Closed/Inactive Need help, laptop cannot connect to certain websites.

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Welcome to our Community
Wanting to join the rest of our members? Feel free to sign up today.
Sign up
Status
Not open for further replies.

Joshua Bobbitt

PCHF Member
PCHF Member
Oct 26, 2016
26
3
22
Currently on my phone as my laptop cannot connect to this site. I had a bunch of malware yesterday, and got rid of it all using malwarebytes, but now certain programs cannot connect to the internet, and I cannot connect to certain websites. I try to go on Facebook, it gives me a dns server not found, yet I can easily get onto Reddit. Skype cannot connect to the internet, yet Steam can. I've no clue what to do now, I need help.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,389
551
@Joshua Bobbitt Please run FRST from Safe Mode With Networking if needed. :)

Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.

If you are unsure if your operating system is 32 or 64 Bit please go HERE.

Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu"



If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
Frst will open with two dialogue boxes, accept the disclaimer.


  1. Accept the default whitelist options,
  2. If the additions.txt options box is not checked please select it.
  3. Then select "Scan"



Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.



Please Copy and Paste the contents of these logs in your next post for review.
 

Joshua Bobbitt

PCHF Member
PCHF Member
Oct 26, 2016
26
3
22
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Josh (administrator) on JOSH-PC (26-10-2016 10:54:51)
Running from D:\Downloads
Loaded Profiles: Josh (Available Profiles: Josh)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2886416 2012-03-01] (Synaptics Incorporated)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-10-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [materialized] => "C:\Program Files (x86)\gowen\segel.exe"
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-19] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [1632560 2013-09-06] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3Di Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [880640 2011-12-21] (Creative Technology Ltd)
HKLM-x32\...\Run: [eastman] => "C:\Program Files (x86)\gowen\segel.exe"
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-06-02] (Nota Inc.)
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [Spotify Web Helper] => C:\Users\Josh\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-20] (Spotify Ltd)
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29642368 2016-09-12] (Skype Technologies S.A.)
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [reconvenes] => "C:\Program Files (x86)\gowen\segel.exe"
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [gambrell] => "C:\Program Files (x86)\gowen\segel.exe"
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [cares] => "C:\Program Files (x86)\polygamy\cares.exe"
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [militants] => "C:\Program Files (x86)\gowen\segel.exe"
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\MountPoints2: G - G:\OriginSetup.exe
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\MountPoints2: H - H:\setup.exe
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\MountPoints2: {e7c743ff-75e0-11e5-a21d-2016d891c3a4} - G:\LaunchU3.exe -a
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-06-04]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CheVolume.lnk [2016-05-14]
ShortcutTarget: CheVolume.lnk -> D:\CheVolume\CheVolume.exe (WellWeWeb)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk [2015-06-04]
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\remembrances.lnk [2016-10-25]
ShortcutTarget: remembrances.lnk -> C:\Program Files (x86)\gowen\segel.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [174592 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [174592 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [174592 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [174592 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [174592 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [189952 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [189952 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [189952 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [189952 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\BfLLR.dll [189952 2012-02-15] (Bigfoot Networks, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{498BA7C9-35C6-484B-A5DD-DAA56319F437}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-01] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-01] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-12] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-02-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-02-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-25] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Josh\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2015-12-10] ()
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Josh\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2015-12-10] (Hola)
FF Plugin HKU\S-1-5-21-2025992066-4083076924-3298436488-1000: @hola.org/FlashPlayer -> C:\Users\Josh\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2015-12-10] ()
FF Plugin HKU\S-1-5-21-2025992066-4083076924-3298436488-1000: @hola.org/vlc -> C:\Users\Josh\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2015-12-10] (Hola)
FF Plugin HKU\S-1-5-21-2025992066-4083076924-3298436488-1000: @nsroblox.roblox.com/launcher -> C:\Users\Josh\AppData\Local\Roblox\Versions\version-fe88b67aa44a44d9\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2025992066-4083076924-3298436488-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Josh\AppData\Local\Roblox\Versions\version-fe88b67aa44a44d9\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2025992066-4083076924-3298436488-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Josh\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://www-searching.com/?pid=s&s=G4Qzftpbl0cshmoBN,7f10bc9c-0776-4b48-9f8d-9c830b8934cd,&vp=ch&prd=set_ch
CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=G4Qzftpbl0cshmoBN,7f10bc9c-0776-4b48-9f8d-9c830b8934cd,&vp=ch&prd=set_ch"
CHR Profile: C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-04]
CHR Extension: (uBlock Origin) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-03-12]
CHR Extension: (Steam Inventory Helper) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-11-02]
CHR Extension: (Musixmatch Lyrics for YouTube) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfenjblodoldnbiddmggcbkcapiolbig [2015-07-21]
CHR Extension: (Google Docs Offline) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-06-04]
CHR Extension: (Clickable Links) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgamelhnfokapndfdodnmfiningckjia [2016-02-26]
CHR Extension: (Project Naptha) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\molncoemjfmpgdkbdlbjmhlcgniigdnf [2015-06-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-04]
CHR Extension: (Lunapic Right Click Edit) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglcbfocdkemachifmnimbblndgmlhbi [2015-06-04]
CHR Extension: (Chrome Media Router) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-12] ()
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2016-10-22] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-10-22] (Creative Labs) [File not signed]
S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
S2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122880 2012-03-27] (Creative Technology Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-10-21] (EasyAntiCheat Ltd)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-23] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-01] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310960 2016-09-27] (Overwolf LTD)
S2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [492032 2012-02-15] () [File not signed]
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-04] ()
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Ak27x64; C:\Windows\System32\DRIVERS\Ak27x64.sys [2740328 2012-02-15] (Bigfoot Networks, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2012-02-23] (Broadcom Corporation.)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [75880 2012-02-15] (Bigfoot Networks, Inc.)
S3 cthda; C:\Windows\System32\drivers\cthda.sys [1052760 2012-03-27] (Creative Technology Ltd)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [48464 2015-06-19] (Dell Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-26] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-01-26] (The OpenVPN Project)
S3 rzjstk; C:\Windows\System32\DRIVERS\rzjstk.sys [36568 2015-08-13] (Razer Inc)
S3 rzkeypadendpt; C:\Windows\System32\DRIVERS\rzkeypadendpt.sys [44760 2015-08-13] (Razer Inc)
S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-03] (STMicroelectronics)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42088 2015-06-03] (Anchorfree Inc.)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-28] (Microsoft Corporation) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-26 10:54 - 2016-10-26 10:54 - 00000882 _____ C:\Users\Josh\Desktop\FRST64 - Shortcut.lnk
2016-10-26 10:53 - 2016-10-26 10:54 - 00000000 ____D C:\FRST
2016-10-25 20:59 - 2016-10-25 21:00 - 00000080 _____ C:\Users\Public\Desktop\Mirror's EdgeT Catalyst.lnk
2016-10-25 20:50 - 2016-10-26 10:09 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-25 20:49 - 2016-10-25 21:00 - 00001100 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-10-25 19:41 - 2016-10-25 20:56 - 00000000 ____D C:\Users\Josh\AppData\Roaming\.minecraft
2016-10-25 19:40 - 2016-10-25 21:00 - 00000590 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-10-25 18:22 - 2016-10-26 08:45 - 00000336 _____ C:\Windows\setupact.log
2016-10-25 18:22 - 2016-10-25 22:27 - 00563704 _____ C:\Windows\PFRO.log
2016-10-25 18:22 - 2016-10-25 18:22 - 00000000 _____ C:\Windows\setuperr.log
2016-10-25 17:16 - 2016-10-25 21:00 - 00002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-25 17:16 - 2016-10-25 21:00 - 00002253 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-25 17:15 - 2016-10-26 10:20 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-25 17:15 - 2016-10-26 08:45 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-25 17:15 - 2016-10-25 17:15 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-10-25 17:15 - 2016-10-25 17:15 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-10-25 17:04 - 2016-10-25 17:17 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-25 17:04 - 2016-10-25 17:09 - 00000000 ___HD C:\Program Files (x86)\polygamy
2016-10-25 17:04 - 2016-10-25 17:09 - 00000000 ___HD C:\Program Files (x86)\gowen
2016-10-25 17:04 - 2016-10-25 17:04 - 19397312 _____ (Adobe Systems Incorporated) C:\Users\Josh\AppData\Local\install_flash_player_21_active_x.exe
2016-10-25 17:04 - 2016-10-25 17:04 - 00000000 _____ C:\Windows\system32\__000000013FECCA61__C0000005.dmp
2016-10-25 17:03 - 2016-10-25 17:04 - 00000003 _____ C:\Users\Josh\AppData\Local\run1.txt
2016-10-25 17:02 - 2016-10-25 17:03 - 00000000 ____D C:\Program Files (x86)\AnonymizerGadget
2016-10-25 17:02 - 2016-10-25 17:02 - 00000000 ____D C:\Users\Josh\AppData\Roaming\AGData
2016-10-25 17:01 - 2016-10-25 17:04 - 00000000 ____D C:\Windows\system32\SSL
2016-10-25 15:53 - 2016-10-25 15:53 - 00194460 _____ C:\Users\Josh\AppData\Local\93105.exe
2016-10-25 15:53 - 2016-10-25 15:53 - 00127660 _____ C:\Users\Josh\AppData\Local\38450.exe
2016-10-25 15:53 - 2016-10-25 15:53 - 00059657 _____ C:\Users\Josh\AppData\Local\80824.exe
2016-10-25 15:53 - 2016-10-25 15:53 - 00040887 _____ C:\Users\Josh\AppData\Local\59372.exe
2016-10-25 15:53 - 2016-10-25 15:53 - 00034216 _____ C:\Users\Josh\AppData\Local\25321.exe
2016-10-25 10:36 - 2016-10-25 10:36 - 00000000 ____D C:\ProgramData\Synetic
2016-10-24 10:11 - 2016-10-24 10:11 - 01829560 _____ C:\Windows\841023b9c5eb2bd66f712419c7abfaed.exe
2016-10-22 07:45 - 2016-10-22 07:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2016-10-22 07:45 - 2012-01-13 11:23 - 01944064 ____N (Creative) C:\Windows\system32\Sens_oal.dll
2016-10-22 07:45 - 2012-01-13 11:21 - 02906586 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2016-10-22 07:45 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\Windows\Updreg.EXE
2016-10-21 18:38 - 2016-10-21 18:38 - 00000000 ____D C:\Program Files\Creative
2016-10-21 05:59 - 2012-03-27 18:58 - 01052760 _____ (Creative Technology Ltd) C:\Windows\system32\Drivers\CtHda.sys
2016-10-21 05:59 - 2012-03-27 18:54 - 00134144 _____ (Creative Technology Ltd) C:\Windows\system32\CtHdaS64.exe
2016-10-21 05:59 - 2012-03-27 18:53 - 00574464 _____ (Creative Technology Ltd) C:\Windows\system32\CtHdaC64.dll
2016-10-21 05:59 - 2012-03-27 18:52 - 00470016 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaCtl.dll
2016-10-21 05:59 - 2012-03-27 18:52 - 00122880 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
2016-10-21 05:59 - 2012-03-02 22:41 - 00025088 _____ (Creative Technology Ltd.) C:\Windows\MEptDef.exe
2016-10-21 05:59 - 2012-02-29 12:34 - 00010240 ____R (Creative Technology Ltd.) C:\Windows\InstHlp.exe
2016-10-21 05:59 - 2012-02-13 19:16 - 00889856 _____ (Creative Technology Ltd.) C:\Windows\system32\CtHRFX64.dll
2016-10-21 05:59 - 2012-02-13 19:15 - 00011180 _____ C:\Windows\CtHRFX64.hda
2016-10-21 05:59 - 2011-10-24 10:02 - 00004850 _____ C:\Windows\cthdaeng.reg
2016-10-21 05:59 - 2010-09-15 11:39 - 00235520 _____ (Creative Technology Limited) C:\Windows\system32\CtDco64.dll
2016-10-21 05:59 - 2006-12-05 14:52 - 00048400 _____ (Creative Technology Ltd.) C:\Windows\AddCat.exe
2016-10-15 11:05 - 2016-10-25 17:00 - 00002017 ____R C:\Users\Public\Desktop\Маfiа II.lnk
2016-10-15 10:56 - 2016-10-15 10:56 - 00000000 ____D C:\Windows\64467D47FFE44FBCABBAA0DB829A17EB.TMP
2016-10-13 11:29 - 2016-10-13 11:29 - 00004608 _____ C:\Users\Josh\AppData\Local\dnow.exe
2016-10-12 11:28 - 2016-10-12 11:28 - 03127136 _____ C:\Users\Josh\Desktop\Chipset_Intel_W74_MG1JJ_A00-Setup_ZPE.exe
2016-10-12 11:26 - 2016-10-25 17:15 - 00000000 ____D C:\Users\Josh\AppData\Local\Deployment
2016-10-12 11:26 - 2016-10-12 11:26 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2016-10-12 10:17 - 2016-10-12 11:36 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-10-12 10:17 - 2015-05-27 17:38 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-10-12 09:47 - 2016-10-12 09:47 - 00000000 ____D C:\Users\Josh\AppData\LocalLow\AMD
2016-10-12 09:45 - 2016-10-12 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-10-12 09:32 - 2016-10-26 08:45 - 00000356 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2016-10-12 09:32 - 2016-10-12 09:38 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
2016-10-12 09:32 - 2016-10-12 09:32 - 00000000 ____D C:\Users\Josh\AppData\Local\DriverToolkit
2016-10-12 09:03 - 2016-10-12 09:03 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-10-12 08:55 - 2015-06-04 13:33 - 00021984 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2016-10-12 08:25 - 2016-10-26 08:45 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-12 08:25 - 2016-10-25 21:00 - 00000961 _____ C:\Users\Public\Desktop\Steam.lnk
2016-10-12 08:24 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-10-12 08:24 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-10-12 08:24 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-10-12 08:20 - 2016-10-12 08:24 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Riot Games
2016-10-12 08:18 - 2016-10-25 21:00 - 00002691 _____ C:\Users\Public\Desktop\Skype.lnk
2016-10-12 08:18 - 2016-10-12 08:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-10-12 08:18 - 2016-10-12 08:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-10-12 02:47 - 2016-10-12 02:48 - 00001908 _____ C:\Windows\diagwrn.xml
2016-10-12 02:47 - 2016-10-12 02:48 - 00001908 _____ C:\Windows\diagerr.xml
2016-10-12 02:44 - 2016-10-12 09:48 - 00000000 ____D C:\Program Files\IDT
2016-10-12 02:44 - 2016-10-12 02:44 - 00000000 ____D C:\SWSetup
2016-10-12 02:10 - 2015-12-16 14:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-10-12 02:10 - 2015-12-16 14:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-10-12 02:10 - 2015-12-16 14:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-10-12 02:10 - 2015-12-16 14:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-10-12 02:10 - 2015-12-16 14:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-10-12 02:10 - 2015-12-16 14:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-10-12 02:10 - 2015-12-16 14:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-10-12 02:10 - 2015-12-16 14:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-10-12 02:10 - 2015-08-05 13:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-10-12 02:10 - 2015-08-05 13:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-10-12 01:42 - 2016-10-25 17:17 - 19640512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-10-11 21:10 - 2016-09-30 16:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-11 21:10 - 2016-09-30 15:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-11 21:10 - 2016-09-30 11:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-11 21:10 - 2016-09-30 11:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-11 21:10 - 2016-09-30 11:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-11 21:10 - 2016-09-30 03:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-11 21:10 - 2016-09-30 02:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-11 21:10 - 2016-09-30 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 21:10 - 2016-09-30 02:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-11 21:10 - 2016-09-30 02:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-11 21:10 - 2016-09-30 02:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-11 21:10 - 2016-09-30 02:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-11 21:10 - 2016-09-30 02:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-11 21:10 - 2016-09-30 02:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-11 21:10 - 2016-09-30 02:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-11 21:10 - 2016-09-30 02:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-11 21:10 - 2016-09-30 02:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-11 21:10 - 2016-09-30 02:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-11 21:10 - 2016-09-30 02:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-11 21:10 - 2016-09-30 02:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-11 21:10 - 2016-09-30 02:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-11 21:10 - 2016-09-30 02:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-11 21:10 - 2016-09-30 02:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 21:10 - 2016-09-30 02:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-11 21:10 - 2016-09-30 01:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 21:10 - 2016-09-30 01:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-11 21:10 - 2016-09-30 01:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-11 21:10 - 2016-09-30 01:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-11 21:10 - 2016-09-30 01:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-11 21:10 - 2016-09-30 01:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-11 21:10 - 2016-09-30 01:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-11 21:10 - 2016-09-30 01:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-11 21:10 - 2016-09-30 01:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-11 21:10 - 2016-09-30 01:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-11 21:10 - 2016-09-30 01:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-11 21:10 - 2016-09-30 01:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-11 21:10 - 2016-09-30 01:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-11 21:10 - 2016-09-30 01:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-11 21:10 - 2016-09-30 01:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-11 21:10 - 2016-09-30 01:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-11 21:10 - 2016-09-30 01:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-11 21:10 - 2016-09-30 01:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-11 21:10 - 2016-09-30 01:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-11 21:10 - 2016-09-30 01:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-11 21:10 - 2016-09-30 01:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-11 21:10 - 2016-09-30 01:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-11 21:10 - 2016-09-30 01:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-11 21:10 - 2016-09-30 01:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-11 21:10 - 2016-09-30 01:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-11 21:10 - 2016-09-30 01:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-11 21:10 - 2016-09-30 01:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-11 21:10 - 2016-09-30 01:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-11 21:10 - 2016-09-30 01:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-11 21:10 - 2016-09-30 01:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-11 21:10 - 2016-09-30 01:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-11 21:10 - 2016-09-30 01:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-11 21:10 - 2016-09-30 01:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-11 21:10 - 2016-09-30 01:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-11 21:10 - 2016-09-30 01:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-11 21:10 - 2016-09-30 01:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-11 21:10 - 2016-09-30 01:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-11 21:10 - 2016-09-30 01:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-11 21:10 - 2016-09-30 01:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-11 21:10 - 2016-09-30 01:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-11 21:10 - 2016-09-30 01:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-11 21:10 - 2016-09-30 00:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-11 21:10 - 2016-09-30 00:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-11 21:10 - 2016-09-30 00:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-11 21:10 - 2016-09-30 00:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-11 21:10 - 2016-09-15 11:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-11 21:10 - 2016-09-15 11:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-11 21:10 - 2016-09-15 11:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-11 21:10 - 2016-09-15 11:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-11 21:10 - 2016-09-12 17:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-11 21:10 - 2016-09-12 17:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-11 21:10 - 2016-09-12 17:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-11 21:10 - 2016-09-12 17:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-11 21:10 - 2016-09-12 16:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-11 21:10 - 2016-09-12 16:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-11 21:10 - 2016-09-12 16:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-11 21:10 - 2016-09-12 16:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-11 21:10 - 2016-09-12 16:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-11 21:10 - 2016-09-12 16:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-11 21:10 - 2016-09-12 16:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-11 21:10 - 2016-09-12 16:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-11 21:10 - 2016-09-12 15:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-11 21:10 - 2016-09-12 14:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-11 21:10 - 2016-09-12 14:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-11 21:10 - 2016-09-10 12:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-11 21:10 - 2016-09-10 11:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-11 21:10 - 2016-09-09 14:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-11 21:10 - 2016-09-09 14:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-11 21:10 - 2016-09-09 14:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-11 21:10 - 2016-09-09 14:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-11 21:10 - 2016-09-09 14:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-11 21:10 - 2016-09-09 14:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-11 21:10 - 2016-09-09 14:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 21:10 - 2016-09-09 13:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-11 21:10 - 2016-09-09 13:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 21:10 - 2016-09-09 13:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-11 21:10 - 2016-09-09 13:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-11 21:10 - 2016-09-09 13:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-11 21:10 - 2016-09-09 13:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-11 21:10 - 2016-09-09 13:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-11 21:10 - 2016-09-09 13:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-11 21:10 - 2016-09-09 13:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-11 21:10 - 2016-09-09 13:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-11 21:10 - 2016-09-08 16:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-11 21:10 - 2016-09-08 16:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-11 21:10 - 2016-09-08 16:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-11 21:10 - 2016-09-08 16:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-11 21:10 - 2016-09-08 10:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-11 21:10 - 2016-09-08 10:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-11 21:10 - 2016-08-29 11:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-11 21:10 - 2016-08-29 11:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-11 21:10 - 2016-08-29 11:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-11 21:10 - 2016-08-29 11:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-11 21:10 - 2016-08-29 11:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-11 21:10 - 2016-08-29 11:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-11 21:10 - 2016-08-29 11:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-11 21:10 - 2016-08-29 10:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-11 21:10 - 2016-08-16 16:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-11 21:10 - 2016-08-16 16:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-11 21:10 - 2016-08-16 16:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-11 21:10 - 2016-08-16 16:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-11 21:10 - 2016-08-16 16:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-11 21:10 - 2016-08-16 16:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-11 21:10 - 2016-08-16 16:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-11 21:10 - 2016-08-12 13:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 21:10 - 2016-08-12 13:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 21:10 - 2016-08-12 13:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-11 21:10 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-11 21:10 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-11 21:10 - 2016-08-12 12:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-11 21:10 - 2016-08-12 12:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-11 21:10 - 2016-08-12 12:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-11 21:10 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-11 21:10 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-11 21:10 - 2016-08-12 12:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-11 21:10 - 2016-08-06 11:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-11 21:10 - 2016-08-06 11:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 21:10 - 2016-08-06 11:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-11 21:10 - 2016-08-06 11:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-11 21:10 - 2016-08-06 11:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-11 21:10 - 2016-08-06 11:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-11 21:10 - 2016-08-06 11:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-11 21:10 - 2016-08-06 11:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-11 21:10 - 2016-08-06 11:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-11 21:10 - 2016-08-06 11:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-11 21:10 - 2016-08-06 11:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-11 21:10 - 2016-08-06 11:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 21:10 - 2016-08-06 11:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-11 21:10 - 2016-08-06 10:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-11 21:10 - 2016-08-06 10:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-11 21:10 - 2016-08-06 10:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-11 21:10 - 2016-07-22 10:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-11 21:10 - 2016-07-22 10:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-11 21:10 - 2016-06-14 13:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-11 21:10 - 2016-06-14 13:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-11 21:10 - 2016-06-14 13:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-11 21:10 - 2016-06-14 11:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-11 21:10 - 2016-06-14 11:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-11 21:10 - 2016-06-14 11:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-11 21:10 - 2016-06-14 11:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-11 21:10 - 2016-06-14 11:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-11 21:10 - 2016-06-14 11:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-11 21:10 - 2016-06-14 11:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-11 21:10 - 2016-06-14 11:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-05 17:38 - 2016-10-05 17:38 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-05 17:38 - 2016-09-09 14:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-10-05 17:38 - 2016-09-09 14:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-10-05 17:38 - 2016-09-09 14:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-10-05 17:38 - 2016-09-09 14:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-10-04 22:37 - 2016-10-04 22:37 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-10-04 22:32 - 2016-10-04 22:32 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-10-04 22:20 - 2016-10-04 22:20 - 08847888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00519048 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-10-04 22:20 - 2016-10-04 22:20 - 00294792 _____ C:\Windows\system32\dgtrayicon.exe
2016-10-04 22:20 - 2016-10-04 22:20 - 00289160 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-10-04 22:20 - 2016-10-04 22:20 - 00286600 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00275336 _____ C:\Windows\system32\GameManager64.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00201608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00175496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00151056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00122760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00110472 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00107400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00107400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00020360 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 15728008 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 14318984 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 10976880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 09926536 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 08065928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 02481032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 02163592 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 01333128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00998280 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00998280 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00525704 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-10-04 22:19 - 2016-10-04 22:19 - 00458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00402312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-10-04 22:19 - 2016-10-04 22:19 - 00349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2016-10-04 22:19 - 2016-10-04 22:19 - 00248200 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00230280 _____ C:\Windows\system32\atieah64.exe
2016-10-04 22:19 - 2016-10-04 22:19 - 00221064 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00208264 _____ C:\Windows\SysWOW64\atieah32.exe
2016-10-04 22:19 - 2016-10-04 22:19 - 00160136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00155016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00145400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00141280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00136584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00134536 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00129416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00124776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00117640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00108936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00078728 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00072072 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00068488 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2016-10-04 22:19 - 2016-10-04 22:19 - 00065416 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00059784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 48824712 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 38268808 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 27489672 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 27291016 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 21640584 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 09311624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 07363976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00841608 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00676232 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00305544 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-10-04 22:18 - 2016-10-04 22:18 - 00269192 _____ C:\Windows\system32\clinfo.exe
2016-10-04 22:18 - 2016-10-04 22:18 - 00267656 _____ C:\Windows\system32\hsa-thunk64.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00233352 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00112520 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00103304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00082824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00066952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00066440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00054664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-10-04 22:17 - 2016-10-04 22:17 - 33241992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-10-04 22:17 - 2016-10-04 22:17 - 26556416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-10-04 21:38 - 2016-10-04 21:38 - 00755472 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-10-04 21:38 - 2016-10-04 21:38 - 00755472 _____ C:\Windows\system32\atiapfxx.blb
2016-10-04 21:33 - 2016-10-04 21:33 - 00000000 ____D C:\Users\Josh\Documents\Mirrors Edge Catalyst
2016-10-04 21:20 - 2016-10-04 21:20 - 00166560 _____ C:\Windows\system32\amde34b.dat
2016-10-04 21:20 - 2016-10-04 21:20 - 00166560 _____ C:\Windows\system32\amde34a.dat
2016-10-04 19:04 - 2016-10-04 19:04 - 00000642 ____N C:\Users\Public\Desktop\Mirror's Edge™ Catalyst.lnk
2016-09-29 16:00 - 2016-09-29 16:00 - 00100832 _____ C:\Windows\system32\ativce02.dat
2016-09-29 15:58 - 2016-09-29 15:58 - 00177280 _____ C:\Windows\system32\ativce03.dat
2016-09-29 15:56 - 2016-09-29 15:56 - 00175584 _____ C:\Windows\system32\amde31a.dat
2016-09-28 17:20 - 2016-09-28 18:44 - 00000000 ____D C:\Users\Josh\AppData\Local\PAYDAY 2
2016-09-28 00:44 - 2016-09-28 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-09-27 23:55 - 2016-09-27 23:56 - 00000000 ____D C:\Users\Josh\Documents\NFS Most Wanted
2016-09-27 23:52 - 2016-10-15 10:56 - 00000000 ____D C:\Program Files (x86)\Mr DJ
2016-09-27 23:44 - 2016-09-27 23:44 - 00000000 ____D C:\Users\Josh\AppData\Local\HirezLauncherUI

