28:48.112 Could not open C:\hiberfil.sys
2015-04-30 00:30:35.368 Could not open C:\pagefile.sys
2015-04-30 00:38:32.573 >>> Virus 'Mal/Obfus-D' found in file C:\Program Files (x86)\Disney Interactive Studios\Split Second\rld.dll
2015-04-30 00:38:32.574 >>> Virus 'Mal/Obfus-D' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2015-04-30 00:38:32.574 >>> Virus 'Mal/Obfus-D' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2015-04-30 00:38:32.574 >>> Virus 'Mal/Obfus-D' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2015-04-30 00:38:32.574 >>> Virus 'Mal/Obfus-D' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2015-04-30 00:38:32.574 >>> Virus 'Mal/Obfus-D' found in file HKU\S-1-5-21-516494932-2024577555-231657829-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-04-30 00:38:32.575 >>> Virus 'Mal/Obfus-D' found in file HKU\S-1-5-21-516494932-2024577555-231657829-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-04-30 00:38:32.575 >>> Virus 'Mal/Obfus-D' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-04-30 00:48:51.306 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-04-30 00:48:51.306 Could not open C:\System Volume Information\{5ca88b39-ee85-11e4-8e26-902b349d44e1}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-04-30 00:48:51.306 Could not open C:\System Volume Information\{5ca88b74-ee85-11e4-8e26-902b349d44e1}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-04-30 00:51:20.208 >>> Virus 'Troj/Sirefef-T' found in file C:\Users\Tom\Documents\my games\FUEL\Crack\SecuLauncher.exe
2015-04-30 00:51:20.208 >>> Virus 'Troj/Sirefef-T' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2015-04-30 00:51:20.208 >>> Virus 'Troj/Sirefef-T' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2015-04-30 00:51:20.208 >>> Virus 'Troj/Sirefef-T' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2015-04-30 00:51:20.208 >>> Virus 'Troj/Sirefef-T' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2015-04-30 00:51:20.208 >>> Virus 'Troj/Sirefef-T' found in file HKU\S-1-5-21-516494932-2024577555-231657829-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-04-30 00:51:20.208 >>> Virus 'Troj/Sirefef-T' found in file HKU\S-1-5-21-516494932-2024577555-231657829-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-04-30 00:51:20.208 >>> Virus 'Troj/Sirefef-T' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-04-30 00:51:24.670 >>> Virus 'Mal/Obfus-D' found in file C:\Users\Tom\Documents\my games\Split Second Velocity\Crack\rld.dll
2015-04-30 00:51:24.670 >>> Virus 'Mal/Obfus-D' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2015-04-30 00:51:24.670 >>> Virus 'Mal/Obfus-D' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2015-04-30 00:51:24.670 >>> Virus 'Mal/Obfus-D' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2015-04-30 00:51:24.670 >>> Virus 'Mal/Obfus-D' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2015-04-30 00:51:24.670 >>> Virus 'Mal/Obfus-D' found in file HKU\S-1-5-21-516494932-2024577555-231657829-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-04-30 00:51:24.670 >>> Virus 'Mal/Obfus-D' found in file HKU\S-1-5-21-516494932-2024577555-231657829-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-04-30 00:51:24.670 >>> Virus 'Mal/Obfus-D' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-04-30 00:56:02.257 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2015-04-30 00:56:02.257 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2015-04-30 00:56:03.895 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2015-04-30 00:56:03.895 Could not open C:\Windows\System32\config\RegBack\SAM
2015-04-30 00:56:03.895 Could not open C:\Windows\System32\config\RegBack\SECURITY
2015-04-30 00:56:03.895 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2015-04-30 00:56:03.895 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2015-04-30 01:12:25.857 The following items will be cleaned up:
2015-04-30 01:12:25.857 Mal/Obfus-D
2015-04-30 01:12:25.857 Troj/Sirefef-T
 
redtarget.gif
Update Firefox to the current version.

redtarget.gif
Update your Java version here: https://www.techspot.com/downloads/6463-java-se.html
Alternate download: http://www.java.com/en/download/manual.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.

==================================

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
51a5ce45263de-delfix.png
DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings
Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.
 
Thanks alot man! Your help saved me from a lot of hassle!
My computer was doing better immediately after we started the cleaning process, thanks again!

Greetings, YaySon!
 
You must log in or register to reply here.

Similar threads

A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
C
Solved DWM.exe using 30-40% CPU and 2-4GB of RAM, also creating a suspicious connection
2
Replies
46
Views
7K
Broni
Broni
Daniel Sims
Windows 11 23H2 update announced, meanwhile Insider build adds system repair and TPM troubleshooter
Replies
7
Views
673
nkormanik
nkormanik

Latest posts

Back