Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

searchinterneat-a.akamaihd.net and cant turn on windows firewall


  • This topic is locked This topic is locked
7 replies to this topic

#1 ThatBenderGuy

ThatBenderGuy

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:51 PM

Posted 03 March 2016 - 06:26 PM

I recently got hit with the adware searchinterneat-a.akamaihd.net and I can't get rid of it. I have tried booting into safemode and resetting all my browsers. I have removed any trace of it from the programs and features window, I have tried using several adware removers of which they claimed to have found it and removed it but it was still on there.

 

Anytime I open a new tab or chrome or use the google-omnisearch it leads to searchinterneat-a.akamaihd.net. Idk if it's part of the problem but I can no longer turn on my windows firewall service either (error: 5)

 

Any help with this would be greatly appreciated and I apologize if this is in the wrong section.

 

(Windows 10 64-bit)

 

Mod Edit:  Moved from AII to MRL and closed per request - Hamluis.


Edited by hamluis, 23 March 2016 - 03:55 PM.
Moved from Win 10 to 'Am I infected?'.


BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 AM

Posted 03 March 2016 - 06:51 PM

Hello ThatBenderGuy and Welcome to the BleepingComputer. :welcome:
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.
  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here
Thanks
---------------------------------------------------------------------------------------------------------
 
Please do the following.
 
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure the following option is checked: addition.png
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Sincerely  . :hello:

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 ThatBenderGuy

ThatBenderGuy
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:51 PM

Posted 03 March 2016 - 10:19 PM

Okay so I managed actually to get rid of the adware but now I still can't start the windows firewall service. Here are the logs you requested

 

 

Here is the message that comes up whenever I try to start the windows firewall service

 

Windows could not start the Windows Firewall on Local Computer. For more information review the System Event Log. If this is a non-Microsoft service, contact the service vendor, and refer to service-specific error code 5.

 

 

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-03-2016
Ran by Jacob (administrator) on JACOB-PC (03-03-2016 20:10:07)
Running from H:\Downloads
Loaded Profiles: Jacob (Available Profiles: Jacob)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\CrazyRemote\CrazyRemoteServer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Hi-Rez Studios) H:\Games\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
(Creative Technology Ltd.) C:\Windows\V0690Mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Symform, Inc.) C:\Program Files\Symform\Node Service\symformcontrib.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Symform, Inc.) C:\Program Files\Symform\Node Service\symformsync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Symform, Inc.) C:\Program Files\Symform\Node Service\symformupdater.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4031152 2013-11-26] (Stardock Corporation)
HKLM\...\Run: [C:\WINDOWS\system32\V0690Ext.ax] => C:\WINDOWS\system32\RegSvr32.exe /s C:\WINDOWS\system32\V0690Ext.ax
HKLM\...\Run: [BCSSync] => H:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [RoccatKonePure] => C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2014-01-20] (ROCCAT GmbH)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2015-12-29] ()
HKLM-x32\...\Run: [V0690Mon.exe] => C:\WINDOWS\V0690Mon.exe
HKLM-x32\...\Run: [C:\WINDOWS\SYSTEM32\V0690Ext.ax] => C:\WINDOWS\system32\RegSvr32.exe /s C:\WINDOWS\SYSTEM32\V0690Ext.ax
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-12-30] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Run: [MyComGames] => "C:\Users\Jacob\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Run: [CrazyRemote] => C:\Program Files (x86)\CrazyRemote\CrazyRemote.exe [499992 2013-05-22] ()
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Run: [CrazyRemoteCommand] => C:\Program Files (x86)\CrazyRemote\CrazyRemoteCommand.exe [48920 2013-05-22] ()
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Run: [iFunBox] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2783232 2015-07-27] (i-Funbox.com)
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Run: [Steam] => G:\Steam\steam.exe [3074128 2016-03-02] (Valve Corporation)
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Run: [Symform Status] => C:\Program Files\Symform\Node Service\symformstatus.exe [412600 2014-11-19] (Symform, Inc.)
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Run: [MurGee.com Auto Clicker] => C:\Users\Jacob\AppData\Roaming\Auto Clicker\AutoClicker.exe [124072 2016-01-14] (MurGee.com)
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\MountPoints2: {e9ff8ee9-44c0-11e5-9bd6-c86000d089eb} - "F:\setup.exe" 
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\MountPoints2: {f469e49d-50e0-11e5-9be0-c86000d089eb} - "F:\SETUP.EXE" 
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150528 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jacob\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jacob\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jacob\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jacob\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jacob\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jacob\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2015-08-03]
ShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)
Startup: C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-08-21]
ShortcutTarget: Curse.lnk -> C:\Users\Jacob\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-09-23]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Jacob\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3949139464-329665614-2156926167-1000] => 199.200.120.36:8089
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 205.171.2.25
Tcpip\..\Interfaces\{325c3e63-95bd-41d2-85e2-bd106abbcb09}: [DhcpNameServer] 192.168.5.1 205.171.2.25
Tcpip\..\Interfaces\{BA76BDE6-6E92-40CB-9EFF-4E90F60151F9}: [DhcpNameServer] 95.211.171.160 95.211.171.161

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File

FireFox:
========
FF ProfilePath: C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\rb5fxjsj.default-1457046809890
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-09] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> H:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-12-11] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1221171.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-13] (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> H:\Games\Arc\Plugins\npArcPluginFF.dll [2015-12-16] (Perfect World Entertainment Inc)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Jacob\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2015-03-17] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-12-11] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2016-02-17] [not signed]