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-26 10:52 - 2015-06-04 22:36 - 01255646 _____ C:\Windows\WindowsUpdate.log
2016-10-26 10:39 - 2015-06-04 23:48 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Skype
2016-10-26 10:17 - 2015-11-20 17:50 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-26 08:53 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-26 08:53 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-26 08:51 - 2009-07-14 01:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-26 08:45 - 2015-11-17 01:40 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2016-10-26 08:45 - 2015-06-04 23:00 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2016-10-26 08:45 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-25 22:33 - 2016-08-25 17:22 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-10-25 22:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-10-25 21:01 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system
2016-10-25 21:00 - 2016-05-14 18:55 - 00000552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\CheVolume.lnk
2016-10-25 21:00 - 2016-05-14 13:24 - 00000401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Party Hard.lnk
2016-10-25 21:00 - 2016-05-08 10:08 - 00001768 _____ C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-10-25 21:00 - 2016-03-10 15:39 - 00000675 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A Story About My Uncle.lnk
2016-10-25 21:00 - 2015-12-01 12:01 - 00002554 _____ C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-10-25 21:00 - 2015-11-05 17:58 - 00001035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-10-25 21:00 - 2015-10-17 13:05 - 00002056 _____ C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2016-10-25 21:00 - 2015-06-05 01:34 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-10-25 21:00 - 2015-06-05 01:34 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-10-25 21:00 - 2015-06-05 00:33 - 00000812 _____ C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2016-10-25 21:00 - 2009-07-14 01:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-10-25 21:00 - 2009-07-14 00:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-25 21:00 - 2009-07-14 00:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-10-25 21:00 - 2009-07-14 00:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-10-25 21:00 - 2009-07-14 00:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-10-25 21:00 - 2009-07-14 00:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-10-25 21:00 - 2009-07-14 00:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-10-25 20:59 - 2016-01-08 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite 3
2016-10-25 20:59 - 2015-09-22 19:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\METAL GEAR RISING REVENGEANCE
2016-10-25 20:59 - 2015-06-12 08:07 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-10-25 20:49 - 2015-06-04 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-25 20:49 - 2015-06-04 23:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-25 20:22 - 2016-01-20 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2016-10-25 20:22 - 2016-01-20 18:16 - 00000000 ____D C:\Program Files (x86)\NCWest
2016-10-25 19:40 - 2015-09-16 23:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-10-25 18:21 - 2015-12-01 12:00 - 00000000 ____D C:\Users\Josh\AppData\Roaming\uTorrent
2016-10-25 18:21 - 2015-11-05 18:16 - 00000000 ____D C:\Users\Josh\AppData\Roaming\TeamViewer
2016-10-25 18:21 - 2015-06-05 02:33 - 00000000 ____D C:\Windows\Panther
2016-10-25 18:21 - 2015-06-05 00:33 - 00000000 ____D C:\Users\Josh\AppData\Roaming\BitTorrent
2016-10-25 17:17 - 2015-11-20 17:50 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-25 17:17 - 2015-11-20 17:50 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-25 17:17 - 2015-07-15 02:22 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-25 17:17 - 2015-07-15 02:22 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-25 17:16 - 2015-06-04 23:16 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-25 17:07 - 2015-06-05 00:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-25 17:01 - 2015-07-10 02:25 - 00002112 ____R C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Тоr Вrоwsеr.lnk
2016-10-25 17:01 - 2015-06-04 23:16 - 00002316 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-10-25 17:01 - 2015-06-04 22:36 - 00002048 ____R C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk
2016-10-25 10:46 - 2015-09-08 00:21 - 00000000 ____D C:\Users\Josh\AppData\Local\Battle.net
2016-10-24 17:38 - 2016-01-15 13:12 - 00000000 ____D C:\Users\Josh\AppData\Local\wf-launcher
2016-10-24 17:38 - 2016-01-15 13:12 - 00000000 ____D C:\ProgramData\GFACE
2016-10-24 16:13 - 2016-07-07 18:26 - 00000000 ____D C:\Users\Josh\AppData\Local\Ubisoft Game Launcher
2016-10-22 19:23 - 2016-09-01 00:28 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-10-22 07:46 - 2015-06-04 22:43 - 00000000 ____D C:\ProgramData\Creative
2016-10-22 07:45 - 2015-06-04 22:43 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2016-10-22 07:45 - 2015-06-04 22:43 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2016-10-22 07:45 - 2015-06-04 22:43 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2016-10-22 07:45 - 2015-06-04 22:43 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2016-10-22 07:45 - 2015-06-04 22:42 - 00000523 ___RH C:\Windows\ctfile.rfc
2016-10-22 07:45 - 2015-06-04 22:42 - 00000000 ____D C:\Program Files (x86)\Creative
2016-10-21 17:44 - 2015-06-06 20:14 - 00000000 ____D C:\Users\Josh\AppData\Roaming\vlc
2016-10-21 17:32 - 2016-04-08 10:32 - 00249104 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2016-10-15 11:05 - 2016-06-21 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2016-10-15 11:05 - 2015-09-22 19:18 - 00000000 ____D C:\Users\Josh\AppData\Local\SKIDROW
2016-10-15 10:56 - 2015-06-05 00:16 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-10-14 09:40 - 2015-09-27 19:30 - 00000000 ____D C:\Users\Josh\Documents\Rockstar Games
2016-10-14 09:39 - 2015-09-27 19:30 - 00000000 ____D C:\Program Files\Rockstar Games
2016-10-14 09:39 - 2015-09-27 19:30 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-10-13 02:35 - 2015-07-28 12:59 - 00000000 ____D C:\Users\Josh\AppData\Roaming\PortForward.com
2016-10-13 02:34 - 2015-07-28 12:59 - 00000000 ____D C:\Users\Josh\AppData\Local\Downloaded Installations
2016-10-12 11:26 - 2016-04-26 18:47 - 00000000 ____D C:\Users\Josh\AppData\Local\Apps\2.0
2016-10-12 10:17 - 2015-06-04 22:45 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-10-12 10:17 - 2015-06-04 22:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-10-12 09:58 - 2015-06-04 22:44 - 00000000 ____D C:\Program Files\Intel
2016-10-12 09:51 - 2016-07-07 18:37 - 00000000 ____D C:\Users\Josh\AppData\Local\AMD
2016-10-12 09:43 - 2015-06-23 09:21 - 00000000 ____D C:\Program Files\AMD
2016-10-12 09:42 - 2015-06-23 09:18 - 00000000 ____D C:\AMD
2016-10-12 09:30 - 2015-06-09 08:23 - 00000000 ____D C:\Users\Public\Creative
2016-10-12 08:55 - 2015-06-04 22:44 - 00000000 ____D C:\ProgramData\Intel
2016-10-12 08:25 - 2015-06-04 23:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-10-12 08:18 - 2015-06-04 23:19 - 00000000 ____D C:\ProgramData\Skype
2016-10-12 04:14 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-10-12 03:31 - 2015-06-04 22:54 - 00774404 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-10-12 03:03 - 2009-07-14 01:08 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-12 02:40 - 2009-07-14 00:45 - 00269128 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 02:39 - 2015-06-11 09:32 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 02:39 - 2015-06-11 09:32 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 02:39 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-12 02:39 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-12 02:32 - 2015-06-04 22:36 - 00000000 __SHD C:\Recovery
2016-10-12 02:12 - 2015-06-09 08:15 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-12 02:12 - 2015-06-09 08:15 - 00000000 ____D C:\Windows\system32\MRT
2016-10-08 06:21 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-04 22:21 - 2016-09-16 15:42 - 00139720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-10-04 22:20 - 2016-09-16 15:42 - 07213248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-10-04 22:20 - 2016-09-16 15:42 - 00170072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-10-04 22:20 - 2016-09-16 15:42 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-10-04 22:20 - 2016-07-18 16:39 - 00240008 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-10-04 22:20 - 2014-09-03 08:55 - 00020360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2016-10-04 22:19 - 2016-09-16 15:41 - 10937728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-10-04 22:19 - 2016-09-16 15:41 - 09981352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-10-04 22:19 - 2016-09-16 15:41 - 09094552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-10-04 22:19 - 2016-09-16 15:41 - 01551344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-10-04 22:19 - 2016-09-16 15:40 - 01274256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-10-04 22:18 - 2016-09-16 15:40 - 00892296 _____ (AMD) C:\Windows\system32\coinst_16.40.dll
2016-10-02 16:06 - 2016-07-14 04:06 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-10-02 04:06 - 2016-07-14 04:06 - 00000002 _____ C:\END
2016-09-30 20:18 - 2015-06-05 00:31 - 00000000 ____D C:\Users\Josh\Documents\My Games
2016-09-28 00:44 - 2015-09-09 21:15 - 00000000 ____D C:\ProgramData\Hi-Rez Studios

==================== Files in the root of some directories =======

2016-04-26 18:46 - 2016-04-26 18:46 - 6494208 _____ () C:\Users\Josh\AppData\Roaming\agent.dat
2016-04-26 18:45 - 2016-04-26 18:45 - 0127488 _____ () C:\Users\Josh\AppData\Roaming\Installer.dat
2016-04-26 18:46 - 2016-04-26 18:46 - 0018432 _____ () C:\Users\Josh\AppData\Roaming\Main.dat
2016-04-26 18:46 - 2016-04-26 18:46 - 0072717 _____ () C:\Users\Josh\AppData\Roaming\ReLa.tst
2016-10-25 15:53 - 2016-10-25 15:53 - 0034216 _____ () C:\Users\Josh\AppData\Local\25321.exe
2016-10-25 15:53 - 2016-10-25 15:53 - 0127660 _____ () C:\Users\Josh\AppData\Local\38450.exe
2016-10-25 15:53 - 2016-10-25 15:53 - 0040887 _____ () C:\Users\Josh\AppData\Local\59372.exe
2016-10-25 15:53 - 2016-10-25 15:53 - 0059657 _____ () C:\Users\Josh\AppData\Local\80824.exe
2016-10-25 15:53 - 2016-10-25 15:53 - 0194460 _____ () C:\Users\Josh\AppData\Local\93105.exe
2015-09-21 10:32 - 2015-09-21 10:33 - 0003584 _____ () C:\Users\Josh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-13 11:29 - 2016-10-13 11:29 - 0004608 _____ () C:\Users\Josh\AppData\Local\dnow.exe
2016-10-25 17:04 - 2016-10-25 17:04 - 19397312 _____ (Adobe Systems Incorporated) C:\Users\Josh\AppData\Local\install_flash_player_21_active_x.exe
2015-08-13 22:31 - 2015-08-13 22:31 - 0000000 ___SH () C:\Users\Josh\AppData\Local\LumaEmu
2016-10-25 17:03 - 2016-10-25 17:04 - 0000003 _____ () C:\Users\Josh\AppData\Local\run1.txt
2016-07-14 09:08 - 2016-07-14 09:08 - 0000000 _____ () C:\Users\Josh\AppData\Local\{5325A75B-98C4-461C-A747-54717CACE3EE}

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-25 14:27

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Josh (2016-10-26 10:55:16)
Running from D:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-06-05 02:36:17)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2025992066-4083076924-3298436488-500 - Administrator - Disabled)
Guest (S-1-5-21-2025992066-4083076924-3298436488-501 - Limited - Disabled)
Josh (S-1-5-21-2025992066-4083076924-3298436488-1000 - Administrator - Enabled) => C:\Users\Josh

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
A Story About My Uncle (HKLM-x32\...\QVN0b3J5QWJvdXRNeVVuY2xl_is1) (Version: 1 - )
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.32.0.8C - )
Alienware On-Screen Display (x32 Version: 0.32.0.8C - ) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Assassin s Creed Syndicate v.1.12 (HKLM-x32\...\Assassin s Creed Syndicate_is1) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Battleborn Open Beta (HKLM\...\Steam App 451070) (Version: - )
BitTorrent (HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM\...\Steam App 261640) (Version: - 2K Australia)
Brawlhalla (HKLM\...\Steam App 291550) (Version: - Blue Mammoth Games)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
Call of Juarez - Gunslinger (HKLM-x32\...\Call of Juarez - Gunslinger_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Caster (HKLM\...\Steam App 29800) (Version: - Elecorn)
Catalyst Control Center Next Localization BR (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine)
CheVolume 0.4.1.2 (HKLM-x32\...\CheVolume 0.4.1.2) (Version: - WellWeWeb)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
DARK SOULS III (HKLM\...\Steam App 374320) (Version: - FromSoftware, Inc.)
DEADBOLT (HKLM-x32\...\1457453536_is1) (Version: 2.0.0.3 - GOG.com)
Dell System Detect (HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\58d94f3ce2c27db0) (Version: 7.9.0.10 - Dell)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version: - id Software)
Dying Light (HKLM\...\Steam App 239140) (Version: - Techland)
EasiSlides (HKLM-x32\...\{8372161B-103C-4BCA-98A1-4FC330B53A49}) (Version: 4.0.5000 - Wai Kuen Mo)
EMSC (x32 Version: 0.0.0.25 - Compal Electronics, Inc.) Hidden
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 1.003 - Ezvid, inc.)
Factorio version 0.12.3 (HKLM\...\Factorio_is1) (Version: - )
Far Cry 4 version 1.10.0.0 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.10.0.0 - Mr DJ)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org)
Gyazo 3.2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode One (HKLM\...\Steam App 380) (Version: - Valve)
Half-Life 2: Episode Two (HKLM\...\Steam App 420) (Version: - Valve)
Half-Life 2: Lost Coast (HKLM\...\Steam App 340) (Version: - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.5.5 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
Imouto Paradise! version 1.0 (HKLM-x32\...\{38073150-656E-4A04-8547-84D3531AB7D6}_is1) (Version: 1.0 - MangaGamer)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Just Cause 2: Multiplayer - Dedicated Server (HKLM\...\Steam App 261140) (Version: - )
KHOLAT (HKLM\...\Steam App 343710) (Version: - IMGN.PRO)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version: - Tripwire Interactive)
L.A. Noire (HKLM\...\Steam App 110800) (Version: - Team Bondi)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LEGO Marvels Avengers (HKLM-x32\...\LEGO Marvels Avengers_is1) (Version: - )
Mafia II version 1.0.0.0 (HKLM-x32\...\Mafia II_is1) (Version: 1.0.0.0 - Mr DJ)
Magic 2015 (HKLM-x32\...\Steam App 255420) (Version: - Stainless Games)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mass Effect (HKLM-x32\...\Steam App 17460) (Version: - BioWare)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version: - BioWare)
Max Payne 3 (HKLM-x32\...\Max Payne 3_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
MegaTrainer eXperience V1.0.2.8 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version: - )
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM\...\Steam App 287700) (Version: - Konami Digital Entertainment)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Mortal Kombat Komplete Edition (HKLM-x32\...\Steam App 237110) (Version: - NetherRealm Studios)
Mount Your Friends (HKLM-x32\...\Steam App 296470) (Version: - Stegersaurus Software Inc.)
Murder Miners (HKLM\...\Steam App 274900) (Version: - JForce Games)
Murdered - Soul Suspect (HKLM-x32\...\Murdered - Soul Suspect_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
My Game Long Name (HKLM\...\UDK-a08227e3-2b10-44d6-8ad7-041fe829817b) (Version: - Epic Games, Inc.)
NARUTO SHIPPUDEN Ultimate Ninja STORM 4 (HKLM-x32\...\NARUTO SHIPPUDEN Ultimate Ninja STORM 4_is1) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Oddworld: Munch's Oddysee (HKLM\...\Steam App 15740) (Version: - Oddworld Inhabitants)
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version: - Silver Dollar Games)
ONE PIECE PIRATE WARRIORS 3 (HKLM\...\Steam App 331600) (Version: - KOEI TECMO GAMES CO., LTD.)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Orcs Must Die! 2 (HKLM\...\Steam App 201790) (Version: - Robot Entertainment)
Overlord II (HKLM\...\Steam App 12810) (Version: - Triumph Studios)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.98.211.0 - Overwolf Ltd.)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Please, Don’t Touch Anything (HKLM\...\Steam App 354240) (Version: - Four Quarters)
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.0.11 - Portforward, LLC)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.3 - Power Software Ltd)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.304 - Qualcomm Atheros)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.304 - Qualcomm Atheros) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28549 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28094 - Realtek Semiconductor Corp.)
Resident Evil 6 / Biohazard 6 (HKLM\...\Steam App 221040) (Version: - Capcom)
Rise of the Tomb Raider (HKLM-x32\...\{45F08513-973A-4C18-93FD-8E12B1908390}_is1) (Version: - Square Enix)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
ROBLOX Player for Josh (HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios)
Sheltered (HKLM-x32\...\1454930864_is1) (Version: 2.0.0.2 - GOG.com)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
SMITE (HKLM\...\Steam App 386360) (Version: - Hi-Rez Studios)
Sniper Elite 3, âåðñèÿ 1.0 (HKLM-x32\...\Sniper Elite 3_is1) (Version: 1.0 - )
Sound Blaster Recon3Di (HKLM-x32\...\{C8AAFCDC-CD3A-40AD-9FA9-07FB70F08224}) (Version: 1.00.08 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0018 - ST Microelectronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sven Co-op (HKLM-x32\...\Steam App 225840) (Version: - Sven Co-op Team)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.2.0 - Synaptics Incorporated)
Synergy (HKLM\...\Steam App 17520) (Version: - Synergy Team)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version: - Berserk Games)
Tabletop Simulator (HKLM-x32\...\Steam App 286160) (Version: - Berserk Games)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Telegram Desktop version 0.10.1 (HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.10.1 - Telegram Messenger LLP)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac (HKLM\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\The Elder Scrolls V Skyrim - Legendary Edition_is1) (Version: - )
The Ship (HKLM-x32\...\Steam App 2400) (Version: - Outerlight Ltd.)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version: - Outerlight Ltd.)
The Typing of The Dead: Overkill (HKLM-x32\...\Steam App 246580) (Version: - Modern Dream)
The Witness v.1.0 u4 (HKLM-x32\...\The Witness_is1) (Version: - )
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version: - Ubisoft Montreal)
Tom Clancy's The Division (HKLM\...\Steam App 365590) (Version: - Massive Entertainment)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Town of Salem (HKLM\...\Steam App 334230) (Version: - BlankMediaGames)
Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds)
UmmyVideoDownloader (HKLM-x32\...\{73924FFF-7A47-424D-BA45-659BB5CC194A}_is1) (Version: 1.6.0.4 - )
Unity Web Player (HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Unreal Development Kit: 2012-07 (HKLM\...\UDK-e0c8661c-253d-4ccc-93a5-5544dd3ce4c8) (Version: - Epic Games, Inc.)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
Viscera Cleanup Detail (HKLM-x32\...\{74F9F917-CCE0-4209-BCC1-0EAC907A68C5}_is1) (Version: 1.0 - RuneStorm)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-3) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Warface (HKLM\...\Steam App 291480) (Version: - Crytek)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2410 - Broadcom Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2025992066-4083076924-3298436488-1000_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Josh\AppData\Local\Roblox\Versions\version-fe88b67aa44a44d9\RobloxProxy64.dll (ROBLOX Corporation)

==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2016-10-25 17:04 - 00000947 ____A C:\Windows\system32\Drivers\etc\hosts
162.222.194.13 cocomo.tremorhub.com
162.222.194.13 www.virustotal.com
162.222.194.13 virustotal.com


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03DBD415-22DB-4CD7-B213-C2DE248009A2} - \{A464AA88-BA75-4DE2-A262-CE6BB1F59402} -> No File <==== ATTENTION
Task: {10C27108-6476-4977-BF29-B7BB966551E7} - \GyazoUpdateTaskMachineDaily -> No File <==== ATTENTION
Task: {14ADB510-0347-41DF-9597-5CD9A1B423E4} - \Overwolf Updater Task -> No File <==== ATTENTION
Task: {1629EFAA-CA68-42C2-A9FA-D0D92418A29D} - \{854949CE-D0DC-4386-9CA9-A7B04A9D1FF5} -> No File <==== ATTENTION
Task: {2906F17B-C3E3-4B03-8DAA-DA1671275D6C} - \Adobe Flash Player PPAPI Notifier -> No File <==== ATTENTION
Task: {43AB8962-43DA-432C-A4E4-FE76D274BC35} - \DriverToolkit Autorun -> No File <==== ATTENTION
Task: {805EA7FF-D61C-4884-95AE-D7DA7CC556FA} - \AMD Updater -> No File <==== ATTENTION
Task: {8F27F744-EF4A-43F0-B915-1D8D44201FC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-25] (Google Inc.)
Task: {918AFD42-81CE-459B-AAF6-DB8B86B6C42A} - \GyazoUpdateTaskMachine -> No File <==== ATTENTION
Task: {954302D3-78C4-4831-AE22-4D9F1FF548AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-25] (Adobe Systems Incorporated)
Task: {ACB2F35F-F054-411A-9A34-0B7D1B81BC54} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-09-12] (Microsoft Corporation)
Task: {C3F15C6B-9041-4C25-A34F-87E59F672D61} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-25] (Google Inc.)
Task: {DCA8A377-3907-4C9A-A4B6-92AB56591E01} - \{4ADFB7BF-6FCD-4D30-8CE8-A3A0DA0029E5} -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_185_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\hola.org -> hxxp://hola.org


