Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2017
Ran by Denis (29-01-2017 21:28:01)
Running from C:\Users\Denis\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-09-20 20:52:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3921696331-1691386709-4026121632-500 - Administrator - Disabled)
Denis (S-1-5-21-3921696331-1691386709-4026121632-1000 - Administrator - Enabled) => C:\Users\Denis
Guest (S-1-5-21-3921696331-1691386709-4026121632-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-3921696331-1691386709-4026121632-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«Crysis 3»  1.2 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}_is1) (Version: 1.2 - Crytek GmbH)
µTorrent (HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{A2116AF9-FA9D-41EA-9874-1E40B227D4DE}) (Version: 12.2.5.195 - Adobe Systems, Inc)
Aion (HKLM-x32\...\{B9291CA2-6FA5-44EA-8EE0-923EB32ADAAB}) (Version: 4.0.0.3 - NC Interactive, LLC)
Aktualizace NVIDIA 2.11.4.1 (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
AMD Catalyst Install Manager (HKLM\...\{319956AE-0C18-650A-29A7-EE1504B178EE}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ansel (Version: 372.90 - NVIDIA Corporation) Hidden
Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
AutoHotkey 1.1.24.01 (HKLM\...\AutoHotkey) (Version: 1.1.24.01 - Lexikos)
AVG PC TuneUp (x32 Version: 16.53.1 - AVG Technologies) Hidden
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.62.6296 - BlueStack Systems, Inc.)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version:  - )
Cities: Skylines - ČEŠTINA (HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\Cities: Skylines - ČEŠTINA) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Euro Truck Simulator 2 - Vive la France ! version 1.0 (HKLM-x32\...\Euro Truck Simulator 2 - Vive la France !_is1) (Version: 1.0 - SCS Software) <==== ATTENTION
Euro Truck Simulator 2 (HKLM-x32\...\Euro Truck Simulator 2_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version:  - )
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version:  - Ubisoft)
Farming Simulator 17 (HKLM\...\ZmFybWluZ3NpbXVsYXRvcjE3_is1) (Version: 1 - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
HPSewil (HKLM-x32\...\HPSewil) (Version:  - ) <==== ATTENTION
Champions of Anteria (HKLM-x32\...\Champions of Anteria_is1) (Version:  - )
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
LibreOffice 5.0.1.2 (HKLM-x32\...\{927AE35D-72BC-437D-BAC7-EE47D03DEE54}) (Version: 5.0.1.2 - The Document Foundation)
Mafia III (HKLM-x32\...\Mafia III_is1) (Version:  - )
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Memory Cleaner 2.20 (HKLM-x32\...\MemClean) (Version: 2.20 - KoshyJohn.com)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft PowerPoint 2010 (HKLM\...\Office14.POWERPOINT) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24406 (HKLM-x32\...\{7c8a1675-0fe9-41fd-a2ed-aa4871816197}) (Version: 14.0.24406.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24406 (HKLM-x32\...\{b5e24db9-876e-4af2-ac7f-00d0e8bc162c}) (Version: 14.0.24406.0 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.23 - Black Tree Gaming)
No Man's Sky (HKLM-x32\...\1446213994_is1) (Version: 2.2.0.4 - GOG.com)
No Man's Sky Pre-order DLC (HKLM-x32\...\2022706229_is1) (Version: 2.0.0.2 - GOG.com)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA WDM Drivers (HKLM-x32\...\{B023185F-F1EF-4F97-B0BD-AE6D802226D1}) (Version:  - )
OpenIV (HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\OpenIV) (Version: 2.6.4.646 - .black/OpenIV Team)
Opera Stable 42.0.2393.517 (HKLM-x32\...\Opera 42.0.2393.517) (Version: 42.0.2393.517 - Opera Software)
Ovládací panel NVIDIA 376.53 (Version: 376.53 - NVIDIA Corporation) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
Rust Legacy Klient 1.9.7 (HKLM-x32\...\Rust Legacy Klient 1.9.7) (Version: 1.9.7 - Rusted.cz)
Seznam Software (HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\SeznamInstall) (Version:  - Seznam.cz)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Sid Meiers Civilization VI (HKLM-x32\...\Sid Meiers Civilization VI_is1) (Version:  - )
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.2.0 - IObit)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Superb Game Boost 3.0 (HKLM-x32\...\SuperbGameBoost_is1) (Version: 3.0 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
The Forest version The Forest (HKLM-x32\...\The Forest_is1) (Version: The Forest - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.22.0.0 - GOG.com)
The Witcher 3: Wild Hunt - O víně a krvi (HKLM-x32\...\Blood and Wine_is1) (Version: 1.21.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Srdce z kamene (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.21.0.0 - GOG.com)