Chrome: 
=======
CHR HomePage: Profile 1 -> hxxps://www.youtube.com/feed/subscriptions
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-30]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-02-11]
CHR Extension: (BetterTTV) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-07-30]
CHR Extension: (Facebook Video Downloader) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2015-07-30]
CHR Extension: (Google Docs) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-30]
CHR Extension: (Le Lenny Face) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\apbjhmeabebkfjlofaofoilpinafalom [2016-02-12]
CHR Extension: (Google Drive) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (Sothink Flash Downloader for Chrome) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\biceobciobbhhkplgocbaigojbnepcoi [2015-07-30]
CHR Extension: (YouTube) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (OneTab) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2016-03-03]
CHR Extension: (Image Downloader) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2015-07-30]
CHR Extension: (Google Search) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Netflix) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2015-07-30]
CHR Extension: (Tampermonkey) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-12-12]
CHR Extension: (Bot of Legends Helper) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\edomagbmjponmdpfhcdbpemjpfghfpal [2016-02-28]
CHR Extension: (FrankerFaceZ) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2015-07-30]
CHR Extension: (Google Sheets) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-30]
CHR Extension: (Musixmatch Lyrics for YouTube) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfenjblodoldnbiddmggcbkcapiolbig [2016-03-03]
CHR Extension: (Google Docs Offline) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-16]
CHR Extension: (AdBlock) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-22]
CHR Extension: (Ad-Block Pro) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaeogmodojjgdbcfcgabackdahpnidoe [2015-07-30]
CHR Extension: (Emoji Input by EmojiStuff.com) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\immhpnclomdloikkpcefncmfgjbkojmh [2015-11-28]
CHR Extension: (Cookies) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphcomljdfghbkdcfndaijbokpgddeno [2015-10-08]
CHR Extension: (Cookie Inspector) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgbbilmfbammlbbhmmgaagdkbkepnijn [2015-10-08]
CHR Extension: (codev) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhccgicacaljbkehndlbnolffafhjiop [2015-07-30]
CHR Extension: (Downloads) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2015-07-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR Extension: (Click&Clean App) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2016-03-01]
CHR Extension: (Gmail) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-30]
CHR Profile: C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-03]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-03-03]
CHR Extension: (BetterTTV) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-03-03]
CHR Extension: (Facebook Video Downloader) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2016-03-03]
CHR Extension: (Google Docs) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-03]
CHR Extension: (Le Lenny Face) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apbjhmeabebkfjlofaofoilpinafalom [2016-03-03]
CHR Extension: (Google Drive) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-03]
CHR Extension: (Sothink Flash Downloader for Chrome) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\biceobciobbhhkplgocbaigojbnepcoi [2016-03-03]
CHR Extension: (YouTube) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-03]
CHR Extension: (OneTab) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2016-03-03]
CHR Extension: (Image Downloader) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2016-03-03]
CHR Extension: (Google Search) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-03]
CHR Extension: (Netflix) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\deceagebecbceejblnlcjooeohmmeldh [2016-03-03]
CHR Extension: (Tampermonkey) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-03-03]
CHR Extension: (Bot of Legends Helper) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\edomagbmjponmdpfhcdbpemjpfghfpal [2016-03-03]
CHR Extension: (FrankerFaceZ) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2016-03-03]
CHR Extension: (Google Sheets) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-03]
CHR Extension: (Musixmatch Lyrics for YouTube) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gfenjblodoldnbiddmggcbkcapiolbig [2016-03-03]
CHR Extension: (Google Docs Offline) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-03]
CHR Extension: (AdBlock) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-03]
CHR Extension: (codev) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jhccgicacaljbkehndlbnolffafhjiop [2016-03-03]
CHR Extension: (Downloads) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2016-03-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-03]
CHR Extension: (Click&Clean App) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2016-03-03]
CHR Extension: (Gmail) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S3 ArcService; H:\Games\Arc\ArcService.exe [88400 2015-12-16] (Perfect World Entertainment Inc)
R2 CrazyRemoteServer; C:\Program Files (x86)\CrazyRemote\CrazyRemoteServer.exe [249112 2013-05-22] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-02] (Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-12-29] (Ellora Assets Corp.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 HiPatchService; H:\Games\Hi-Rez Studios\HiPatchService.exe [9728 2016-02-02] (Hi-Rez Studios) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 Microsoft SharePoint Workspace Audit Service; H:\Program Files\Microsoft Office\Office14\GROOVE.EXE [50942144 2013-12-19] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 symformcontrib; C:\Program Files\Symform\Node Service\symformcontrib.exe [18872 2014-11-19] (Symform, Inc.)
R2 symformsync; C:\Program Files\Symform\Node Service\symformsync.exe [21944 2014-11-19] (Symform, Inc.)
R2 symformupdater; C:\Program Files\Symform\Node Service\symformupdater.exe [29112 2014-11-19] (Symform, Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [File not signed]
S3 VSStandardCollectorService140; H:\Program Files\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2015-12-21] (Wacom Technology, Corp.)
S2 Droid4XService; F:\Emulators\Android\Droid4X\Droid4XService.exe [X]
S3 Origin Client Service; "F:\Games\Origin\OriginClientService.exe" [X]
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.5\dbk64.sys [82496 2015-12-24] ()
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-08-18] (Disc Soft Ltd)
S3 EvolveVirtualAdapter; C:\Windows\System32\drivers\evolve.sys [21656 2014-07-26] (Echobit, LLC)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 Neo_VPN; C:\Windows\System32\drivers\Neo_0001.sys [28768 2014-09-22] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [214016 2015-07-10] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 V0690Vid; C:\Windows\system32\DRIVERS\V0690Vid.sys [393760 2011-07-26] (Creative Technology Ltd.)
R3 vhidmini; C:\Windows\System32\drivers\crazyremote64.sys [67736 2013-05-22] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2014-02-26] (WinISO.com)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37416 2015-09-11] (Wellbia.com Co., Ltd.)
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-03 20:08 - 2016-03-03 20:10 - 00000000 ____D C:\FRST
2016-03-03 16:55 - 2016-03-03 16:55 - 00016148 _____ C:\WINDOWS\system32\JACOB-PC_Jacob_HistoryPrediction.bin
2016-03-03 16:36 - 2016-03-03 16:36 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-03 16:36 - 2016-03-03 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-03 16:13 - 2016-03-03 16:13 - 00000000 ____D C:\Users\Jacob\Desktop\Old Firefox Data
2016-03-03 15:23 - 2016-03-03 15:23 - 00001348 _____ C:\Users\Public\Desktop\Anvi Browser Repair Tool.lnk
2016-03-03 15:23 - 2016-03-03 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2016-03-03 15:22 - 2016-03-03 15:23 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2016-03-03 15:06 - 2016-03-03 15:06 - 02283873 _____ C:\Users\Jacob\Documents\AkamaiFree.reg
2016-03-03 14:58 - 2016-03-03 14:58 - 00000000 ____D C:\Users\Jacob\Documents\ProcAlyzer Dumps
2016-03-03 14:53 - 2016-03-03 14:53 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-03 14:53 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-03-03 14:50 - 2016-03-03 14:56 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-03 14:50 - 2016-03-03 14:53 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-03 14:50 - 2016-03-03 14:50 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-03-03 14:50 - 2016-03-03 14:50 - 00001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-03-03 14:50 - 2016-03-03 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-03-03 14:50 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-03-03 14:38 - 2016-03-03 14:38 - 00000000 ____D C:\Users\Public\Desktop\CC Support
2016-03-03 11:05 - 2016-03-03 16:18 - 00636606 _____ C:\WINDOWS\ntbtlog.txt
2016-03-03 11:05 - 2016-03-03 16:12 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-03-03 10:57 - 2016-03-03 16:55 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-03-03 10:49 - 2016-03-03 10:49 - 00000000 ___RD C:\Users\TEMP\OneDrive
2016-03-03 10:48 - 2016-03-03 10:48 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Apple Computer
2016-03-03 10:47 - 2016-03-03 11:56 - 00000000 ____D C:\Users\TEMP
2016-03-03 10:47 - 2016-03-03 10:48 - 00000000 ____D C:\Users\TEMP\AppData\Local\Packages
2016-03-03 10:47 - 2016-03-03 10:47 - 00000000 _SHDL C:\Users\TEMP\My Documents
2016-03-03 10:47 - 2016-03-03 10:47 - 00000000 _SHDL C:\Users\TEMP\Documents\My Videos
2016-03-03 10:47 - 2016-03-03 10:47 - 00000000 _SHDL C:\Users\TEMP\Documents\My Pictures
2016-03-03 10:47 - 2016-03-03 10:47 - 00000000 _SHDL C:\Users\TEMP\Documents\My Music
2016-03-03 10:47 - 2016-03-03 10:47 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\WTablet
2016-03-03 10:47 - 2016-03-03 10:47 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Stardock
2016-03-03 10:47 - 2016-03-03 10:47 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2016-03-03 10:47 - 2016-03-03 10:47 - 00000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2016-03-03 10:47 - 2016-03-03 10:47 - 00000000 ____D C:\Users\TEMP\AppData\Local\TileDataLayer
2016-03-03 10:47 - 2016-03-03 10:47 - 00000000 ____D C:\Users\TEMP\AppData\Local\NVIDIA Corporation
2016-03-03 10:47 - 2016-03-03 10:47 - 00000000 ____D C:\Users\TEMP\AppData\Local\NVIDIA
2016-03-03 10:47 - 2016-03-03 10:47 - 00000000 ____D C:\Users\TEMP\AppData\Local\Google
2016-03-03 10:47 - 2016-03-02 06:56 - 00000000 ____D C:\Users\TEMP\Documents\Visual Studio 2013
2016-03-03 10:47 - 2016-01-21 06:40 - 00000000 ____D C:\Users\TEMP\AppData\Local\Microsoft Help
2016-03-03 10:47 - 2016-01-21 06:30 - 00000000 ____D C:\Users\TEMP\Documents\Visual Studio 2010
2016-03-03 10:47 - 2015-08-02 19:03 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Macromedia
2016-03-03 08:44 - 2016-03-03 07:47 - 00008192 _____ C:\shldr.mbr
2016-03-03 08:44 - 2010-03-11 15:17 - 00185835 _____ C:\shldr
2016-03-03 07:47 - 2016-03-03 14:28 - 00000000 ____D C:\WINDOWS\B3CB613C58D34692B2DA8F3EAC6288D4.TMP
2016-03-03 07:47 - 2016-03-03 14:28 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2016-03-03 07:47 - 2016-03-03 14:28 - 00000000 ____D C:\sh4ldr
2016-03-03 07:47 - 2016-03-03 07:47 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2016-03-03 07:42 - 2016-03-03 10:48 - 00000000 ____D C:\Program Files\Faster Web
2016-03-03 06:36 - 2016-03-03 06:36 - 00000000 _____ C:\autoexec.bat
2016-03-03 06:35 - 2016-03-03 07:41 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Enigma Software Group
2016-03-02 06:53 - 2016-03-02 06:56 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2013
2016-03-02 06:53 - 2016-03-02 06:56 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2013
2016-03-01 20:05 - 2016-03-01 20:09 - 00000000 ____D C:\Users\Jacob\AppData\Local\Rogue Amoeba
2016-03-01 19:56 - 2016-03-03 11:56 - 00000000 ____D C:\ProgramData\HitmanPro
2016-03-01 19:54 - 2016-03-03 11:56 - 00000000 ____D C:\Program Files (x86)\Airfoil
2016-03-01 12:18 - 2016-03-03 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERHOT [GOG.com]
2016-03-01 12:18 - 2016-03-01 12:18 - 00000000 ____D C:\Users\Jacob\AppData\LocalLow\SUPERHOT_Team
2016-03-01 12:18 - 2016-03-01 12:18 - 00000000 ____D C:\Users\Jacob\AppData\Local\SUPERHOT_Sp_z_o.o
2016-03-01 12:16 - 2016-03-01 12:16 - 00000000 ____D C:\Users\Jacob\AppData\LocalLow\SUPERHOT Team
2016-03-01 10:45 - 2016-03-03 11:56 - 00000000 ____D C:\AdwCleaner
2016-03-01 02:58 - 2016-03-01 02:58 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-02-29 14:29 - 2016-02-29 14:29 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Audiokinetic
2016-02-29 13:25 - 2016-02-29 13:25 - 00000000 ____D C:\Users\Jacob\ly_metrics
2016-02-29 13:25 - 2016-02-29 13:25 - 00000000 ____D C:\Users\Jacob\.aws
2016-02-29 12:59 - 2016-02-29 12:59 - 00000000 ____D C:\ProgramData\Imagination Technologies
2016-02-29 12:59 - 2016-02-29 12:59 - 00000000 ____D C:\Imagination
2016-02-29 12:47 - 2016-02-29 12:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2016-02-29 12:47 - 2016-02-29 12:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-02-29 12:46 - 2016-02-29 12:46 - 00000000 ____D C:\Program Files (x86)\Windows Phone Silverlight Kits
2016-02-29 12:45 - 2016-02-29 12:45 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE
2016-02-29 12:37 - 2016-03-03 11:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2016-02-29 12:33 - 2016-02-29 12:33 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2016-02-29 12:16 - 2016-03-03 11:56 - 00000000 ____D C:\ffmpeg
2016-02-29 12:14 - 2016-03-03 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wwise v2015.2_LTX build 5485
2016-02-29 12:14 - 2016-02-29 12:14 - 00000000 ____D C:\Program Files (x86)\Audiokinetic
2016-02-29 09:16 - 2016-02-29 09:16 - 00001257 _____ C:\Users\Jacob\Desktop\Project 64.lnk
2016-02-29 08:52 - 2016-02-29 08:52 - 00007614 _____ C:\Users\Jacob\AppData\Local\Resmon.ResmonCfg
2016-02-26 17:29 - 2016-02-26 17:29 - 00000756 _____ C:\Users\Jacob\Desktop\Portal Knights.lnk
2016-02-26 12:19 - 2016-02-26 12:19 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\SmartSteamEmu
2016-02-25 01:43 - 2016-02-25 01:43 - 00022151 _____ C:\Users\Jacob\AppData\Local\recently-used.xbel
2016-02-25 01:19 - 2016-02-25 01:19 - 00001523 _____ C:\Users\Jacob\Desktop\Gimp 2.8.lnk
2016-02-25 00:40 - 2016-02-25 00:42 - 00000000 ____D C:\Users\Jacob\AppData\Local\gamemaker_studio
2016-02-25 00:40 - 2016-02-25 00:40 - 00000000 ____D C:\Users\Jacob\Documents\GameMaker
2016-02-25 00:40 - 2016-02-25 00:40 - 00000000 ____D C:\ProgramData\gamemaker_studio
2016-02-25 00:22 - 2016-02-25 00:22 - 00000881 _____ C:\Users\Public\Desktop\GameMaker-Studio 1.4.1567 WMF 1522.lnk
2016-02-25 00:22 - 2016-02-25 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameMaker-Studio 1.4.1567 WMF 1522
2016-02-23 19:37 - 2016-02-23 19:37 - 00000000 ____D C:\Users\Jacob\AppData\Local\EMU
2016-02-23 04:27 - 2016-02-23 04:27 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Sony Creative Software Inc
2016-02-23 03:13 - 2016-02-23 03:13 - 00000886 _____ C:\Users\Jacob\Desktop\League of Legends.lnk
2016-02-23 01:53 - 2016-02-23 01:53 - 00000851 _____ C:\Users\Jacob\Desktop\Eclipse Java Mars.lnk
2016-02-23 01:53 - 2016-02-23 01:53 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse
2016-02-22 21:37 - 2016-02-22 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-02-22 15:45 - 2016-02-22 15:45 - 00006068 _____ C:\WINDOWS\system32\--traceoff
2016-02-22 15:45 - 2016-02-22 15:45 - 00001111 _____ C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk
2016-02-22 15:45 - 2016-02-22 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-02-22 15:45 - 2016-02-22 15:45 - 00000000 ____D C:\Program Files\Sony
2016-02-22 15:45 - 2016-02-22 15:45 - 00000000 ____D C:\Program Files (x86)\Sony
2016-02-22 15:45 - 2016-02-22 15:45 - 00000000 _____ C:\WINDOWS\system32\--debugoff
2016-02-18 15:53 - 2016-02-18 15:53 - 00000000 ____D C:\Users\Jacob\Desktop\Crowbar_2015-10-13_0.33
2016-02-18 03:11 - 2016-02-18 03:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-18 02:55 - 2016-02-18 02:55 - 00001216 _____ C:\Users\Jacob\Desktop\VTFEdit.lnk
2016-02-18 02:55 - 2016-02-18 02:55 - 00000000 ____D C:\Program Files (x86)\Nem's Tools
2016-02-18 01:15 - 2016-02-25 01:29 - 00000000 ____D C:\Python27
2016-02-18 01:15 - 2016-02-18 01:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2016-02-18 01:13 - 2016-02-18 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4
2016-02-17 22:16 - 2016-02-17 22:16 - 06567264 _____ (Tim Kosse) C:\Users\Jacob\Downloads\FileZilla_3.15.0.2_win64-setup.exe
2016-02-17 21:27 - 2016-02-17 21:27 - 00001533 _____ C:\Users\Public\Desktop\Wondershare Video Converter Ultimate.lnk
2016-02-17 21:27 - 2016-02-17 21:27 - 00000000 ____D C:\Users\Jacob\Documents\Wondershare MediaServer
2016-02-17 21:27 - 2016-02-17 21:27 - 00000000 ____D C:\Users\Jacob\AppData\Local\Wondershare
2016-02-17 21:27 - 2016-02-17 21:27 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2016-02-17 21:27 - 2016-02-17 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-02-17 21:27 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll
2016-02-17 21:27 - 2015-02-27 14:38 - 00214528 _____ () C:\WINDOWS\SysWOW64\WSCM32.dll
2016-02-17 21:26 - 2016-02-26 10:56 - 00000000 ____D C:\ProgramData\Wondershare
2016-02-17 21:26 - 2016-02-17 21:26 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-02-17 21:25 - 2016-02-17 21:26 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2016-02-17 09:56 - 2016-02-17 09:56 - 00000630 _____ C:\Users\Jacob\Desktop\osu!.lnk
2016-02-17 09:56 - 2016-02-17 09:56 - 00000630 _____ C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2016-02-16 18:18 - 2016-02-16 18:18 - 00000000 ____D C:\Users\Jacob\Documents\SavedGames
2016-02-16 18:17 - 2016-02-16 18:17 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2016-02-16 17:53 - 2016-02-16 18:16 - 00000000 ____D C:\Users\Jacob\Documents\SEGA Genesis Classics
2016-02-15 16:16 - 2016-02-16 07:29 - 00000000 ____D C:\Users\Jacob\AppData\Local\Arduino15
2016-02-15 16:16 - 2016-02-15 16:17 - 00000000 ____D C:\Users\Jacob\Documents\Arduino
2016-02-15 16:16 - 2016-02-15 16:16 - 00000000 ____D C:\Users\Jacob\.jssc
2016-02-15 16:14 - 2016-02-15 16:14 - 00001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk
2016-02-15 16:14 - 2016-02-15 16:14 - 00001060 _____ C:\Users\Public\Desktop\Arduino.lnk
2016-02-15 16:13 - 2016-02-15 16:14 - 00000000 ____D C:\Program Files (x86)\Arduino
2016-02-15 10:18 - 2016-02-15 10:18 - 00000000 ____D C:\Users\Jacob\AppData\Local\LIBFREDO6_DATA_Dir
2016-02-15 06:42 - 2016-02-15 06:42 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\dvdcss
2016-02-14 12:06 - 2016-02-14 12:07 - 06554232 _____ (Tim Kosse) C:\Users\Jacob\Downloads\FileZilla_3.15.0.1_win64-setup.exe
2016-02-14 07:03 - 2016-02-14 07:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2016-02-14 07:03 - 2016-02-14 07:03 - 00000000 ____D C:\Program Files\AutoHotkey
2016-02-14 07:02 - 2016-02-22 22:35 - 00001463 _____ C:\Users\Jacob\Desktop\FO4 controll.ahk
2016-02-14 04:52 - 2016-02-14 04:52 - 00002106 _____ C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2016-02-14 04:52 - 2016-02-14 04:52 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2016-02-12 00:36 - 2016-02-12 01:19 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\HexChat
2016-02-12 00:36 - 2016-02-12 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat
2016-02-12 00:36 - 2016-02-12 00:36 - 00000000 ____D C:\Program Files\HexChat
2016-02-11 23:07 - 2016-02-11 23:07 - 00000000 ____D C:\Users\Jacob\Documents\Visual Studio Libs
2016-02-11 22:56 - 2016-02-11 22:56 - 00000135 _____ C:\Users\Jacob\.gitconfig
2016-02-11 22:49 - 2016-02-12 02:19 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\GitHubVisualStudio
2016-02-11 11:45 - 2016-02-11 11:45 - 00000000 ____D C:\Users\Jacob\AppData\Local\WSplitTimer
2016-02-11 06:06 - 2016-02-29 12:45 - 00000000 ____D C:\Program Files (x86)\AppInsights
2016-02-11 06:06 - 2016-02-11 06:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2016-02-11 06:05 - 2016-02-11 06:06 - 00000000 ____D C:\ProgramData\Git
2016-02-11 06:05 - 2016-02-11 06:06 - 00000000 ____D C:\Program Files\Git
2016-02-11 06:01 - 2016-02-11 06:01 - 00000000 ____D C:\Program Files\IIS Express
2016-02-11 06:01 - 2016-02-11 06:01 - 00000000 ____D C:\Program Files (x86)\IIS Express
2016-02-11 05:57 - 2016-02-11 05:57 - 00000000 ____D C:\Program Files (x86)\ShellDir
2016-02-11 05:56 - 2016-02-11 05:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
2016-02-11 05:55 - 2016-02-29 12:36 - 00000000 ____D C:\Program Files (x86)\NuGet
2016-02-11 05:55 - 2016-02-11 05:55 - 00000941 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-02-11 05:55 - 2016-02-11 05:55 - 00000000 ____D C:\ProgramData\NuGet
2016-02-11 05:55 - 2016-02-11 05:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2016-02-11 05:55 - 2016-02-11 05:55 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2016-02-11 05:54 - 2016-02-11 05:54 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2016-02-11 05:54 - 2016-02-11 05:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-02-11 05:51 - 2016-02-11 06:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2016-02-11 05:49 - 2016-02-11 05:49 - 00000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-02-11 05:47 - 2016-02-11 05:47 - 00030400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2016-02-11 05:47 - 2016-02-11 05:47 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2016-02-11 05:21 - 2016-02-11 05:21 - 00003243 _____ C:\stat.txt
2016-02-11 05:21 - 2016-02-11 05:21 - 00002420 _____ C:\FCA9A89B5D3DBEBEA2C244D108AF2BC5.rf
2016-02-11 05:21 - 2016-02-11 05:21 - 00001832 _____ C:\AA88C5DC26DE6F4D341FB90C41DF90DF.rf
2016-02-11 05:21 - 2016-02-11 05:21 - 00001081 _____ C:\63BF7DB19E7833E1D23F2E5434C07C35.rf
2016-02-11 05:21 - 2016-02-11 05:21 - 00000682 _____ C:\0CE56368E40E128F910FCE80AC154429.rf
2016-02-11 05:18 - 2016-02-11 05:19 - 00000000 ____D C:\Users\Jacob\AppData\Local\lazarus
2016-02-10 11:00 - 2016-02-23 19:36 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Warner Bros. Interactive Entertainment
2016-02-09 20:16 - 2016-02-09 20:16 - 00000000 ____D C:\Users\Jacob\AppData\LocalLow\Unity
2016-02-09 20:14 - 2016-02-09 20:14 - 00000000 ____D C:\Users\Jacob\AppData\LocalLow\ChilledMouse
2016-02-09 12:36 - 2016-02-09 12:36 - 00000000 ____D C:\Program Files\Microsoft Office
2016-02-09 12:34 - 2016-01-30 23:25 - 01951872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 12:34 - 2016-01-30 23:25 - 01248896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 12:34 - 2016-01-30 23:24 - 01824880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-09 12:34 - 2016-01-30 23:23 - 02601160 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 12:34 - 2016-01-30 23:23 - 01420392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-02-09 12:34 - 2016-01-30 23:06 - 01535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-09 12:34 - 2016-01-30 23:06 - 01531368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 12:34 - 2016-01-30 23:06 - 00809336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 12:34 - 2016-01-30 23:04 - 01811360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 12:34 - 2016-01-30 23:04 - 01180696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-02-09 12:34 - 2016-01-30 22:38 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-09 12:34 - 2016-01-30 22:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-09 12:34 - 2016-01-30 22:33 - 24593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-09 12:34 - 2016-01-30 22:33 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\IoTAssignedAccessLockFramework.dll
2016-02-09 12:34 - 2016-01-30 22:29 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-09 12:34 - 2016-01-30 22:29 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2016-02-09 12:34 - 2016-01-30 22:26 - 06787072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-02-09 12:34 - 2016-01-30 22:26 - 03793408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-02-09 12:34 - 2016-01-30 22:25 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-09 12:34 - 2016-01-30 22:25 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-09 12:34 - 2016-01-30 22:25 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-02-09 12:34 - 2016-01-30 22:25 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 12:34 - 2016-01-30 22:24 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-02-09 12:34 - 2016-01-30 22:24 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-02-09 12:34 - 2016-01-30 22:24 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-02-09 12:34 - 2016-01-30 22:23 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-02-09 12:34 - 2016-01-30 22:22 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-02-09 12:34 - 2016-01-30 22:20 - 02849792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-09 12:34 - 2016-01-30 22:19 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-09 12:34 - 2016-01-30 22:19 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-02-09 12:34 - 2016-01-30 22:19 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IoTAssignedAccessLockFramework.dll
2016-02-09 12:34 - 2016-01-30 22:18 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 12:34 - 2016-01-30 22:18 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 12:34 - 2016-01-30 22:17 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-09 12:34 - 2016-01-30 22:17 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 12:34 - 2016-01-30 22:16 - 09889280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-09 12:34 - 2016-01-30 22:16 - 00950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 12:34 - 2016-01-30 22:14 - 07525376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 12:34 - 2016-01-30 22:14 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-09 12:34 - 2016-01-30 22:13 - 04791808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-09 12:34 - 2016-01-30 22:13 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2016-02-09 12:34 - 2016-01-30 22:13 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 12:34 - 2016-01-30 22:11 - 05156352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-02-09 12:34 - 2016-01-30 22:11 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-02-09 12:34 - 2016-01-30 22:11 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 12:34 - 2016-01-30 22:11 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 12:34 - 2016-01-30 22:07 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-09 12:34 - 2016-01-30 22:06 - 02316800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-09 12:34 - 2016-01-30 22:05 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-09 12:34 - 2016-01-30 22:05 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-02-09 12:34 - 2016-01-30 22:05 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 12:34 - 2016-01-30 22:04 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 12:34 - 2016-01-30 22:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-09 12:34 - 2016-01-30 22:02 - 00768000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 12:34 - 2016-01-30 22:00 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-09 12:34 - 2016-01-30 21:59 - 05457408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 12:34 - 2016-01-30 21:58 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 12:27 - 2016-02-09 12:27 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-02-09 12:26 - 2016-02-09 12:26 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-02-08 17:25 - 2016-02-08 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-02-08 17:23 - 2016-02-08 17:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-02-05 14:36 - 2016-02-07 21:32 - 00000000 ____D C:\Users\Jacob\Documents\Drawings
2016-02-05 14:02 - 2016-02-05 14:02 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\SYSTEMAX Software Development
2016-02-05 14:02 - 2016-02-05 14:02 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2016-02-05 05:35 - 2016-02-05 08:41 - 00003728 _____ C:\Users\Jacob\MLPJ.hbk
2016-02-04 13:40 - 2016-02-04 13:41 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\ImgBurn
2016-02-04 13:38 - 2016-02-04 13:38 - 00001946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-02-04 13:38 - 2016-02-04 13:38 - 00001934 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2016-02-04 13:38 - 2016-02-04 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-02-04 13:38 - 2016-02-04 13:38 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2016-02-04 13:33 - 2016-02-04 13:33 - 00001325 _____ C:\Users\Jacob\Desktop\WinISO.lnk
2016-02-04 13:33 - 2016-02-04 13:33 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\WinISO Computing
2016-02-04 13:33 - 2016-02-04 13:33 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISO
2016-02-04 13:33 - 2016-02-04 13:33 - 00000000 ____D C:\Users\Jacob\AppData\Local\WinISO Computing
2016-02-04 13:33 - 2016-02-04 13:33 - 00000000 ____D C:\Program Files (x86)\WinISO Computing
2016-02-04 13:33 - 2014-02-26 03:09 - 00204032 _____ (WinISO.com) C:\WINDOWS\system32\Drivers\WinisoCDBus.sys
2016-02-03 07:08 - 2016-02-03 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IronPython 2.7
2016-02-03 07:08 - 2016-02-03 07:08 - 00000000 ____D C:\Program Files (x86)\IronPython 2.7
2016-02-03 07:02 - 2016-02-03 07:02 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher
2016-02-03 07:02 - 2016-02-03 07:02 - 00000000 ____D C:\Program Files (x86)\NirSoft
2016-02-02 02:47 - 2016-02-02 02:47 - 00001059 _____ C:\Users\Jacob\Desktop\Auto Clicker for Games.lnk
2016-02-02 02:47 - 2016-02-02 02:47 - 00001019 _____ C:\Users\Jacob\Desktop\Auto Clicker.lnk
2016-02-02 02:47 - 2016-02-02 02:47 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Auto Clicker
2016-02-02 02:47 - 2016-02-02 02:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker
2016-02-02 00:35 - 2016-02-02 00:42 - 00000000 ____D C:\Program Files (x86)\K-Meleon
2016-02-02 00:35 - 2016-02-02 00:40 - 00000000 ____D C:\Users\Jacob\AppData\Local\K-Meleon
2016-02-02 00:35 - 2016-02-02 00:35 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Meleon.lnk
2016-02-02 00:35 - 2016-02-02 00:35 - 00001174 _____ C:\Users\Public\Desktop\K-Meleon.lnk
2016-02-02 00:35 - 2016-02-02 00:35 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\K-Meleon