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent
MSCONFIG\startupreg: PlaysTV => "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Josh\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Josh\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCN => "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1D28D350-8EF1-40DF-8E1F-4FC9BCB84586}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AD54B835-BCB1-4B45-824E-533EC8B4C8E2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DFC0CBDC-AF6F-483C-967C-832275BF8F0B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7663C458-BED0-4531-B7EA-49F89121AF7C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A722C28B-A845-47BD-8678-013A96928C62}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F177DC6E-3B22-4AF2-84B4-BA6F8DEE4E59}] => (Allow) C:\Users\Josh\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{39F1D437-479C-49B0-AEA9-9F015E39E1AA}] => (Allow) C:\Users\Josh\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{58F60C77-742F-4D06-A56C-B282B14FBA12}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{93A5610A-C8CB-4F05-985B-490A02A135FB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{61D79227-C89C-459B-A853-A592FD7F8C9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{F2F0B009-9EC2-4C12-8ED3-AA2A8D815DB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{7E152A5B-CD88-4336-9AE7-113546AC6A81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{B328C0EF-8329-4D2B-A569-A1FA2FE470F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{BB56142F-1D71-40E9-AA55-B26AAFC14DBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{62A6047B-E5B9-4461-9C42-AEBED01E9795}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{0B173DA5-5EF5-4526-938A-1719803E1EDE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{532D007C-6759-45F6-8660-0203174EC97B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1420EDE2-D163-446A-95CF-B023F29A5EC7}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{BEBB341C-390F-4A8F-83E9-9C13BB53BE22}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{1009F274-5025-47C9-8A8E-322D70C34CB1}] => (Allow) D:\SteamLibrary\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{BDE27B36-1ECC-4894-A533-7A0F46EB4E29}] => (Allow) D:\SteamLibrary\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{B723B867-3288-4171-BACC-43267EB6B9A9}] => (Allow) D:\SteamLibrary\steamapps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{90296DFD-AA0E-49C8-A29C-60BDBF1BCC35}] => (Allow) D:\SteamLibrary\steamapps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{DDF5A633-1A90-4AC2-A3F9-8D08CAF2F32A}] => (Allow) D:\SteamLibrary\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{AC7752DB-13EB-4685-A8BF-83205DA132D2}] => (Allow) D:\SteamLibrary\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{10EF233D-7CFE-455D-85F9-B93F5F77C1E7}] => (Allow) D:\SteamLibrary\steamapps\common\POSTAL2Complete\Paradise Lost\System\ParadiseLost.exe
FirewallRules: [{73E35EF7-0966-4756-B927-63C012E35173}] => (Allow) D:\SteamLibrary\steamapps\common\POSTAL2Complete\Paradise Lost\System\ParadiseLost.exe
FirewallRules: [{9EA09424-B5ED-4AA3-9D98-A8C3CA3D1C8B}] => (Allow) D:\SteamLibrary\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{6816DC77-D296-4DC8-A5F6-96B7FF9EAC3E}] => (Allow) D:\SteamLibrary\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [TCP Query User{337598E4-F09E-4E21-ACD5-1A1F207063AB}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{18553D28-0422-4E7E-8A0F-6060136CA585}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{9AB9C583-CC22-454C-9BDA-73F1BA43B3EF}] => (Allow) D:\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{BB361F8C-2C7B-46DF-A788-930EC8CEDC63}] => (Allow) D:\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{059636C9-D3A7-4A82-9416-2AE3B6F1E269}] => (Allow) D:\SteamLibrary\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{63430D40-C555-470E-8780-52BB23748D5A}] => (Allow) D:\SteamLibrary\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [TCP Query User{ECA693F9-0933-452E-B522-DBAB899A8E77}D:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{155E8ACA-29FA-4329-BDE4-F705602B58BD}D:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{8AB01D2A-75A7-4818-92F6-9B00B3CD923D}] => (Allow) D:\SteamLibrary\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{538E379A-6863-4E83-B409-E81D090C9FB6}] => (Allow) D:\SteamLibrary\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{EAC77BC4-A25B-4213-B3BE-D8CB218E9583}] => (Allow) D:\SteamLibrary\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{4196F7B9-E223-48DF-8C14-88927CF51712}] => (Allow) D:\SteamLibrary\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{B924D347-758D-4E47-ACB7-5F8CDE6A999C}] => (Allow) D:\SteamLibrary\steamapps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{CEC1A11A-158A-4463-8932-81051F38BEE3}] => (Allow) D:\SteamLibrary\steamapps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{A4B772F2-DA3F-428F-92C2-97160E0C5C4B}] => (Allow) D:\SteamLibrary\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{6DCE86DB-6596-40BB-8587-E4EE7074709D}] => (Allow) D:\SteamLibrary\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{0B0F5D4B-5569-4606-9EDD-30586D3634FB}] => (Allow) D:\SteamLibrary\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{2FBB09BB-8FE7-4760-AEA9-729E8279559A}] => (Allow) D:\SteamLibrary\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{DECD34BB-0251-4C9B-A408-C7A3CB9E9A88}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{EE4A7F37-F53D-4227-9C4F-7051FEC07C5C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4C08A739-83AE-48EF-854D-A205AD63F395}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{A8C02208-C966-464F-A718-862C690912EE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{FC06461F-CE78-4BE6-B007-AC5B762CDF59}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{28BEF6DC-CDEF-4EB1-A5B1-E1164197E97E}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B5062261-22FD-463C-9A2E-04540276B2E7}] => (Allow) D:\SteamLibrary\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{7E90ED44-219A-4EEB-BC6B-FD6DC3C79A8B}] => (Allow) D:\SteamLibrary\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [TCP Query User{67ECAAC4-8E3B-4D18-B267-A417CC661280}D:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [UDP Query User{3564139E-3CF9-4057-BC3D-06A1C2FD324D}D:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{2D2BA1CD-2ACB-492D-81FD-02A3982988F8}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{CC1B31C9-D93C-45C1-B131-16245D3BB99D}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{E9BE1ACC-1459-41AC-AE73-DE70C9C5730E}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{4F313988-7646-42BE-85D5-B11FD52D81EB}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{50A67B55-B804-43CA-9812-A37E6FC345FA}] => (Allow) D:\SteamLibrary\steamapps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{CE9DFF27-565A-4124-AFD6-1F43F4C7116B}] => (Allow) D:\SteamLibrary\steamapps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{674C539D-CD41-4704-9350-2CE340B47777}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F6BFBDC7-E3AD-4CC4-8675-74CC895E7091}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BAAB169C-5672-4741-9219-BE36E4D38CAD}] => (Allow) D:\SteamLibrary\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{87504D17-EE36-4154-ABD2-ECC3CE8F7B63}] => (Allow) D:\SteamLibrary\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{5B25CFCC-4B8D-4346-8EF6-F48D483EF724}] => (Allow) D:\SteamLibrary\steamapps\common\The Ball\Binaries\Win32\TheBall.exe
FirewallRules: [{0D2C0C79-D1F4-4ACB-8A27-34C34CD5E33C}] => (Allow) D:\SteamLibrary\steamapps\common\The Ball\Binaries\Win32\TheBall.exe
FirewallRules: [{F0660503-D3D1-4EEC-8E66-290F4E991120}] => (Allow) D:\SteamLibrary\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{64F967FA-2B41-46EE-A704-BF246AF21EB3}] => (Allow) D:\SteamLibrary\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{CD267499-999D-463C-A0C6-56005D942265}] => (Allow) D:\SteamLibrary\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{94E3FEBA-9066-4757-A18C-3F44A159CF55}] => (Allow) D:\SteamLibrary\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{B48C16E0-36F5-4E58-921E-8B6B905F7138}] => (Allow) D:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{596E97BB-8212-4E2B-B126-2A9C1A698629}] => (Allow) D:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{799D1C12-6A8E-48A6-BA56-167E1CECB8B2}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{1E5F4A43-A5AC-4B95-A252-EAAF562BA4DE}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{ADD65930-D525-419B-BC95-FA8AA4A5D373}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{ADD71C93-FCDE-4A76-A6B9-4511FF755E2C}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7B0D21A0-A874-4EAC-847B-1F214D5A4CAC}] => (Allow) D:\SteamLibrary\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{806D053D-ED7D-491A-A9CA-4D16978138EF}] => (Allow) D:\SteamLibrary\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{13DEC7DC-C673-417F-ADA0-DF494C33F598}] => (Allow) D:\SteamLibrary\steamapps\common\Risen 3\system\Risen3.exe
FirewallRules: [{5C94940A-B0E7-42E3-A6C7-DBB8C3A19D2E}] => (Allow) D:\SteamLibrary\steamapps\common\Risen 3\system\Risen3.exe
FirewallRules: [TCP Query User{837DF35B-C3BC-4357-9B36-BEF4DE729289}D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{B8DD264A-61E0-44D2-BDFD-016396E6FE17}D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{126C9C23-A509-4F48-BB95-120C6F645772}] => (Allow) D:\SteamLibrary\steamapps\common\Typing of the Dead Overkill\HOTD_NG.exe
FirewallRules: [{D14DBA6F-E616-4BE0-A352-995AD37955F5}] => (Allow) D:\SteamLibrary\steamapps\common\Typing of the Dead Overkill\HOTD_NG.exe
FirewallRules: [{3F8CAC4F-269B-45BE-A671-654C07D7DD21}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{ACB1BD40-1B02-40E7-8CA6-D95A4860E95E}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{7749E607-F3D6-43BC-B86A-59AAB2A91AB1}] => (Allow) D:\SteamLibrary\steamapps\common\Contrast\Binaries\Win32\ContrastGame.exe
FirewallRules: [{309ABCAB-5B0E-479B-9707-3B332C1B571E}] => (Allow) D:\SteamLibrary\steamapps\common\Contrast\Binaries\Win32\ContrastGame.exe
FirewallRules: [{E156521A-4C71-4F42-B694-A0E88A898D9B}] => (Allow) D:\SteamLibrary\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{421CF563-E4C5-4CD4-BD55-39949DD55E4F}] => (Allow) D:\SteamLibrary\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{8A401E4A-05E0-4DCA-BD0B-D31F1D971D44}] => (Allow) D:\SteamLibrary\steamapps\common\The Ship\ship.exe
FirewallRules: [{1CBF705E-0080-4978-BB4A-74A1BAC78440}] => (Allow) D:\SteamLibrary\steamapps\common\The Ship\ship.exe
FirewallRules: [{6B37E281-C764-4861-8A9E-539EB27A4FF4}] => (Allow) D:\SteamLibrary\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe
FirewallRules: [{FE32ED6C-24DA-4DEC-AC8B-9F2940DA5371}] => (Allow) D:\SteamLibrary\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe
FirewallRules: [{F20F47EA-3AC5-4D18-AB61-74A0CCD32163}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [{BB913B6E-0AA4-40DC-AD3C-0C61B4F8945D}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [{E885AE1D-61F3-41BF-8B43-631EDF07FAC9}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{F73027B0-F608-4CE6-899B-7CC1AD1CA8E5}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{EBDD069F-324D-46CD-8474-BC0A194DE90C}D:\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{85C91575-53AD-40D4-A083-3E0AE6D8A5B3}D:\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [{7740551E-9B39-43CA-BBAA-26F997CBC834}] => (Block) D:\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [{302F53B1-A400-4659-8296-108EF4F8611B}] => (Block) D:\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{0BB54FE8-EF9F-4DA7-8479-C8E2BF026627}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{5DD9C1A9-739B-449E-9D57-D23B1800E5D6}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{D3812AA0-1BCD-4470-91AC-C107AB0D0A57}] => (Block) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{C08C0F8E-19B6-4CAB-A872-969EC50D38F8}] => (Block) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{53779D55-2327-4580-A163-99202C637F65}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8972D108-8122-496E-BB31-BBADEB3F4E5D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A9C21268-A251-4674-AC7E-A910E8145876}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{734E088F-B978-47E6-BBAE-902DD5941649}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{821864F2-331F-4E4D-B223-7850BB47F450}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9D79289A-82C0-4702-8991-40C8B9D4D205}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{511AD410-03CF-47D3-B70D-7DEF5E0B2369}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{1D522C4A-808B-4135-BEAD-1769DEC9FE02}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{EED2B976-9E10-482F-AF6B-923F95FC96EA}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{57B64D21-B8E3-4F66-AB91-F57EBBF79829}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{E53BE730-4CD4-4EFC-857F-0B5E69D9CDE9}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{76EC814D-367B-4DE6-AB3A-4EF00A15338F}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{54E65402-5521-402D-A0DE-22FD0A62D98A}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{14FDD2D1-AB57-4470-AA2A-0E328A0E8196}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{E55F753B-01BA-4E97-8399-872D1137883C}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{6EDC78D3-ACB6-48C8-BB75-92D45B89F4B2}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{080C7050-9B35-4020-B0B7-5849068D6BD2}] => (Block) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{DE36E821-B095-4E8C-881E-20F6EF5A603C}] => (Block) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{C25C739C-49BB-4AA7-9B16-F9892A7035D7}D:\battlefield hardline\bfh.exe] => (Allow) D:\battlefield hardline\bfh.exe
FirewallRules: [UDP Query User{CAA42C57-EB9A-4C61-9859-1264B7673E7E}D:\battlefield hardline\bfh.exe] => (Allow) D:\battlefield hardline\bfh.exe
FirewallRules: [{8160392B-260C-464F-A7F9-DA5D10166B5E}] => (Block) D:\battlefield hardline\bfh.exe
FirewallRules: [{1CE44152-E065-4234-B703-F19C0A6571C1}] => (Block) D:\battlefield hardline\bfh.exe
FirewallRules: [{5C755B86-1BEF-4D6C-9182-1F7C674D584C}] => (Allow) D:\SteamLibrary\steamapps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{6B94ADDC-7749-4F69-9CD8-D65CCEB75577}] => (Allow) D:\SteamLibrary\steamapps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{6243E5DB-48F5-4BF6-B3BA-AA91B779898D}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{901BE1A0-3708-42E6-B293-F12DC1EF0FB1}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{9E2630B5-21AD-41B6-B430-280B555A2CDD}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8672866B-E532-4ED9-BBCF-F9B789EA7D31}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C3FF9170-74FE-46E3-BEFD-420C46131CC7}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{1DC8DB34-D9D2-415D-A17C-BD4D60C30B8A}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{40B4D718-52E1-408C-8CD4-36C92887C142}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{8C05DA4E-2EE3-40F4-86F8-B56F6F5BB08A}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{7BE454A5-8DE1-4D0D-BA21-AB260E7891F4}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F2E53E5C-90AB-489C-A85C-F2F50A4BE8E1}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{8497B551-5E6B-4DD0-BEA8-7D3A92CF8416}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{30537830-2BDC-4020-983D-CEDBFBB1BBD8}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{FFE56794-D6D9-499F-8119-DB4D1C9F0449}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{019481A9-6F03-4908-B672-5E48B12D4EA6}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{6B95B3FB-4828-4186-82F5-ECE5B50F53A1}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E90863CD-DA40-4650-B2AC-731AD5B2E5A6}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [TCP Query User{3854717A-8D85-41EE-AFA6-6B1107D43FCC}D:\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [UDP Query User{0532D466-1FA5-4E38-BD1C-CB0604DB8A05}D:\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [{E07AD7AA-E0F7-4C2C-9DAC-9079E5B17E5B}] => (Block) D:\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [{38142283-4515-4B59-A9D9-F62F4AECE56D}] => (Block) D:\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [{917C35EF-6AC7-4320-801C-2AE532324393}] => (Allow) C:\Users\Josh\Desktop\DarkSouls2_v102_PLUS24_TRN-dEViATED.exe
FirewallRules: [{BB0A5497-CAC5-4616-B5B2-D4FF8320C52F}] => (Allow) C:\Users\Josh\Desktop\DarkSouls2_v102_PLUS24_TRN-dEViATED.exe
FirewallRules: [{EF59A889-1372-46CB-B85D-0DBCE469B52B}] => (Allow) C:\Users\Josh\Desktop\DarkSouls2_v102_PLUS24_TRN-dEViATED.exe
FirewallRules: [{420A48F8-F085-4E09-8DB3-D3CD6C1BCD53}] => (Allow) C:\Users\Josh\Desktop\DarkSouls2_v102_PLUS24_TRN-dEViATED.exe
FirewallRules: [{0AF3C165-5F96-467D-860F-39E6FD57FABD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5CB0A409-0CD7-4878-BF85-A377826DF581}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A366CAB1-D4DD-456E-BB30-9E86E5D7A4E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CBF097D2-6A6B-435F-8BFB-03B9ACF84AF8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0292D0DE-2F93-4556-B17D-D9D4CA35A434}D:\call of duty black ops iii\blackops3.exe] => (Block) D:\call of duty black ops iii\blackops3.exe
FirewallRules: [UDP Query User{5881DCED-DBDB-4C15-BCEE-F4BF1FDA9E6F}D:\call of duty black ops iii\blackops3.exe] => (Block) D:\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{614BA783-1F2A-4F20-88ED-5FFD2A1102DA}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{F165F367-8747-4A68-B096-463E415D80CA}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{CE0FED15-D6D3-4132-9B4B-FBA42315158B}] => (Block) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{89C9CEA1-1668-4532-ADB7-2921E3BD8813}] => (Block) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{A655C945-2269-4D05-ABF9-CDBDD6F23BAB}] => (Allow) C:\Users\Josh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6702CA55-6C33-4556-8129-A6A77998A931}] => (Allow) C:\Users\Josh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9C3BD8F2-4D2C-4C03-AF4D-91DAAAA3B5BD}] => (Allow) C:\Users\Josh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{548C5397-C860-4071-BD0D-3B6D9F27D55F}] => (Allow) C:\Users\Josh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7D164F22-9499-4C3F-BDE5-1F04878408C0}] => (Allow) C:\Users\Josh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{209CF7B6-6DCF-4CE2-8B5A-432F349189A6}] => (Allow) C:\Users\Josh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6AE51033-3D76-4C78-A60F-E49D283B3BFA}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{E562D86F-838F-4632-AEEB-40BA56AA60B0}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{5F0C0462-7C30-401D-8577-019731E9724E}] => (Allow) D:\SteamLibrary\steamapps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{CE041ADD-73F0-4404-A889-3D6368FB5ED7}] => (Allow) D:\SteamLibrary\steamapps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{49EC11B1-9447-4CB3-8587-62C96CC03FC3}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{E6D77D9E-3374-4AD7-9A85-948988AE5148}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{05C3087C-5D55-451A-AE4A-57D9A596750C}] => (Allow) D:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{C44134D9-D338-4BFE-A475-76A643A201B3}] => (Allow) D:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{5FAEAF1B-30D1-43CD-9EAB-BA9005CDCF2F}] => (Allow) D:\Viscera Cleanup Detail\SmartSteamEmu.exe
FirewallRules: [{69C8DE3B-B700-4473-82F5-66B32E93E812}] => (Allow) D:\Viscera Cleanup Detail\SmartSteamEmu.exe
FirewallRules: [TCP Query User{BD874F71-C1ED-476B-A8C5-C29F667F43FE}D:\viscera cleanup detail\binaries\win32\udk.exe] => (Allow) D:\viscera cleanup detail\binaries\win32\udk.exe
FirewallRules: [UDP Query User{09EB5DD9-579D-4527-B834-3BCA92628E54}D:\viscera cleanup detail\binaries\win32\udk.exe] => (Allow) D:\viscera cleanup detail\binaries\win32\udk.exe
FirewallRules: [{058AF5A5-3938-4C87-AFF3-B3826FE2E6F6}] => (Block) D:\viscera cleanup detail\binaries\win32\udk.exe
FirewallRules: [{E16CF078-9ADC-4286-A1D0-ACCD12641E10}] => (Block) D:\viscera cleanup detail\binaries\win32\udk.exe
FirewallRules: [{B1C16ABD-4985-4DAA-A9D1-90DDF72E716A}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{BF94F4E8-AEC6-4E9E-9545-63666E371F7F}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{B3422C07-F172-4A33-92A1-6917C24D8650}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{104BB1F4-6201-4167-8CCA-F4B14A95C6EF}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{F42A2315-141F-4582-9CB0-B47C8F818A89}] => (Allow) D:\SteamLibrary\steamapps\common\Red Orchestra\System\RedOrchestraLargeAddressAware.exe
FirewallRules: [{2391FEB8-47CE-4293-BE1B-72EC62D5CB12}] => (Allow) D:\SteamLibrary\steamapps\common\Red Orchestra\System\RedOrchestraLargeAddressAware.exe
FirewallRules: [{9A4BC87E-AEA7-4749-B1C9-F86A936FAB30}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{92D27DAD-B452-4C65-AC2A-C0A8F5715EA3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{33B35681-44A7-4E14-A678-6B51B53578E8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5A8F674E-569B-4077-B5E4-EE2E9DD93DD3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7A299E7A-577A-463C-9BC5-FC7DC247EC22}] => (Allow) D:\SteamLibrary\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{E354715E-6C73-4885-98C4-BF6BD342CD46}] => (Allow) D:\SteamLibrary\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [TCP Query User{AB733B2D-252E-41A6-9CF2-9C829FEFCF07}D:\the long dark\tld.exe] => (Allow) D:\the long dark\tld.exe
FirewallRules: [UDP Query User{E5B9CF27-40D9-4CBC-A790-F9F883A982E6}D:\the long dark\tld.exe] => (Allow) D:\the long dark\tld.exe
FirewallRules: [TCP Query User{A978D2CF-8E07-4E97-B4ED-3B03A5DB7AFA}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{1E8A99F9-C18F-4BD8-9CD3-CDABB96140E5}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{408A42F8-8F7D-4DC7-8A40-7B99B04CB29D}D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{95871DD2-CFEC-475E-A85E-FE12140F444C}D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [TCP Query User{4FC5BFC7-DB7A-4E39-9A66-2DE2676B3C01}C:\program files\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\java.exe
FirewallRules: [UDP Query User{8EF3DB40-524A-4631-8587-60824ADBE464}C:\program files\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\java.exe
FirewallRules: [TCP Query User{C322C3B0-4F82-437E-BFC3-72632AE2D1F7}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{F295E1C2-81E3-4A7E-8D35-A77A4685E30D}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [{47FD5047-9365-44A9-B2F9-CCFD12636892}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{D6744B12-0647-4920-95C8-6197444F47A1}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{C18C8804-69AE-4789-844C-70F8A21F4657}D:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [UDP Query User{F3B05078-6EC7-42B9-8884-CCE5C7EA1B82}D:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [TCP Query User{7A18253F-B094-490A-A912-6D8AB058A17C}D:\firewatch\firewatch\firewatch.exe] => (Allow) D:\firewatch\firewatch\firewatch.exe
FirewallRules: [UDP Query User{1740214E-67A7-4464-B858-72F76432BF3D}D:\firewatch\firewatch\firewatch.exe] => (Allow) D:\firewatch\firewatch\firewatch.exe
FirewallRules: [TCP Query User{064B6FA2-2A10-43E1-9102-138E0F63D4D7}D:\ben.and.ed\ben.and.ed\benanded\binaries\win64\benanded.exe] => (Allow) D:\ben.and.ed\ben.and.ed\benanded\binaries\win64\benanded.exe
FirewallRules: [UDP Query User{4314CE95-1F08-4701-9A66-D5F4CBDAD5D1}D:\ben.and.ed\ben.and.ed\benanded\binaries\win64\benanded.exe] => (Allow) D:\ben.and.ed\ben.and.ed\benanded\binaries\win64\benanded.exe
FirewallRules: [TCP Query User{ED4B16B3-EC6E-4E34-A740-6ED621A92F10}D:\murdered - soul suspect\binaries\win64\murdered.exe] => (Allow) D:\murdered - soul suspect\binaries\win64\murdered.exe
FirewallRules: [UDP Query User{04F32246-EB75-4EBB-A8B9-A4EB211246E9}D:\murdered - soul suspect\binaries\win64\murdered.exe] => (Allow) D:\murdered - soul suspect\binaries\win64\murdered.exe
FirewallRules: [TCP Query User{BE3717AA-25DB-48EA-972A-B544D1090319}D:\a story about my uncle\binaries\win32\asamu-win32-shipping.exe] => (Allow) D:\a story about my uncle\binaries\win32\asamu-win32-shipping.exe
FirewallRules: [UDP Query User{C9085B4B-8F2A-4D24-9964-BA4766CCD07A}D:\a story about my uncle\binaries\win32\asamu-win32-shipping.exe] => (Allow) D:\a story about my uncle\binaries\win32\asamu-win32-shipping.exe
FirewallRules: [{7B2A49DD-6484-4653-9582-9F2574D544E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Dedicated Server\JcmpServer.exe
FirewallRules: [{00D0E340-F18C-4847-B415-0BD13129C1ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Dedicated Server\JcmpServer.exe
FirewallRules: [{A163496C-E634-47F8-BE74-240780B9B2F6}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{C76985F6-247F-42B6-B980-31581FEFC038}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{45C4A5F2-66AD-4DD8-9BBE-260844FEDF66}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{A282BB40-3440-448D-8216-8E5C3B971787}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [TCP Query User{B46D7F4F-EAAE-4BC7-93DF-6AC58E9CEAAE}D:\igg-enter.the.gungeon\igg-enter.the.gungeon\etg.exe] => (Allow) D:\igg-enter.the.gungeon\igg-enter.the.gungeon\etg.exe
FirewallRules: [UDP Query User{94EA8A22-769A-43A2-8457-81211973BE0B}D:\igg-enter.the.gungeon\igg-enter.the.gungeon\etg.exe] => (Allow) D:\igg-enter.the.gungeon\igg-enter.the.gungeon\etg.exe
FirewallRules: [TCP Query User{739039D2-796E-4123-9C0B-F54C28D9BCFE}D:\igg-theculliing\igg-theculliing\victory\binaries\win64\victory.exe] => (Allow) D:\igg-theculliing\igg-theculliing\victory\binaries\win64\victory.exe
FirewallRules: [UDP Query User{A5FB3F2C-F9B6-43CB-89B4-E48E6E333E53}D:\igg-theculliing\igg-theculliing\victory\binaries\win64\victory.exe] => (Allow) D:\igg-theculliing\igg-theculliing\victory\binaries\win64\victory.exe
FirewallRules: [TCP Query User{0BE5C3A8-D567-490B-89D6-94E57A36C90D}D:\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{06C23672-3397-418F-88A5-C0D3D41E3805}D:\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{76618D3E-AF84-4923-9776-181556F9EDE1}D:\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1B9D2F48-4FA0-4EDB-A533-4A69665CD85B}D:\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
FirewallRules: [{25B50ED8-196D-45D7-93D3-96C7E55FC1E6}] => (Allow) D:\SteamLibrary\steamapps\common\Battleborn Open Beta\Binaries\Win64\Battleborn.exe
FirewallRules: [{D2B24C5C-A054-444D-AB83-7FED6621506A}] => (Allow) D:\SteamLibrary\steamapps\common\Battleborn Open Beta\Binaries\Win64\Battleborn.exe
FirewallRules: [TCP Query User{DD14C23B-C607-42C7-9C1D-C4102BBD150A}D:\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{93D68294-0B43-4EED-B97A-A34B6B8E4B89}D:\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A5FC538D-B116-4757-8433-F49150C1C593}D:\max payne 3\maxpayne3.exe] => (Allow) D:\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{83E09492-299C-41B5-9D29-37292AC1722B}D:\max payne 3\maxpayne3.exe] => (Allow) D:\max payne 3\maxpayne3.exe
FirewallRules: [TCP Query User{0FD81D97-F2CF-4CD7-96D8-001F98774242}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{49A9E32C-21B8-454B-85B0-8E941D19E809}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [TCP Query User{C8A26927-0BE0-46F4-B4F1-D496AE23228F}C:\users\josh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josh\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{093D70DC-642C-42FE-82DC-884F44916B27}C:\users\josh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josh\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{04BC52CA-4D61-4A7D-AFE0-89FAA0B983DE}D:\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C6587118-FF5B-49EB-BD4E-4A08030FF124}D:\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{1A91EF3C-FDB8-410D-8EBD-20E193A91E39}D:\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base42253\sc2_x64.exe
FirewallRules: [UDP Query User{79D21FB9-839F-47A7-A6BE-AF3060466FD5}D:\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base42253\sc2_x64.exe
FirewallRules: [TCP Query User{27BDB293-0619-450D-A70D-AF557C637A62}D:\goliath\goliath.exe] => (Allow) D:\goliath\goliath.exe
FirewallRules: [UDP Query User{6B4945A8-BA8D-4793-95A0-9FF220BF7859}D:\goliath\goliath.exe] => (Allow) D:\goliath\goliath.exe
FirewallRules: [{56FF1D66-4444-491A-98C4-C09B6D28A81A}] => (Allow) D:\Winamp\winamp.exe
FirewallRules: [{7AEC331E-4608-4B1D-B593-7243054E8F93}] => (Allow) D:\Winamp\winamp.exe
FirewallRules: [TCP Query User{3C3D57C7-2BC9-4247-8FE0-312E6CE5E479}D:\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F737181B-293F-453D-97BD-A29E47F8E930}D:\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{1EF998EF-9481-43E8-A137-1801FE3A9710}D:\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [UDP Query User{FBAEE11D-6CE4-4831-9D17-E2697F420D22}D:\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [{ADC669C1-7CC0-42CF-B6C2-93AB440ECB49}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{F75ACBD1-53A0-4B62-80CB-4DFD7664787C}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [TCP Query User{D38AE8A0-071A-4D1B-92DD-9DDDF346684F}D:\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5C084FD6-A65E-4E8E-861B-2D42B4920BAA}D:\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{23E58D0A-47CD-41A0-9FC0-754719E79BC2}D:\lichdom battlemage\bin32\lichdombattlemage.exe] => (Allow) D:\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [UDP Query User{EB8106EB-70C3-463C-B435-7C87306DB250}D:\lichdom battlemage\bin32\lichdombattlemage.exe] => (Allow) D:\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [{6EACBF99-FC31-4956-AE9D-A30FA66FB8D3}] => (Allow) D:\Mr DJ\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{BC08176A-153E-47E0-BCBC-4D882495938C}] => (Allow) D:\Mr DJ\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{85F0A86D-F712-4216-81AA-63411A926078}] => (Allow) D:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{0085DDD0-6339-4C0B-BE5C-0F2C47CBFACB}] => (Allow) D:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{4CB28B38-E885-4C75-8C3E-06E0A8104338}] => (Allow) D:\SteamLibrary\steamapps\common\OPPW3\oppw3.exe
FirewallRules: [{368696F6-9A3E-4951-9728-710F33CBFE0B}] => (Allow) D:\SteamLibrary\steamapps\common\OPPW3\oppw3.exe
FirewallRules: [{C585AAAB-BC00-478F-9388-1F5ACE8825FF}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{EB7008EB-9D5B-471D-A2EC-B1E12D31DE7A}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{4256A6B3-D04E-4937-BEF3-DD378E761544}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5416B8EB-D05A-4CF3-9052-B203CBD58FAA}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{6FE23E9D-0616-418C-B62E-F8E46F99B5F4}] => (Allow) D:\SteamLibrary\steamapps\common\Please, Don’t Touch Anything\DontTouchAnything.exe
FirewallRules: [{BA47FCFC-DFAC-4224-A75E-0FDE656553FC}] => (Allow) D:\SteamLibrary\steamapps\common\Please, Don’t Touch Anything\DontTouchAnything.exe
FirewallRules: [{77BDA379-BDEC-4DD3-AF03-62DA73E635EF}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{F09F51FB-1E35-4B5C-A3ED-B515FE084B97}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{4F5EC122-14F5-449B-BD70-776CC883E72E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{EE031387-9A99-41EF-972F-14184A90610F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{E67EDBD6-43E0-4565-AC79-D42868E3BFD1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{418B30F0-E981-49BC-A47F-E8C29A7DFF7D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{4F68FB42-67B7-4098-AF21-1ED2761057E6}] => (Allow) D:\SteamLibrary\steamapps\common\Overlord II\Overlord2.exe
FirewallRules: [{54C6AB11-8621-4FDE-B72E-129D3E2D0A29}] => (Allow) D:\SteamLibrary\steamapps\common\Overlord II\Overlord2.exe
FirewallRules: [{E3AF5944-D067-4A7F-B8D4-A243B74FFFD8}] => (Allow) D:\SteamLibrary\steamapps\common\Overlord II\Config.exe
FirewallRules: [{E16B723D-DCCB-429C-B84F-618F87AAED21}] => (Allow) D:\SteamLibrary\steamapps\common\Overlord II\Config.exe
FirewallRules: [{34A9BEEC-BE02-45B8-8E0D-473C5A05E439}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{8D474876-8295-460B-8644-0E209D3A7F72}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{3720CE11-C621-47FF-BA9B-F93966F86B77}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{BF41E736-C3BF-46B7-B178-B38F7D200762}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{FFAEAE76-6809-49AC-B998-B17C4E2596B2}] => (Allow) D:\SteamLibrary\steamapps\common\Warface\live\nw.exe
FirewallRules: [{3CA9FA26-F1DC-4A64-8425-2FEC8E7D03BF}] => (Allow) D:\SteamLibrary\steamapps\common\Warface\live\nw.exe
FirewallRules: [{737B9D00-A874-417D-A115-ADBAEDEFF34F}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{84AB5F63-EB73-40E2-BF7C-ACF165156E29}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{3839C5AA-74FD-4D96-A482-AC1F852239AF}D:\we happy few\glimpsegame\binaries\win64\glimpsegame.exe] => (Allow) D:\we happy few\glimpsegame\binaries\win64\glimpsegame.exe
FirewallRules: [UDP Query User{9ABAAEF2-151B-47DA-BFFD-F8D3C379B663}D:\we happy few\glimpsegame\binaries\win64\glimpsegame.exe] => (Allow) D:\we happy few\glimpsegame\binaries\win64\glimpsegame.exe
FirewallRules: [{D1EC01BB-39F1-4B75-AEF0-71C09269675B}] => (Allow) D:\Cheat Engine 6.5\ceregreset.exe
FirewallRules: [{7C5B07F4-2186-4BF8-94BA-770F3A112AD2}] => (Allow) D:\Cheat Engine 6.5\ceregreset.exe
FirewallRules: [{6F80E323-2093-41D1-8EFF-ADB34E78294F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
FirewallRules: [{A0991C8C-1592-4F77-95BB-3D858CA97A97}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
FirewallRules: [{FF3FAC0B-8FD8-4792-AAF2-D15A717A5659}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
FirewallRules: [{DBBF3CAD-E747-4A0D-906C-C25C21136851}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
FirewallRules: [{37A31A8F-0832-4929-9CE2-E6E39EF1D3D4}] => (Allow) D:\60 Seconds\60 Seconds\60Seconds.exe
FirewallRules: [{B28C1A3D-7DAB-472E-ABEC-41DF205CBD4C}] => (Allow) D:\60 Seconds\60 Seconds\60Seconds.exe
FirewallRules: [{6644F379-942B-4A0D-BACE-D840FA5E6D6D}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{B19774AB-DD84-48AB-971E-F68E6AA1116B}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{F0A4EB4F-ECC7-4C7D-A06F-203EECDDAF7C}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{749838AC-207B-49FD-8F24-AF71B0F3D9FF}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [TCP Query User{023B3EFA-4E8A-49EB-8015-C3A09EF9173E}D:\overwatch test\overwatch.exe] => (Allow) D:\overwatch test\overwatch.exe
FirewallRules: [UDP Query User{AF5429F1-0FC3-478B-9B59-6830FE78E675}D:\overwatch test\overwatch.exe] => (Allow) D:\overwatch test\overwatch.exe
FirewallRules: [TCP Query User{8944C92E-9D8F-44CA-B4DA-428CB1BF2BDE}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{73353DAD-E166-425F-9957-C71824A4A9A1}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [{C4A29474-381D-4201-93BB-3A0F611E10D5}] => (Allow) D:\SteamLibrary\steamapps\common\Synergy\synergy.exe
FirewallRules: [{6FFF8E2B-E8B2-47AD-B48F-5EF18ACD54ED}] => (Allow) D:\SteamLibrary\steamapps\common\Synergy\synergy.exe
FirewallRules: [{C1FAC601-A689-4104-9457-7BDF0EF19853}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{10243A7B-824E-4301-8DB0-88BD01612353}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{80291048-67F2-4CAE-990E-644D0A3A3393}] => (Allow) D:\SteamLibrary\steamapps\common\KHOLAT\Kholat.exe
FirewallRules: [{B911C943-12F7-43B6-A01C-B8E3F5947527}] => (Allow) D:\SteamLibrary\steamapps\common\KHOLAT\Kholat.exe
FirewallRules: [TCP Query User{CF964306-F033-4CD0-9F25-CFE6A4A7B5DE}D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe
FirewallRules: [UDP Query User{626AAEB5-AD5E-424D-B6A1-1E1F7346F73D}D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe
FirewallRules: [{69CD49BF-9790-4236-8BD8-63701DC92026}] => (Allow) D:\SteamLibrary\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{00BC867A-6958-43CC-8FC1-DB59BA233287}] => (Allow) D:\SteamLibrary\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{3E4B1797-7850-4526-926F-9B91FA9B9F31}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{D707E602-77FA-4901-A16D-33951B0436FC}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{CF255A51-790B-4195-B93F-70C6B2D4A81B}] => (Allow) D:\SteamLibrary\steamapps\common\Caster\caster.exe
FirewallRules: [{9AAE085E-97D9-4A9F-9986-CCF033A6F298}] => (Allow) D:\SteamLibrary\steamapps\common\Caster\caster.exe
FirewallRules: [{5984144A-56DC-49C3-B997-5F496BBA87D6}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{97D9FED9-12A8-47C5-843E-2527BA1C18FB}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{8F5599A6-4B5E-478A-9CB8-A1EBA42AB038}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{2AB1595A-0D52-45B4-A381-64A66ADC12AE}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{A7C8C186-97E2-4D14-B487-0B24F29678C4}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{C7DAE871-E4AA-437B-8E07-0E914644BECE}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B468B309-7EAD-4F14-9414-4E77F566E311}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{5BACC4C7-2BA9-4E14-AFCD-BB55AACC8A1F}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{3CB9E7B6-F087-4D90-9333-4FD1C5BD3765}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{D8FF51DD-6638-4FD0-A229-4D0EB2E5BAA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{AF6AED9D-B81B-47A6-A936-1D5A84DF860D}] => (Allow) D:\SteamLibrary\steamapps\common\Sven Co-op\svends.exe
FirewallRules: [{3C6F3EAD-B48C-4D68-BD69-98172295C1C0}] => (Allow) D:\SteamLibrary\steamapps\common\Sven Co-op\svends.exe
FirewallRules: [{D20FA8CA-58EB-47A2-B283-1590AE42C51D}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{777BBAB5-AD0E-4CC0-930E-189AF9A2C33F}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{7AB04AFB-CD2F-49A1-98CE-096C7B019BF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Munchs Oddysee\bin\Launcher.exe
FirewallRules: [{E5A0C216-F735-41F6-979C-2255FFBDDF6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Munchs Oddysee\bin\Launcher.exe
FirewallRules: [{762A6A0D-B633-41E5-B172-E7C7C4AAA02C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MurderMiners\Murder Miners.exe
FirewallRules: [{CAAFC78A-F4D8-4070-8546-254112D24D81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MurderMiners\Murder Miners.exe
FirewallRules: [{ADCB03AB-FEA6-4E65-93D2-6A9116DC01EC}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil 6\BH6.exe
FirewallRules: [{A9EB3580-7A1C-420B-9740-3652342CF476}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil 6\BH6.exe
FirewallRules: [TCP Query User{63444E32-864E-4702-977C-D49D2D0B07BD}D:\doom game\doomx64.exe] => (Allow) D:\doom game\doomx64.exe
FirewallRules: [UDP Query User{8D8F646A-34BC-439E-8AA8-5E5736C341BA}D:\doom game\doomx64.exe] => (Allow) D:\doom game\doomx64.exe
FirewallRules: [{AAD70C5C-88D2-431D-8815-3C35152D0359}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [{30B5E122-94ED-41CB-9A80-7B6F656A9DD6}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [{AAA143C8-0952-4A28-9CCB-76E3C444C9C8}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{21AFD90B-590A-4C2F-950F-4FA87D0C0F4E}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{E2FE6351-BE99-407C-B9A3-2C46C22EA353}] => (Allow) D:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{2AB997EE-C90C-4482-85DB-93A319B1EEC5}] => (Allow) D:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C3CD4EF9-D2DE-4D9A-921A-0F16AD0E7BF1}] => (Allow) D:\SteamLibrary\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{10D2E8DF-28CC-4B90-9F24-A8CDE508C1CF}] => (Allow) D:\SteamLibrary\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{F21AFF96-945D-496F-B182-8D4193F1D9A5}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{24A5348B-BB96-4D5D-9217-DA6D027E6234}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{518B9D90-9D36-4596-88B1-8940F896937B}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A9B6BA9B-E75D-43C6-87C4-589ECB8FBCD0}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{627B4E9E-2F7B-4788-A448-18961F86CD30}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{D9C851C2-5D09-4DF4-9C4E-B0395CED11C5}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{51823F75-0C5D-4FC3-A14F-03BC209EE208}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F3E2E59A-04F4-4D60-9BA5-EFC9A256AACA}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{F8A1D592-B7FF-46D1-9823-E744F592CCCB}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{C41DF4C2-4903-4EE8-A90A-99E0B62C2DCC}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{E22F8E49-3258-42F0-A8D5-67B4AC3974CD}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{5F4EDA93-1564-44C4-BC8B-D6552412B18B}] => (Allow) D:\SteamLibrary\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{E52F32BF-8CB6-44B1-97F5-2E5465E882FB}] => (Allow) D:\SteamLibrary\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{3DB17E23-F617-480D-920D-D7BEF93D3844}] => (Allow) C:\Program Files (x86)\Mr DJ\Mafia II\launcher.exe
FirewallRules: [{95F1320F-3BE5-4220-9457-157A81A7CF5A}] => (Allow) C:\Program Files (x86)\Mr DJ\Mafia II\launcher.exe
FirewallRules: [{04945305-5ADF-4A5A-810A-8707245CA75C}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{D916FBD9-D3CC-4C84-AB2C-EE84032BE0AF}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{DADC1D40-69F9-417F-823D-19AC6697DF86}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶獜獹湯灥卜獹湏健攮數
FirewallRules: [{77504AE2-033A-4954-A0A8-3C270CD5D76B}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶獜獹湯灥卜獹湏健⹟硥e
FirewallRules: [{8C5DBC21-DD28-4314-A6BF-511C0A22D8E2}] => (Allow) C:\Users\Josh\AppData\Local\Temp\90DC360E-5FBE-456B-9F7A-602B8188C6F3\installer.exe
FirewallRules: [{00152E5A-0A9A-4511-A951-04E0BBD46098}] => (Allow) C:\Users\Josh\AppData\Local\59310272.exe
FirewallRules: [{DCAB84CF-DF7C-4D9D-A404-BD7F908BA9AE}] => (Allow) C:\Program Files (x86)\gowen\segel.exe
FirewallRules: [{7D3816B1-8E83-4B3F-AC8A-CC56062354B5}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{5C84E8C9-2999-4297-9E2D-70D012326FA8}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{8752C769-166D-4B2F-9F8A-C734FB0B0692}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{F78F0C4D-7663-4409-9681-A365E32999F6}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FFFE699D-8853-4CA1-91B6-58CF51D88D40}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{9EAEB285-9880-43E6-B0EA-FA323CC2E9FA}] => (Allow) D:\SteamLibrary\steamapps\common\Warface\live\nw.exe
FirewallRules: [{9CC6C577-41FF-4767-82D6-3AF3F72B3408}] => (Allow) D:\SteamLibrary\steamapps\common\Warface\live\nw.exe