Total War ROME II - Emperor Edition (HKLM-x32\...\Total War ROME II - Emperor Edition_is1) (Version:  - )
TSR Workshop (HKLM-x32\...\{6E789775-7D41-4DE2-B96F-A79A952F0DC9}) (Version: 2.2.34 - The Sims Resource)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Warrior Kings - Battles (HKLM-x32\...\1438007195_is1) (Version: 2.0.0.3 - GOG.com)
Warrior Kings (HKLM-x32\...\1438006945_is1) (Version: 2.0.0.5 - GOG.com)
We Change IP (HKLM-x32\...\{E5B1C268-274D-454E-819B-FE4FB8961C3C}) (Version: 2.1.0.0 - iWesoft)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wise Memory Optimizer 3.49 (HKLM-x32\...\Wise Memory Optimizer_is1) (Version: 3.49 - WiseCleaner.com, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07F69EF0-6CFF-4E17-8111-BFB692B3BC87} - System32\Tasks\{26EE4881-8D01-45BD-B910-7B39D9CB3EA4} => pcalua.exe -a "D:\The Sims 4 City Living\__Installer\vc\vc2010sp1\redist\vcredist_x86.exe" -d "D:\The Sims 4 City Living\__Installer\vc\vc2010sp1\redist"
Task: {197B636A-FA41-4560-A9AA-B37E5652FE3B} - System32\Tasks\{88F77331-E0B7-4D00-B1B5-7F908920693F} => msiexec.exe /package "C:\Users\Denis\Downloads\UltraMon™ 3.1.0\UltraMon_3.1.0_en_x64.msi"
Task: {36CCABD3-74B5-46C2-89F5-45FCA68BC56D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {77EF2B4A-0B79-4380-8BA9-F0443F7019E2} - System32\Tasks\{7EF35AC1-0BE9-4278-AD71-03C7AE7CDEA8} => pcalua.exe -a "C:\GOG Games\The Witcher 3 Wild Hunt\TWEE_Polish_language_pack.exe" -d "C:\GOG Games\The Witcher 3 Wild Hunt"
Task: {7943EAB5-DBBC-42E7-9DDC-B26E0D9D24F8} - System32\Tasks\Opera scheduled Autoupdate 1484351289 => C:\Program Files (x86)\Opera\launcher.exe [2017-01-26] (Opera Software)
Task: {7B2A3A4D-E31B-45AA-93A3-913D0ED24FF8} - System32\Tasks\{153A2C3C-E6AC-4FA8-A98E-1F6AF8895EA1} => pcalua.exe -a "C:\GOG Games\The Witcher 3 Wild Hunt\bin\x64\TWEE_Polish_language_pack.exe" -d "C:\GOG Games\The Witcher 3 Wild Hunt\bin\x64"
Task: {87C81F97-9B5C-4898-A947-D973D78DB67B} - System32\Tasks\{7456155C-283F-4579-8DAF-E2585EF5D773} => pcalua.exe -a C:\Users\Denis\Downloads\TWEE_Polish_language_pack.exe -d C:\Users\Denis\Downloads
Task: {8AF6FBB1-3BC6-4BEB-AD83-C6C1C0221900} - System32\Tasks\{D0D0C3DE-5FDB-0B6E-5E10-3DC0C6FF300C} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\e5c3b374\d2691c80.dll" <==== ATTENTION
Task: {A8EAD944-3DD0-47AB-B91A-1720CA61FABA} - System32\Tasks\{7EF01A6D-3D5C-4024-9837-EA6A237F704D} => pcalua.exe -a "D:\The Sims 4 City Living\__Installer\vp6\vp6install.exe" -d "D:\The Sims 4 City Living\__Installer\vp6"
Task: {B2D6D9C3-1293-454A-A89F-F81065D2612A} - System32\Tasks\Microsoft\Windows\Multimedia\Manager => C:\Users\Denis\AppData\Roaming\Adobe\Manager.exe
Task: {B6C5AD74-A65C-4887-8859-D257D3C36DDD} - System32\Tasks\Driver Booster SkipUAC (Denis) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
Task: {C4F97FF2-CEC1-457B-9196-42CB121B7790} - System32\Tasks\951462v0a67h59 => Rundll32.exe "C:\ProgramData\951462v0a67h59\951462v0a67h59.dll",bgozrak <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_ASEC: <===== ATTENTION

Shortcut: C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\We Change IP\We Change IP Website.lnk -> hxxp://www.iwesoft.com/productinfo.php?id=1
Shortcut: C:\Users\Denis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (No File) <===== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2015-09-21 06:34 - 2016-12-29 13:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-05 19:56 - 2014-03-22 19:17 - 02844160 _____ () C:\ProgramData\951462v0a67h59\951462v0a67h59.dll
2014-04-02 03:47 - 2014-04-02 03:47 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-11-04 15:03 - 2013-11-04 15:03 - 00818688 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-11-04 15:03 - 2013-11-04 15:03 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\Users\Denis\AppData\Local\MEGAsync\ShellExtX64.dll
2017-01-15 23:43 - 2017-01-29 11:13 - 00240640 _____ () C:\Windows\TEMP\gB987.tmp.exe
2015-09-21 08:14 - 2016-06-15 02:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-28 11:11 - 2017-01-28 11:11 - 68771416 _____ () C:\Program Files (x86)\Opera\42.0.2393.517\opera.dll
2014-05-01 15:15 - 2014-05-01 15:15 - 00463360 _____ () C:\Users\Denis\AppData\Local\MEGAsync\ShellExtX32.dll
2017-01-28 11:11 - 2017-01-28 11:11 - 01895000 _____ () C:\Program Files (x86)\Opera\42.0.2393.517\libglesv2.dll
2017-01-28 11:11 - 2017-01-28 11:11 - 00087128 _____ () C:\Program Files (x86)\Opera\42.0.2393.517\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x64.sys [80850]
AlternateDataStreams: C:\Windows\system32\drivers:x64 [360536]
AlternateDataStreams: C:\Windows\system32\drivers:x86 [1156450]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\Software\Classes\.bat: batfile =>  <===== ATTENTION
HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\Software\Classes\.com: comfile =>  <===== ATTENTION
HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\Software\Classes\.cmd: cmdfile =>  <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-12-18 17:16 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3921696331-1691386709-4026121632-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 2
MSCONFIG\Services: AdvancedSystemCareService9 => 2
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: aspnet_state => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: avgsvc => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdPlusAndroidSvc => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: IKEEXT => 3
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: IPBusEnum => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MPCProtectService => 
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: msiserver => 2
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: ose64 => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: sgbupt => 2
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: StorSvc => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: WatAdminSvc => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: WpSvc => 2
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 3
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupreg: apphide => 
MSCONFIG\startupreg: GalaxyClient => 
MSCONFIG\startupreg: svchost0 => 

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{12DE4697-240F-4AEC-8ADF-605EE52D3209}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{943B7509-D1E5-479B-9B97-ADF641BE3A33}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8904FBF7-26D6-4E68-BDC6-D97DE6E80F5D}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{051BC6C7-DFC2-4CA7-9838-13A0E6A924A7}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{79177D55-A516-40BE-91C2-9B02F3A33DBB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D5B4223A-31AD-4802-B4F5-1F076CEDE8A5}] => C:\Users\Denis\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC9328F3-619F-42C8-B72B-076A6DC0EE5D}] => C:\Users\Denis\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B68715D0-AA76-4A42-9E45-849EAF369D57}] => C:\Users\Denis\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4E8124EA-44AE-4189-A75E-F5B58156F7E1}] => C:\Users\Denis\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{33AD44BD-CEDE-4E41-A363-CEB84528AE91}] => C:\Users\Denis\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C28A362F-A6CF-4902-8BC7-8CFC0A97FCC7}] => C:\Users\Denis\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ACE44FC0-AC6E-4438-B52A-8FFEC36B030C}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8876FD21-C57E-45A3-A2D7-12B0DB0F30F8}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5556695E-DA58-438A-8440-0E2FCDCB2E25}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6F28F326-FA29-46C5-9305-F5C517F2A3E7}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{67E0380C-2FE3-4928-881A-477E9D4560C6}] => C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{D5C9106E-37C3-4EC8-97B3-F1F31039ADC5}] => C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{8C0D1951-A034-4035-9ED7-C06CA5A787AE}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5505DD32-3CF8-4A9F-92AF-CD698C4EA47A}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{37DE5E1E-EED7-45BD-A318-DD4216C00FF0}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{78E1B84C-74F3-42FA-9D33-9EC97520A6DB}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4A9AC6D6-7732-4782-B6BF-328FA386D2FF}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7CD6AAB4-D7EE-4635-8958-CB41E94EF3EA}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1F63BDB7-7A88-4327-A1C9-93B9C31CBCCF}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{05983ADC-C8CC-4F0C-8788-334D9F25AC0F}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FE1DC12C-2D6D-4499-819D-FD0CBDE7D4E0}] => LPort=58172
FirewallRules: [{5DB6BF86-272F-4175-9A04-7468FCC88DE1}] => C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{22479F3A-0658-4D7B-89DB-8FF4A3E3A3FD}] => C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{4C37257C-7E56-484A-8231-4B4CCB3F2912}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{2B51FDDE-DB5D-4435-8C62-2A330436CDC3}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{FA4B851E-6D21-4143-A1F3-A1D393E1E651}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{1146AAB1-1E0A-4C33-85FE-DFD5FB597785}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{D96479CC-1CD5-4B12-8703-B673DB95E3B1}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{985981A6-6304-4288-B34D-02108A8E570B}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{060B0ABF-7E79-49BD-A3AA-2F917F0FEB7D}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{740F7212-11C2-4FFC-94C2-BEC4E9599DC9}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9BE2AEB6-4C40-46CF-A8EA-1DEDA7AFA92F}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0EDBAC63-2D40-4101-85CF-6B7ABA45ABB6}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7C7412CD-F141-45DF-BC44-AC0F93965D2E}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{57FE3ACD-9477-4080-8FAF-151D547901DD}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{569DE3AD-930F-4633-AA57-E18B365B8E1E}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D293CA5E-4E43-4D05-ACB5-20202959E076}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{69BF8A07-076F-4D93-8394-38282B568B7E}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1A15CB7-D915-4EF7-9376-477F8AC715D6}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6EAA8E23-0847-447A-A2BD-2EF622DACCDF}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{97B49B41-0025-45BD-ABA5-4823ECCEC3F8}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{031F2F20-94C0-4F8B-B3A5-C85748DA0B77}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4F8A86B3-B080-4017-A3E3-F134182478C4}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{20A4B35C-12F8-4249-B72B-F37DBF18751A}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2E2849A7-88B7-472D-B259-EA9DA60385E2}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E705AD1F-3A2C-4274-A9E9-63D41C910FB2}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{55FFFEE6-ACA5-48B4-8CA3-AD52B6083A89}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{362E6029-0259-48AE-962B-59BDBB4CA175}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{028D3D41-F565-445F-B366-2EEB69DBC57E}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{35E06C02-AACB-4BA6-B14E-CD4D5C75208C}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1694548-0AE0-4086-BB0E-EEBE6D3470C7}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2CF23CE7-944E-4D4A-B510-45C9D22B15A2}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D7AE36D9-26D4-434F-BDF3-3ED1F6E47B0F}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BB033FE9-4646-4B1F-9403-726633C2181C}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{57A788F8-1020-48A5-B6C7-22E67B3CDB53}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E16140A3-6FC7-4DB4-822B-D535F5C7F743}] => C:\Windows\system32\rundll32.exe
FirewallRules: [{B5745896-193E-42EA-AC8B-51E2A2FA6DD3}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{067EBC15-EAA3-418F-9DBC-BFB50FF9E082}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E8727ED4-FE49-474F-810C-00242E7D87B1}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FE2442FF-BF17-4BDF-8710-78E2F47D8898}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3695A76C-42A8-4D3D-9602-B9B3A709D103}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8CE79000-00FD-46C1-86C2-46113EB67662}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01DA85C4-F7E3-4C8E-9596-0E9E2B719B5B}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A7603811-BAEC-42D8-9DE9-C77037F672DC}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B6706261-BA25-46E6-ABE9-91DF1AB284D0}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2612184C-33FE-4BE0-8153-3E2AD029F44F}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2C45033F-7F6F-4E37-B941-59037549FC61}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8939A3F9-555C-468A-8FB4-2EBC1D45936A}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{79A23BDF-9632-4B2A-BA4B-205DA0B32899}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F862CA6A-0E38-41F4-A174-4B366EFEBEA8}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5D7CD3D2-BFC0-471F-A107-82FC9AF89666}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01B8ED3E-7666-42AF-B7D7-BC524233F86F}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{63231262-3354-4080-BC36-0EE6B3281A09}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4C5540E7-E22E-4122-8C00-0ACD3E1200C5}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E3F9FE9D-6908-4A64-BAB5-882FA7D8F299}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B02B72FD-BEEA-463D-8332-377CCB484A0E}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{67951876-0DAC-42BA-92DF-6461EED84758}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{99C3C382-0225-4D88-AE87-8C115A2B3602}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E60B26A6-AFD2-483D-9B80-B91F08415057}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{11FDB651-CF8B-4955-9B19-64818A41225C}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FD71ECAF-DCF8-4B4B-8A05-4B39C5FE2B71}] => C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