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-03 20:10 - 2015-08-02 19:05 - 00000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-03-03 20:07 - 2015-08-17 02:32 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-03 19:32 - 2015-09-16 11:24 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-03 19:17 - 2015-07-30 11:50 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-03 19:10 - 2015-08-02 19:05 - 00000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-03-03 17:39 - 2015-08-10 10:05 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DFB04E5D-E8B3-4431-B8D9-20FBD5FE0A23}
2016-03-03 17:01 - 2015-07-30 11:36 - 01017316 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-03 17:01 - 2015-07-10 04:02 - 00000000 ____D C:\WINDOWS\INF
2016-03-03 16:55 - 2015-07-30 12:05 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-03 16:55 - 2015-07-30 11:50 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-03 16:55 - 2015-07-10 06:12 - 00000000 ____D C:\WINDOWS\OCR
2016-03-03 16:55 - 2015-07-10 05:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-03 16:55 - 2015-07-10 02:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-03 16:36 - 2015-09-16 11:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-03 16:30 - 2015-07-30 11:51 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-03 16:18 - 2015-11-10 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.2
2016-03-03 14:28 - 2015-11-11 06:05 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-03-03 14:26 - 2015-07-30 11:33 - 00000000 ____D C:\Users\Jacob
2016-03-03 13:34 - 2016-01-29 01:46 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\vlc
2016-03-03 13:34 - 2015-09-11 14:12 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\FrostWire
2016-03-03 11:56 - 2016-01-25 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2016-03-03 11:56 - 2015-12-05 13:12 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Citra team
2016-03-03 11:56 - 2015-11-08 06:22 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-03-03 11:56 - 2015-10-25 17:36 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Winamp
2016-03-03 11:56 - 2015-08-21 20:02 - 00000000 ____D C:\Program Files (x86)\i-Funbox DevTeam
2016-03-03 11:56 - 2015-08-11 01:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-03 11:56 - 2015-08-11 00:04 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-03-03 11:56 - 2015-08-10 23:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-03 11:56 - 2015-08-02 18:41 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\BitTorrent
2016-03-03 11:56 - 2015-07-30 11:35 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-03 11:56 - 2015-07-10 04:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-03-03 11:56 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\registration
2016-03-03 11:56 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\appcompat
2016-03-03 11:56 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-03 11:55 - 2015-08-11 00:18 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-03-03 11:55 - 2015-08-11 00:05 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-03-03 11:55 - 2015-08-11 00:02 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-03-03 11:55 - 2015-08-02 22:58 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-03-03 11:55 - 2015-08-02 21:31 - 00000000 ____D C:\Program Files (x86)\ROCCAT
2016-03-03 11:55 - 2015-07-31 19:14 - 00000000 ____D C:\Users\Jacob\Documents\My Games
2016-03-03 11:17 - 2015-08-02 19:03 - 00000000 ____D C:\Users\Jacob\AppData\Local\Adobe
2016-03-03 11:17 - 2015-07-10 04:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-03 11:17 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-03 11:10 - 2015-11-11 18:46 - 00000000 ____D C:\Users\Jacob\AppData\Local\CrashDumps
2016-03-03 07:45 - 2015-11-04 04:38 - 00000000 ____D C:\Users\Jacob\AppData\LocalLow\BitTorrent
2016-03-03 05:12 - 2015-08-19 04:56 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\BoL
2016-02-29 12:37 - 2015-07-10 03:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-29 08:50 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-02-28 20:52 - 2015-08-30 00:18 - 00000000 ____D C:\Program Files (x86)\JetBrains
2016-02-28 20:45 - 2015-08-30 01:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2016-02-26 18:24 - 2015-08-17 02:32 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-02-26 10:56 - 2016-01-20 06:46 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2016-02-25 02:02 - 2015-12-28 20:11 - 00000000 ____D C:\Users\Jacob\.gimp-2.8
2016-02-25 01:57 - 2015-12-28 20:16 - 00000000 ____D C:\Users\Jacob\AppData\Local\gtk-2.0
2016-02-25 00:28 - 2016-01-15 07:34 - 00000000 ____D C:\Users\Jacob\AppData\Local\UNDERTALE
2016-02-24 22:42 - 2015-11-22 18:53 - 00001781 _____ C:\Users\Jacob\Desktop\KonePureOptions.lnk
2016-02-23 01:59 - 2015-07-30 15:52 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Skype
2016-02-23 01:55 - 2015-10-24 05:40 - 00000000 ____D C:\Users\Jacob\.p2
2016-02-22 22:13 - 2015-07-30 15:52 - 00000000 ____D C:\ProgramData\Skype
2016-02-22 21:39 - 2015-09-20 16:06 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Riot Games
2016-02-22 15:45 - 2015-11-04 04:58 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Sony
2016-02-22 15:45 - 2015-11-04 04:58 - 00000000 ____D C:\Users\Jacob\AppData\Local\Sony
2016-02-22 15:04 - 2015-11-04 09:26 - 00000000 ____D C:\Users\Jacob\Documents\Sony Vegas Projects
2016-02-18 11:35 - 2016-01-20 14:31 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\FileZilla
2016-02-18 03:11 - 2015-08-02 19:05 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-02-18 02:55 - 2015-11-12 08:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nem's Tools
2016-02-18 02:55 - 2015-10-09 19:04 - 00000000 ____D C:\Users\Jacob\AppData\Local\Nem's Tools
2016-02-18 02:54 - 2015-11-12 08:55 - 00000000 ____D C:\Program Files\Nem's Tools
2016-02-17 23:23 - 2016-01-20 14:31 - 00001927 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-02-17 23:23 - 2016-01-20 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-02-17 23:23 - 2016-01-20 14:31 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-02-17 22:48 - 2015-11-30 11:32 - 00000000 ____D C:\Users\Jacob\AppData\Local\JDownloader 2.0
2016-02-17 21:15 - 2015-11-04 04:40 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Audacity
2016-02-15 16:16 - 2015-08-26 07:37 - 00000000 ____D C:\Users\Jacob\.oracle_jre_usage
2016-02-14 07:06 - 2015-08-05 07:55 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-02-14 07:03 - 2015-07-10 06:14 - 00000000 ____D C:\WINDOWS\ShellNew
2016-02-14 06:23 - 2015-11-20 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-02-14 04:59 - 2015-08-26 06:39 - 00000024 _____ C:\Users\Jacob\random.dat
2016-02-14 04:52 - 2015-08-26 06:39 - 00000044 _____ C:\Users\Jacob\jagex_cl_runescape_LIVE.dat
2016-02-12 16:00 - 2015-07-10 05:20 - 04985008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-12 12:04 - 2015-11-04 05:31 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\OBS
2016-02-12 07:46 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\rescache
2016-02-12 06:17 - 2015-07-10 04:04 - 00000167 _____ C:\WINDOWS\win.ini
2016-02-12 02:19 - 2015-08-11 01:48 - 00000000 ____D C:\Users\Jacob\AppData\Local\GitHubVisualStudio
2016-02-11 23:07 - 2015-08-11 00:36 - 00000000 ____D C:\Users\Jacob\Documents\Visual Studio 2015
2016-02-11 11:13 - 2015-11-04 05:31 - 00000000 ____D C:\Program Files (x86)\OBS
2016-02-11 09:32 - 2015-09-15 22:46 - 00000000 ____D C:\Users\Jacob\AppData\Local\ElevatedDiagnostics
2016-02-11 05:59 - 2015-08-11 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2016-02-11 05:54 - 2015-11-21 22:58 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2016-02-11 05:51 - 2015-08-11 00:04 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2016-02-11 05:49 - 2015-08-11 00:02 - 00000000 ____D C:\WINDOWS\system32\1033
2016-02-11 05:44 - 2015-07-10 04:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-11 05:43 - 2015-12-12 17:29 - 00000000 ____D C:\WINDOWS\Panther
2016-02-11 05:43 - 2015-11-16 22:00 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-11 05:34 - 2015-07-31 19:25 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Battle.net
2016-02-11 05:34 - 2015-07-31 19:24 - 00000000 ____D C:\ProgramData\Battle.net
2016-02-11 05:15 - 2015-07-30 11:35 - 00000000 ____D C:\Users\Jacob\AppData\Local\Packages
2016-02-11 04:05 - 2015-07-30 11:48 - 00000000 ____D C:\Users\Jacob\AppData\Local\Comms
2016-02-10 02:07 - 2015-08-17 02:32 - 00004030 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-02-09 14:45 - 2015-09-09 10:16 - 00000003 _____ C:\WINDOWS\SysWOW64\HRUPPROG.TXT
2016-02-09 13:09 - 2015-07-10 06:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-09 12:41 - 2015-08-11 17:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-09 12:37 - 2015-08-11 17:45 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-09 12:36 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-09 12:28 - 2015-08-02 19:03 - 00000000 ____D C:\ProgramData\Oracle
2016-02-09 12:27 - 2015-08-02 19:07 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-02-09 12:27 - 2015-08-02 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-02-09 12:27 - 2015-08-02 19:06 - 00000000 ____D C:\Program Files\Java
2016-02-09 12:27 - 2015-08-02 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-09 12:27 - 2015-08-02 19:03 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-08 17:25 - 2015-11-11 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-02-07 21:23 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-05 16:30 - 2015-07-30 11:36 - 00002363 _____ C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-05 16:30 - 2014-05-22 02:40 - 00000000 ___RD C:\Users\Jacob\OneDrive
2016-02-05 09:07 - 2015-10-23 13:12 - 00000000 ____D C:\Users\Jacob\Documents\Visual Studio 2010
2016-02-05 01:06 - 2015-10-28 19:13 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\SpaceEngineers
2016-02-03 21:27 - 2015-11-03 17:30 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\CodeBlocks
2016-02-03 21:20 - 2015-08-02 19:05 - 00000000 ____D C:\Users\Jacob\AppData\Local\Dropbox
2016-02-02 15:47 - 2015-07-10 04:06 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-02 15:47 - 2015-07-10 04:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-08-25 04:40 - 2015-08-25 04:40 - 0000000 _____ () C:\Program Files (x86)\SMITESkins Giveaway Checker
2015-08-26 10:20 - 2015-11-10 20:25 - 0000132 _____ () C:\Users\Jacob\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-09-09 00:50 - 2015-11-27 02:54 - 0001456 _____ () C:\Users\Jacob\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-02-25 01:43 - 2016-02-25 01:43 - 0022151 _____ () C:\Users\Jacob\AppData\Local\recently-used.xbel
2016-02-29 08:52 - 2016-02-29 08:52 - 0007614 _____ () C:\Users\Jacob\AppData\Local\Resmon.ResmonCfg
2015-07-30 11:30 - 2015-07-30 11:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Jacob\tutorial.bat