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/26/2016 08:46:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/25/2016 10:33:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AlienwareOn-ScreenDisplay.exe, version: 0.32.0.8, time stamp: 0x52299700
Faulting module name: VistaLaterAPI.dll, version: 1.0.0.3, time stamp: 0x4bac8926
Exception code: 0xc0000005
Fault offset: 0x00002165
Faulting process id: 0x1290
Faulting application start time: 0xAlienwareOn-ScreenDisplay.exe0
Faulting application path: AlienwareOn-ScreenDisplay.exe1
Faulting module path: AlienwareOn-ScreenDisplay.exe2
Report Id: AlienwareOn-ScreenDisplay.exe3

Error: (10/25/2016 10:29:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/25/2016 09:02:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/25/2016 08:55:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/25/2016 08:47:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program javaw.exe version 8.0.25.18 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1558

Start Time: 01d22f2093460a38

Termination Time: 298

Application Path: D:\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

Report Id: b48d3225-9b15-11e6-b542-e0db55e7253e

Error: (10/25/2016 08:43:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SysOneP.exe, version: 12.0.0.1, time stamp: 0x580a380a
Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba
Exception code: 0x80000003
Fault offset: 0x00087bd1
Faulting process id: 0x16ac
Faulting application start time: 0xSysOneP.exe0
Faulting application path: SysOneP.exe1
Faulting module path: SysOneP.exe2
Report Id: SysOneP.exe3

Error: (10/25/2016 08:36:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SysOneP_.exe, version: 12.0.0.1, time stamp: 0x580a3886
Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba
Exception code: 0x80000003
Fault offset: 0x00087bd1
Faulting process id: 0x1600
Faulting application start time: 0xSysOneP_.exe0
Faulting application path: SysOneP_.exe1
Faulting module path: SysOneP_.exe2
Report Id: SysOneP_.exe3

Error: (10/25/2016 08:35:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SysOneP.exe, version: 12.0.0.1, time stamp: 0x580a380a
Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba
Exception code: 0x80000003
Fault offset: 0x00087bd1
Faulting process id: 0x1ae8
Faulting application start time: 0xSysOneP.exe0
Faulting application path: SysOneP.exe1
Faulting module path: SysOneP.exe2
Report Id: SysOneP.exe3

Error: (10/25/2016 08:28:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SysOneP.exe, version: 12.0.0.1, time stamp: 0x580a380a
Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba
Exception code: 0x80000003
Fault offset: 0x00087bd1
Faulting process id: 0x15fc
Faulting application start time: 0xSysOneP.exe0
Faulting application path: SysOneP.exe1
Faulting module path: SysOneP.exe2
Report Id: SysOneP.exe3


System errors:
=============
Error: (10/26/2016 10:54:11 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084Bluetooth Device Monitor{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (10/26/2016 10:53:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/26/2016 10:53:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/26/2016 10:53:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/26/2016 10:53:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/26/2016 10:53:40 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/26/2016 10:53:40 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/26/2016 10:53:40 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/26/2016 10:53:40 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/26/2016 10:53:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068


CodeIntegrity:
===================================
Date: 2016-04-26 18:48:04.060
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:48:04.013
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:48:03.330
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:48:03.283
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:47:49.472
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:47:49.417
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:47:42.462
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:47:42.397
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:47:42.266
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:47:42.215
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3740QM CPU @ 2.70GHz
Percentage of memory in use: 7%
Total physical RAM: 16334.31 MB
Available physical RAM: 15105.75 MB
Total Virtual: 32666.81 MB
Available Virtual: 31454.06 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:22.6 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:174.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2667A253)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 4B7E58B8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 

Attachments

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,389
551
Let's run a couple of tools on your machine, there are still some items that need cleaning....

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.



  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
ZHP Scan.

Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.



2. Once you have started the program, you will need to click the scanner button.



The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.



At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.
 

Joshua Bobbitt

PCHF Member
PCHF Member
Oct 26, 2016
26
3
22
I didnt have anything at C:\AdwCleaner[S1].txt, so I'll be posting AdwCleaner[S0] and [C0].


# AdwCleaner v6.030 - Logfile created 26/10/2016 at 11:11:38
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-10-25.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Josh - JOSH-PC
# Running from : C:\Users\Josh\Desktop\adwcleaner_6.030.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

Folder Found: C:\Users\Josh\AppData\Local\DriverToolkit
Folder Found: C:\Users\Josh\AppData\Local\Hola
Folder Found: C:\Users\Josh\AppData\Roaming\WTools
Folder Found: C:\Users\Josh\AppData\Roaming\AGData
Folder Found: C:\Program Files\nplus
Folder Found: C:\Program Files (x86)\DriverToolkit
Folder Found: C:\Program Files (x86)\Itibiti Soft Phone
Folder Found: C:\Program Files (x86)\AnonymizerGadget


***** [ Files ] *****

File Found: C:\END


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

Task Found: DRIVERTOOLKIT AUTORUN


***** [ Registry ] *****

Key Found: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
Key Found: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
Key Found: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
Key Found: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
Key Found: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Key Found: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Key Found: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Key Found: HKU\.DEFAULT\Software\Hola
Key Found: HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\DriverToolkit
Key Found: HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Hola
Key Found: HKU\S-1-5-18\Software\Hola
Key Found: HKCU\Software\DriverToolkit
Key Found: HKCU\Software\Hola
Key Found: [x64] HKCU\Software\DriverToolkit
Key Found: [x64] HKCU\Software\Hola
Key Found: [x64] HKLM\SOFTWARE\Hola
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\foxi69.tlscdn.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\govids.net
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\tlscdn.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.govids.net
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\foxi69.tlscdn.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\govids.net
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\tlscdn.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.govids.net
Key Found: HKCU\Software\MozillaPlugins\@hola.org/FlashPlayer
Key Found: HKCU\Software\MozillaPlugins\@hola.org/vlc


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found: [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
Chrome pref Found: [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
Chrome pref Found: [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Web data] - mysearch.avg.com
Chrome pref Found: [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Web data] - www-searching.com
Chrome pref Found: [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www-searching.com/?pid=s&s=G4Qzftpbl0cshmoBN,7f10bc9c-0776-4b48-9f8d-9c830b8934cd,&vp=ch&prd=set_ch
Chrome pref Found: [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www-searching.com/?pid=s&s=G4Qzftpbl0cshmoBN,7f10bc9c-0776-4b48-9f8d-9c830b8934cd,&vp=ch&prd=set_ch

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [4325 Bytes] - [26/10/2016 11:11:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4398 Bytes] ##########

# AdwCleaner v6.030 - Logfile created 26/10/2016 at 11:12:06
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-10-25.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Josh - JOSH-PC
# Running from : C:\Users\Josh\Desktop\adwcleaner_6.030.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****

[-] Folder deleted: C:\Users\Josh\AppData\Local\DriverToolkit
[-] Folder deleted: C:\Users\Josh\AppData\Local\Hola
[-] Folder deleted: C:\Users\Josh\AppData\Roaming\WTools
[-] Folder deleted: C:\Users\Josh\AppData\Roaming\AGData
[-] Folder deleted: C:\Program Files\nplus
[-] Folder deleted: C:\Program Files (x86)\DriverToolkit
[-] Folder deleted: C:\Program Files (x86)\Itibiti Soft Phone
[-] Folder deleted: C:\Program Files (x86)\AnonymizerGadget


***** [ Files ] *****

[-] File deleted: C:\END


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****

[-] Task deleted: DRIVERTOOLKIT AUTORUN


***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Key deleted: HKU\.DEFAULT\Software\Hola
[-] Key deleted: HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\DriverToolkit
[-] Key deleted: HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Hola
[#] Key deleted on reboot: HKU\S-1-5-18\Software\Hola
[#] Key deleted on reboot: HKCU\Software\DriverToolkit
[#] Key deleted on reboot: HKCU\Software\Hola
[#] Key deleted on reboot: [x64] HKCU\Software\DriverToolkit
[#] Key deleted on reboot: [x64] HKCU\Software\Hola
[-] Key deleted: [x64] HKLM\SOFTWARE\Hola
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\govids.net
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\tlscdn.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.govids.net
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\govids.net
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\tlscdn.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.govids.net
[-] Key deleted: HKCU\Software\MozillaPlugins\@hola.org/FlashPlayer
[-] Key deleted: HKCU\Software\MozillaPlugins\@hola.org/vlc


***** [ Web browsers ] *****

[-] [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: mysearch.avg.com
[-] [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: www-searching.com
[-] [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www-searching.com/?pid=s&s=G4Qzftpbl0cshmoBN,7f10bc9c-0776-4b48-9f8d-9c830b8934cd,&vp=ch&prd=set_ch
[-] [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default] [homepage] Deleted: hxxp://www-searching.com/?pid=s&s=G4Qzftpbl0cshmoBN,7f10bc9c-0776-4b48-9f8d-9c830b8934cd,&vp=ch&prd=set_ch


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4600 Bytes] - [26/10/2016 11:12:06]
C:\AdwCleaner\AdwCleaner[S0].txt - [4521 Bytes] - [26/10/2016 11:11:38]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4746 Bytes] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Home Premium x64
Ran by Josh (Administrator) on Wed 10/26/2016 at 11:13:29.62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 37

Successfully deleted: C:\Program Files (x86)\internet explorer\iexplore.bat (File)
Successfully deleted: C:\ProgramData\28341ff220e0446c9fff27c4493d622e (Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0N9EPG6N (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2D2AUZPD (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2MSLJEQ3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9OE8M1W1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B9AF8BM3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMAOGEQH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX9SWTQF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OLTGB6CN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QYKA0E0E (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RSAD01TG (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1KAQ8O5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIOUIU6Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0N9EPG6N (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2D2AUZPD (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2MSLJEQ3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9OE8M1W1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B9AF8BM3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMAOGEQH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX9SWTQF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OLTGB6CN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QYKA0E0E (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RSAD01TG (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1KAQ8O5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIOUIU6Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\SysWOW64\REN9D0.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\RENC689.tmp (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 10/26/2016 at 11:14:50.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~ ZHPCleaner v2016.10.25.177 by Nicolas Coolman (2016/10/25)
~ Run by Josh (Administrator) (26/10/2016 11:19:36)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Josh\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Josh\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)


---\\ Services (0)
~ No malicious or unnecessary items found.


---\\ Browser internet (0)
~ No malicious or unnecessary items found.


---\\ Hosts file (4)
REPLACED: 162.222.194.13 cocomo.tremorhub.com
REPLACED: 162.222.194.13 www.virustotal.com
REPLACED: 162.222.194.13 virustotal.com
Number of found redirections 3/26


---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\ Explorer ( File, Folder) (8)
MOVED file: C:\Windows\Installer\wix{538B98C3-773F-4F20-9C66-802D104DCBE2}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage =>PUP.Optional.Chatango
MOVED file: C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage-journal =>PUP.Optional.Chatango
MOVED file: C:\Users\Josh\AppData\Local\Temp\67E4698F-2B45-470D-AE12-E3BD06CAFC84\AnonymizerGadgetSetup.1.000.1665.exe =>.Superfluous.AnonymizerGadget
MOVED folder: C:\Users\Josh\AppData\Local\UmmyVideoDownloader =>Adware¨Pirrit
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader =>Adware¨Pirrit
MOVED folder: C:\Program Files\Sound+ =>Adware.Kazy
MOVED folder: C:\Users\Josh\AppData\Local\Temp\67E4698F-2B45-470D-AE12-E3BD06CAFC84 =>.Superfluous.AnonymizerGadget


---\\ Registry ( Key, Value, Data) (11)
DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{498BA7C9-35C6-484B-A5DD-DAA56319F437}\\DhcpNameServer [Bad : 68.105.28.11 68.105.29.11 68.105.28.12] =>Hijacker.Browser
DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 68.105.28.11 68.105.29.11 68.105.28.12] =>Hijacker.Browser
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{73924FFF-7A47-424D-BA45-659BB5CC194A}_is1 [UmmyVideoDownloader] =>Adware¨Pirrit
DELETED key*: HKEY_USERS\S-1-5-21-2025992066-4083076924-3298436488-1000\SOFTWARE\VITALI KIRPU & QUADRO DELTA [] =>.Superfluous.DeltaSearch
DELETED key: HKCU\Software\VITALI KIRPU & QUADRO DELTA [] =>.Superfluous.DeltaSearch
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Tonec.FreeFlvPlayer [Tonec Free FLV Player File] =>PUP.Optional.FLVPlayer
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{A722C28B-A845-47BD-8678-013A96928C62} [C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe] =>PUP.Optional.DllFilesFixer
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{58F60C77-742F-4D06-A56C-B282B14FBA12} [C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe] =>PUP.Optional.DllFilesFixer
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{93A5610A-C8CB-4F05-985B-490A02A135FB} [C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe] =>PUP.Optional.DllFilesFixer
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{0B173DA5-5EF5-4526-938A-1719803E1EDE} [C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe] =>PUP.Optional.DllFilesFixer
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{532D007C-6759-45F6-8660-0203174EC97B} [C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe] =>PUP.Optional.DllFilesFixer


---\\ Summary of the elements found (9)
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Empty
https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>PUP.Optional.Chatango
https://www.anti-malware.top/2016/06/10/superfluous-anonymizergadget/ =>.Superfluous.AnonymizerGadget
https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>Adware¨Pirrit
https://www.anti-malware.top/2016/08/09/adware-kazy/ =>Adware.Kazy
https://www.nicolascoolman.com/fr/hijacker-browser/ =>Hijacker.Browser
https://www.nicolascoolman.com/fr/toolbar-deltasearch/ =>.Superfluous.DeltaSearch
https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>PUP.Optional.FLVPlayer
https://www.nicolascoolman.com/fr/pup-optional-dllfilesfixer/ =>PUP.Optional.DllFilesFixer


---\\ Other deletions. (23)
~ Registry Keys Tracing deleted (23)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 351
~ Items found : 3
~ Items cancelled : 0
~ Items repaired : 19


~ End of clean in 00h00mn17s
~====================
ZHPCleaner-[R]-26102016-11_19_53.txt
ZHPCleaner--26102016-11_19_06.txt
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,389
551
Something along the way seems to have fixed my problem as well.

You are not out of the hot water just yet, your machine is still infected with malware. In order for us to continue you will need to remove U Torrent.... Forum Rules.

Then in normal mode please run a scan with Zoek & Zemana. ( Download in Safe Mode With Networking Run in Normal Mode) We will remove anything else manually with FRST. :)


Zoek Scan


Disable your antivirus prior to this scan.
Download Zoek
Save the file to your desktop.
Right click Zoek.exe and run as administrator. (Xp Users double click)
Copy and paste the items in red below and paste them into Zoek.

createsrpoint;
emptyfolderscheck;delete
emptyclsid;
emptyalltemp;
ipconfig /flushdns;b
ResetHosts;
autoclean;


Now hit the run script button.
The log will appear after a reboot, also you can find it on the C: drive.
Post the log in your next reply.



Zemana Scan



Run a full scan with Zemana AntiMalware!
Install and select deep scan.


Remove any infections found.
Then click on the icon in the pic below.

Double click on the scan log, copy and paste here in your reply

Fresh FRST Logs.


Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST icon and select Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt, and Addition.txt.
Please Copy & Paste them into your next reply
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,389
551
A side note: You can reinstall U-Torrent after you are done here, just we only ask it be removed while we help. To put it in realistic terms, it would be like a mechanic shop that services stolen vehicles.... Not saying you use U Torrent to gather illegal software, we are just covering our @ss .... so to speak. :)
 

Joshua Bobbitt

PCHF Member
PCHF Member
Oct 26, 2016
26
3
22
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Josh on Wed 10/26/2016 at 11:37:34.07.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Josh\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10/26/2016 11:38:43 AM Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\gowen deleted successfully
C:\PROGRA~2\NCWest deleted successfully
C:\PROGRA~2\OpenVPN Technologies deleted successfully
C:\PROGRA~2\polygamy deleted successfully
C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully
C:\Program Files\ATI Technologies deleted successfully
C:\Users\Josh\AppData\Local\FluxSoftware deleted successfully
C:\Users\Josh\AppData\Local\Skype deleted successfully
C:\Users\Josh\AppData\Local\StardewValley deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{133EA5F8-3066-4305-993E-1035B842B80D} deleted successfully
HKEY_USERS\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3793E9E1-D707-4D8F-8689-959CA6442527} deleted successfully
HKEY_USERS\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4DD93630-D005-4FC9-A7D7-5F583A89B0A7} deleted successfully
HKEY_USERS\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7DDD337E-7C1B-44AB-9F7C-3C76F65BAA80} deleted successfully
HKEY_USERS\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{833335F9-E5CD-47C7-AE56-95FA210BE4DF} deleted successfully
HKEY_USERS\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E24CC6C-BAF8-4947-8BD6-628755E763B1} deleted successfully
HKEY_USERS\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3227C68-D8CE-4EA2-9E67-77C8255F14B4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\gowen not found
C:\PROGRA~2\NCWest not found
C:\PROGRA~2\OpenVPN Technologies not found
C:\PROGRA~2\polygamy not found
C:\Users\Josh\AppData\Roaming\discord deleted
C:\Users\Josh\AppData\Roaming\Factorio deleted
C:\found.000 deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Josh\AppData\Local\Unity deleted
C:\Users\Josh\AppData\LocalLow\Unity deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\SET1E0.tmp deleted
C:\Windows\Syswow64\SET7DDF.tmp deleted
C:\Windows\Syswow64\SET7E3E.tmp deleted
C:\Windows\Syswow64\SET8069.tmp deleted
C:\Windows\Syswow64\SET8241.tmp deleted
C:\Windows\Syswow64\SET833B.tmp deleted
C:\Windows\Syswow64\SET87B9.tmp deleted
C:\Windows\Syswow64\SET87CA.tmp deleted
C:\Windows\Syswow64\SET90D7.tmp deleted
C:\Windows\Syswow64\SET9127.tmp deleted
C:\Windows\Syswow64\SET946D.tmp deleted
C:\Windows\Syswow64\SET9535.tmp deleted
C:\Windows\Syswow64\SET96E5.tmp deleted
C:\Windows\Syswow64\SET9764.tmp deleted
C:\Windows\Syswow64\SET999E.tmp deleted
C:\Windows\Syswow64\SET9B1F.tmp deleted
C:\Windows\Syswow64\SET9CCB.tmp deleted
C:\Windows\Syswow64\SET9DFB.tmp deleted
C:\Windows\Syswow64\SETA258.tmp deleted
C:\Windows\Syswow64\SETA26A.tmp deleted
C:\Windows\Syswow64\SETC3E2.tmp deleted
C:\Windows\Syswow64\SETC471.tmp deleted
C:\Windows\Syswow64\SETC747.tmp deleted
C:\Windows\Syswow64\SETCADF.tmp deleted
C:\Windows\Syswow64\SETCC1D.tmp deleted
C:\Windows\Syswow64\SETD1A3.tmp deleted
C:\Windows\Syswow64\SETD1B4.tmp deleted
C:\Windows\Syswow64\SETE710.tmp deleted
C:\Windows\Syswow64\SETE78F.tmp deleted
C:\Windows\Syswow64\SETEA37.tmp deleted
C:\Windows\Syswow64\SETEBE6.tmp deleted
C:\Windows\Syswow64\SETEDC1.tmp deleted
C:\Windows\Syswow64\SETEF2D.tmp deleted
C:\Windows\Syswow64\SETF435.tmp deleted
C:\Windows\Syswow64\SETF446.tmp deleted
C:\Users\Josh\AppData\Local\25321.exe deleted
C:\Users\Josh\AppData\Local\38450.exe deleted
C:\Users\Josh\AppData\Local\59372.exe deleted
C:\Users\Josh\AppData\Local\80824.exe deleted
C:\Users\Josh\AppData\Local\93105.exe deleted
C:\Users\Josh\AppData\Local\dnow.exe deleted
C:\Users\Josh\AppData\Local\install_flash_player_21_active_x.exe deleted
"C:\Users\Josh\AppData\Local\LumaEmu" deleted
"C:\Users\Josh\AppData\Local\{5325A75B-98C4-461C-A747-54717CACE3EE}" deleted

==== Chromium Look ======================


uBlockâ‚€ - Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm
SIH - Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl
Reddit Enhancement Suite - Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb
Clickable Links - Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgamelhnfokapndfdodnmfiningckjia
Naptha - Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\molncoemjfmpgdkbdlbjmhlcgniigdnf
Lunapic Right Click Edit - Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglcbfocdkemachifmnimbblndgmlhbi
Chrome Media Router - Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== shortcuts on Users Desktops ======================