{FCA3B773-923B-4C5F-BB98-C05BBAA1B17B}] => C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{5D2BCC8A-759E-4273-B98D-29CF3B723CC8}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8E850844-A98D-4225-BB12-BDDF3990D147}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4EEFD498-5575-4932-972C-D147B1A2DF94}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F86291A0-19AE-4FFA-BC01-1231CAF9DEFE}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A5336228-A005-430B-BAD7-CD850E6EFEF9}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{08C2B351-502E-4DE6-AF30-567A5F97E208}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5DF54796-0B2E-4D1F-B6D1-47FA02E85C54}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B878E724-7061-484C-AC0E-BAF711CC5F93}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CEE79A65-4580-4A07-8771-3308748D4C91}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2A32F06C-62CF-4C1C-B310-7EEDBF5518A3}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EDD866BE-7B45-4868-80F3-6465AD8E4AC7}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{975A2A37-AEEB-4DAD-8D1F-B1EC498E7E9D}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BEEC1C8D-8ED8-4DC3-8E9D-36DCFD0BCBCA}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3203D33D-BD0B-4C9B-89B1-70477560650E}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{424C191E-C672-4C80-BA39-FC53D3893995}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D7B6B305-2F77-4D99-A0E2-6C6E689BAFEB}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A1882B75-0C54-4182-B518-C7A77FA5A927}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{691A7ECF-A72F-4EA6-8B21-622E4B18C725}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7F0E353F-59E8-4616-9490-D01090F3278B}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C6940C3E-5247-4F8C-AD64-CFB3F9B2FE8E}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA708D45-03B3-4887-8C77-3FF4FA95B725}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E0DCCCE0-87BC-459A-9801-35A62907F0D0}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1489C203-90CB-48CE-B2E3-6B741FC775D0}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{33DDA892-0DE0-4957-A6E1-7D1FA3D6A9BB}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{00142ED8-E14A-4C38-AF65-8DECAF5271B3}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{021D7705-BD0C-4A63-9211-47F76ADE9DA2}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6B7F2EC3-4724-4020-80E7-F1431483ED04}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D405364A-1ADD-4A5C-8BF7-DBA876C8A56C}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4E021615-344A-43B7-9915-B8A61CEC2940}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D9637BF2-ED1D-4610-8AC6-09CA15E86B32}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{11911BB5-C8B1-455C-8EB0-D77CB20F05F1}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{54A30436-936D-4B2A-B239-40D0C0950954}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{39F1A6CA-52F8-4251-81BA-B221815A2214}] => C:\Program Files (x86)\Opera\42.0.2393.351\opera.exe
FirewallRules: [{18A60A70-2D32-4570-8175-0733312C63D9}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C8B757A6-6172-4065-9EF9-078109DF6636}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F82634EB-6087-45C7-8201-412CAD11B1CC}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1C127869-36EF-4D14-8552-D5700B427086}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E6792C0B-CF96-41DA-B5FF-6DDD3B5C3921}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{14675425-AA03-4C25-8414-74F6BF54D030}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2686DBA9-5C60-462F-A5C4-DA7114D582AA}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{15F0E866-00BC-4B7F-A0A8-D1B42F2D35A6}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1A429D9-FF62-40C0-882B-51C10234A657}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C756F404-ABA3-4F71-AE5E-845BFAF1C835}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6234B63B-C94C-40D8-843F-71B2C62F9AED}] => C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
FirewallRules: [{4B78F1D3-72B7-4929-B745-3D2AD083900E}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CC7BB779-6D99-4F07-8051-6ABE801D175B}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{21740CC4-D0EA-44DF-9EBF-5B4042693DAD}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{316E2660-6EAB-4565-A1BD-8EEFB6E2793F}] => D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D197CEED-8979-49B5-8119-29A28205AA9F}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{A1B2D06C-A51E-4AE0-BA6F-3FD5706CA1FE}] => C:\Windows\System32\rundll32.exe

==================== Restore Points =========================