Some files in TEMP:
====================
C:\Users\Jacob\AppData\Local\Temp\130933816155906556.exe
C:\Users\Jacob\AppData\Local\Temp\130933816297829832.exe
C:\Users\Jacob\AppData\Local\Temp\13093381634296261781.exe
C:\Users\Jacob\AppData\Local\Temp\13093381649280305191.exe
C:\Users\Jacob\AppData\Local\Temp\130933816838267715.exe
C:\Users\Jacob\AppData\Local\Temp\13093381695932556335.exe
C:\Users\Jacob\AppData\Local\Temp\130933817353067925.exe
C:\Users\Jacob\AppData\Local\Temp\13093381746702688669.exe
C:\Users\Jacob\AppData\Local\Temp\130933817609823706.exe
C:\Users\Jacob\AppData\Local\Temp\13093381773366082865.exe
C:\Users\Jacob\AppData\Local\Temp\AAMHelper.exe
C:\Users\Jacob\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Jacob\AppData\Local\Temp\Bass.dll
C:\Users\Jacob\AppData\Local\Temp\Bass.Net.dll
C:\Users\Jacob\AppData\Local\Temp\borlndlm.dll
C:\Users\Jacob\AppData\Local\Temp\DelC5FD.exe
C:\Users\Jacob\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Jacob\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpd2fexj.dll
C:\Users\Jacob\AppData\Local\Temp\DSETUP.dll
C:\Users\Jacob\AppData\Local\Temp\dsetup32.dll
C:\Users\Jacob\AppData\Local\Temp\dt_3115.tmp.exe
C:\Users\Jacob\AppData\Local\Temp\DXSETUP.exe
C:\Users\Jacob\AppData\Local\Temp\FreemakeVideoDownloaderFull.exe
C:\Users\Jacob\AppData\Local\Temp\JDSetup130933818864850490.exe
C:\Users\Jacob\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Jacob\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Jacob\AppData\Local\Temp\LSW3.Dll
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.60.16.exe
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.61.1.exe
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.61.13.exe
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.61.5.exe
C:\Users\Jacob\AppData\Local\Temp\npp.6.8.6.Installer.exe
C:\Users\Jacob\AppData\Local\Temp\npp.6.8.8.Installer.exe
C:\Users\Jacob\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Jacob\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Jacob\AppData\Local\Temp\nvStInst.exe
C:\Users\Jacob\AppData\Local\Temp\proxy_vole524738876908531706.dll
C:\Users\Jacob\AppData\Local\Temp\proxy_vole7797790257355062845.dll
C:\Users\Jacob\AppData\Local\Temp\proxy_vole804048800473882900.dll
C:\Users\Jacob\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Jacob\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Jacob\AppData\Local\Temp\_is3191.exe
C:\Users\Jacob\AppData\Local\Temp\_is524B.exe
C:\Users\Jacob\AppData\Local\Temp\_isA55A.exe
C:\Users\Jacob\AppData\Local\Temp\_isAF80.exe
C:\Users\Jacob\AppData\Local\Temp\_isCA34.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-02 06:52

==================== End of FRST.txt ============================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version:02-03-2016
Ran by Jacob (2016-03-03 20:10:38)
Running from H:\Downloads
Windows 10 Pro (X64) (2015-07-30 18:35:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3949139464-329665614-2156926167-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3949139464-329665614-2156926167-503 - Limited - Disabled)
Guest (S-1-5-21-3949139464-329665614-2156926167-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3949139464-329665614-2156926167-1003 - Limited - Enabled)
Jacob (S-1-5-21-3949139464-329665614-2156926167-1000 - Administrator - Enabled) => C:\Users\Jacob