C:\Users\Josh\Desktop\FRST64 - Shortcut.lnk - D:\Downloads\FRST64.exe
C:\Users\Josh\Desktop\ZHPCleaner.lnk - C:\Users\Josh\AppData\Roaming\ZHP\ZHPCleaner.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Minecraft.lnk - D:\Minecraft\MinecraftLauncher.exe
C:\Users\Public\Desktop\Mirror's EdgeT Catalyst.lnk -
C:\Users\Public\Desktop\Mirror's Edge™ Catalyst.lnk -
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Public\Desktop\??fi? II.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk - C:\Users\Josh\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Int?rn?t ??pl?r?r.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk - C:\Users\Josh\jagexcache\jagexlauncher\bin\JagexLauncher.exe runescape
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\Josh\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\St?rt ??r ?r?ws?r.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk - C:\Windows\system32\cmd.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\Windows\system32\notepad.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk - C:\Windows\system32\control.exe /name Microsoft.EaseOfAccessCenter
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk - C:\Windows\system32\magnify.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk - C:\Windows\system32\osk.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Int?rn?t ??pl?r?r (N? ?dd-?ns).lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk - C:\Windows\system32\eudcedit.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\HitmanT Codename 47.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Postal 2.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Steam The ShipT.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\SWAT 4T.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\FL Studio 10 (extended memory).lnk - D:\Fruity Loops\FL (extended memory).exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\FL Studio online.lnk - D:\Fruity Loops\System\Internet\FL Studio online.url
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Help.lnk - D:\Fruity Loops\Help\FL.chm
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Uninstall.lnk - D:\Fruity Loops\Uninstall.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\What's new.lnk - D:\Fruity Loops\WhatsNew.doc
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Install plugin version.lnk - D:\Fruity Loops\FL.exe /PluginSetup
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Reset settings.lnk - D:\Fruity Loops\FL.exe /Reset
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Uninstall DXi plugin.lnk - D:\Fruity Loops\FL.exe /RemoveDXi
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Unregister ReWire client.lnk - D:\Fruity Loops\FL.exe /RemoveReWire
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Overwolf.lnk - C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Uninstall Overwolf.lnk - C:\Program Files (x86)\Overwolf\OWUninstaller.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox\ROBLOX Player.lnk - C:\Users\Josh\AppData\Local\Roblox\Versions\version-fe88b67aa44a44d9\RobloxPlayerLauncher.exe -browser
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox\ROBLOX Studio.lnk - C:\Users\Josh\AppData\Local\Roblox\Versions\RobloxStudioLauncherBeta.exe -ide
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape\License.lnk - C:\Users\Josh\jagexcache\jagexlauncher\LICENSE.txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape\RuneScape.lnk - C:\Users\Josh\jagexcache\jagexlauncher\bin\JagexLauncher.exe runescape
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\remembrances.lnk - C:\Program Files (x86)\gowen\segel.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram.lnk - C:\Users\Josh\AppData\Roaming\Telegram Desktop\Telegram.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Uninstall Telegram.lnk - C:\Users\Josh\AppData\Roaming\Telegram Desktop\unins000.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\CheVolume.lnk - D:\CheVolume\CheVolume.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk - C:\Windows\system32\control.exe /name Microsoft.DefaultPrograms
C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk - C:\Windows\system32\wuapp.exe startmenu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A Story About My Uncle.lnk - D:\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe /high-dpi-support=1 /force-device-scale-factor=1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G??gl? ?hr?m?.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Party Hard.lnk - D:\Party Hard\PartyHardGame.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk - C:\Program Files (x86)\Windows Sidebar\sidebar.exe /showgadgets
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk - C:\Windows\system32\xpsrchvw.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\60 Seconds\60 Seconds.lnk - D:\60 Seconds\60 Seconds\60Seconds.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\60 Seconds\Uninstall 60 Seconds.lnk - D:\60 Seconds\60 Seconds\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk - C:\Program Files (x86)\7-Zip\7zFM.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk - C:\Program Files (x86)\7-Zip\7-zip.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk - C:\Windows\system32\calc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk - C:\Windows\system32\displayswitch.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk - C:\Windows\System32\mobsync.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk - C:\Windows\system32\rundll32.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk - C:\Windows\Speech\Common\sapisvr.exe -SpeechUX
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk - C:\Windows\system32\charmap.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk - C:\Windows\system32\dfrgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk - C:\Windows\system32\cleanmgr.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk - C:\Windows\system32\perfmon.exe /res
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk - C:\Windows\system32\msinfo32.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk - C:\Windows\system32\taskschd.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk - C:\Windows\system32\migwiz\postmig.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk - C:\Windows\system32\migwiz\migwiz.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk - C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\Windows\sysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk - C:\Windows\system32\comexp.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk - C:\Windows\system32\compmgmt.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk - C:\Windows\system32\odbcad32.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk - C:\Windows\system32\eventvwr.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk - C:\Windows\system32\iscsicpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk - C:\Windows\system32\perfmon.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk - C:\Windows\system32\services.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk - C:\Windows\system32\taskschd.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk - C:\Windows\system32\WF.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -NoExit -ImportSystemModules
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings\AMD Settings.lnk - C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk - D:\Battle.net\Battle.net Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\The Elder Scrolls V Skyrim - Legendary Edition\The Elder Scrolls V Skyrim - Legendary Edition.lnk - D:\The Elder Scrolls V Skyrim - Legendary Edition\SkyrimLauncher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\The Elder Scrolls V Skyrim - Legendary Edition\Uninstall The Elder Scrolls V Skyrim - Legendary Edition.lnk - D:\The Elder Scrolls V Skyrim - Legendary Edition\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3 (32-bit).lnk - D:\Cheat Engine 6.3\cheatengine-i386.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3 (64-bit).lnk - D:\Cheat Engine 6.3\cheatengine-x86_64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3.lnk - D:\Cheat Engine 6.3\Cheat Engine.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine help.lnk - D:\Cheat Engine 6.3\CheatEngine.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine tutorial.lnk - D:\Cheat Engine 6.3\Tutorial-i386.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\main.lua.lnk - C:\Windows\system32\notepad.exe D:\Cheat Engine 6.3\main.lua
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Reset settings.lnk - D:\Cheat Engine 6.3\ceregreset.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Uninstall Cheat Engine.lnk - D:\Cheat Engine 6.3\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Kernel stuff\Unload kernel module.lnk - D:\Cheat Engine 6.3\Kernelmoduleunloader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (32-bit).lnk - C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-i386.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (64-bit).lnk - C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-x86_64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4.lnk - C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine help.lnk - C:\Program Files (x86)\Cheat Engine 6.4\CheatEngine.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine tutorial.lnk - C:\Program Files (x86)\Cheat Engine 6.4\Tutorial-i386.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\main.lua.lnk - C:\Windows\system32\notepad.exe C:\Program Files (x86)\Cheat Engine 6.4\main.lua
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Reset settings.lnk - C:\Program Files (x86)\Cheat Engine 6.4\ceregreset.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Uninstall Cheat Engine.lnk - C:\Program Files (x86)\Cheat Engine 6.4\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Kernel stuff\Unload kernel module.lnk - C:\Program Files (x86)\Cheat Engine 6.4\Kernelmoduleunloader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Cheat Engine 6.5 (32-bit).lnk - D:\Cheat Engine 6.5\cheatengine-i386.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Cheat Engine 6.5 (64-bit).lnk - D:\Cheat Engine 6.5\cheatengine-x86_64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Cheat Engine 6.5.lnk - D:\Cheat Engine 6.5\Cheat Engine.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Cheat Engine help.lnk - D:\Cheat Engine 6.5\CheatEngine.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Cheat Engine tutorial (64-bit).lnk - D:\Cheat Engine 6.5\Tutorial-x86_64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Cheat Engine tutorial.lnk - D:\Cheat Engine 6.5\Tutorial-i386.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\main.lua.lnk - C:\Windows\system32\notepad.exe D:\Cheat Engine 6.5\main.lua
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Reset settings.lnk - D:\Cheat Engine 6.5\ceregreset.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Uninstall Cheat Engine.lnk - D:\Cheat Engine 6.5\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Kernel stuff\Unload kernel module.lnk - D:\Cheat Engine 6.5\Kernelmoduleunloader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CheVolume\CheVolume.lnk - D:\CheVolume\CheVolume.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CheVolume\Uninstall.lnk - D:\CheVolume\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\Creative Software AutoUpdate.lnk - C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\ALchemy\Creative ALchemy.lnk - C:\Program Files (x86)\Creative\ALchemy\ALchemy.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel.lnk - C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doom\Doom.lnk - D:\Doom Game\DOOMx64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doom\Uninstall Doom.lnk - D:\Doom Game\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasiSlides\Start Easislides.lnk - C:\Program Files (x86)\EasiSlides\Easislides.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ezvid\ezvid log.lnk - C:\Users\Josh\Documents\ezvid\errors\errorlog.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ezvid\ezvid.lnk - C:\Program Files (x86)\ezvid\ezvid.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ezvid\uninstall ezvid.lnk - C:\Windows\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Factorio\Factorio.lnk - D:\Factorio\bin\x64\Factorio.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Factorio\Uninstall.lnk - D:\Factorio\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firewatch\Firewatch.lnk - D:\Firewatch\Firewatch\Firewatch.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firewatch\Uninstall Firewatch.lnk - D:\Firewatch\Firewatch\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Fraps.lnk - D:\Fraps\fraps.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Uninstall.lnk - D:\Fraps\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free FLV Player\Free FLV Player.lnk - C:\Program Files (x86)\Free FLV Player\Free FLV Player.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free FLV Player\License.lnk - C:\Program Files (x86)\Free FLV Player\License.TXT
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free FLV Player\Uninstall Free FLV Player.lnk - C:\Program Files (x86)\Free FLV Player\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Dev Tycoon\Uninstall Game Dev Tycoon.lnk - D:\Game Dev Tycoon\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\DEADBOLT.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Fallout New Vegas.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FreeCell.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\GameExplorer.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Guild of Dungeoneering.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Hearts.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Minesweeper.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from Microsoft.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\No Man's Sky.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Purble Place.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Sheltered.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Solitaire.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Spider Solitaire.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Stardew Valley.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\SUPERHOT.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\We Happy Few.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\DEADBOLT\DEADBOLT.lnk - D:\Deadbolt\deadbolt_game.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\DEADBOLT\Map Editor.lnk - D:\Deadbolt\deadbolt_map_editor.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\DEADBOLT\Uninstall DEADBOLT.lnk - D:\Deadbolt\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\DEADBOLT\Documents\Readme.lnk - D:\DEADBOLT\Editor ReadME.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Guild of Dungeoneering\Guild of Dungeoneering.lnk - D:\Guild of Dungeoneering\dungeoneering.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Guild of Dungeoneering\Uninstall Guild of Dungeoneering.lnk - D:\Guild of Dungeoneering\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\No Man's Sky\Language Selector.lnk - D:\No Man's Sky\LanguageSetup.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\No Man's Sky\No Man's Sky.lnk - D:\No Man's Sky\Binaries\NMS.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\No Man's Sky\Uninstall No Man's Sky.lnk - D:\No Man's Sky\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Sheltered\Sh?lt?r?d.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Sheltered\Uninstall Sheltered.lnk - D:\Sheltered\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Stardew Valley\Stardew Valley.lnk - D:\Stardew Valley\Stardew Valley.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Stardew Valley\Uninstall Stardew Valley.lnk - D:\Stardew Valley\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\SUPERHOT\SUPERHOT.lnk - D:\SUPERHOT\SUPERHOT.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\SUPERHOT\Uninstall SUPERHOT.lnk - D:\SUPERHOT\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\We Happy Few\Uninstall We Happy Few.lnk - D:\We Happy Few\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\We Happy Few\We Happy Few.lnk - D:\We Happy Few\GlimpseGame\Binaries\Win64\GlimpseGame.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goliath\Goliath.lnk - D:\Goliath\Goliath.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GS Auto Clicker\GS Auto Clicker.lnk - C:\Program Files (x86)\GSAutoClicker3\GSAutoClicker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GS Auto Clicker\Uninstall GS Auto Clicker.lnk - C:\Program Files (x86)\GSAutoClicker3\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo GIF.lnk - C:\Program Files (x86)\Gyazo\GyazoGIF.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo Settings.lnk - C:\Program Files (x86)\Gyazo\GyStation.exe /option
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone\Hearthstone.lnk - D:\Hearthstone\Hearthstone Beta Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Hi-Rez Diagnostics and Support.lnk - C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Uninstall All Hi-Rez Games.lnk - C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe uninstall=all
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imouto Paradise.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imouto Paradise.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk - C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSunshare RAR Password Genius\iSunshare RAR Password Genius.lnk - C:\Program Files (x86)\iSunshare RAR Password Genius\iSunshareRARPasswordGenius.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSunshare RAR Password Genius\Uninstall iSunshare RAR Password Genius.lnk - C:\Program Files (x86)\iSunshare RAR Password Genius\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSunshare RAR Password Genius\Website.lnk - C:\Program Files (x86)\iSunshare RAR Password Genius\iSunshare RAR Password Genius.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media Digital\Tropico 5 - Complete Collection\Tropico 5 - Complete Collection.lnk - D:\Tropico 5 - Complete Collection\Tropico5Steam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media Digital\Tropico 5 - Complete Collection\Uninstall Tropico 5 - Complete Collection.lnk - D:\Tropico 5 - Complete Collection\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Marvels Avengers\LEGO Marvels Avengers.lnk - D:\Program Files (x86)\LEGO Marvels Avengers\LEGOMARVELAvengers.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Marvels Avengers\Uninstall LEGO Marvels Avengers.lnk - D:\Program Files (x86)\LEGO Marvels Avengers\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lichdom Battlemage\Lichdom Battlemage.lnk - D:\Lichdom Battlemage\Bin32\LichdomBattlemage.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lichdom Battlemage\Uninstall Lichdom Battlemage.lnk - D:\Lichdom Battlemage\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk - C:\Windows\System32\control.exe /name Microsoft.BackupAndRestore
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk - C:\Windows\system32\msra.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDev\MegaTrainer eXperience\Information.lnk - C:\Program Files (x86)\MegaDev\MD-Trainers\MT-X\readme.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDev\MegaTrainer eXperience\MegaTrainer eXperience.lnk - C:\Program Files (x86)\MegaDev\MD-Trainers\MT-X\MT-eXperience.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDev\MegaTrainer eXperience\MT-X - Guide.lnk - C:\Program Files (x86)\MegaDev\MD-Trainers\MT-X\mt-x_guide.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDev\MegaTrainer eXperience\Uninstall MegaTrainer eXperience.lnk - C:\Program Files (x86)\MegaDev\MD-Trainers\MT-X\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\METAL GEAR RISING REVENGEANCE\Oäàëèòü èadó.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Launcher.lnk - D:\StrongLauncher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk - D:\Minecraft\MinecraftLauncher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ\Far Cry 4\Far Cry 4.lnk - D:\Mr DJ\Far Cry 4\bin\FarCry4.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ\Far Cry 4\Uninstall.lnk - D:\Mr DJ\Far Cry 4\Uninstall\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ\Mafia II\Uninstall.lnk - C:\Program Files (x86)\Mr DJ\Mafia II\Uninstall\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ\Mafia II\??fi? II.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NARUTO SHIPPUDEN Ultimate Ninja STORM 4.lnk - D:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\Uninstall NARUTO SHIPPUDEN Ultimate Ninja STORM 4.lnk - D:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch\Overwatch.lnk - D:\Overwatch\Overwatch Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch Test\Overwatch Test.lnk - D:\Overwatch Test\Overwatch Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCGEN\PCGen60401\Convert Data.lnk - C:\Windows\system32\javaw.exe -Xmx256M -jar batch-convert.jar
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCGEN\PCGen60401\Manual.lnk - C:\Users\Josh\AppData\Local\PCGen\PCGen60401\docs\index.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCGEN\PCGen60401\News.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCGEN\PCGen60401\PCGen60401-Low.lnk - C:\Users\Josh\AppData\Local\PCGen\PCGen60401\pcgen_low_mem.bat
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCGEN\PCGen60401\PCGen60401.lnk - C:\Users\Josh\AppData\Local\PCGen\PCGen60401\pcgen.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCGEN\PCGen60401\Release Notes.lnk - C:\Users\Josh\AppData\Local\PCGen\PCGen60401\pcgen-release-notes-60401.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCGEN\PCGen60401\uninstall-PCGen60401.lnk - C:\Users\Josh\AppData\Local\PCGen\uninstall-PCGen60401.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PortForward.com\PortForward Network Utilities.lnk - C:\Windows\Installer\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}\PortForwardNetwork_B4E7CA5D7E0E4F948BD33CC88ED55DA7.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Help.lnk - C:\Program Files (x86)\PowerISO\PowerISO.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Virtual Drive Manager.lnk - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO.lnk - C:\Program Files (x86)\PowerISO\PowerISO.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\Uninstall PowerISO.lnk - C:\Program Files (x86)\PowerISO\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros\Killer Network Manager\Qualcomm Atheros Killer Network Manager.lnk - C:\Program Files (x86)\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros\Killer Network Manager\System Diagnose Utility.lnk - C:\Program Files (x86)\Qualcomm Atheros\Killer Network Manager\KillerDiagnose.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros\Killer Network Manager\Uninstall Killer Network Manager.lnk - C:\Program Files (x86)\Installshield Installation Information\{DF446558-ADF7-4884-9B2D-281979CCE71F}\setup.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Games\Battlefield Hardline\Uninstall Battlefield Hardline.lnk - D:\Battlefield Hardline\Uninstall\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Call of Juarez - Gunslinger\Pl?y ??ll ?f Ju?r?z - Gunsling?r.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Call of Juarez - Gunslinger\Uninstall Call of Juarez - Gunslinger.lnk - C:\Users\Josh\AppData\Roaming\Call of Juarez - Gunslinger_Uninstall\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Max Payne 3\Play Max Payne 3.lnk - D:\Max Payne 3\MaxPayne3.exe -language english
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Max Payne 3\Uninstall Max Payne 3.lnk - C:\Users\Josh\AppData\Roaming\Max Payne 3\Uninstall\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Murdered - Soul Suspect\Play Murdered - Soul Suspect.lnk - D:\Murdered - Soul Suspect\Binaries\Win64\Murdered.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Murdered - Soul Suspect\Uninstall Murdered - Soul Suspect.lnk - C:\Users\Josh\AppData\Roaming\Murdered - Soul Suspect\Uninstall\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Synapse\Razer Synapse.lnk - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe -launch
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rise of the Tomb Raider\Rise of the Tomb Raider.lnk - D:\Rise of the Tomb Raider\ROTTR.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rise of the Tomb Raider\Uninstall Rise of the Tomb Raider.lnk - D:\Rise of the Tomb Raider\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\SWAT 4\Play SWAT 4 Online with GameSpy Arcade.lnk - D:\Swat4\Content\System\swat4_with_gamespy.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\SWAT 4\SWAT 4.lnk - D:\Swat4\Content\System\Swat4.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\SWAT 4\Uninstall SWAT 4.lnk - C:\Program Files (x86)\Common Files\InstallShield\Driver\10\Intel 32\IDriver.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\SWAT 4\SWAT 4 Help\E-Register SWAT 4.lnk - D:\Swat4\Content\System\swat4_ereg.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\SWAT 4\SWAT 4 Help\Sierra Website.lnk - D:\Swat4\Content\System\sierra.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\SWAT 4\SWAT 4 Help\SWAT 4 Manual.lnk - D:\Swat4\SWT4_Mn_TX_7162010.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\SWAT 4\SWAT 4 Help\View Readme.txt File.lnk - D:\Swat4\readme.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\SWAT 4\SWAT 4 Help\View the End-User License Agreement.lnk - D:\Swat4\EULA.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite 3\Oäàëèòü èadó.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite 3\Snip?r ?lit? 3.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CheVolume.lnk - D:\CheVolume\CheVolume.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk - C:\Program Files (x86)\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe -minimized
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steamapps\common\The Talos Principle\None.lnk - D:\The Talos Principle\None
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steamapps\common\The Talos Principle\STEAM\Steamapps\common\The Talos Principle Uninstallation.lnk - D:\The Talos Principle\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subnautica\Subnautica.lnk - D:\Subnautica\Subnautica\Subnautica.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subnautica\Uninstall Subnautica.lnk - D:\Subnautica\Subnautica\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Boob Wars ~Big Breasts vs Flat Chests~.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Boob Wars ~Big Breasts vs Flat Chests~.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Viscera Cleanup Detail\Viscera Cleanup Detail Uninstall.lnk - D:\Viscera Cleanup Detail\Binaries\Win32\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Viscera Cleanup Detail\Viscera Cleanup Detail.lnk - D:\Viscera Cleanup Detail\Binaries\Win32\UDK.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WellWeWeb\CheVolume\CheVolume.lnk - D:\CheVolume\CheVolume.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WellWeWeb\CheVolume\Uninstall.lnk - D:\CheVolume\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Uninstall Winamp.lnk - D:\Winamp\uninstwa.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\What's New.lnk - D:\Winamp\whatsnew.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp (Safe Mode).lnk - D:\Winamp\winamp.exe /SAFE=1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp.lnk - D:\Winamp\winamp.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk - C:\Users\Josh\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CheVolume.lnk - D:\CheVolume\CheVolume.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Doom.lnk - D:\Doom Game\DOOMx64.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gyazo GIF.lnk - C:\Program Files (x86)\Gyazo\GyazoGIF.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\L?un?h Int?rn?t ??pl?r?r ?r?ws?r.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Rise of the Tomb Raider.lnk - D:\Rise of the Tomb Raider\ROTTR.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk - D:\Winamp\winamp.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2fae1f4995fc9e7f\NexonLauncher.lnk - D:\Nexon Launcher\bin\nexon_client\nexon_client.exe --user-data-dir="C:\Users\Josh\AppData\Local\NexonLauncher\User Data"
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4b5ea7b81c0dee03\League of Legends.lnk - D:\Riot Games\League of Legends\lol.launcher.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\70f62c6a7f1739bd\pinned.lnk - C:\Windows\system32\rundll32.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\DS3_Tool.lnk - D:\MotioninJoy\ds3\DS3_Tool.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Gibbed's Borderlands 2 Save Editor.lnk - D:\Gibbed BL2\Gibbed.Borderlands2.SaveEdit.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Gibbed.BorderlandsOz.SaveEdit.lnk - D:\Presequel Gibbed\Gibbed.BorderlandsOz.SaveEdit.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Battle.net.lnk - D:\Battle.net\Battle.net Launcher.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe /high-dpi-support=1 /force-device-scale-factor=1
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G??gl? ?hr?m?.lnk -
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\lol.launcher.lnk - D:\Riot Games\League of Legends\lol.launcher.admin.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Minecraft.lnk - D:\Minecraft\MinecraftLauncher.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

==== shortcuts After Repair ======================

C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2fae1f4995fc9e7f\NexonLauncher.lnk - D:\Nexon Launcher\bin\nexon_client\nexon_client.exe

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlaysTV deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
C:\Users\Josh\AppData\Local\NexonLauncher\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=223 folders=70 233796939 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Josh\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Josh\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted

==== EOF on Wed 10/26/2016 at 11:50:26.73 ======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Josh (administrator) on JOSH-PC (26-10-2016 11:58:43)
Running from D:\Downloads
Loaded Profiles: Josh (Available Profiles: Josh)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Spotify Ltd) C:\Users\Josh\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-notepad_31bf3856ad364e35_6.1.7601.18917_none_cd438498869c9ff6\notepad.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-notepad_31bf3856ad364e35_6.1.7601.18917_none_cd438498869c9ff6\notepad.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2886416 2012-03-01] (Synaptics Incorporated)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-10-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [materialized] => "C:\Program Files (x86)\gowen\segel.exe"
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13823216 2016-10-04] (Zemana Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-19] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [1632560 2013-09-06] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3Di Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [880640 2011-12-21] (Creative Technology Ltd)
HKLM-x32\...\Run: [eastman] => "C:\Program Files (x86)\gowen\segel.exe"
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-06-02] (Nota Inc.)
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [Spotify Web Helper] => C:\Users\Josh\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-20] (Spotify Ltd)
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29642368 2016-09-12] (Skype Technologies S.A.)
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [reconvenes] => "C:\Program Files (x86)\gowen\segel.exe"
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [gambrell] => "C:\Program Files (x86)\gowen\segel.exe"
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [cares] => "C:\Program Files (x86)\polygamy\cares.exe"
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [militants] => "C:\Program Files (x86)\gowen\segel.exe"
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\MountPoints2: G - G:\OriginSetup.exe
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\MountPoints2: H - H:\setup.exe
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\MountPoints2: {e7c743ff-75e0-11e5-a21d-2016d891c3a4} - G:\LaunchU3.exe -a
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-06-04]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CheVolume.lnk [2016-05-14]
ShortcutTarget: CheVolume.lnk -> D:\CheVolume\CheVolume.exe (WellWeWeb)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk [2015-06-04]
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\remembrances.lnk [2016-10-25]
ShortcutTarget: remembrances.lnk -> C:\Program Files (x86)\gowen\segel.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [174592 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [174592 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [174592 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [174592 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9 16 C:\Windows\SysWOW64\BfLLR.dll [174592 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [189952 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [189952 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [189952 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [189952 2012-02-15] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\BfLLR.dll [189952 2012-02-15] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{498BA7C9-35C6-484B-A5DD-DAA56319F437}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2025992066-4083076924-3298436488-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-01] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-01] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-12] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-02-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-02-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-25] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Josh\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll No File
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Josh\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll No File
FF Plugin HKU\S-1-5-21-2025992066-4083076924-3298436488-1000: @nsroblox.roblox.com/launcher -> C:\Users\Josh\AppData\Local\Roblox\Versions\version-fe88b67aa44a44d9\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2025992066-4083076924-3298436488-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Josh\AppData\Local\Roblox\Versions\version-fe88b67aa44a44d9\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2025992066-4083076924-3298436488-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Josh\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File