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.2.187 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Professional CC 2015 (HKLM-x32\...\{31390329-FFF0-11E4-85AD-AF2C4143F080}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Anvi Browser Repair Tool (HKLM-x32\...\Anvi Browser Repair Tool) (Version: 2.0 - Anvisoft)
Apple Application Support (32-bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{97FCE17A-EE75-465B-A844-3D458CF8B801}) (Version: 4.2.60128.3 - Microsoft Corporation)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.7 - Arduino LLC)
ArtRage Lite (HKLM-x32\...\ArtRage Lite 4.5.9) (Version: 4.5.9 - Ambient Design)
ArtRage Lite (Version: 4.5.9 - Ambient Design) Hidden
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 40.38207680.-1241513545.0 - Audible, Inc.)
Auto Clicker v2.0 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 2.0 - MurGee.com)
AutoHotkey 1.1.23.01 (HKLM\...\AutoHotkey) (Version: 1.1.23.01 - Lexikos)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Bitcoin Armory (HKLM-x32\...\Bitcoin Armory) (Version: 0.93.3.0 - Armory Technologies Inc.)
Bitcoin Core (64-bit) (HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Bitcoin Core (64-bit)) (Version: 0.11.2 - Bitcoin Core project)
BitTorrent (HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\BitTorrent) (Version: 7.9.5.41713 - BitTorrent Inc.)
BitTorrent Sync (HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\BitTorrent Sync) (Version: 2.1.1 - BitTorrent Inc.)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{D593042C-8739-488D-93B8-E6B202013E57}) (Version: 2.76.1 - Blender Foundation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Qm9yZGVybGFuZHNUaGVQcmVTZXF1ZWw=_is1) (Version: 1 - )
Brackets (HKLM-x32\...\{C2948D70-A8DF-4DF7-8D71-8E280C046564}) (Version: 1.4 - brackets.io)
Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Castle Story (HKLM-x32\...\Steam App 227860) (Version:  - Sauropod Studio)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version:  - Cheat Engine)
CMake 3.2.3, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.2.3) (Version: 3.2.3 - Kitware)
CodeBlocks (HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Creative Live! Cam Socialize HD AF / ZiiCam (VF0690) (1.00.12.00) (HKLM\...\Creative VF0690) (Version:  - Creative Technology Ltd.)
Creativerse (HKLM-x32\...\Steam App 280790) (Version:  - Playful Corporation)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
devkitProUpdater 1.6.0 (HKLM-x32\...\devkitProUpdater) (Version: 1.6.0 - devkitPro)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dota 2 Workshop Tools Alpha (HKLM-x32\...\Steam App 316570) (Version:  - )
Dotfuscator and Analytics Community Edition 5.19.0 (x32 Version: 5.19.0.2930 - PreEmptive Solutions) Hidden
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
DragomonHunter-US version 1 (HKLM-x32\...\DragomonHunter-US_is1) (Version: 1 - Aeria Games)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Dungeon Defenders (HKLM-x32\...\Dungeon Defenders_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version:  - Trendy Entertainment)
Dying Light (HKLM-x32\...\Steam App 239140) (Version:  - Techland)
Dying Light Developer Tools (HKLM-x32\...\Steam App 350570) (Version:  - )
emu8086 microprocessor emulator (HKLM-x32\...\emu8086 microprocessor emulator_is1) (Version:  - emu8086)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
FileZilla Client 3.15.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.15.0.2 - Tim Kosse)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation)
FrostWire 4.21.8 (HKLM-x32\...\FrostWire) (Version: 4.21.8.0 - FrostWire Team)
GameMaker-Studio 1.4.1567 WMF 1522 (HKLM-x32\...\GameMaker-Studio 1.4.1567 WMF 1522) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Git version 2.7.0 (HKLM\...\Git_is1) (Version: 2.7.0 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.75 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GRAV (HKLM-x32\...\Steam App 332500) (Version:  - BitMonster, Inc.)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version:  - )
Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version:  - Arkedo)
Hex Workshop v6.8 (HKLM\...\{A36AC685-4435-4C16-861F-221231DE165D}) (Version: 6.8.0.5419 - BreakPoint Software)
HexChat (HKLM\...\HexChat_is1) (Version: 2.10.2 - HexChat)
HF pAppLoc version 1.1.1 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.1.1 - Inquisitor)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Hyperdimension Neptunia Re Birth3 V Generation (HKLM-x32\...\Hyperdimension Neptunia Re Birth3 V Generation_is1) (Version:  - )
iFunbox (v3.0.3109.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3109.1352 - iFunbox DevTeam)
IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
ILLUSION プレイクラブ (HKLM-x32\...\{EDA7A566-434A-4784-AE98-74AFA46A2485}) (Version: 1.00.0000 - ILLUSION)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IntelliJ IDEA 14.0 (HKLM-x32\...\IntelliJ IDEA 14.0) (Version: 139.224.1 - JetBrains s.r.o.)
IronPython 2.7.5 (HKLM-x32\...\{08B74EC9-BC55-418A-A5AA-E589DA2B96C0}) (Version: 2.7.51000.0 - IronPython Team)
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation)
Java SE Development Kit 8 Update 66 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180660}) (Version: 8.0.660.17 - Oracle Corporation)
Java(TM) SE Development Kit 6 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2-1) (Version: 2.0 - AppWork GmbH)
Jet Set Radio (HKLM-x32\...\Steam App 205950) (Version:  - Blit Software)
JetBrains PyCharm Community Edition 5.0.3 (HKLM-x32\...\PyCharm Community Edition 5.0.3) (Version: 143.1559.1 - JetBrains s.r.o.)
JPEXS Free Flash Decompiler (HKLM-x32\...\{E618D276-6596-41F4-8A98-447D442A77DB}_is1) (Version: 7.1.2 - JPEXS)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
K-Meleon 75.0 (x86 en-US) (HKLM-x32\...\K-Meleon 75.0 (x86 en-US)) (Version: 75.0 - kmeleonbrowser.org)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Excel 2010 (HKLM\...\Office14.EXCEL) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 1 (HKLM-x32\...\{1d03ad7c-fa27-4517-91b0-410bb49f94d9}) (Version: 14.0.24720.1 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiniTool Partition Wizard Professional Edition 8.1.1 (HKLM-x32\...\{2991A446-D356-44EC-930A-42E8B02A67C0}_is1) (Version:  - MiniTool Solution Ltd.)
Move or Die (HKLM-x32\...\Steam App 323850) (Version:  - Those Awesome Guys)
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.13 - Black Tree Gaming)
NifSkope (remove only) (HKLM-x32\...\NifSkope) (Version:  - )
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Graphics Driver 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{8e6b3a05-d940-4ee2-a8cc-bd6affaf9c52}) (Version: latest - ppy Pty Ltd)
Oxygen XML Editor 16.0 (64-bit) (HKLM\...\8531-1278-6363-8538) (Version: 16.0 - SyncRO Soft)
PacketEditor (HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\ba44f091a69c28bf) (Version: 0.2.2.1 - PacketEditor)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Phase Shift (HKLM-x32\...\Phase Shift) (Version: 1.27 - DWSK)
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version:  - Kakao Corp.)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Primal Carnage (HKLM-x32\...\Steam App 215470) (Version:  - Lukewarm Media)
Python 2.7 PIL-1.1.7 (HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\PIL-py2.7) (Version:  - )
Python 2.7 pycrypto-2.6 (HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\pycrypto-py2.7) (Version:  - )
Python 2.7 pygtk-2.24.0 (HKLM-x32\...\pygtk-py2.7) (Version:  - )
Python 2.7.10 (HKLM-x32\...\{E2B51919-207A-43EB-AE78-733F9C6797C2}) (Version: 2.7.10150 - Python Software Foundation)
Python 2.7.8 (HKLM-x32\...\{61121B12-88BD-4261-A6EE-AB32610A56DD}) (Version: 2.7.8150 - Python Software Foundation)
Python 3.4.3 (64-bit) (HKLM\...\{9529565f-e693-3f11-b3bf-8cd545f5f9a0}) (Version: 3.4.3150 - Python Software Foundation)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Add to Path (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.2.13009.198 - raidcall.com.ru)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Relic Hunters Zero (HKLM-x32\...\Steam App 382490) (Version:  - Rogue Snail)
Remote Mouse version 2.70 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.70 - Remote Mouse)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version:  - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0015 - Roccat GmbH)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.24730 - Microsoft Corporation) Hidden
Ruby 2.2.2-p95 (HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\{F4249FFD-42CD-4404-9534-170D074544F4}_is1) (Version: 2.2.2-p95 - RubyInstaller Team)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version:  - Sega)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
SketchUp Pro 8 (HKLM-x32\...\{045D5A51-F07E-4350-8642-B85772A2876B}) (Version: 3.0.16846 - Trimble Navigation Limited)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Skyrim Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - bgs.bethsoft.com)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 3.2.3247.1 - Hi-Rez Studios)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.12 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3083 (HKLM-x32\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.88 - NCH Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Swords and Soldiers HD (HKLM-x32\...\Steam App 63500) (Version:  - Ronimo Games)
Symform (HKLM\...\{73EDDF5E-CE9E-4A77-917F-58BBA5110300}) (Version: 4.24.0.0 - Symform, Inc.)
Tabletop Simulator (HKLM-x32\...\Steam App 286160) (Version:  - Berserk Games)
Talisman: Digital Edition (HKLM-x32\...\Steam App 247000) (Version:  - Nomad Games)
Talisman: Prologue (HKLM-x32\...\Steam App 258200) (Version:  - Nomad Games)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.24712 - Microsoft Corporation) Hidden
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2015 Update 1 (KB3022398) (HKLM-x32\...\{fcaa9dba-9438-48b6-ad91-4e9b4cc7084a}) (Version: 14.0.24720 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VS Update core components (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-2 - Wacom Technology Corp.)
Warface (HKLM-x32\...\Steam App 291480) (Version:  - Crytek)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation)
WinImage (HKLM-x32\...\WinImage) (Version:  - )
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.30 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.1 - win.rar GmbH)
Wireshark 2.0.0 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.0.0 - The Wireshark developer community, hxxps://www.wireshark.org)
Wondershare Video Converter Ultimate(Build 8.5.6.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.5.6.0 - Wondershare Software)
YouTube Playlist Downloader (HKLM-x32\...\{7583A67D-21C4-411D-825E-A857F99C01D7}) (Version: 3.6.3.3 - YouTubeSoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3949139464-329665614-2156926167-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FC211E1A9F7A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-3949139464-329665614-2156926167-1000_Classes\CLSID\{581FFA00-FC33-0001-0102-95003A5CDE89}\InprocServer32 -> C:\Users\Jacob\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_33.dll ()
CustomCLSID: HKU\S-1-5-21-3949139464-329665614-2156926167-1000_Classes\CLSID\{581FFA01-FC33-0001-0102-95003A5CDE89}\InprocServer32 -> C:\Users\Jacob\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_33.dll ()
CustomCLSID: HKU\S-1-5-21-3949139464-329665614-2156926167-1000_Classes\CLSID\{581FFA02-FC33-0001-0102-95003A5CDE89}\InprocServer32 -> C:\Users\Jacob\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_33.dll ()
CustomCLSID: HKU\S-1-5-21-3949139464-329665614-2156926167-1000_Classes\CLSID\{581FFA03-FC33-0001-0102-95003A5CDE89}\InprocServer32 -> C:\Users\Jacob\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_33.dll ()
CustomCLSID: HKU\S-1-5-21-3949139464-329665614-2156926167-1000_Classes\CLSID\{581FFA04-FC33-0001-0102-95003A5CDE89}\InprocServer32 -> C:\Users\Jacob\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_33.dll ()
CustomCLSID: HKU\S-1-5-21-3949139464-329665614-2156926167-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Jacob\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3949139464-329665614-2156926167-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0DFB9A7F-5FEE-40BF-9A1A-FB445F34EA8B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {33D148A6-754C-43D6-AD6E-57F125500F78} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-02] (Dropbox, Inc.)
Task: {3E8A07E8-774D-4B83-9112-029161DDCB06} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-09] (Microsoft Corporation)
Task: {53A7ECC2-5E1C-4784-A17D-FB044E9D3BAC} - System32\Tasks\SymformServicesRestart => C:\Program Files\Symform\Node Service\symform.restart.cmd [2014-10-08] ()
Task: {565C1902-C81A-4CD3-B611-582F7E0678E8} - System32\Tasks\{85BEE93D-2F18-42C9-A476-59FF945C65EF} => pcalua.exe -a C:\WINDOWS\AppPatch\AppLoc.exe -d "F:\Tdown\[150424] [ILLUSION] プレイクラブ + Bunny Set + Maid Set + Ecchi Costume Set + Wallpaper\プレイクラブ 発売記念 追加データセット" -c "F:\Tdown\[150424] [ILLUSION] プレイクラブ + Bunny Set + Maid Set + Ecchi Costume Set + Wallpaper\プレイクラブ 発売記念 追加データセット\FileCopy.exe" "/L0411"
Task: {71B92B91-669B-4740-B337-D264D84A866A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30] (Google Inc.)
Task: {8C16010C-AA11-4A4D-A22C-4F5C2CD8C865} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-02] (Dropbox, Inc.)
Task: {973DF9B7-E74B-4C67-9AEE-D6EE37231BF3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {B0A39B89-19DD-4DC8-823C-D34F7E764D88} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {D42F5E0C-A2E0-4EC7-9825-456BBA7ACC6D} - System32\Tasks\SymformLogUploader => C:\Program Files\Symform\Node Service\LogUploader.exe [2014-11-19] (Symform, Inc.)
Task: {E74D96FC-EE84-4E2A-9590-ACC8FD7DEA7B} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-thatbenderguy@yahoo.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {F2342B6F-7681-452E-B7E4-29D55C2B846E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.2.2-p95\Interactive Ruby.lnk -> C:\Ruby22\bin\irb.bat ()

ShortcutWithArgument: C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.2.2-p95\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\Ruby22\bin\setrbvars.bat

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 04:00 - 2015-07-10 04:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-07-30 14:08 - 2015-07-14 19:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-30 12:05 - 2015-11-13 23:20 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-22 21:57 - 2013-05-22 21:57 - 00249112 _____ () C:\Program Files (x86)\CrazyRemote\CrazyRemoteServer.exe
2015-08-19 03:47 - 2015-08-11 02:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-01 12:02 - 2015-09-16 23:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-08 22:58 - 2015-11-24 21:18 - 00928768 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-10-01 12:01 - 2015-09-16 22:43 - 02028544 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-12-08 22:58 - 2015-11-24 21:17 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-08 22:58 - 2015-11-24 21:17 - 00619008 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-10-01 12:02 - 2015-09-16 23:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-14 04:23 - 2015-11-14 04:23 - 00553120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-05-01 07:13 - 2014-05-01 07:13 - 00470016 _____ () C:\Users\Jacob\AppData\Local\MEGAsync\ShellExtX64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () H:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-02-17 21:27 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll
2015-10-01 12:01 - 2015-09-16 22:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 03:59 - 2015-07-10 03:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-12-08 22:59 - 2015-11-24 21:20 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-08 22:58 - 2015-11-24 21:24 - 00884736 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-12-08 22:58 - 2015-11-24 21:17 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 12:02 - 2015-09-16 22:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 04:00 - 2015-07-10 06:14 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-12-25 21:31 - 2015-12-21 11:02 - 01349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2014-10-08 10:29 - 2014-10-08 10:29 - 00292304 _____ () C:\Program Files\Symform\Node Service\AlphaFS.dll
2014-11-19 15:00 - 2014-11-19 15:00 - 00163256 _____ () C:\Program Files\Symform\Node Service\symformutp.DLL
2014-10-08 10:29 - 2014-10-08 10:29 - 00057544 _____ () C:\Program Files\Symform\Node Service\Mono.Nat.dll
2014-10-08 10:29 - 2014-10-08 10:29 - 00892344 _____ () C:\Program Files\Symform\Node Service\sqlite3.DLL
2011-03-24 05:21 - 2011-03-24 05:21 - 02278912 _____ () C:\Program Files (x86)\CrazyRemote\QtCore4.dll
2012-03-20 22:27 - 2012-03-20 22:27 - 00897024 _____ () C:\Program Files (x86)\CrazyRemote\CRTunnel.dll
2012-01-09 01:31 - 2012-01-09 01:31 - 00105984 _____ () C:\Program Files (x86)\CrazyRemote\ScienPixWCL.dll
2011-03-24 05:21 - 2011-03-24 05:21 - 00911872 _____ () C:\Program Files (x86)\CrazyRemote\QtNetwork4.dll
2016-03-03 14:50 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-03-03 14:50 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-03-03 14:50 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-03-03 14:50 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-03-03 14:50 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-05-01 07:15 - 2014-05-01 07:15 - 00463360 _____ () C:\Users\Jacob\AppData\Local\MEGAsync\ShellExtX32.dll
2015-07-30 11:58 - 2015-11-12 11:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-22 18:52 - 2012-06-23 14:54 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\hiddriver.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-03-03 16:30 - 2016-03-01 21:47 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.75\libglesv2.dll
2016-03-03 16:30 - 2016-03-01 21:47 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.75\libegl.dll
2016-03-03 16:30 - 2016-03-01 21:47 - 16808600 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.75\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\aeriagames.com -> hxxp://aeriagames.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 04:04 - 2015-12-12 04:44 - 00001136 ____N C:\WINDOWS\system32\Drivers\etc\hosts