Chrome:
=======
CHR Profile: C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-04]
CHR Extension: (uBlock Origin) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-03-12]
CHR Extension: (Steam Inventory Helper) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-11-02]
CHR Extension: (Musixmatch Lyrics for YouTube) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfenjblodoldnbiddmggcbkcapiolbig [2015-07-21]
CHR Extension: (Google Docs Offline) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-06-04]
CHR Extension: (Clickable Links) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgamelhnfokapndfdodnmfiningckjia [2016-02-26]
CHR Extension: (Project Naptha) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\molncoemjfmpgdkbdlbjmhlcgniigdnf [2015-06-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-04]
CHR Extension: (Lunapic Right Click Edit) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglcbfocdkemachifmnimbblndgmlhbi [2015-06-04]
CHR Extension: (Chrome Media Router) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-12] ()
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2016-10-22] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-10-22] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
S2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122880 2012-03-27] (Creative Technology Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-10-21] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-23] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-01] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310960 2016-09-27] (Overwolf LTD)
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [492032 2012-02-15] () [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-04] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13823216 2016-10-04] (Zemana Ltd.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Ak27x64; C:\Windows\System32\DRIVERS\Ak27x64.sys [2740328 2012-02-15] (Bigfoot Networks, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2012-02-23] (Broadcom Corporation.)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [75880 2012-02-15] (Bigfoot Networks, Inc.)
S3 cthda; C:\Windows\System32\drivers\cthda.sys [1052760 2012-03-27] (Creative Technology Ltd)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [48464 2015-06-19] (Dell Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-26] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-01-26] (The OpenVPN Project)
S3 rzjstk; C:\Windows\System32\DRIVERS\rzjstk.sys [36568 2015-08-13] (Razer Inc)
S3 rzkeypadendpt; C:\Windows\System32\DRIVERS\rzkeypadendpt.sys [44760 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-03] (STMicroelectronics)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42088 2015-06-03] (Anchorfree Inc.)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-28] (Microsoft Corporation) [File not signed]
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-10-26] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-10-26] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-26 11:52 - 2016-10-26 11:58 - 00019477 _____ C:\Windows\ZAM.krnl.trace
2016-10-26 11:52 - 2016-10-26 11:58 - 00006426 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-10-26 11:52 - 2016-10-26 11:52 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2016-10-26 11:52 - 2016-10-26 11:52 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2016-10-26 11:52 - 2016-10-26 11:52 - 00001152 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-10-26 11:52 - 2016-10-26 11:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-10-26 11:52 - 2016-10-26 11:52 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-10-26 11:51 - 2016-10-26 11:51 - 00000000 ____D C:\Users\Josh\AppData\Local\Zemana
2016-10-26 11:49 - 2016-10-26 11:37 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-10-26 11:38 - 2016-10-26 11:50 - 00058620 _____ C:\zoek-results.log
2016-10-26 11:37 - 2016-10-26 11:46 - 00000000 ____D C:\zoek_backup
2016-10-26 11:37 - 2016-10-26 11:36 - 05363600 _____ ( ) C:\Users\Josh\Desktop\Zemana.AntiMalware.Setup.exe
2016-10-26 11:36 - 2016-10-26 11:33 - 01309184 _____ C:\Users\Josh\Desktop\zoek.exe
2016-10-26 11:19 - 2016-10-26 11:19 - 00005356 _____ C:\Users\Josh\Desktop\ZHPCleaner.txt
2016-10-26 11:15 - 2016-10-26 11:19 - 00000000 ____D C:\Users\Josh\AppData\Roaming\ZHP
2016-10-26 11:15 - 2016-10-26 11:15 - 00000791 _____ C:\Users\Josh\Desktop\ZHPCleaner.lnk
2016-10-26 11:14 - 2016-10-26 11:14 - 00006155 _____ C:\Users\Josh\Desktop\JRT.txt
2016-10-26 11:10 - 2016-10-26 11:09 - 03910208 _____ C:\Users\Josh\Desktop\adwcleaner_6.030.exe
2016-10-26 11:10 - 2016-10-26 11:09 - 02472960 _____ C:\Users\Josh\Desktop\ZHPCleaner.exe
2016-10-26 11:10 - 2016-10-26 11:09 - 01631928 _____ (Malwarebytes) C:\Users\Josh\Desktop\JRT.exe
2016-10-26 11:09 - 2016-10-26 11:12 - 00000000 ____D C:\AdwCleaner
2016-10-26 10:54 - 2016-10-26 10:54 - 00000882 _____ C:\Users\Josh\Desktop\FRST64 - Shortcut.lnk
2016-10-26 10:53 - 2016-10-26 11:58 - 00000000 ____D C:\FRST
2016-10-25 20:59 - 2016-10-25 21:00 - 00000080 _____ C:\Users\Public\Desktop\Mirror's EdgeT Catalyst.lnk
2016-10-25 20:50 - 2016-10-26 11:50 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-25 20:49 - 2016-10-25 21:00 - 00001100 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-10-25 19:41 - 2016-10-25 20:56 - 00000000 ____D C:\Users\Josh\AppData\Roaming\.minecraft
2016-10-25 19:40 - 2016-10-25 21:00 - 00000590 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-10-25 18:22 - 2016-10-26 11:50 - 00564034 _____ C:\Windows\PFRO.log
2016-10-25 18:22 - 2016-10-26 11:50 - 00000999 _____ C:\Windows\setupact.log
2016-10-25 18:22 - 2016-10-25 18:22 - 00000000 _____ C:\Windows\setuperr.log
2016-10-25 17:16 - 2016-10-26 11:57 - 00001164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-25 17:16 - 2016-10-25 21:00 - 00002253 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-25 17:15 - 2016-10-26 11:50 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-25 17:15 - 2016-10-26 11:20 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-25 17:15 - 2016-10-25 17:15 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-10-25 17:15 - 2016-10-25 17:15 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-10-25 17:04 - 2016-10-25 17:17 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-25 17:04 - 2016-10-25 17:04 - 00000000 _____ C:\Windows\system32\__000000013FECCA61__C0000005.dmp
2016-10-25 17:03 - 2016-10-25 17:04 - 00000003 _____ C:\Users\Josh\AppData\Local\run1.txt
2016-10-25 17:01 - 2016-10-25 17:04 - 00000000 ____D C:\Windows\system32\SSL
2016-10-25 10:36 - 2016-10-25 10:36 - 00000000 ____D C:\ProgramData\Synetic
2016-10-22 07:45 - 2016-10-22 07:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2016-10-22 07:45 - 2012-01-13 11:23 - 01944064 ____N (Creative) C:\Windows\system32\Sens_oal.dll
2016-10-22 07:45 - 2012-01-13 11:21 - 02906586 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2016-10-22 07:45 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\Windows\Updreg.EXE
2016-10-21 18:38 - 2016-10-21 18:38 - 00000000 ____D C:\Program Files\Creative
2016-10-21 05:59 - 2012-03-27 18:58 - 01052760 _____ (Creative Technology Ltd) C:\Windows\system32\Drivers\CtHda.sys
2016-10-21 05:59 - 2012-03-27 18:54 - 00134144 _____ (Creative Technology Ltd) C:\Windows\system32\CtHdaS64.exe
2016-10-21 05:59 - 2012-03-27 18:53 - 00574464 _____ (Creative Technology Ltd) C:\Windows\system32\CtHdaC64.dll
2016-10-21 05:59 - 2012-03-27 18:52 - 00470016 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaCtl.dll
2016-10-21 05:59 - 2012-03-27 18:52 - 00122880 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
2016-10-21 05:59 - 2012-03-02 22:41 - 00025088 _____ (Creative Technology Ltd.) C:\Windows\MEptDef.exe
2016-10-21 05:59 - 2012-02-29 12:34 - 00010240 ____R (Creative Technology Ltd.) C:\Windows\InstHlp.exe
2016-10-21 05:59 - 2012-02-13 19:16 - 00889856 _____ (Creative Technology Ltd.) C:\Windows\system32\CtHRFX64.dll
2016-10-21 05:59 - 2012-02-13 19:15 - 00011180 _____ C:\Windows\CtHRFX64.hda
2016-10-21 05:59 - 2011-10-24 10:02 - 00004850 _____ C:\Windows\cthdaeng.reg
2016-10-21 05:59 - 2010-09-15 11:39 - 00235520 _____ (Creative Technology Limited) C:\Windows\system32\CtDco64.dll
2016-10-21 05:59 - 2006-12-05 14:52 - 00048400 _____ (Creative Technology Ltd.) C:\Windows\AddCat.exe
2016-10-15 11:05 - 2016-10-25 17:00 - 00002017 ____R C:\Users\Public\Desktop\Маfiа II.lnk
2016-10-15 10:56 - 2016-10-15 10:56 - 00000000 ____D C:\Windows\64467D47FFE44FBCABBAA0DB829A17EB.TMP
2016-10-12 11:28 - 2016-10-12 11:28 - 03127136 _____ C:\Users\Josh\Desktop\Chipset_Intel_W74_MG1JJ_A00-Setup_ZPE.exe
2016-10-12 11:26 - 2016-10-25 17:15 - 00000000 ____D C:\Users\Josh\AppData\Local\Deployment
2016-10-12 11:26 - 2016-10-12 11:26 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2016-10-12 10:17 - 2016-10-12 11:36 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-10-12 10:17 - 2015-05-27 17:38 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-10-12 09:47 - 2016-10-12 09:47 - 00000000 ____D C:\Users\Josh\AppData\LocalLow\AMD
2016-10-12 09:45 - 2016-10-12 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-10-12 09:03 - 2016-10-12 09:03 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-10-12 08:55 - 2015-06-04 13:33 - 00021984 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2016-10-12 08:25 - 2016-10-26 11:50 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-12 08:25 - 2016-10-25 21:00 - 00000961 _____ C:\Users\Public\Desktop\Steam.lnk
2016-10-12 08:24 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-10-12 08:24 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-10-12 08:24 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-10-12 08:20 - 2016-10-12 08:24 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Riot Games
2016-10-12 08:18 - 2016-10-25 21:00 - 00002691 _____ C:\Users\Public\Desktop\Skype.lnk
2016-10-12 08:18 - 2016-10-12 08:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-10-12 08:18 - 2016-10-12 08:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-10-12 02:47 - 2016-10-12 02:48 - 00001908 _____ C:\Windows\diagwrn.xml
2016-10-12 02:47 - 2016-10-12 02:48 - 00001908 _____ C:\Windows\diagerr.xml
2016-10-12 02:44 - 2016-10-12 09:48 - 00000000 ____D C:\Program Files\IDT
2016-10-12 02:44 - 2016-10-12 02:44 - 00000000 ____D C:\SWSetup
2016-10-12 02:10 - 2015-12-16 14:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-10-12 02:10 - 2015-12-16 14:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-10-12 02:10 - 2015-12-16 14:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-10-12 02:10 - 2015-12-16 14:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-10-12 02:10 - 2015-12-16 14:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-10-12 02:10 - 2015-12-16 14:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-10-12 02:10 - 2015-12-16 14:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-10-12 02:10 - 2015-12-16 14:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-10-12 02:10 - 2015-08-05 13:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-10-12 02:10 - 2015-08-05 13:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-10-12 01:42 - 2016-10-25 17:17 - 19640512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-10-11 21:10 - 2016-09-30 16:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-11 21:10 - 2016-09-30 15:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-11 21:10 - 2016-09-30 11:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-11 21:10 - 2016-09-30 11:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-11 21:10 - 2016-09-30 11:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-11 21:10 - 2016-09-30 03:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-11 21:10 - 2016-09-30 02:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-11 21:10 - 2016-09-30 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 21:10 - 2016-09-30 02:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-11 21:10 - 2016-09-30 02:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-11 21:10 - 2016-09-30 02:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-11 21:10 - 2016-09-30 02:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-11 21:10 - 2016-09-30 02:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-11 21:10 - 2016-09-30 02:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-11 21:10 - 2016-09-30 02:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-11 21:10 - 2016-09-30 02:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-11 21:10 - 2016-09-30 02:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-11 21:10 - 2016-09-30 02:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-11 21:10 - 2016-09-30 02:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-11 21:10 - 2016-09-30 02:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-11 21:10 - 2016-09-30 02:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-11 21:10 - 2016-09-30 02:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-11 21:10 - 2016-09-30 02:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 21:10 - 2016-09-30 02:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-11 21:10 - 2016-09-30 01:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 21:10 - 2016-09-30 01:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-11 21:10 - 2016-09-30 01:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-11 21:10 - 2016-09-30 01:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-11 21:10 - 2016-09-30 01:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-11 21:10 - 2016-09-30 01:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-11 21:10 - 2016-09-30 01:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-11 21:10 - 2016-09-30 01:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-11 21:10 - 2016-09-30 01:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-11 21:10 - 2016-09-30 01:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-11 21:10 - 2016-09-30 01:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-11 21:10 - 2016-09-30 01:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-11 21:10 - 2016-09-30 01:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-11 21:10 - 2016-09-30 01:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-11 21:10 - 2016-09-30 01:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-11 21:10 - 2016-09-30 01:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-11 21:10 - 2016-09-30 01:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-11 21:10 - 2016-09-30 01:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-11 21:10 - 2016-09-30 01:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-11 21:10 - 2016-09-30 01:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-11 21:10 - 2016-09-30 01:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-11 21:10 - 2016-09-30 01:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-11 21:10 - 2016-09-30 01:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-11 21:10 - 2016-09-30 01:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-11 21:10 - 2016-09-30 01:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-11 21:10 - 2016-09-30 01:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-11 21:10 - 2016-09-30 01:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-11 21:10 - 2016-09-30 01:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-11 21:10 - 2016-09-30 01:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-11 21:10 - 2016-09-30 01:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-11 21:10 - 2016-09-30 01:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-11 21:10 - 2016-09-30 01:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-11 21:10 - 2016-09-30 01:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-11 21:10 - 2016-09-30 01:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-11 21:10 - 2016-09-30 01:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-11 21:10 - 2016-09-30 01:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-11 21:10 - 2016-09-30 01:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-11 21:10 - 2016-09-30 01:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-11 21:10 - 2016-09-30 01:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-11 21:10 - 2016-09-30 01:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-11 21:10 - 2016-09-30 01:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-11 21:10 - 2016-09-30 00:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-11 21:10 - 2016-09-30 00:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-11 21:10 - 2016-09-30 00:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-11 21:10 - 2016-09-30 00:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-11 21:10 - 2016-09-15 11:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-11 21:10 - 2016-09-15 11:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-11 21:10 - 2016-09-15 11:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-11 21:10 - 2016-09-15 11:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-11 21:10 - 2016-09-12 17:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-11 21:10 - 2016-09-12 17:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-11 21:10 - 2016-09-12 17:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-11 21:10 - 2016-09-12 17:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-11 21:10 - 2016-09-12 17:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-11 21:10 - 2016-09-12 16:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-11 21:10 - 2016-09-12 16:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-11 21:10 - 2016-09-12 16:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-11 21:10 - 2016-09-12 16:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-11 21:10 - 2016-09-12 16:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-11 21:10 - 2016-09-12 16:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-11 21:10 - 2016-09-12 16:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-11 21:10 - 2016-09-12 16:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-11 21:10 - 2016-09-12 16:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-11 21:10 - 2016-09-12 15:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-11 21:10 - 2016-09-12 14:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-11 21:10 - 2016-09-12 14:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-11 21:10 - 2016-09-10 12:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-11 21:10 - 2016-09-10 11:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-11 21:10 - 2016-09-09 14:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-11 21:10 - 2016-09-09 14:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-11 21:10 - 2016-09-09 14:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 14:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-11 21:10 - 2016-09-09 14:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-11 21:10 - 2016-09-09 14:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-11 21:10 - 2016-09-09 14:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-11 21:10 - 2016-09-09 14:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 21:10 - 2016-09-09 13:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-11 21:10 - 2016-09-09 13:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 21:10 - 2016-09-09 13:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-11 21:10 - 2016-09-09 13:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-11 21:10 - 2016-09-09 13:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-11 21:10 - 2016-09-09 13:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-11 21:10 - 2016-09-09 13:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-11 21:10 - 2016-09-09 13:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-11 21:10 - 2016-09-09 13:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-11 21:10 - 2016-09-09 13:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 13:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-11 21:10 - 2016-09-09 11:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-11 21:10 - 2016-09-08 16:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-11 21:10 - 2016-09-08 16:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-11 21:10 - 2016-09-08 16:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-11 21:10 - 2016-09-08 16:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-11 21:10 - 2016-09-08 10:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-11 21:10 - 2016-09-08 10:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-11 21:10 - 2016-08-29 11:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-11 21:10 - 2016-08-29 11:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-11 21:10 - 2016-08-29 11:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-11 21:10 - 2016-08-29 11:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-11 21:10 - 2016-08-29 11:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-11 21:10 - 2016-08-29 11:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-11 21:10 - 2016-08-29 11:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-11 21:10 - 2016-08-29 10:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-11 21:10 - 2016-08-16 16:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-11 21:10 - 2016-08-16 16:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-11 21:10 - 2016-08-16 16:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-11 21:10 - 2016-08-16 16:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-11 21:10 - 2016-08-16 16:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-11 21:10 - 2016-08-16 16:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-11 21:10 - 2016-08-16 16:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-11 21:10 - 2016-08-12 13:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 21:10 - 2016-08-12 13:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 21:10 - 2016-08-12 13:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-11 21:10 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-11 21:10 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-11 21:10 - 2016-08-12 12:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-11 21:10 - 2016-08-12 12:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-11 21:10 - 2016-08-12 12:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-11 21:10 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-11 21:10 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-11 21:10 - 2016-08-12 12:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-11 21:10 - 2016-08-06 11:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-11 21:10 - 2016-08-06 11:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 21:10 - 2016-08-06 11:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-11 21:10 - 2016-08-06 11:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-11 21:10 - 2016-08-06 11:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-11 21:10 - 2016-08-06 11:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-11 21:10 - 2016-08-06 11:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-11 21:10 - 2016-08-06 11:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-11 21:10 - 2016-08-06 11:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-11 21:10 - 2016-08-06 11:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-11 21:10 - 2016-08-06 11:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-11 21:10 - 2016-08-06 11:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 21:10 - 2016-08-06 11:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-11 21:10 - 2016-08-06 10:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-11 21:10 - 2016-08-06 10:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-11 21:10 - 2016-08-06 10:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-11 21:10 - 2016-07-22 10:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-11 21:10 - 2016-07-22 10:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-11 21:10 - 2016-06-14 13:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-11 21:10 - 2016-06-14 13:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-11 21:10 - 2016-06-14 13:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-11 21:10 - 2016-06-14 13:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-11 21:10 - 2016-06-14 11:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-11 21:10 - 2016-06-14 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-11 21:10 - 2016-06-14 11:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-11 21:10 - 2016-06-14 11:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-11 21:10 - 2016-06-14 11:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-11 21:10 - 2016-06-14 11:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-11 21:10 - 2016-06-14 11:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-11 21:10 - 2016-06-14 11:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-11 21:10 - 2016-06-14 11:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-05 17:38 - 2016-10-05 17:38 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-05 17:38 - 2016-09-09 14:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-10-05 17:38 - 2016-09-09 14:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-10-05 17:38 - 2016-09-09 14:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-10-05 17:38 - 2016-09-09 14:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-10-04 22:37 - 2016-10-04 22:37 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-10-04 22:32 - 2016-10-04 22:32 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-10-04 22:20 - 2016-10-04 22:20 - 08847888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00519048 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-10-04 22:20 - 2016-10-04 22:20 - 00294792 _____ C:\Windows\system32\dgtrayicon.exe
2016-10-04 22:20 - 2016-10-04 22:20 - 00289160 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-10-04 22:20 - 2016-10-04 22:20 - 00286600 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00275336 _____ C:\Windows\system32\GameManager64.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00201608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00175496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00151056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00122760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00110472 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00107400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00107400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-10-04 22:20 - 2016-10-04 22:20 - 00020360 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 15728008 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 14318984 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 10976880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 09926536 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 08065928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 02481032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 02163592 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 01333128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00998280 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00998280 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00525704 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-10-04 22:19 - 2016-10-04 22:19 - 00458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00402312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-10-04 22:19 - 2016-10-04 22:19 - 00349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2016-10-04 22:19 - 2016-10-04 22:19 - 00248200 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00230280 _____ C:\Windows\system32\atieah64.exe
2016-10-04 22:19 - 2016-10-04 22:19 - 00221064 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00208264 _____ C:\Windows\SysWOW64\atieah32.exe
2016-10-04 22:19 - 2016-10-04 22:19 - 00160136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00155016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00145400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00141280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00136584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00134536 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00129416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00124776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00117640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00108936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00078728 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00072072 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00068488 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2016-10-04 22:19 - 2016-10-04 22:19 - 00065416 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-10-04 22:19 - 2016-10-04 22:19 - 00059784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 48824712 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 38268808 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 27489672 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 27291016 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 21640584 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 09311624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 07363976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00841608 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00676232 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00305544 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-10-04 22:18 - 2016-10-04 22:18 - 00269192 _____ C:\Windows\system32\clinfo.exe
2016-10-04 22:18 - 2016-10-04 22:18 - 00267656 _____ C:\Windows\system32\hsa-thunk64.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00233352 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00112520 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00103304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00082824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00066952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00066440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2016-10-04 22:18 - 2016-10-04 22:18 - 00054664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-10-04 22:17 - 2016-10-04 22:17 - 33241992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-10-04 22:17 - 2016-10-04 22:17 - 26556416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-10-04 21:38 - 2016-10-04 21:38 - 00755472 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-10-04 21:38 - 2016-10-04 21:38 - 00755472 _____ C:\Windows\system32\atiapfxx.blb
2016-10-04 21:33 - 2016-10-04 21:33 - 00000000 ____D C:\Users\Josh\Documents\Mirrors Edge Catalyst
2016-10-04 21:20 - 2016-10-04 21:20 - 00166560 _____ C:\Windows\system32\amde34b.dat
2016-10-04 21:20 - 2016-10-04 21:20 - 00166560 _____ C:\Windows\system32\amde34a.dat
2016-10-04 19:04 - 2016-10-04 19:04 - 00000642 ____N C:\Users\Public\Desktop\Mirror's Edge™ Catalyst.lnk
2016-09-29 16:00 - 2016-09-29 16:00 - 00100832 _____ C:\Windows\system32\ativce02.dat
2016-09-29 15:58 - 2016-09-29 15:58 - 00177280 _____ C:\Windows\system32\ativce03.dat
2016-09-29 15:56 - 2016-09-29 15:56 - 00175584 _____ C:\Windows\system32\amde31a.dat
2016-09-28 17:20 - 2016-09-28 18:44 - 00000000 ____D C:\Users\Josh\AppData\Local\PAYDAY 2
2016-09-28 00:44 - 2016-09-28 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-09-27 23:55 - 2016-09-27 23:56 - 00000000 ____D C:\Users\Josh\Documents\NFS Most Wanted
2016-09-27 23:52 - 2016-10-15 10:56 - 00000000 ____D C:\Program Files (x86)\Mr DJ
2016-09-27 23:44 - 2016-09-27 23:44 - 00000000 ____D C:\Users\Josh\AppData\Local\HirezLauncherUI

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-26 11:58 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-26 11:58 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-26 11:56 - 2009-07-14 01:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-26 11:55 - 2015-06-04 23:48 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Skype
2016-10-26 11:53 - 2015-06-04 22:36 - 01270263 _____ C:\Windows\WindowsUpdate.log
2016-10-26 11:52 - 2015-06-04 22:36 - 00000000 ____D C:\Users\Josh
2016-10-26 11:50 - 2015-11-17 01:40 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2016-10-26 11:50 - 2015-06-04 23:00 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2016-10-26 11:50 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-26 11:49 - 2016-08-25 17:22 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-10-26 11:36 - 2015-06-06 20:14 - 00000000 ____D C:\Users\Josh\AppData\Roaming\vlc
2016-10-26 11:33 - 2015-12-01 12:00 - 00000000 ____D C:\Users\Josh\AppData\Roaming\uTorrent
2016-10-26 11:17 - 2015-11-20 17:50 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-25 22:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-10-25 21:01 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system
2016-10-25 21:00 - 2016-05-14 18:55 - 00000552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\CheVolume.lnk
2016-10-25 21:00 - 2016-05-14 13:24 - 00000401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Party Hard.lnk
2016-10-25 21:00 - 2016-05-08 10:08 - 00001768 _____ C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-10-25 21:00 - 2016-03-10 15:39 - 00000675 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A Story About My Uncle.lnk
2016-10-25 21:00 - 2015-11-05 17:58 - 00001035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-10-25 21:00 - 2015-10-17 13:05 - 00002056 _____ C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2016-10-25 21:00 - 2015-06-05 01:34 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-10-25 21:00 - 2015-06-05 01:34 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-10-25 21:00 - 2015-06-05 00:33 - 00000812 _____ C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2016-10-25 21:00 - 2009-07-14 01:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-10-25 21:00 - 2009-07-14 00:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-25 21:00 - 2009-07-14 00:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-10-25 21:00 - 2009-07-14 00:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-10-25 21:00 - 2009-07-14 00:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-10-25 21:00 - 2009-07-14 00:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-10-25 21:00 - 2009-07-14 00:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-10-25 20:59 - 2016-01-08 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite 3
2016-10-25 20:59 - 2015-09-22 19:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\METAL GEAR RISING REVENGEANCE
2016-10-25 20:59 - 2015-06-12 08:07 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-10-25 20:49 - 2015-06-04 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-25 20:49 - 2015-06-04 23:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-25 20:22 - 2016-01-20 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2016-10-25 19:40 - 2015-09-16 23:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-10-25 18:21 - 2015-11-05 18:16 - 00000000 ____D C:\Users\Josh\AppData\Roaming\TeamViewer
2016-10-25 18:21 - 2015-06-05 02:33 - 00000000 ____D C:\Windows\Panther
2016-10-25 18:21 - 2015-06-05 00:33 - 00000000 ____D C:\Users\Josh\AppData\Roaming\BitTorrent
2016-10-25 17:17 - 2015-11-20 17:50 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-25 17:17 - 2015-11-20 17:50 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-25 17:17 - 2015-07-15 02:22 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-25 17:17 - 2015-07-15 02:22 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-25 17:16 - 2015-06-04 23:16 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-25 17:01 - 2015-07-10 02:25 - 00002112 ____R C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Тоr Вrоwsеr.lnk
2016-10-25 17:01 - 2015-06-04 23:16 - 00002316 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-10-25 17:01 - 2015-06-04 22:36 - 00002048 ____R C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk
2016-10-25 10:46 - 2015-09-08 00:21 - 00000000 ____D C:\Users\Josh\AppData\Local\Battle.net
2016-10-24 17:38 - 2016-01-15 13:12 - 00000000 ____D C:\Users\Josh\AppData\Local\wf-launcher
2016-10-24 17:38 - 2016-01-15 13:12 - 00000000 ____D C:\ProgramData\GFACE
2016-10-24 16:13 - 2016-07-07 18:26 - 00000000 ____D C:\Users\Josh\AppData\Local\Ubisoft Game Launcher
2016-10-22 19:23 - 2016-09-01 00:28 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-10-22 07:46 - 2015-06-04 22:43 - 00000000 ____D C:\ProgramData\Creative
2016-10-22 07:45 - 2015-06-04 22:43 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2016-10-22 07:45 - 2015-06-04 22:43 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2016-10-22 07:45 - 2015-06-04 22:43 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2016-10-22 07:45 - 2015-06-04 22:43 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2016-10-22 07:45 - 2015-06-04 22:42 - 00000523 ___RH C:\Windows\ctfile.rfc
2016-10-22 07:45 - 2015-06-04 22:42 - 00000000 ____D C:\Program Files (x86)\Creative
2016-10-21 17:32 - 2016-04-08 10:32 - 00249104 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2016-10-15 11:05 - 2016-06-21 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2016-10-15 11:05 - 2015-09-22 19:18 - 00000000 ____D C:\Users\Josh\AppData\Local\SKIDROW
2016-10-15 10:56 - 2015-06-05 00:16 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-10-14 09:40 - 2015-09-27 19:30 - 00000000 ____D C:\Users\Josh\Documents\Rockstar Games
2016-10-14 09:39 - 2015-09-27 19:30 - 00000000 ____D C:\Program Files\Rockstar Games
2016-10-14 09:39 - 2015-09-27 19:30 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-10-13 02:35 - 2015-07-28 12:59 - 00000000 ____D C:\Users\Josh\AppData\Roaming\PortForward.com
2016-10-13 02:34 - 2015-07-28 12:59 - 00000000 ____D C:\Users\Josh\AppData\Local\Downloaded Installations
2016-10-12 11:26 - 2016-04-26 18:47 - 00000000 ____D C:\Users\Josh\AppData\Local\Apps\2.0
2016-10-12 10:17 - 2015-06-04 22:45 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-10-12 10:17 - 2015-06-04 22:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-10-12 09:58 - 2015-06-04 22:44 - 00000000 ____D C:\Program Files\Intel
2016-10-12 09:51 - 2016-07-07 18:37 - 00000000 ____D C:\Users\Josh\AppData\Local\AMD
2016-10-12 09:43 - 2015-06-23 09:21 - 00000000 ____D C:\Program Files\AMD
2016-10-12 09:42 - 2015-06-23 09:18 - 00000000 ____D C:\AMD
2016-10-12 09:30 - 2015-06-09 08:23 - 00000000 ____D C:\Users\Public\Creative
2016-10-12 08:55 - 2015-06-04 22:44 - 00000000 ____D C:\ProgramData\Intel
2016-10-12 08:25 - 2015-06-04 23:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-10-12 08:18 - 2015-06-04 23:19 - 00000000 ____D C:\ProgramData\Skype
2016-10-12 04:14 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-10-12 03:31 - 2015-06-04 22:54 - 00774404 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-10-12 03:03 - 2009-07-14 01:08 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-12 02:40 - 2009-07-14 00:45 - 00269128 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 02:39 - 2015-06-11 09:32 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 02:39 - 2015-06-11 09:32 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 02:39 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-12 02:39 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-12 02:32 - 2015-06-04 22:36 - 00000000 __SHD C:\Recovery
2016-10-12 02:12 - 2015-06-09 08:15 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-12 02:12 - 2015-06-09 08:15 - 00000000 ____D C:\Windows\system32\MRT
2016-10-08 06:21 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-04 22:21 - 2016-09-16 15:42 - 00139720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-10-04 22:20 - 2016-09-16 15:42 - 07213248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-10-04 22:20 - 2016-09-16 15:42 - 00170072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-10-04 22:20 - 2016-09-16 15:42 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-10-04 22:20 - 2016-07-18 16:39 - 00240008 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-10-04 22:20 - 2014-09-03 08:55 - 00020360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2016-10-04 22:19 - 2016-09-16 15:41 - 10937728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-10-04 22:19 - 2016-09-16 15:41 - 09981352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-10-04 22:19 - 2016-09-16 15:41 - 09094552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-10-04 22:19 - 2016-09-16 15:41 - 01551344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-10-04 22:19 - 2016-09-16 15:40 - 01274256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-10-04 22:18 - 2016-09-16 15:40 - 00892296 _____ (AMD) C:\Windows\system32\coinst_16.40.dll
2016-10-02 16:06 - 2016-07-14 04:06 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-09-30 20:18 - 2015-06-05 00:31 - 00000000 ____D C:\Users\Josh\Documents\My Games
2016-09-28 00:44 - 2015-09-09 21:15 - 00000000 ____D C:\ProgramData\Hi-Rez Studios

==================== Files in the root of some directories =======

2015-09-21 10:32 - 2015-09-21 10:33 - 0003584 _____ () C:\Users\Josh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-25 17:03 - 2016-10-25 17:04 - 0000003 _____ () C:\Users\Josh\AppData\Local\run1.txt

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-25 14:27

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Josh (2016-10-26 11:59:01)
Running from D:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-06-05 02:36:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2025992066-4083076924-3298436488-500 - Administrator - Disabled)
Guest (S-1-5-21-2025992066-4083076924-3298436488-501 - Limited - Disabled)
Josh (S-1-5-21-2025992066-4083076924-3298436488-1000 - Administrator - Enabled) => C:\Users\Josh

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
A Story About My Uncle (HKLM-x32\...\QVN0b3J5QWJvdXRNeVVuY2xl_is1) (Version: 1 - )
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.32.0.8C - )
Alienware On-Screen Display (x32 Version: 0.32.0.8C - ) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Assassin s Creed Syndicate v.1.12 (HKLM-x32\...\Assassin s Creed Syndicate_is1) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Battleborn Open Beta (HKLM\...\Steam App 451070) (Version: - )
BitTorrent (HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM\...\Steam App 261640) (Version: - 2K Australia)
Brawlhalla (HKLM\...\Steam App 291550) (Version: - Blue Mammoth Games)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
Call of Juarez - Gunslinger (HKLM-x32\...\Call of Juarez - Gunslinger_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Caster (HKLM\...\Steam App 29800) (Version: - Elecorn)
Catalyst Control Center Next Localization BR (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1004.2153.37567 - Advanced Micro Devices, Inc.) Hidden
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine)
CheVolume 0.4.1.2 (HKLM-x32\...\CheVolume 0.4.1.2) (Version: - WellWeWeb)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
DARK SOULS III (HKLM\...\Steam App 374320) (Version: - FromSoftware, Inc.)
DEADBOLT (HKLM-x32\...\1457453536_is1) (Version: 2.0.0.3 - GOG.com)
Dell System Detect (HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\58d94f3ce2c27db0) (Version: 7.9.0.10 - Dell)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version: - id Software)
Dying Light (HKLM\...\Steam App 239140) (Version: - Techland)
EasiSlides (HKLM-x32\...\{8372161B-103C-4BCA-98A1-4FC330B53A49}) (Version: 4.0.5000 - Wai Kuen Mo)
EMSC (x32 Version: 0.0.0.25 - Compal Electronics, Inc.) Hidden
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 1.003 - Ezvid, inc.)
Factorio version 0.12.3 (HKLM\...\Factorio_is1) (Version: - )
Far Cry 4 version 1.10.0.0 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.10.0.0 - Mr DJ)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org)
Gyazo 3.2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode One (HKLM\...\Steam App 380) (Version: - Valve)
Half-Life 2: Episode Two (HKLM\...\Steam App 420) (Version: - Valve)
Half-Life 2: Lost Coast (HKLM\...\Steam App 340) (Version: - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.5.5 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
Imouto Paradise! version 1.0 (HKLM-x32\...\{38073150-656E-4A04-8547-84D3531AB7D6}_is1) (Version: 1.0 - MangaGamer)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Just Cause 2: Multiplayer - Dedicated Server (HKLM\...\Steam App 261140) (Version: - )
KHOLAT (HKLM\...\Steam App 343710) (Version: - IMGN.PRO)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version: - Tripwire Interactive)
L.A. Noire (HKLM\...\Steam App 110800) (Version: - Team Bondi)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LEGO Marvels Avengers (HKLM-x32\...\LEGO Marvels Avengers_is1) (Version: - )
Mafia II version 1.0.0.0 (HKLM-x32\...\Mafia II_is1) (Version: 1.0.0.0 - Mr DJ)
Magic 2015 (HKLM-x32\...\Steam App 255420) (Version: - Stainless Games)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mass Effect (HKLM-x32\...\Steam App 17460) (Version: - BioWare)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version: - BioWare)
Max Payne 3 (HKLM-x32\...\Max Payne 3_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
MegaTrainer eXperience V1.0.2.8 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version: - )
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM\...\Steam App 287700) (Version: - Konami Digital Entertainment)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Mortal Kombat Komplete Edition (HKLM-x32\...\Steam App 237110) (Version: - NetherRealm Studios)
Mount Your Friends (HKLM-x32\...\Steam App 296470) (Version: - Stegersaurus Software Inc.)
Murder Miners (HKLM\...\Steam App 274900) (Version: - JForce Games)
Murdered - Soul Suspect (HKLM-x32\...\Murdered - Soul Suspect_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
My Game Long Name (HKLM\...\UDK-a08227e3-2b10-44d6-8ad7-041fe829817b) (Version: - Epic Games, Inc.)
NARUTO SHIPPUDEN Ultimate Ninja STORM 4 (HKLM-x32\...\NARUTO SHIPPUDEN Ultimate Ninja STORM 4_is1) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Oddworld: Munch's Oddysee (HKLM\...\Steam App 15740) (Version: - Oddworld Inhabitants)
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version: - Silver Dollar Games)
ONE PIECE PIRATE WARRIORS 3 (HKLM\...\Steam App 331600) (Version: - KOEI TECMO GAMES CO., LTD.)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Orcs Must Die! 2 (HKLM\...\Steam App 201790) (Version: - Robot Entertainment)
Overlord II (HKLM\...\Steam App 12810) (Version: - Triumph Studios)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.98.211.0 - Overwolf Ltd.)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Please, Don’t Touch Anything (HKLM\...\Steam App 354240) (Version: - Four Quarters)
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.0.11 - Portforward, LLC)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.3 - Power Software Ltd)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.304 - Qualcomm Atheros)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.304 - Qualcomm Atheros) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28549 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28094 - Realtek Semiconductor Corp.)
Resident Evil 6 / Biohazard 6 (HKLM\...\Steam App 221040) (Version: - Capcom)
Rise of the Tomb Raider (HKLM-x32\...\{45F08513-973A-4C18-93FD-8E12B1908390}_is1) (Version: - Square Enix)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
ROBLOX Player for Josh (HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios)
Sheltered (HKLM-x32\...\1454930864_is1) (Version: 2.0.0.2 - GOG.com)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
SMITE (HKLM\...\Steam App 386360) (Version: - Hi-Rez Studios)
Sniper Elite 3, âåðñèÿ 1.0 (HKLM-x32\...\Sniper Elite 3_is1) (Version: 1.0 - )
Sound Blaster Recon3Di (HKLM-x32\...\{C8AAFCDC-CD3A-40AD-9FA9-07FB70F08224}) (Version: 1.00.08 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0018 - ST Microelectronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sven Co-op (HKLM-x32\...\Steam App 225840) (Version: - Sven Co-op Team)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.2.0 - Synaptics Incorporated)
Synergy (HKLM\...\Steam App 17520) (Version: - Synergy Team)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version: - Berserk Games)
Tabletop Simulator (HKLM-x32\...\Steam App 286160) (Version: - Berserk Games)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Telegram Desktop version 0.10.1 (HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.10.1 - Telegram Messenger LLP)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac (HKLM\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\The Elder Scrolls V Skyrim - Legendary Edition_is1) (Version: - )
The Ship (HKLM-x32\...\Steam App 2400) (Version: - Outerlight Ltd.)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version: - Outerlight Ltd.)
The Typing of The Dead: Overkill (HKLM-x32\...\Steam App 246580) (Version: - Modern Dream)
The Witness v.1.0 u4 (HKLM-x32\...\The Witness_is1) (Version: - )
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version: - Ubisoft Montreal)
Tom Clancy's The Division (HKLM\...\Steam App 365590) (Version: - Massive Entertainment)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Town of Salem (HKLM\...\Steam App 334230) (Version: - BlankMediaGames)
Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds)
Unreal Development Kit: 2012-07 (HKLM\...\UDK-e0c8661c-253d-4ccc-93a5-5544dd3ce4c8) (Version: - Epic Games, Inc.)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
Viscera Cleanup Detail (HKLM-x32\...\{74F9F917-CCE0-4209-BCC1-0EAC907A68C5}_is1) (Version: 1.0 - RuneStorm)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-3) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Warface (HKLM\...\Steam App 291480) (Version: - Crytek)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2410 - Broadcom Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.50.133 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2025992066-4083076924-3298436488-1000_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Josh\AppData\Local\Roblox\Versions\version-fe88b67aa44a44d9\RobloxProxy64.dll (ROBLOX Corporation)