    127.0.0.1       activation.cloud.techsmith.com
    127.0.0.1       oscount.techsmith.com
	127.0.0.1 		lmlicenses.wip4.adobe.com
	127.0.0.1 		lm.licenses.adobe.com
	127.0.0.1 		na1r.services.adobe.com
	127.0.0.1 		hlrcv.stage.adobe.com
	127.0.0.1 		practivate.adobe.com 
	127.0.0.1 		activate.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3949139464-329665614-2156926167-1000\Control Panel\Desktop\\Wallpaper -> H:\Pictures\Wallpapers\lightfarm-studios-final.jpg
DNS Servers: 192.168.5.1 - 205.171.2.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
MpsSvc => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Roccat Talk.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Aeria Ignite"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\StartupApproved\Run: => "MyComGames"
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\StartupApproved\Run: => "CrazyRemote"
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\StartupApproved\Run: => "iFunBox"
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\StartupApproved\Run: => "Symform Status"
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\StartupApproved\Run: => "MurGee.com Auto Clicker"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{55E151A7-05D1-4E71-BA1A-96DB5D282004}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7F4D9FD5-B86F-4566-BEBF-6DB26B8BFFF1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B8AA3914-706A-4282-9134-F69EA066CF03}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6EA07BDC-9B87-497B-8671-F73EC3CAC39B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E5C1CDD5-34E0-464C-B0B6-8C86C8BBDE73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D6786EA7-CA8E-4060-A307-AF51166F678D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A9880CBF-D07A-4150-9FCC-25E269345587}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{80AE9DAE-98EC-4CD6-B8D4-C0998921715B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{C5580CCD-111B-4E00-B034-3CBC020D4E7C}C:\users\jacob\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\jacob\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{33B773CF-02B8-4718-B7DE-C2EFAD48C884}C:\users\jacob\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\jacob\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{55709C54-8BEF-4D9C-AFFA-556CD0317E70}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{433AE884-61A6-4A77-8E67-224518EAAD3A}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{3BEB728E-259D-44CD-A137-1842FF4B5F45}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{EFC2E42E-553F-4CCD-98D2-D6A747D419C0}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{CDAE08B6-0A24-4C8E-AFC7-B8EBCF9F2BC9}F:\games\stepmania 5\program\stepmania-sse2.exe] => (Allow) F:\games\stepmania 5\program\stepmania-sse2.exe
FirewallRules: [UDP Query User{86F40939-110B-447D-BC46-E9A90FC99556}F:\games\stepmania 5\program\stepmania-sse2.exe] => (Allow) F:\games\stepmania 5\program\stepmania-sse2.exe
FirewallRules: [{8E96B742-7E52-4E96-9442-C58AE52289B4}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C21052A2-FD61-4FA8-BD97-DFBEEA1D962C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3DAA2CEB-5625-4B85-B0A6-091A9E82B571}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{9F524D89-7E8A-46E6-91C7-7CF18566956B}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{43FEB2A5-BD53-4D42-AF35-CAFC4B4C17F7}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{9A7D1F08-0892-4290-9973-3628C4E68310}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{3C232D2E-500B-45B1-8858-982D6D300739}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{3B976AB5-8398-4F0E-A1DD-714522073639}] => (Allow) C:\Users\Jacob\AppData\Roaming\BitTorrent Sync\BTSync.exe
FirewallRules: [{76950C83-8007-4CA9-B5AA-093F4CE24D68}] => (Allow) C:\Users\Jacob\AppData\Roaming\BitTorrent Sync\BTSync.exe
FirewallRules: [{CBF17415-9FDD-4777-A52B-5DA3F11F51AF}] => (Allow) C:\Users\Jacob\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E225127E-AA0A-4C50-85B7-01CDB014C2C9}] => (Allow) C:\Users\Jacob\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C5C2BD56-A7D0-46D9-A417-BC8773E26B0B}] => (Allow) C:\Users\Jacob\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{CE8E464D-2657-4117-ACB7-5244CDD5DABA}] => (Allow) C:\Users\Jacob\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{37895C9B-95D5-49DE-A1C9-52DD4B4B4629}] => (Allow) C:\Users\Jacob\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{253D79A8-D708-409F-B7B4-F5D113924814}] => (Allow) C:\Users\Jacob\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{7376A210-B09D-4D11-BBB9-2EF6D75D35B7}] => (Allow) F:\Emulators\Android\Droid4X\Droid4X.exe
FirewallRules: [{850134D4-5B1B-429B-ACF0-96000ABB5023}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe
FirewallRules: [{AE06930D-FB2F-4456-924A-E97A2DE8672D}] => (Allow) C:\Program Files (x86)\CrazyRemote\CrazyRemoteServer.exe
FirewallRules: [{344CFAC8-14CD-4CAD-A63D-2191C4D15F62}] => (Allow) C:\Program Files (x86)\CrazyRemote\CrazyRemoteServer.exe
FirewallRules: [{06DD831A-426E-4B09-8879-2B4F695135B4}] => (Allow) C:\Program Files (x86)\CrazyRemote\CrazyRemote.exe
FirewallRules: [{95345B71-2B5C-4F18-B833-F89F48C7580D}] => (Allow) C:\Program Files (x86)\CrazyRemote\CrazyRemoteServer.exe
FirewallRules: [{B98F090E-ADA9-4BBB-8280-48C97C105D53}] => (Allow) C:\Program Files (x86)\CrazyRemote\CrazyRemoteServer.exe
FirewallRules: [{E3BED7EC-CECE-428A-B12B-70243B1F3F60}] => (Allow) C:\Program Files (x86)\CrazyRemote\CRHelper.exe
FirewallRules: [{B999A643-C674-44DE-97B7-2A7C3C26D18E}] => (Allow) F:\SteamLibrary\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [{F3150AB9-B5F9-4752-98C2-E6CE63461CE6}] => (Allow) F:\SteamLibrary\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [{4095E4B9-B198-471A-8A23-51BEBF131C8A}] => (Allow) F:\SteamLibrary\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{097C3249-DF44-4E6A-86EF-7B64459B6C36}] => (Allow) F:\SteamLibrary\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{92B0F74E-2D25-40E2-834F-8B213A0950F5}] => (Allow) F:\SteamLibrary\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{BA03FECD-ACDB-4E00-B42A-7AA8B8A10735}] => (Allow) F:\SteamLibrary\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{28D063C7-F4CF-4F4F-99D6-1C7A103583EF}] => (Allow) F:\SteamLibrary\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{278FEA1E-F2B0-4EFA-8E69-C8142E4C6189}] => (Allow) F:\SteamLibrary\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [TCP Query User{748FE8F7-5D22-49B7-8AC1-88B66BE1E967}F:\servers\gmod\srcds.exe] => (Allow) F:\servers\gmod\srcds.exe
FirewallRules: [UDP Query User{2606D5D1-2786-4730-A6F4-83376CEF6CE3}F:\servers\gmod\srcds.exe] => (Allow) F:\servers\gmod\srcds.exe
FirewallRules: [TCP Query User{2069109D-AA36-4EA8-9AF4-43AEABEA3E30}F:\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) F:\steamlibrary\steamapps\common\garrysmod\hl2.exe
FirewallRules: [UDP Query User{967B70E2-E041-4A36-A250-BCD5B154E0A6}F:\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) F:\steamlibrary\steamapps\common\garrysmod\hl2.exe
FirewallRules: [{D9B070F5-BB8C-49A0-A5B5-8CB698CD8C85}] => (Allow) F:\SteamLibrary\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{F16E0688-2BCE-4BB0-829C-9C4E6C9D6BEA}] => (Allow) F:\SteamLibrary\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [TCP Query User{B0485937-6CFB-40EB-A354-DFF5E706D9C2}F:\game hacking\monster hunter\mh4u quests\mh4u_cq_editor\editor.exe] => (Allow) F:\game hacking\monster hunter\mh4u quests\mh4u_cq_editor\editor.exe
FirewallRules: [UDP Query User{9C600234-EAA3-40A9-8A6E-8A8F3C92C6BE}F:\game hacking\monster hunter\mh4u quests\mh4u_cq_editor\editor.exe] => (Allow) F:\game hacking\monster hunter\mh4u quests\mh4u_cq_editor\editor.exe
FirewallRules: [{6BF715A9-B739-4621-B633-7894481B1287}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [{CAF1E189-463C-4D96-A949-1C6ED56444D6}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [{32763F21-C07F-462B-A6AE-5E339A6A6431}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [{2E93E427-145B-4441-8E19-50CCBBB07664}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [{D78592B8-86C2-423E-BBA6-828506F04EDE}] => (Allow) F:\SteamLibrary\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{B47BCF55-E74D-4B0E-B323-590EE86B12ED}] => (Allow) F:\SteamLibrary\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{0052B76F-F2EF-4531-815B-8827B1FB9797}] => (Allow) F:\SteamLibrary\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{5DB69D7A-EA0B-4BD8-9671-A892C7FFB57E}] => (Allow) F:\SteamLibrary\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{97B72EE0-5472-4FC6-B6B6-409A1169C7FA}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe
FirewallRules: [UDP Query User{570151D1-5992-4ACD-A41D-723A4A61EF32}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe
FirewallRules: [{3D0991C2-44B8-4925-A849-18FD7EE8D76C}] => (Allow) F:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{CF87B779-9F4C-4AE8-94D0-9918C360F86A}] => (Allow) F:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2D90E8E9-5E46-4C94-93B5-386485116323}] => (Allow) F:\SteamLibrary\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{7BBF3DE5-E580-4C60-AB35-A132685A98E9}] => (Allow) F:\SteamLibrary\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{7A719C91-9555-4AE6-B1F5-43A8CC09D249}] => (Allow) F:\SteamLibrary\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{A97B5981-0A92-4545-B2D6-0022273BB9FB}] => (Allow) F:\SteamLibrary\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [TCP Query User{82783CC0-3BCD-47A4-8E8F-382EB4070CF0}F:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) F:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{B20A3506-3810-4432-B672-7731DA8F537E}F:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) F:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0B35EC23-BF7B-4E56-B440-47478EAD371A}] => (Block) %ProgramFiles% (x86)\SourceTec\Sothink SWF Decompiler\SWFDecompiler.exe
FirewallRules: [TCP Query User{272EDCB7-6F13-4CE6-90F7-FE918FDF81D0}F:\games\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) F:\games\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{FAB9D467-E35F-44E8-8D62-67FD1C2704FD}F:\games\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) F:\games\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{F2DB7976-9C99-4384-A492-CE602EE0BF74}C:\ruby22\bin\ruby.exe] => (Allow) C:\ruby22\bin\ruby.exe
FirewallRules: [UDP Query User{90A8849A-ACB5-41D4-A0A2-7D8EC152D8A2}C:\ruby22\bin\ruby.exe] => (Allow) C:\ruby22\bin\ruby.exe
FirewallRules: [{90E1DEEE-1503-46D8-853F-588B2B05E4CB}] => (Allow) F:\SteamLibrary\SteamApps\common\Anarchy Arcade\AArcade.exe
FirewallRules: [{0A059DBB-31EA-4A8B-9B06-E51F75D84594}] => (Allow) F:\SteamLibrary\SteamApps\common\Anarchy Arcade\AArcade.exe
FirewallRules: [{B186A971-905A-4261-98FE-CDDA6FAC298A}] => (Allow) F:\SteamLibrary\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{CE22204C-8055-4B6A-89D8-FA51A63F3DDA}] => (Allow) F:\SteamLibrary\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{19D70FEA-B85D-4589-88D5-950A533A4634}F:\steamlibrary\steamapps\common\war thunder\aces.exe] => (Allow) F:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{53BF3ABD-80B5-42B0-BF2C-63C75E52BB11}F:\steamlibrary\steamapps\common\war thunder\aces.exe] => (Allow) F:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [{914203B0-CE46-4669-93B6-20724BA3FE71}] => (Allow) F:\SteamLibrary\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{E611F22C-289B-4250-AB96-12DAAA3B88F4}] => (Allow) F:\SteamLibrary\SteamApps\common\Warface\live\nw.exe
FirewallRules: [TCP Query User{0ED4033F-0C40-4F5E-98D3-F71513D09647}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.4\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.4\bin\idea.exe
FirewallRules: [UDP Query User{5F25DCDB-0610-401F-817C-0FCCD4BD8FB7}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.4\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.4\bin\idea.exe
FirewallRules: [TCP Query User{C7B35917-4F3A-40A0-BFCF-1EEB8D469AC3}C:\program files (x86)\jetbrains\intellij idea 14.0\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea 14.0\bin\idea.exe
FirewallRules: [UDP Query User{CE826FB7-9F19-4E62-A2F9-FBF57D38E0B6}C:\program files (x86)\jetbrains\intellij idea 14.0\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea 14.0\bin\idea.exe
FirewallRules: [TCP Query User{89A4544D-C57A-4641-8DC4-6286CBD78EDD}F:\games\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) F:\games\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [UDP Query User{82BC65A0-CCD5-4C66-B8F9-63D1E7CBF46C}F:\games\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) F:\games\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [{088832F6-129B-4D64-85D9-74BFE640B0CE}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{2C80191C-5ED5-4BEC-B7E3-786285919869}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [TCP Query User{0D5C6593-81B1-48DA-86C5-E6544A87E910}F:\steamlibrary\steamapps\common\sourcefilmmaker\game\sfm.exe] => (Allow) F:\steamlibrary\steamapps\common\sourcefilmmaker\game\sfm.exe
FirewallRules: [UDP Query User{EB604B16-3889-4CB3-BED4-EA1D0A396277}F:\steamlibrary\steamapps\common\sourcefilmmaker\game\sfm.exe] => (Allow) F:\steamlibrary\steamapps\common\sourcefilmmaker\game\sfm.exe
FirewallRules: [{FDFCF10B-C475-4F76-A374-0E6C2D3E8CF5}] => (Allow) F:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{86B2C305-DD8D-48A0-A5D7-6DF36F8FB43B}] => (Allow) F:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{B9572C6F-EC66-4A93-B37D-4395638892BC}] => (Allow) F:\Steam\steamapps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{266AB699-8F44-4D04-A626-CC7461B0E64C}] => (Allow) F:\Steam\steamapps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{AFC28310-0E92-4D9B-A7D2-472D64C950F1}] => (Allow) F:\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E345BADC-7B0E-4DC1-83C0-BC59E23ABAA2}] => (Allow) F:\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{9D9D32E7-99F4-4469-AF89-AEA32D8C87C0}] => (Allow) F:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C48A20EC-4B8A-4434-A61D-1ED03ED912E5}] => (Allow) F:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{25E6315D-BAAE-47EF-A681-C4B5C0357DC8}] => (Allow) F:\Steam\steamapps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [{9D87726F-40C7-4F58-B513-425DD7B8523B}] => (Allow) F:\Steam\steamapps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [{A2501C91-709D-4B3D-A73C-683A223D3F07}] => (Allow) F:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{B06F8C07-FCCB-4E71-8AFA-51B45A54E665}] => (Allow) F:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [TCP Query User{47CCEF2A-0A88-4992-B433-E150F9365B55}F:\steam\steamapps\common\sourcefilmmaker\game\sfm.exe] => (Allow) F:\steam\steamapps\common\sourcefilmmaker\game\sfm.exe
FirewallRules: [UDP Query User{6DF86E26-6093-427B-AB91-10E287F80746}F:\steam\steamapps\common\sourcefilmmaker\game\sfm.exe] => (Allow) F:\steam\steamapps\common\sourcefilmmaker\game\sfm.exe
FirewallRules: [TCP Query User{2252D03D-53A2-4573-B2CD-AC6ABDDA19EF}C:\program files\java\jdk1.6.0_45\bin\java.exe] => (Allow) C:\program files\java\jdk1.6.0_45\bin\java.exe
FirewallRules: [UDP Query User{09E04CA1-C779-4085-B8B8-4BDE8DEE6366}C:\program files\java\jdk1.6.0_45\bin\java.exe] => (Allow) C:\program files\java\jdk1.6.0_45\bin\java.exe
FirewallRules: [{8F8B9F13-DAD1-4DF2-BEEC-50ACEEE5BDAA}] => (Allow) F:\Steam\steamapps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{F4E4D2B4-2E28-4D3C-98FE-FEF35E9FF7A7}] => (Allow) F:\Steam\steamapps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [TCP Query User{2CD9B769-F139-4820-95AA-502453C7A132}C:\users\jacob\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\jacob\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{5BC0B934-EC77-4A16-B3C0-8345E466B3D3}C:\users\jacob\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\jacob\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{4AD223F0-C4E5-49BB-ABAF-470DFA99B287}] => (Allow) F:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{D72B2216-BBBB-4423-92A1-234F7CDC008F}] => (Allow) F:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{15FE881C-9A7F-41F4-8909-C6C4B2188AAC}] => (Allow) F:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{A5195B9C-6531-47CD-A270-4B9DA8CA61F0}] => (Allow) F:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{EB3E4385-0C51-4C25-AEFE-C85FF1953737}C:\users\jacob\desktop\frostwire-4.21.6 portable\frostwire portable\app\frostwire.exe] => (Allow) C:\users\jacob\desktop\frostwire-4.21.6 portable\frostwire portable\app\frostwire.exe