==================== Restore Points =========================

26-10-2016 11:38:38 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2016-10-26 11:38 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03DBD415-22DB-4CD7-B213-C2DE248009A2} - \{A464AA88-BA75-4DE2-A262-CE6BB1F59402} -> No File <==== ATTENTION
Task: {10C27108-6476-4977-BF29-B7BB966551E7} - \GyazoUpdateTaskMachineDaily -> No File <==== ATTENTION
Task: {14ADB510-0347-41DF-9597-5CD9A1B423E4} - \Overwolf Updater Task -> No File <==== ATTENTION
Task: {1629EFAA-CA68-42C2-A9FA-D0D92418A29D} - \{854949CE-D0DC-4386-9CA9-A7B04A9D1FF5} -> No File <==== ATTENTION
Task: {2906F17B-C3E3-4B03-8DAA-DA1671275D6C} - \Adobe Flash Player PPAPI Notifier -> No File <==== ATTENTION
Task: {805EA7FF-D61C-4884-95AE-D7DA7CC556FA} - \AMD Updater -> No File <==== ATTENTION
Task: {8F27F744-EF4A-43F0-B915-1D8D44201FC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-25] (Google Inc.)
Task: {918AFD42-81CE-459B-AAF6-DB8B86B6C42A} - \GyazoUpdateTaskMachine -> No File <==== ATTENTION
Task: {954302D3-78C4-4831-AE22-4D9F1FF548AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-25] (Adobe Systems Incorporated)
Task: {ACB2F35F-F054-411A-9A34-0B7D1B81BC54} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-09-12] (Microsoft Corporation)
Task: {C3F15C6B-9041-4C25-A34F-87E59F672D61} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-25] (Google Inc.)
Task: {DCA8A377-3907-4C9A-A4B6-92AB56591E01} - \{4ADFB7BF-6FCD-4D30-8CE8-A3A0DA0029E5} -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_185_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2016-10-26 11:52 - 2016-10-26 11:52 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2012-02-15 14:37 - 2012-02-15 14:37 - 00492032 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
2011-05-09 19:46 - 2011-05-09 19:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-09 19:56 - 2011-05-09 19:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-09 19:47 - 2011-05-09 19:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2012-02-15 14:37 - 2012-02-15 14:37 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 11:32 - 2011-05-10 11:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2011-05-09 19:48 - 2011-05-09 19:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2015-11-04 20:11 - 2015-11-04 20:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-09-13 21:51 - 2016-09-13 21:51 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 21:51 - 2016-09-13 21:51 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 21:51 - 2016-09-13 21:51 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 21:51 - 2016-09-13 21:51 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 21:48 - 2016-09-13 21:48 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 21:48 - 2016-09-13 21:48 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2013-09-06 17:49 - 2013-09-06 17:49 - 01632560 _____ () C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
2012-02-15 14:37 - 2012-02-15 14:37 - 00549888 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
2012-02-15 14:37 - 2012-02-15 14:37 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll
2012-02-15 14:37 - 2012-02-15 14:37 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll
2012-02-15 14:37 - 2012-02-15 14:37 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll
2012-02-15 14:37 - 2012-02-15 14:37 - 00241152 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll
2012-02-15 14:37 - 2012-02-15 14:37 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll
2012-02-15 14:37 - 2012-02-15 14:37 - 00289280 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll
2012-02-15 14:37 - 2012-02-15 14:37 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll
2012-02-15 14:37 - 2012-02-15 14:37 - 00210944 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll
2012-02-15 14:37 - 2012-02-15 14:37 - 00055808 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll
2012-02-15 14:37 - 2012-02-15 14:37 - 00329216 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll
2016-07-18 16:39 - 2016-10-04 22:20 - 00240008 _____ () C:\Windows\SysWOW64\GameManager32.dll
2016-10-12 08:26 - 2016-09-07 23:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-10-12 08:26 - 2016-08-31 21:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-10-12 08:26 - 2016-08-31 21:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-10-12 08:26 - 2016-08-31 21:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-10-12 08:26 - 2016-10-12 21:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-10-12 08:26 - 2016-01-27 03:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-10-12 08:26 - 2016-01-27 03:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-10-12 08:26 - 2016-01-27 03:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-10-12 08:26 - 2016-01-27 03:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-10-12 08:26 - 2016-01-27 03:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-10-12 08:26 - 2016-10-12 21:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-10-12 08:26 - 2016-07-04 18:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2009-12-18 12:07 - 2009-12-18 12:07 - 00577536 _____ () C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll
2016-10-14 00:27 - 2016-08-04 16:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2016-05-12 10:19 - 2016-05-12 10:19 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5a8eeeddc97028a9f94d0518c22f4c2c\IsdiInterop.ni.dll
2015-06-04 23:01 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-06-04 22:44 - 2012-02-01 14:44 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\hola.org -> hxxp://hola.org


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Josh\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Josh\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCN => "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1D28D350-8EF1-40DF-8E1F-4FC9BCB84586}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AD54B835-BCB1-4B45-824E-533EC8B4C8E2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DFC0CBDC-AF6F-483C-967C-832275BF8F0B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7663C458-BED0-4531-B7EA-49F89121AF7C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F177DC6E-3B22-4AF2-84B4-BA6F8DEE4E59}] => (Allow) C:\Users\Josh\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{39F1D437-479C-49B0-AEA9-9F015E39E1AA}] => (Allow) C:\Users\Josh\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{61D79227-C89C-459B-A853-A592FD7F8C9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{F2F0B009-9EC2-4C12-8ED3-AA2A8D815DB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{7E152A5B-CD88-4336-9AE7-113546AC6A81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{B328C0EF-8329-4D2B-A569-A1FA2FE470F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{BB56142F-1D71-40E9-AA55-B26AAFC14DBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{62A6047B-E5B9-4461-9C42-AEBED01E9795}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{1420EDE2-D163-446A-95CF-B023F29A5EC7}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{BEBB341C-390F-4A8F-83E9-9C13BB53BE22}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{1009F274-5025-47C9-8A8E-322D70C34CB1}] => (Allow) D:\SteamLibrary\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{BDE27B36-1ECC-4894-A533-7A0F46EB4E29}] => (Allow) D:\SteamLibrary\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{B723B867-3288-4171-BACC-43267EB6B9A9}] => (Allow) D:\SteamLibrary\steamapps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{90296DFD-AA0E-49C8-A29C-60BDBF1BCC35}] => (Allow) D:\SteamLibrary\steamapps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{DDF5A633-1A90-4AC2-A3F9-8D08CAF2F32A}] => (Allow) D:\SteamLibrary\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{AC7752DB-13EB-4685-A8BF-83205DA132D2}] => (Allow) D:\SteamLibrary\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{10EF233D-7CFE-455D-85F9-B93F5F77C1E7}] => (Allow) D:\SteamLibrary\steamapps\common\POSTAL2Complete\Paradise Lost\System\ParadiseLost.exe
FirewallRules: [{73E35EF7-0966-4756-B927-63C012E35173}] => (Allow) D:\SteamLibrary\steamapps\common\POSTAL2Complete\Paradise Lost\System\ParadiseLost.exe
FirewallRules: [{9EA09424-B5ED-4AA3-9D98-A8C3CA3D1C8B}] => (Allow) D:\SteamLibrary\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{6816DC77-D296-4DC8-A5F6-96B7FF9EAC3E}] => (Allow) D:\SteamLibrary\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [TCP Query User{337598E4-F09E-4E21-ACD5-1A1F207063AB}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{18553D28-0422-4E7E-8A0F-6060136CA585}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{9AB9C583-CC22-454C-9BDA-73F1BA43B3EF}] => (Allow) D:\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{BB361F8C-2C7B-46DF-A788-930EC8CEDC63}] => (Allow) D:\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{059636C9-D3A7-4A82-9416-2AE3B6F1E269}] => (Allow) D:\SteamLibrary\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{63430D40-C555-470E-8780-52BB23748D5A}] => (Allow) D:\SteamLibrary\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [TCP Query User{ECA693F9-0933-452E-B522-DBAB899A8E77}D:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{155E8ACA-29FA-4329-BDE4-F705602B58BD}D:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{8AB01D2A-75A7-4818-92F6-9B00B3CD923D}] => (Allow) D:\SteamLibrary\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{538E379A-6863-4E83-B409-E81D090C9FB6}] => (Allow) D:\SteamLibrary\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{EAC77BC4-A25B-4213-B3BE-D8CB218E9583}] => (Allow) D:\SteamLibrary\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{4196F7B9-E223-48DF-8C14-88927CF51712}] => (Allow) D:\SteamLibrary\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{B924D347-758D-4E47-ACB7-5F8CDE6A999C}] => (Allow) D:\SteamLibrary\steamapps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{CEC1A11A-158A-4463-8932-81051F38BEE3}] => (Allow) D:\SteamLibrary\steamapps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{A4B772F2-DA3F-428F-92C2-97160E0C5C4B}] => (Allow) D:\SteamLibrary\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{6DCE86DB-6596-40BB-8587-E4EE7074709D}] => (Allow) D:\SteamLibrary\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{0B0F5D4B-5569-4606-9EDD-30586D3634FB}] => (Allow) D:\SteamLibrary\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{2FBB09BB-8FE7-4760-AEA9-729E8279559A}] => (Allow) D:\SteamLibrary\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{DECD34BB-0251-4C9B-A408-C7A3CB9E9A88}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{EE4A7F37-F53D-4227-9C4F-7051FEC07C5C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4C08A739-83AE-48EF-854D-A205AD63F395}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{A8C02208-C966-464F-A718-862C690912EE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{FC06461F-CE78-4BE6-B007-AC5B762CDF59}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{28BEF6DC-CDEF-4EB1-A5B1-E1164197E97E}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B5062261-22FD-463C-9A2E-04540276B2E7}] => (Allow) D:\SteamLibrary\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{7E90ED44-219A-4EEB-BC6B-FD6DC3C79A8B}] => (Allow) D:\SteamLibrary\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [TCP Query User{67ECAAC4-8E3B-4D18-B267-A417CC661280}D:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [UDP Query User{3564139E-3CF9-4057-BC3D-06A1C2FD324D}D:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{2D2BA1CD-2ACB-492D-81FD-02A3982988F8}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{CC1B31C9-D93C-45C1-B131-16245D3BB99D}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{E9BE1ACC-1459-41AC-AE73-DE70C9C5730E}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{4F313988-7646-42BE-85D5-B11FD52D81EB}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{50A67B55-B804-43CA-9812-A37E6FC345FA}] => (Allow) D:\SteamLibrary\steamapps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{CE9DFF27-565A-4124-AFD6-1F43F4C7116B}] => (Allow) D:\SteamLibrary\steamapps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{674C539D-CD41-4704-9350-2CE340B47777}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F6BFBDC7-E3AD-4CC4-8675-74CC895E7091}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BAAB169C-5672-4741-9219-BE36E4D38CAD}] => (Allow) D:\SteamLibrary\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{87504D17-EE36-4154-ABD2-ECC3CE8F7B63}] => (Allow) D:\SteamLibrary\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{5B25CFCC-4B8D-4346-8EF6-F48D483EF724}] => (Allow) D:\SteamLibrary\steamapps\common\The Ball\Binaries\Win32\TheBall.exe
FirewallRules: [{0D2C0C79-D1F4-4ACB-8A27-34C34CD5E33C}] => (Allow) D:\SteamLibrary\steamapps\common\The Ball\Binaries\Win32\TheBall.exe
FirewallRules: [{F0660503-D3D1-4EEC-8E66-290F4E991120}] => (Allow) D:\SteamLibrary\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{64F967FA-2B41-46EE-A704-BF246AF21EB3}] => (Allow) D:\SteamLibrary\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{CD267499-999D-463C-A0C6-56005D942265}] => (Allow) D:\SteamLibrary\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{94E3FEBA-9066-4757-A18C-3F44A159CF55}] => (Allow) D:\SteamLibrary\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{B48C16E0-36F5-4E58-921E-8B6B905F7138}] => (Allow) D:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{596E97BB-8212-4E2B-B126-2A9C1A698629}] => (Allow) D:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{799D1C12-6A8E-48A6-BA56-167E1CECB8B2}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{1E5F4A43-A5AC-4B95-A252-EAAF562BA4DE}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{ADD65930-D525-419B-BC95-FA8AA4A5D373}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{ADD71C93-FCDE-4A76-A6B9-4511FF755E2C}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7B0D21A0-A874-4EAC-847B-1F214D5A4CAC}] => (Allow) D:\SteamLibrary\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{806D053D-ED7D-491A-A9CA-4D16978138EF}] => (Allow) D:\SteamLibrary\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{13DEC7DC-C673-417F-ADA0-DF494C33F598}] => (Allow) D:\SteamLibrary\steamapps\common\Risen 3\system\Risen3.exe
FirewallRules: [{5C94940A-B0E7-42E3-A6C7-DBB8C3A19D2E}] => (Allow) D:\SteamLibrary\steamapps\common\Risen 3\system\Risen3.exe
FirewallRules: [TCP Query User{837DF35B-C3BC-4357-9B36-BEF4DE729289}D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{B8DD264A-61E0-44D2-BDFD-016396E6FE17}D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{126C9C23-A509-4F48-BB95-120C6F645772}] => (Allow) D:\SteamLibrary\steamapps\common\Typing of the Dead Overkill\HOTD_NG.exe
FirewallRules: [{D14DBA6F-E616-4BE0-A352-995AD37955F5}] => (Allow) D:\SteamLibrary\steamapps\common\Typing of the Dead Overkill\HOTD_NG.exe
FirewallRules: [{3F8CAC4F-269B-45BE-A671-654C07D7DD21}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{ACB1BD40-1B02-40E7-8CA6-D95A4860E95E}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{7749E607-F3D6-43BC-B86A-59AAB2A91AB1}] => (Allow) D:\SteamLibrary\steamapps\common\Contrast\Binaries\Win32\ContrastGame.exe
FirewallRules: [{309ABCAB-5B0E-479B-9707-3B332C1B571E}] => (Allow) D:\SteamLibrary\steamapps\common\Contrast\Binaries\Win32\ContrastGame.exe
FirewallRules: [{E156521A-4C71-4F42-B694-A0E88A898D9B}] => (Allow) D:\SteamLibrary\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{421CF563-E4C5-4CD4-BD55-39949DD55E4F}] => (Allow) D:\SteamLibrary\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{8A401E4A-05E0-4DCA-BD0B-D31F1D971D44}] => (Allow) D:\SteamLibrary\steamapps\common\The Ship\ship.exe
FirewallRules: [{1CBF705E-0080-4978-BB4A-74A1BAC78440}] => (Allow) D:\SteamLibrary\steamapps\common\The Ship\ship.exe
FirewallRules: [{6B37E281-C764-4861-8A9E-539EB27A4FF4}] => (Allow) D:\SteamLibrary\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe
FirewallRules: [{FE32ED6C-24DA-4DEC-AC8B-9F2940DA5371}] => (Allow) D:\SteamLibrary\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe
FirewallRules: [{F20F47EA-3AC5-4D18-AB61-74A0CCD32163}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [{BB913B6E-0AA4-40DC-AD3C-0C61B4F8945D}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [{E885AE1D-61F3-41BF-8B43-631EDF07FAC9}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{F73027B0-F608-4CE6-899B-7CC1AD1CA8E5}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{EBDD069F-324D-46CD-8474-BC0A194DE90C}D:\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{85C91575-53AD-40D4-A083-3E0AE6D8A5B3}D:\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [{7740551E-9B39-43CA-BBAA-26F997CBC834}] => (Block) D:\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [{302F53B1-A400-4659-8296-108EF4F8611B}] => (Block) D:\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{0BB54FE8-EF9F-4DA7-8479-C8E2BF026627}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{5DD9C1A9-739B-449E-9D57-D23B1800E5D6}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{D3812AA0-1BCD-4470-91AC-C107AB0D0A57}] => (Block) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{C08C0F8E-19B6-4CAB-A872-969EC50D38F8}] => (Block) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{53779D55-2327-4580-A163-99202C637F65}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8972D108-8122-496E-BB31-BBADEB3F4E5D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A9C21268-A251-4674-AC7E-A910E8145876}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{734E088F-B978-47E6-BBAE-902DD5941649}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{821864F2-331F-4E4D-B223-7850BB47F450}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9D79289A-82C0-4702-8991-40C8B9D4D205}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{511AD410-03CF-47D3-B70D-7DEF5E0B2369}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{1D522C4A-808B-4135-BEAD-1769DEC9FE02}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{EED2B976-9E10-482F-AF6B-923F95FC96EA}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{57B64D21-B8E3-4F66-AB91-F57EBBF79829}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{E53BE730-4CD4-4EFC-857F-0B5E69D9CDE9}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{76EC814D-367B-4DE6-AB3A-4EF00A15338F}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{54E65402-5521-402D-A0DE-22FD0A62D98A}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{14FDD2D1-AB57-4470-AA2A-0E328A0E8196}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{E55F753B-01BA-4E97-8399-872D1137883C}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{6EDC78D3-ACB6-48C8-BB75-92D45B89F4B2}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{080C7050-9B35-4020-B0B7-5849068D6BD2}] => (Block) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{DE36E821-B095-4E8C-881E-20F6EF5A603C}] => (Block) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{C25C739C-49BB-4AA7-9B16-F9892A7035D7}D:\battlefield hardline\bfh.exe] => (Allow) D:\battlefield hardline\bfh.exe
FirewallRules: [UDP Query User{CAA42C57-EB9A-4C61-9859-1264B7673E7E}D:\battlefield hardline\bfh.exe] => (Allow) D:\battlefield hardline\bfh.exe
FirewallRules: [{8160392B-260C-464F-A7F9-DA5D10166B5E}] => (Block) D:\battlefield hardline\bfh.exe
FirewallRules: [{1CE44152-E065-4234-B703-F19C0A6571C1}] => (Block) D:\battlefield hardline\bfh.exe
FirewallRules: [{5C755B86-1BEF-4D6C-9182-1F7C674D584C}] => (Allow) D:\SteamLibrary\steamapps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{6B94ADDC-7749-4F69-9CD8-D65CCEB75577}] => (Allow) D:\SteamLibrary\steamapps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{6243E5DB-48F5-4BF6-B3BA-AA91B779898D}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{901BE1A0-3708-42E6-B293-F12DC1EF0FB1}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{9E2630B5-21AD-41B6-B430-280B555A2CDD}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8672866B-E532-4ED9-BBCF-F9B789EA7D31}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C3FF9170-74FE-46E3-BEFD-420C46131CC7}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{1DC8DB34-D9D2-415D-A17C-BD4D60C30B8A}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{40B4D718-52E1-408C-8CD4-36C92887C142}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{8C05DA4E-2EE3-40F4-86F8-B56F6F5BB08A}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{7BE454A5-8DE1-4D0D-BA21-AB260E7891F4}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F2E53E5C-90AB-489C-A85C-F2F50A4BE8E1}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{8497B551-5E6B-4DD0-BEA8-7D3A92CF8416}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{30537830-2BDC-4020-983D-CEDBFBB1BBD8}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{FFE56794-D6D9-499F-8119-DB4D1C9F0449}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{019481A9-6F03-4908-B672-5E48B12D4EA6}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{6B95B3FB-4828-4186-82F5-ECE5B50F53A1}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E90863CD-DA40-4650-B2AC-731AD5B2E5A6}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [TCP Query User{3854717A-8D85-41EE-AFA6-6B1107D43FCC}D:\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [UDP Query User{0532D466-1FA5-4E38-BD1C-CB0604DB8A05}D:\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [{E07AD7AA-E0F7-4C2C-9DAC-9079E5B17E5B}] => (Block) D:\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [{38142283-4515-4B59-A9D9-F62F4AECE56D}] => (Block) D:\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [{917C35EF-6AC7-4320-801C-2AE532324393}] => (Allow) C:\Users\Josh\Desktop\DarkSouls2_v102_PLUS24_TRN-dEViATED.exe
FirewallRules: [{BB0A5497-CAC5-4616-B5B2-D4FF8320C52F}] => (Allow) C:\Users\Josh\Desktop\DarkSouls2_v102_PLUS24_TRN-dEViATED.exe
FirewallRules: [{EF59A889-1372-46CB-B85D-0DBCE469B52B}] => (Allow) C:\Users\Josh\Desktop\DarkSouls2_v102_PLUS24_TRN-dEViATED.exe
FirewallRules: [{420A48F8-F085-4E09-8DB3-D3CD6C1BCD53}] => (Allow) C:\Users\Josh\Desktop\DarkSouls2_v102_PLUS24_TRN-dEViATED.exe
FirewallRules: [{0AF3C165-5F96-467D-860F-39E6FD57FABD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5CB0A409-0CD7-4878-BF85-A377826DF581}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A366CAB1-D4DD-456E-BB30-9E86E5D7A4E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CBF097D2-6A6B-435F-8BFB-03B9ACF84AF8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0292D0DE-2F93-4556-B17D-D9D4CA35A434}D:\call of duty black ops iii\blackops3.exe] => (Block) D:\call of duty black ops iii\blackops3.exe
FirewallRules: [UDP Query User{5881DCED-DBDB-4C15-BCEE-F4BF1FDA9E6F}D:\call of duty black ops iii\blackops3.exe] => (Block) D:\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{614BA783-1F2A-4F20-88ED-5FFD2A1102DA}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{F165F367-8747-4A68-B096-463E415D80CA}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{CE0FED15-D6D3-4132-9B4B-FBA42315158B}] => (Block) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{89C9CEA1-1668-4532-ADB7-2921E3BD8813}] => (Block) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{548C5397-C860-4071-BD0D-3B6D9F27D55F}] => (Allow) C:\Users\Josh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7D164F22-9499-4C3F-BDE5-1F04878408C0}] => (Allow) C:\Users\Josh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6AE51033-3D76-4C78-A60F-E49D283B3BFA}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{E562D86F-838F-4632-AEEB-40BA56AA60B0}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{5F0C0462-7C30-401D-8577-019731E9724E}] => (Allow) D:\SteamLibrary\steamapps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{CE041ADD-73F0-4404-A889-3D6368FB5ED7}] => (Allow) D:\SteamLibrary\steamapps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{49EC11B1-9447-4CB3-8587-62C96CC03FC3}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{E6D77D9E-3374-4AD7-9A85-948988AE5148}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{05C3087C-5D55-451A-AE4A-57D9A596750C}] => (Allow) D:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{C44134D9-D338-4BFE-A475-76A643A201B3}] => (Allow) D:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{5FAEAF1B-30D1-43CD-9EAB-BA9005CDCF2F}] => (Allow) D:\Viscera Cleanup Detail\SmartSteamEmu.exe
FirewallRules: [{69C8DE3B-B700-4473-82F5-66B32E93E812}] => (Allow) D:\Viscera Cleanup Detail\SmartSteamEmu.exe
FirewallRules: [TCP Query User{BD874F71-C1ED-476B-A8C5-C29F667F43FE}D:\viscera cleanup detail\binaries\win32\udk.exe] => (Allow) D:\viscera cleanup detail\binaries\win32\udk.exe
FirewallRules: [UDP Query User{09EB5DD9-579D-4527-B834-3BCA92628E54}D:\viscera cleanup detail\binaries\win32\udk.exe] => (Allow) D:\viscera cleanup detail\binaries\win32\udk.exe
FirewallRules: [{058AF5A5-3938-4C87-AFF3-B3826FE2E6F6}] => (Block) D:\viscera cleanup detail\binaries\win32\udk.exe
FirewallRules: [{E16CF078-9ADC-4286-A1D0-ACCD12641E10}] => (Block) D:\viscera cleanup detail\binaries\win32\udk.exe
FirewallRules: [{B1C16ABD-4985-4DAA-A9D1-90DDF72E716A}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{BF94F4E8-AEC6-4E9E-9545-63666E371F7F}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{B3422C07-F172-4A33-92A1-6917C24D8650}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{104BB1F4-6201-4167-8CCA-F4B14A95C6EF}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{F42A2315-141F-4582-9CB0-B47C8F818A89}] => (Allow) D:\SteamLibrary\steamapps\common\Red Orchestra\System\RedOrchestraLargeAddressAware.exe
FirewallRules: [{2391FEB8-47CE-4293-BE1B-72EC62D5CB12}] => (Allow) D:\SteamLibrary\steamapps\common\Red Orchestra\System\RedOrchestraLargeAddressAware.exe
FirewallRules: [{9A4BC87E-AEA7-4749-B1C9-F86A936FAB30}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{92D27DAD-B452-4C65-AC2A-C0A8F5715EA3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{33B35681-44A7-4E14-A678-6B51B53578E8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5A8F674E-569B-4077-B5E4-EE2E9DD93DD3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7A299E7A-577A-463C-9BC5-FC7DC247EC22}] => (Allow) D:\SteamLibrary\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{E354715E-6C73-4885-98C4-BF6BD342CD46}] => (Allow) D:\SteamLibrary\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [TCP Query User{AB733B2D-252E-41A6-9CF2-9C829FEFCF07}D:\the long dark\tld.exe] => (Allow) D:\the long dark\tld.exe
FirewallRules: [UDP Query User{E5B9CF27-40D9-4CBC-A790-F9F883A982E6}D:\the long dark\tld.exe] => (Allow) D:\the long dark\tld.exe
FirewallRules: [TCP Query User{A978D2CF-8E07-4E97-B4ED-3B03A5DB7AFA}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{1E8A99F9-C18F-4BD8-9CD3-CDABB96140E5}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{408A42F8-8F7D-4DC7-8A40-7B99B04CB29D}D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{95871DD2-CFEC-475E-A85E-FE12140F444C}D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [TCP Query User{4FC5BFC7-DB7A-4E39-9A66-2DE2676B3C01}C:\program files\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\java.exe
FirewallRules: [UDP Query User{8EF3DB40-524A-4631-8587-60824ADBE464}C:\program files\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\java.exe
FirewallRules: [TCP Query User{C322C3B0-4F82-437E-BFC3-72632AE2D1F7}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{F295E1C2-81E3-4A7E-8D35-A77A4685E30D}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [{47FD5047-9365-44A9-B2F9-CCFD12636892}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{D6744B12-0647-4920-95C8-6197444F47A1}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{C18C8804-69AE-4789-844C-70F8A21F4657}D:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [UDP Query User{F3B05078-6EC7-42B9-8884-CCE5C7EA1B82}D:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [TCP Query User{7A18253F-B094-490A-A912-6D8AB058A17C}D:\firewatch\firewatch\firewatch.exe] => (Allow) D:\firewatch\firewatch\firewatch.exe
FirewallRules: [UDP Query User{1740214E-67A7-4464-B858-72F76432BF3D}D:\firewatch\firewatch\firewatch.exe] => (Allow) D:\firewatch\firewatch\firewatch.exe
FirewallRules: [TCP Query User{064B6FA2-2A10-43E1-9102-138E0F63D4D7}D:\ben.and.ed\ben.and.ed\benanded\binaries\win64\benanded.exe] => (Allow) D:\ben.and.ed\ben.and.ed\benanded\binaries\win64\benanded.exe
FirewallRules: [UDP Query User{4314CE95-1F08-4701-9A66-D5F4CBDAD5D1}D:\ben.and.ed\ben.and.ed\benanded\binaries\win64\benanded.exe] => (Allow) D:\ben.and.ed\ben.and.ed\benanded\binaries\win64\benanded.exe
FirewallRules: [TCP Query User{ED4B16B3-EC6E-4E34-A740-6ED621A92F10}D:\murdered - soul suspect\binaries\win64\murdered.exe] => (Allow) D:\murdered - soul suspect\binaries\win64\murdered.exe
FirewallRules: [UDP Query User{04F32246-EB75-4EBB-A8B9-A4EB211246E9}D:\murdered - soul suspect\binaries\win64\murdered.exe] => (Allow) D:\murdered - soul suspect\binaries\win64\murdered.exe
FirewallRules: [TCP Query User{BE3717AA-25DB-48EA-972A-B544D1090319}D:\a story about my uncle\binaries\win32\asamu-win32-shipping.exe] => (Allow) D:\a story about my uncle\binaries\win32\asamu-win32-shipping.exe
FirewallRules: [UDP Query User{C9085B4B-8F2A-4D24-9964-BA4766CCD07A}D:\a story about my uncle\binaries\win32\asamu-win32-shipping.exe] => (Allow) D:\a story about my uncle\binaries\win32\asamu-win32-shipping.exe
FirewallRules: [{7B2A49DD-6484-4653-9582-9F2574D544E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Dedicated Server\JcmpServer.exe
FirewallRules: [{00D0E340-F18C-4847-B415-0BD13129C1ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Dedicated Server\JcmpServer.exe
FirewallRules: [{A163496C-E634-47F8-BE74-240780B9B2F6}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{C76985F6-247F-42B6-B980-31581FEFC038}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{45C4A5F2-66AD-4DD8-9BBE-260844FEDF66}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{A282BB40-3440-448D-8216-8E5C3B971787}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [TCP Query User{B46D7F4F-EAAE-4BC7-93DF-6AC58E9CEAAE}D:\igg-enter.the.gungeon\igg-enter.the.gungeon\etg.exe] => (Allow) D:\igg-enter.the.gungeon\igg-enter.the.gungeon\etg.exe
FirewallRules: [UDP Query User{94EA8A22-769A-43A2-8457-81211973BE0B}D:\igg-enter.the.gungeon\igg-enter.the.gungeon\etg.exe] => (Allow) D:\igg-enter.the.gungeon\igg-enter.the.gungeon\etg.exe
FirewallRules: [TCP Query User{739039D2-796E-4123-9C0B-F54C28D9BCFE}D:\igg-theculliing\igg-theculliing\victory\binaries\win64\victory.exe] => (Allow) D:\igg-theculliing\igg-theculliing\victory\binaries\win64\victory.exe
FirewallRules: [UDP Query User{A5FB3F2C-F9B6-43CB-89B4-E48E6E333E53}D:\igg-theculliing\igg-theculliing\victory\binaries\win64\victory.exe] => (Allow) D:\igg-theculliing\igg-theculliing\victory\binaries\win64\victory.exe
FirewallRules: [TCP Query User{0BE5C3A8-D567-490B-89D6-94E57A36C90D}D:\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{06C23672-3397-418F-88A5-C0D3D41E3805}D:\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{76618D3E-AF84-4923-9776-181556F9EDE1}D:\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1B9D2F48-4FA0-4EDB-A533-4A69665CD85B}D:\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
FirewallRules: [{25B50ED8-196D-45D7-93D3-96C7E55FC1E6}] => (Allow) D:\SteamLibrary\steamapps\common\Battleborn Open Beta\Binaries\Win64\Battleborn.exe
FirewallRules: [{D2B24C5C-A054-444D-AB83-7FED6621506A}] => (Allow) D:\SteamLibrary\steamapps\common\Battleborn Open Beta\Binaries\Win64\Battleborn.exe
FirewallRules: [TCP Query User{DD14C23B-C607-42C7-9C1D-C4102BBD150A}D:\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{93D68294-0B43-4EED-B97A-A34B6B8E4B89}D:\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A5FC538D-B116-4757-8433-F49150C1C593}D:\max payne 3\maxpayne3.exe] => (Allow) D:\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{83E09492-299C-41B5-9D29-37292AC1722B}D:\max payne 3\maxpayne3.exe] => (Allow) D:\max payne 3\maxpayne3.exe
FirewallRules: [TCP Query User{0FD81D97-F2CF-4CD7-96D8-001F98774242}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{49A9E32C-21B8-454B-85B0-8E941D19E809}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [TCP Query User{C8A26927-0BE0-46F4-B4F1-D496AE23228F}C:\users\josh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josh\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{093D70DC-642C-42FE-82DC-884F44916B27}C:\users\josh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josh\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{04BC52CA-4D61-4A7D-AFE0-89FAA0B983DE}D:\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C6587118-FF5B-49EB-BD4E-4A08030FF124}D:\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{1A91EF3C-FDB8-410D-8EBD-20E193A91E39}D:\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base42253\sc2_x64.exe
FirewallRules: [UDP Query User{79D21FB9-839F-47A7-A6BE-AF3060466FD5}D:\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base42253\sc2_x64.exe
FirewallRules: [TCP Query User{27BDB293-0619-450D-A70D-AF557C637A62}D:\goliath\goliath.exe] => (Allow) D:\goliath\goliath.exe
FirewallRules: [UDP Query User{6B4945A8-BA8D-4793-95A0-9FF220BF7859}D:\goliath\goliath.exe] => (Allow) D:\goliath\goliath.exe
FirewallRules: [{56FF1D66-4444-491A-98C4-C09B6D28A81A}] => (Allow) D:\Winamp\winamp.exe
FirewallRules: [{7AEC331E-4608-4B1D-B593-7243054E8F93}] => (Allow) D:\Winamp\winamp.exe
FirewallRules: [TCP Query User{3C3D57C7-2BC9-4247-8FE0-312E6CE5E479}D:\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F737181B-293F-453D-97BD-A29E47F8E930}D:\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{1EF998EF-9481-43E8-A137-1801FE3A9710}D:\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [UDP Query User{FBAEE11D-6CE4-4831-9D17-E2697F420D22}D:\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [{ADC669C1-7CC0-42CF-B6C2-93AB440ECB49}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{F75ACBD1-53A0-4B62-80CB-4DFD7664787C}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [TCP Query User{D38AE8A0-071A-4D1B-92DD-9DDDF346684F}D:\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5C084FD6-A65E-4E8E-861B-2D42B4920BAA}D:\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{23E58D0A-47CD-41A0-9FC0-754719E79BC2}D:\lichdom battlemage\bin32\lichdombattlemage.exe] => (Allow) D:\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [UDP Query User{EB8106EB-70C3-463C-B435-7C87306DB250}D:\lichdom battlemage\bin32\lichdombattlemage.exe] => (Allow) D:\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [{6EACBF99-FC31-4956-AE9D-A30FA66FB8D3}] => (Allow) D:\Mr DJ\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{BC08176A-153E-47E0-BCBC-4D882495938C}] => (Allow) D:\Mr DJ\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{85F0A86D-F712-4216-81AA-63411A926078}] => (Allow) D:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{0085DDD0-6339-4C0B-BE5C-0F2C47CBFACB}] => (Allow) D:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{4CB28B38-E885-4C75-8C3E-06E0A8104338}] => (Allow) D:\SteamLibrary\steamapps\common\OPPW3\oppw3.exe
FirewallRules: [{368696F6-9A3E-4951-9728-710F33CBFE0B}] => (Allow) D:\SteamLibrary\steamapps\common\OPPW3\oppw3.exe
FirewallRules: [{C585AAAB-BC00-478F-9388-1F5ACE8825FF}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{EB7008EB-9D5B-471D-A2EC-B1E12D31DE7A}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{4256A6B3-D04E-4937-BEF3-DD378E761544}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5416B8EB-D05A-4CF3-9052-B203CBD58FAA}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{6FE23E9D-0616-418C-B62E-F8E46F99B5F4}] => (Allow) D:\SteamLibrary\steamapps\common\Please, Don’t Touch Anything\DontTouchAnything.exe
FirewallRules: [{BA47FCFC-DFAC-4224-A75E-0FDE656553FC}] => (Allow) D:\SteamLibrary\steamapps\common\Please, Don’t Touch Anything\DontTouchAnything.exe
FirewallRules: [{77BDA379-BDEC-4DD3-AF03-62DA73E635EF}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{F09F51FB-1E35-4B5C-A3ED-B515FE084B97}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{4F5EC122-14F5-449B-BD70-776CC883E72E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{EE031387-9A99-41EF-972F-14184A90610F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{E67EDBD6-43E0-4565-AC79-D42868E3BFD1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{418B30F0-E981-49BC-A47F-E8C29A7DFF7D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{4F68FB42-67B7-4098-AF21-1ED2761057E6}] => (Allow) D:\SteamLibrary\steamapps\common\Overlord II\Overlord2.exe
FirewallRules: [{54C6AB11-8621-4FDE-B72E-129D3E2D0A29}] => (Allow) D:\SteamLibrary\steamapps\common\Overlord II\Overlord2.exe
FirewallRules: [{E3AF5944-D067-4A7F-B8D4-A243B74FFFD8}] => (Allow) D:\SteamLibrary\steamapps\common\Overlord II\Config.exe
FirewallRules: [{E16B723D-DCCB-429C-B84F-618F87AAED21}] => (Allow) D:\SteamLibrary\steamapps\common\Overlord II\Config.exe
FirewallRules: [{34A9BEEC-BE02-45B8-8E0D-473C5A05E439}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{8D474876-8295-460B-8644-0E209D3A7F72}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{3720CE11-C621-47FF-BA9B-F93966F86B77}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{BF41E736-C3BF-46B7-B178-B38F7D200762}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{FFAEAE76-6809-49AC-B998-B17C4E2596B2}] => (Allow) D:\SteamLibrary\steamapps\common\Warface\live\nw.exe
FirewallRules: [{3CA9FA26-F1DC-4A64-8425-2FEC8E7D03BF}] => (Allow) D:\SteamLibrary\steamapps\common\Warface\live\nw.exe
FirewallRules: [{737B9D00-A874-417D-A115-ADBAEDEFF34F}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{84AB5F63-EB73-40E2-BF7C-ACF165156E29}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{3839C5AA-74FD-4D96-A482-AC1F852239AF}D:\we happy few\glimpsegame\binaries\win64\glimpsegame.exe] => (Allow) D:\we happy few\glimpsegame\binaries\win64\glimpsegame.exe
FirewallRules: [UDP Query User{9ABAAEF2-151B-47DA-BFFD-F8D3C379B663}D:\we happy few\glimpsegame\binaries\win64\glimpsegame.exe] => (Allow) D:\we happy few\glimpsegame\binaries\win64\glimpsegame.exe
FirewallRules: [{D1EC01BB-39F1-4B75-AEF0-71C09269675B}] => (Allow) D:\Cheat Engine 6.5\ceregreset.exe
FirewallRules: [{7C5B07F4-2186-4BF8-94BA-770F3A112AD2}] => (Allow) D:\Cheat Engine 6.5\ceregreset.exe
FirewallRules: [{6F80E323-2093-41D1-8EFF-ADB34E78294F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
FirewallRules: [{A0991C8C-1592-4F77-95BB-3D858CA97A97}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
FirewallRules: [{FF3FAC0B-8FD8-4792-AAF2-D15A717A5659}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
FirewallRules: [{DBBF3CAD-E747-4A0D-906C-C25C21136851}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
FirewallRules: [{37A31A8F-0832-4929-9CE2-E6E39EF1D3D4}] => (Allow) D:\60 Seconds\60 Seconds\60Seconds.exe
FirewallRules: [{B28C1A3D-7DAB-472E-ABEC-41DF205CBD4C}] => (Allow) D:\60 Seconds\60 Seconds\60Seconds.exe
FirewallRules: [{6644F379-942B-4A0D-BACE-D840FA5E6D6D}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{B19774AB-DD84-48AB-971E-F68E6AA1116B}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{F0A4EB4F-ECC7-4C7D-A06F-203EECDDAF7C}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{749838AC-207B-49FD-8F24-AF71B0F3D9FF}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [TCP Query User{023B3EFA-4E8A-49EB-8015-C3A09EF9173E}D:\overwatch test\overwatch.exe] => (Allow) D:\overwatch test\overwatch.exe
FirewallRules: [UDP Query User{AF5429F1-0FC3-478B-9B59-6830FE78E675}D:\overwatch test\overwatch.exe] => (Allow) D:\overwatch test\overwatch.exe
FirewallRules: [TCP Query User{8944C92E-9D8F-44CA-B4DA-428CB1BF2BDE}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{73353DAD-E166-425F-9957-C71824A4A9A1}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [{C4A29474-381D-4201-93BB-3A0F611E10D5}] => (Allow) D:\SteamLibrary\steamapps\common\Synergy\synergy.exe
FirewallRules: [{6FFF8E2B-E8B2-47AD-B48F-5EF18ACD54ED}] => (Allow) D:\SteamLibrary\steamapps\common\Synergy\synergy.exe
FirewallRules: [{C1FAC601-A689-4104-9457-7BDF0EF19853}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{10243A7B-824E-4301-8DB0-88BD01612353}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{80291048-67F2-4CAE-990E-644D0A3A3393}] => (Allow) D:\SteamLibrary\steamapps\common\KHOLAT\Kholat.exe
FirewallRules: [{B911C943-12F7-43B6-A01C-B8E3F5947527}] => (Allow) D:\SteamLibrary\steamapps\common\KHOLAT\Kholat.exe
FirewallRules: [TCP Query User{CF964306-F033-4CD0-9F25-CFE6A4A7B5DE}D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe
FirewallRules: [UDP Query User{626AAEB5-AD5E-424D-B6A1-1E1F7346F73D}D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe
FirewallRules: [{69CD49BF-9790-4236-8BD8-63701DC92026}] => (Allow) D:\SteamLibrary\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{00BC867A-6958-43CC-8FC1-DB59BA233287}] => (Allow) D:\SteamLibrary\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{3E4B1797-7850-4526-926F-9B91FA9B9F31}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{D707E602-77FA-4901-A16D-33951B0436FC}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{CF255A51-790B-4195-B93F-70C6B2D4A81B}] => (Allow) D:\SteamLibrary\steamapps\common\Caster\caster.exe
FirewallRules: [{9AAE085E-97D9-4A9F-9986-CCF033A6F298}] => (Allow) D:\SteamLibrary\steamapps\common\Caster\caster.exe
FirewallRules: [{5984144A-56DC-49C3-B997-5F496BBA87D6}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{97D9FED9-12A8-47C5-843E-2527BA1C18FB}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{8F5599A6-4B5E-478A-9CB8-A1EBA42AB038}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{2AB1595A-0D52-45B4-A381-64A66ADC12AE}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{A7C8C186-97E2-4D14-B487-0B24F29678C4}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{C7DAE871-E4AA-437B-8E07-0E914644BECE}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B468B309-7EAD-4F14-9414-4E77F566E311}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{5BACC4C7-2BA9-4E14-AFCD-BB55AACC8A1F}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{3CB9E7B6-F087-4D90-9333-4FD1C5BD3765}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{D8FF51DD-6638-4FD0-A229-4D0EB2E5BAA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{AF6AED9D-B81B-47A6-A936-1D5A84DF860D}] => (Allow) D:\SteamLibrary\steamapps\common\Sven Co-op\svends.exe
FirewallRules: [{3C6F3EAD-B48C-4D68-BD69-98172295C1C0}] => (Allow) D:\SteamLibrary\steamapps\common\Sven Co-op\svends.exe
FirewallRules: [{D20FA8CA-58EB-47A2-B283-1590AE42C51D}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{777BBAB5-AD0E-4CC0-930E-189AF9A2C33F}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{7AB04AFB-CD2F-49A1-98CE-096C7B019BF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Munchs Oddysee\bin\Launcher.exe
FirewallRules: [{E5A0C216-F735-41F6-979C-2255FFBDDF6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Munchs Oddysee\bin\Launcher.exe
FirewallRules: [{762A6A0D-B633-41E5-B172-E7C7C4AAA02C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MurderMiners\Murder Miners.exe
FirewallRules: [{CAAFC78A-F4D8-4070-8546-254112D24D81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MurderMiners\Murder Miners.exe
FirewallRules: [{ADCB03AB-FEA6-4E65-93D2-6A9116DC01EC}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil 6\BH6.exe
FirewallRules: [{A9EB3580-7A1C-420B-9740-3652342CF476}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil 6\BH6.exe
FirewallRules: [TCP Query User{63444E32-864E-4702-977C-D49D2D0B07BD}D:\doom game\doomx64.exe] => (Allow) D:\doom game\doomx64.exe
FirewallRules: [UDP Query User{8D8F646A-34BC-439E-8AA8-5E5736C341BA}D:\doom game\doomx64.exe] => (Allow) D:\doom game\doomx64.exe
FirewallRules: [{AAD70C5C-88D2-431D-8815-3C35152D0359}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [{30B5E122-94ED-41CB-9A80-7B6F656A9DD6}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [{AAA143C8-0952-4A28-9CCB-76E3C444C9C8}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{21AFD90B-590A-4C2F-950F-4FA87D0C0F4E}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{E2FE6351-BE99-407C-B9A3-2C46C22EA353}] => (Allow) D:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{2AB997EE-C90C-4482-85DB-93A319B1EEC5}] => (Allow) D:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C3CD4EF9-D2DE-4D9A-921A-0F16AD0E7BF1}] => (Allow) D:\SteamLibrary\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{10D2E8DF-28CC-4B90-9F24-A8CDE508C1CF}] => (Allow) D:\SteamLibrary\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{F21AFF96-945D-496F-B182-8D4193F1D9A5}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{24A5348B-BB96-4D5D-9217-DA6D027E6234}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{518B9D90-9D36-4596-88B1-8940F896937B}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A9B6BA9B-E75D-43C6-87C4-589ECB8FBCD0}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{627B4E9E-2F7B-4788-A448-18961F86CD30}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{D9C851C2-5D09-4DF4-9C4E-B0395CED11C5}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{51823F75-0C5D-4FC3-A14F-03BC209EE208}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F3E2E59A-04F4-4D60-9BA5-EFC9A256AACA}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{F8A1D592-B7FF-46D1-9823-E744F592CCCB}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{C41DF4C2-4903-4EE8-A90A-99E0B62C2DCC}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{E22F8E49-3258-42F0-A8D5-67B4AC3974CD}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{5F4EDA93-1564-44C4-BC8B-D6552412B18B}] => (Allow) D:\SteamLibrary\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{E52F32BF-8CB6-44B1-97F5-2E5465E882FB}] => (Allow) D:\SteamLibrary\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{3DB17E23-F617-480D-920D-D7BEF93D3844}] => (Allow) C:\Program Files (x86)\Mr DJ\Mafia II\launcher.exe
FirewallRules: [{95F1320F-3BE5-4220-9457-157A81A7CF5A}] => (Allow) C:\Program Files (x86)\Mr DJ\Mafia II\launcher.exe
FirewallRules: [{04945305-5ADF-4A5A-810A-8707245CA75C}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{D916FBD9-D3CC-4C84-AB2C-EE84032BE0AF}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{DADC1D40-69F9-417F-823D-19AC6697DF86}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶獜獹湯灥卜獹湏健攮數
FirewallRules: [{77504AE2-033A-4954-A0A8-3C270CD5D76B}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶獜獹湯灥卜獹湏健⹟硥e
FirewallRules: [{8C5DBC21-DD28-4314-A6BF-511C0A22D8E2}] => (Allow) C:\Users\Josh\AppData\Local\Temp\90DC360E-5FBE-456B-9F7A-602B8188C6F3\installer.exe
FirewallRules: [{00152E5A-0A9A-4511-A951-04E0BBD46098}] => (Allow) C:\Users\Josh\AppData\Local\59310272.exe
FirewallRules: [{DCAB84CF-DF7C-4D9D-A404-BD7F908BA9AE}] => (Allow) C:\Program Files (x86)\gowen\segel.exe
FirewallRules: [{7D3816B1-8E83-4B3F-AC8A-CC56062354B5}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{5C84E8C9-2999-4297-9E2D-70D012326FA8}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{8752C769-166D-4B2F-9F8A-C734FB0B0692}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{F78F0C4D-7663-4409-9681-A365E32999F6}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FFFE699D-8853-4CA1-91B6-58CF51D88D40}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{9EAEB285-9880-43E6-B0EA-FA323CC2E9FA}] => (Allow) D:\SteamLibrary\steamapps\common\Warface\live\nw.exe
FirewallRules: [{9CC6C577-41FF-4767-82D6-3AF3F72B3408}] => (Allow) D:\SteamLibrary\steamapps\common\Warface\live\nw.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Device (RFCOMM Protocol TDI)
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/26/2016 11:52:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2016 11:37:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2016 11:31:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2016 11:25:47 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (10/26/2016 11:25:39 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (10/26/2016 11:20:36 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (10/26/2016 11:20:29 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (10/26/2016 11:19:27 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (10/26/2016 11:14:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2016 10:55:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/26/2016 11:50:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Sound Core3D Service service depends on the Sound Core3D(CtHda.sys) service which failed to start because of the following error:
%%1058

Error: (10/26/2016 11:50:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Sound Core3D(CtHda.sys) service failed to start due to the following error:
%%1058

Error: (10/26/2016 11:46:29 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (10/26/2016 11:46:29 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (10/26/2016 11:46:29 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (10/26/2016 11:46:28 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (10/26/2016 11:46:28 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (10/26/2016 11:35:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Sound Core3D Service service depends on the Sound Core3D(CtHda.sys) service which failed to start because of the following error:
%%1058

Error: (10/26/2016 11:35:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Sound Core3D(CtHda.sys) service failed to start due to the following error:
%%1058

Error: (10/26/2016 11:33:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


CodeIntegrity:
===================================
Date: 2016-04-26 18:48:04.060
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:48:04.013
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:48:03.330
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:48:03.283
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:47:49.472
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:47:49.417
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:47:42.462
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:47:42.397
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:47:42.266
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:47:42.215
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3740QM CPU @ 2.70GHz
Percentage of memory in use: 17%
Total physical RAM: 16334.31 MB
Available physical RAM: 13449.11 MB
Total Virtual: 32666.81 MB
Available Virtual: 29548.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:22.25 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:174.42 GB) NTFS
Drive f: () (Removable) (Total:1.83 GB) (Free:1.75 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2667A253)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 4B7E58B8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================
 

Joshua Bobbitt

PCHF Member
PCHF Member
Oct 26, 2016
26
3
22
You'll have to give me a minute for the zemana log, I have to restart my comp, go to normal mode, put them in a text file, then come back to safe mode.
 

Joshua Bobbitt

PCHF Member
PCHF Member
Oct 26, 2016
26
3
22
Zemana AntiMalware 2.50.2.133 (Installed)

-------------------------------------------------------
Scan Result : Completed
Scan Date : 2016/10/26
Operating System : Windows 7 64-bit
Processor : 8X Intel(R) Core(TM) i7-3740QM CPU @ 2.70GHz
BIOS Mode : Legacy
CUID : 128DE9A911A6F790A629BA
Scan Type : Deep Scan
Duration : 5m 6s
Scanned Objects : 245520
Detected Objects : 7
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Chrome Shortcut
Status : Scanned
Object : /force-device-scale-factor=1
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Chrome Shortcut

Chrome Shortcut
Status : Scanned
Object : /high-dpi-support=1
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Chrome Shortcut

Chrome Shortcut
Status : Scanned
Object : /force-device-scale-factor=1
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Chrome Shortcut

Chrome Shortcut
Status : Scanned
Object : /high-dpi-support=1
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Chrome Shortcut

$VBR1
Status : Failed
Object : %systemroot%\temp\zam-shadow-copy-record1.vbr
MD5 : 97457B3D4D18019E1DDD52490368333F
Publisher : -
Size : 7168
Version : -
Detection :
Cleaning Action : Repair
Related Objects :
File - %systemroot%\temp\zam-shadow-copy-record1.vbr
VBR - C: - Index 1

$VBR0
Status : Failed
Object : %systemroot%\temp\zam-shadow-copy-record0.vbr
MD5 : AAFF9DCBE59F047156F109556CF6DDB4
Publisher : -
Size : 7168
Version : -
Detection :
Cleaning Action : Repair
Related Objects :
File - %systemroot%\temp\zam-shadow-copy-record0.vbr
VBR - C: - Index 0

launcher.bat
Status : Failed
Object : %programfiles%\mr dj\mafia ii\launcher.bat
MD5 : 2BFFC630A9D9A9E76A5608CECE91B15E
Publisher : -
Size : 137
Version : -
Detection :
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\mr dj\mafia ii\launcher.bat
Reference - C:\Users\Public\Desktop\Маfiа II.lnk

Oemdspif.dll
Status : Failed
Object : %systemroot%\syswow64\oemdspif.dll
MD5 : 882B1C2DDC989B5D9A7801B1C56D8D52
Publisher : -
Size : 278528
Version : 6.15.6.6
Detection :
Cleaning Action : Quarantine
Related Objects :
File - %systemroot%\syswow64\oemdspif.dll

atipdlxx.dll
Status : Failed
Object : %systemroot%\syswow64\atipdlxx.dll
MD5 : 5A240FA06EBE012E85343362C7F0F8DB
Publisher : -
Size : 360448
Version : 6.14.10.2563
Detection :
Cleaning Action : Quarantine
Related Objects :
File - %systemroot%\syswow64\atipdlxx.dll

atiumdmv.dll
Status : Failed
Object : %systemroot%\syswow64\atiumdmv.dll
MD5 : AC5E6E143DF412E1D8F5622E5A281DD9
Publisher : -
Size : 1828864
Version : 7.14.10.184
Detection :
Cleaning Action : Quarantine
Related Objects :
File - %systemroot%\syswow64\atiumdmv.dll

atiumd6v.dll
Status : Failed
Object : %systemroot%\system32\atiumd6v.dll
MD5 : F26CBF01DD9F1418396E47952EA7F08B
Publisher : -
Size : 1113088
Version : 7.14.10.184
Detection :
Cleaning Action : Quarantine
Related Objects :
File - %systemroot%\system32\atiumd6v.dll

atipdl64.dll
Status : Failed
Object : %systemroot%\system32\atipdl64.dll
MD5 : 494978A7B573BAA4036F6A0B8EDB86D8
Publisher : -
Size : 423424
Version : 6.14.10.2563
Detection :
Cleaning Action : Quarantine
Related Objects :
File - %systemroot%\system32\atipdl64.dll

841023b9c5eb2bd66f712419c7abfaed.exe
Status : Scanned
Object : %systemroot%\841023b9c5eb2bd66f712419c7abfaed.exe
MD5 : CD529E950E48478F274B409C5726F93B
Publisher : -
Size : 1829560
Version : -
Detection : Adware:Win32/Tamaca!Calk
Cleaning Action : Quarantine
Related Objects :
File - %systemroot%\841023b9c5eb2bd66f712419c7abfaed.exe

UmmyVideoDownloader.exe
Status : Scanned
Object : %appdata%\zhp\quarantine\ummyvideodownloader\ummyvideodownloader.exe
MD5 : 55917B8899C923CBBA943FED205C3DE5
Publisher : Magicbit, Inc
Size : 10726912
Version : 1.6.0.4
Detection : Adware:Win32/YTD!Ep
Cleaning Action : Quarantine
Related Objects :
File - %appdata%\zhp\quarantine\ummyvideodownloader\ummyvideodownloader.exe

set_to_static.bat
Status : Failed
Object : %appdata%\portforward.com\pfstaticip\set_to_static.bat
MD5 : 18104A5E6ADAC9B7D09C2AB1F02220BD
Publisher : -
Size : 414
Version : -
Detection :
Cleaning Action : Quarantine
Related Objects :
File - %appdata%\portforward.com\pfstaticip\set_to_static.bat

main.dat
Status : Scanned
Object : NE->c:\users\josh\appdata\roaming\main.dat
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/Linkury.G!Neng
Cleaning Action : Quarantine
Related Objects :
(null) - (null)


Cleaning Result
-------------------------------------------------------
Cleaned : 7
Reported as safe : 0
Failed : 0
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,389
551
Ok, post the Zemana file when ready. :)

Edit: Got it, what issues remain? I am working on a FRST fix for you at the moment. :)
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,389
551
Can you tell me what these are? You know what they are, and OK with them on your machine?

HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [reconvenes] => "C:\Program Files (x86)\gowen\segel.exe"
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [gambrell] => "C:\Program Files (x86)\gowen\segel.exe"
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [cares] => "C:\Program Files (x86)\polygamy\cares.exe"
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\...\Run: [militants] => "C:\Program Files (x86)\gowen\segel.exe"
 

Joshua Bobbitt

PCHF Member
PCHF Member
Oct 26, 2016
26
3
22
Those dont look familiar. My issue is that when I'm in normal mode, I cannot connect to certain websites. Facebook, this forum, etc etc., yet I can connect to websites such as reddit and google. Skype cannot connect to the internet, yet Steam is able to. When I try to connect to facebook, it'll just say the dns server cannot be found.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,389
551
Alright, now I am working on the FRST Script. This will take some time as I need to go over the logs manually. Can you scan the files below at Virus Total or Jotti...

C:\Program Files (x86)\gowen\segel.exe
C:\Program Files (x86)\polygamy\cares.exe

While I scan over your FRST logs please run this tool. :)

RogueKiller by Tigzy

  • Download RogueKiller and save it to your desktop
  • Close all running programs
  • Right click on the icon and select Run as Administrator
  • For Windows XP simply double click on the icon
  • The program will conduct a prescan and when finished you wlll see Prescan Finished. Please hit the scan button
  • Click Scan
  • If, during the scan, you receive a request to upload a file to Virustotal please click Yes
  • A report should open and a copy of the report will be placed on your desktop. If not, hit the Report button.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If it really won't run, rename it winlogon.exe (or winlogon.com) and try again
  • Copy and paste the contents of the report in your reply
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,389
551
Sorry here are Virus Total instructions....

Upload Files to VirusTotal

  • Please go to VirusTotal.
  • Click the Choose File button.
  • Navigate to >>>>>>>> C:\Program Files (x86)\polygamy\cares.exe & C:\Program Files (x86)\gowen\segel.exe
  • or simply copy and paste it.
  • Click the Scan it! button.
  • You might see a message saying File already analysed, if you do click Reanalyse.
  • Wait for all the scans to finish then copy and paste the web address from your broswer's address bar.
    Example of web address :
  • Include the link in your next reply.
 
Status
Not open for further replies.