FirewallRules: [UDP Query User{8F8DAC59-DFA2-47BE-A819-F17D3CDD9213}C:\users\jacob\desktop\frostwire-4.21.6 portable\frostwire portable\app\frostwire.exe] => (Allow) C:\users\jacob\desktop\frostwire-4.21.6 portable\frostwire portable\app\frostwire.exe
FirewallRules: [{8D78DCA7-8527-44EF-A88D-7BBF96ABBF54}] => (Allow) F:\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{DA99E644-12F5-4CF4-B13D-A05256517D2F}] => (Allow) F:\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{AF153C64-37C2-4DF7-9D46-D0709572C42C}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7C7D3E1C-56BF-4E0A-A852-2F44DB269F47}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C88E6A6F-0E18-43CF-9864-872D37B7708D}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{C039D3E3-E960-4A77-AD5B-79865CA830B7}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{4E07E1C3-D89F-44A0-A4A5-BEACC624DD22}] => (Allow) F:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{C3C2F537-7E0C-481C-9558-4B2E812D0A2E}] => (Allow) F:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{B594EF8A-75A7-4C65-92EA-2A27B4B16509}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{16D5B8D0-D4AC-4198-A3A2-E7F4F8523E4F}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{A1C572C1-4E2D-431D-9B1F-6F71C48D92E3}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AEF91FDC-89DE-4F61-A150-CE8DAD8F1EA3}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{85235974-0D41-4D56-B49F-789907E13208}] => (Allow) F:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{636F1935-7016-4584-B8DB-D4FAB99F8742}] => (Allow) F:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{BC8B6CED-DB20-4E59-B0A3-AF2E81B2C2BC}F:\games\stepmania 5\program\stepmania.exe] => (Allow) F:\games\stepmania 5\program\stepmania.exe
FirewallRules: [UDP Query User{B9190ADB-D9FC-415D-8868-A54E32C16909}F:\games\stepmania 5\program\stepmania.exe] => (Allow) F:\games\stepmania 5\program\stepmania.exe
FirewallRules: [{9C89A63B-4B63-4E97-AC39-1D688B9064A9}] => (Allow) F:\Steam\steamapps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [{C7E17916-42FA-4DF6-96F4-0F58AED8A693}] => (Allow) F:\Steam\steamapps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [{E02E99A1-AC3A-4D65-ACF7-8C330953D170}] => (Allow) F:\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{24306AB5-BC89-4621-9D5D-107C3D90D6AC}] => (Allow) F:\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [TCP Query User{8F80C07E-A291-421C-8109-C8CE267904C3}C:\users\jacob\documents\sandbox\intwars\build\gamed\intwars.exe] => (Allow) C:\users\jacob\documents\sandbox\intwars\build\gamed\intwars.exe
FirewallRules: [UDP Query User{F12E6BF6-7D1F-441A-804C-B5E5988154F3}C:\users\jacob\documents\sandbox\intwars\build\gamed\intwars.exe] => (Allow) C:\users\jacob\documents\sandbox\intwars\build\gamed\intwars.exe
FirewallRules: [TCP Query User{BC4FF2DA-9CF4-4DBA-95B6-55E3CFA04185}F:\games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) F:\games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{668BDFC3-D7D0-4F6A-B1CC-835DD3BBB4BE}F:\games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) F:\games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{47D903D6-C12C-4C37-8336-80C9995E97F7}F:\emulators\n64\kaillera server\kaillerasrv.exe] => (Allow) F:\emulators\n64\kaillera server\kaillerasrv.exe
FirewallRules: [UDP Query User{6ADD572E-F6EA-480D-9B96-F6B4C236B0F7}F:\emulators\n64\kaillera server\kaillerasrv.exe] => (Allow) F:\emulators\n64\kaillera server\kaillerasrv.exe
FirewallRules: [{AB61FA8B-FC2E-4782-8EC8-1A505D72F2BA}] => (Allow) F:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{3FB22DA4-86C6-46CA-9D8B-361F01F49457}] => (Allow) F:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{AEFEF38F-17D3-4E60-B4DA-6DFDFC659C40}] => (Allow) F:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{2C31C39D-1815-4F39-B93F-865AD41B66C1}] => (Allow) F:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{7522C168-760D-47E8-B462-6AF2B995B94B}] => (Allow) F:\Steam\steamapps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{8E161E0D-6957-4DC9-89F9-0B8246865F5A}] => (Allow) F:\Steam\steamapps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{E2D64CF7-393C-41FC-98B4-CBB6EE695132}] => (Allow) F:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{DD65CE02-42A9-460A-920A-EE261E270392}] => (Allow) F:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{F9FE8297-59D7-4A2E-9660-0BE1D441D947}] => (Allow) F:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{CC9E132E-6ACE-4BF3-9E1F-357F40E68587}] => (Allow) F:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{A193115A-5E9D-445B-9B78-87AD630291E2}] => (Allow) F:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{5B9C14FF-54C9-4A9D-8761-7007896065E2}] => (Allow) F:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{D215A87A-A212-43CB-9F94-68D869C3BCE6}] => (Allow) F:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{3F29D381-815F-4DB9-B4D4-20B64FDA58B3}] => (Allow) F:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{A35CCE70-CFB1-4A1C-AD21-530AAA347B52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F091AA53-4772-4DDA-B007-FF37FE963A94}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A0932243-27E7-4622-B5A7-E7B722DA7B3D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7550C560-DE1F-4BBE-9288-8680E4D10106}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{47FD8D13-6EA9-4388-947B-8A27C8F2798A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C4CA6DE6-4714-46B0-ADA2-7959614330A7}] => (Allow) F:\Steam\steamapps\common\Anarchy Arcade\AArcade.exe
FirewallRules: [{061137A4-770B-4431-898B-27A650B68B84}] => (Allow) F:\Steam\steamapps\common\Anarchy Arcade\AArcade.exe
FirewallRules: [{D18687C4-ECA7-4F6D-9549-2747A6B007EB}] => (Allow) F:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{9AB4CC78-23E3-4294-A079-DEAE9CF109C7}] => (Allow) F:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{7F09C67C-D8E6-433F-A2CB-D134B70DAB7B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F1AFB315-1188-44DB-85EB-13017D201E1F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E977B09F-0E6A-48F6-9931-4F1A22A3C7C8}F:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{1AD13986-F865-4EF7-8030-7328206BBF29}F:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C85428EC-FED8-4965-B7F9-88B097D3CF49}F:\programming\java\java-mars\eclipse\eclipse.exe] => (Allow) F:\programming\java\java-mars\eclipse\eclipse.exe
FirewallRules: [UDP Query User{D356B9A8-4A01-4AA4-A710-0A0F2DB9C41F}F:\programming\java\java-mars\eclipse\eclipse.exe] => (Allow) F:\programming\java\java-mars\eclipse\eclipse.exe
FirewallRules: [{3B026504-0B56-4BF1-8BC3-996451CED92C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{560327F1-764C-4D7E-882D-837D51F8B886}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{202A0961-836E-4AAB-AFF6-2A4C75C3DCC4}C:\program files (x86)\raidcall.ru\raidcall.exe] => (Allow) C:\program files (x86)\raidcall.ru\raidcall.exe
FirewallRules: [UDP Query User{AFDDE0D8-D334-4D4F-A503-1720777A6775}C:\program files (x86)\raidcall.ru\raidcall.exe] => (Allow) C:\program files (x86)\raidcall.ru\raidcall.exe
FirewallRules: [{868514A8-DFCA-4C15-97D4-5027BEF240B0}] => (Allow) F:\Steam\steamapps\common\Talisman Prologue\Talisman.exe
FirewallRules: [{F16E0589-9AA2-4A04-A5BE-1210A2AC3D44}] => (Allow) F:\Steam\steamapps\common\Talisman Prologue\Talisman.exe
FirewallRules: [{BBFF3FA7-5E28-4EB9-A8D6-A91A9980D229}] => (Allow) F:\Steam\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{356CD236-CD8B-4F59-BD64-0D5CDAE43761}] => (Allow) F:\Steam\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{91DA96F3-60BA-4423-96AC-F6B96D5281AA}] => (Allow) F:\Steam\steamapps\common\Warhammer Quest\WarhammerQuest.exe
FirewallRules: [{9D43CCB8-585F-4970-B1C4-61C2211D0AB3}] => (Allow) F:\Steam\steamapps\common\Warhammer Quest\WarhammerQuest.exe
FirewallRules: [{4A2202F1-E974-4C02-8D65-46E69DF1D348}] => (Allow) F:\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{1FE327A9-D838-401B-B941-0F485394725B}] => (Allow) F:\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [TCP Query User{EDAB5491-A969-4631-8A23-63D19388CC41}F:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) F:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{D784E062-BD71-4984-BB4C-FA3A1D9EA4E2}F:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) F:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{8C35AA43-AE08-4C61-80FC-AC3606F9F105}] => (Allow) F:\Games\AeriaGames\DragomonHunter-US\Game.bin
FirewallRules: [{A3AA61C2-9502-4137-9FDF-321645EF3498}] => (Allow) F:\Games\AeriaGames\DragomonHunter-US\Game.bin
FirewallRules: [{78BA227A-445D-420E-B8CB-236E9296E9C0}] => (Allow) F:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{A1750748-C400-4DEE-A87D-A8BEFDBEB336}] => (Allow) F:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{64C1AE30-2E37-47C8-B860-73DE7642236A}] => (Allow) F:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{48736F0D-CC8B-410C-BB19-1D64AC8893D5}] => (Allow) F:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{3FE216BA-195A-4032-B499-2DC671CC65DD}] => (Allow) F:\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{EA2F04DB-9B36-4CA4-979E-6D15EE3D3E79}] => (Allow) F:\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{E5CC0479-313D-4AF5-BE06-99AEF71636BC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{829C5283-0A14-42A9-B0D4-3EA5EF4B33EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{28B8761C-A02A-4BD7-B08A-CA9BB1CE5627}F:\games\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) F:\games\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{02B5CC81-B788-4035-BA21-283465E6E003}F:\games\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) F:\games\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
FirewallRules: [{7B455E45-A34B-4D16-8BB8-C0F14C625E19}] => (Allow) LPort=8317
FirewallRules: [{0D727699-9C54-43B5-A5C7-CF20D68A230E}] => (Allow) F:\Steam\steamapps\common\Dying Light Developer Tools\DyingLightEditor.exe
FirewallRules: [{99840034-2BAC-4480-8C9B-FA2C4C1D8F49}] => (Allow) F:\Steam\steamapps\common\Dying Light Developer Tools\DyingLightEditor.exe
FirewallRules: [{0D097FEC-50ED-4C9B-9077-9E3B57B233E3}] => (Allow) F:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{4F69E6B7-7300-4948-B655-66EB415D51BC}] => (Allow) F:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{2721BE96-7AED-4A7C-8EB6-D45EC8B5DB48}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{BB0FCCFA-0457-4326-8E14-591F10953426}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{235BBA7E-C446-475A-953D-AB0CC12B9146}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{6C7882DB-DF28-4379-9881-BB60254C3A02}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{F72C1081-C3B5-4558-889C-7910C3521A9C}] => (Allow) G:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{D3DC469A-3035-42C2-A90E-59C72DE0CCCD}] => (Allow) G:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{774BD567-4D25-4378-8292-13960A4B6BC6}] => (Allow) H:\Steam\steamapps\common\SwordsAndSoldiersHD\Swords and Soldiers Launcher.exe
FirewallRules: [{49E453A0-A8F3-4373-8AF7-22E8AE256B55}] => (Allow) H:\Steam\steamapps\common\SwordsAndSoldiersHD\Swords and Soldiers Launcher.exe
FirewallRules: [{C853A956-35EB-4CD9-9DE2-63961E91A1E4}] => (Allow) H:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{C65E89A3-69A4-4D04-8EA3-3ACF47D265A1}] => (Allow) H:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{E77E9CAE-75C6-4B75-9419-7C10FE65806A}H:\games\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) H:\games\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{010CC08E-13FE-4C5C-9579-655834610E9F}H:\games\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) H:\games\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{EB990B1F-CFFA-4861-B539-55386AA7572E}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{2C68B9B3-4196-49F7-A9E5-A23EC6D24C03}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{48E85DA3-6BC0-493F-BE9B-45B385F6E673}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{A7FAA623-FEDA-4593-AC8E-69F9A4116975}] => (Allow) H:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{34F69068-5E79-4185-BCB6-4D5DFA73C0E5}] => (Allow) H:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{4793B2A9-B30F-4EFD-AF16-7025D70171C8}] => (Allow) H:\Steam\steamapps\common\Skyrim\CreationKit.exe
FirewallRules: [{13153CAB-08BF-4F50-B45C-C2C2A65C64B8}] => (Allow) H:\Steam\steamapps\common\Skyrim\CreationKit.exe
FirewallRules: [{D4E4DFFE-42CA-49EF-94DF-6498E2D6588C}] => (Allow) H:\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{9BC09BBA-AC5F-42AF-BE94-0EE56EA17374}] => (Allow) H:\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{7B12815C-96BD-42C0-9BA5-0850BF462169}] => (Allow) H:\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{94DDC0E9-ECCE-4B8D-A062-7AD57F5D9A47}] => (Allow) H:\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{0776A55B-BB0E-48C4-BDD3-F6540D7B2528}] => (Allow) H:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{4B149082-1EB8-4011-B16E-6B02F0DD4A87}] => (Allow) H:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{ACDCC7AC-4B1B-46D4-8C26-530CAFDE51EC}] => (Allow) H:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{046C105C-78B9-4D8C-AD9A-BB9F9C112FCB}] => (Allow) H:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{49D7331C-390E-4D08-AC1F-1883DCF00165}] => (Allow) H:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{B8B0EC99-49B9-4F67-B40F-1F39F3B1FC46}] => (Allow) H:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{620F8364-02C7-42FD-B78E-D25B1FF23071}C:\users\jacob\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\jacob\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{37AD039F-530C-4C1D-99FC-7CADD97E1FED}C:\users\jacob\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\jacob\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [{2461E31F-338C-4B4E-BE40-0C53B32A1260}] => (Allow) C:\Program Files\Symform\Node Service\symformconfig.exe
FirewallRules: [{CE4F5A7E-4F76-464A-8BFA-7BCC8EBD6657}] => (Allow) C:\Program Files\Symform\Node Service\symformcontrib.exe
FirewallRules: [TCP Query User{E28ACAA3-FB90-44E1-8D8C-368A25F6D839}H:\[bitcoin]\armory\armoryqt.exe] => (Allow) H:\[bitcoin]\armory\armoryqt.exe
FirewallRules: [UDP Query User{44EACC72-589B-41FC-8762-48C5B91A0C1B}H:\[bitcoin]\armory\armoryqt.exe] => (Allow) H:\[bitcoin]\armory\armoryqt.exe
FirewallRules: [TCP Query User{8F18403E-17CB-4F7B-890F-E35278FE313E}H:\[bitcoin]\bitcoin\bitcoin-qt.exe] => (Allow) H:\[bitcoin]\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{F8E78AB4-2A32-489B-8F89-81CC1503A3D8}H:\[bitcoin]\bitcoin\bitcoin-qt.exe] => (Allow) H:\[bitcoin]\bitcoin\bitcoin-qt.exe
FirewallRules: [{59BADA4B-5AB1-4112-AB91-8230E83E0B97}] => (Allow) H:\Steam\steamapps\common\Castle Story\Castle Story.exe
FirewallRules: [{39A15AE1-21DC-4279-8560-40EC6A8C84E4}] => (Allow) H:\Steam\steamapps\common\Castle Story\Castle Story.exe
FirewallRules: [{3CDDF1A0-399E-45E4-9239-1987E19C6353}] => (Allow) H:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{8083CDA2-B058-4204-AFCE-E2A0F8C2626E}] => (Allow) H:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{69E4808D-89B3-4E41-8241-8A5998B4A556}] => (Allow) H:\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{407D87A2-1DE7-40A3-B090-84C2D883D305}] => (Allow) H:\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [TCP Query User{06DA43D6-EB9A-4E1A-A7CD-98C96A6A7DFD}H:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) H:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{88E60EB7-3A1F-4385-876A-FD9BAEA7AFF9}H:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) H:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{53DC4E3C-4719-4BB7-8873-B39582975906}H:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) H:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{06EBC507-0039-4FFC-8EE1-ACE9B1A61674}H:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) H:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{D8DC4EA3-B111-489A-A296-42A2BA60EE92}H:\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe] => (Allow) H:\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe
FirewallRules: [UDP Query User{A130DE30-81B2-4F5F-A81D-1CED8661EEB2}H:\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe] => (Allow) H:\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe
FirewallRules: [{B788F225-2463-4811-A721-AB1E2253C727}] => (Allow) H:\Steam\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{374170A7-839D-4128-837C-3990B49D8DD3}] => (Allow) H:\Steam\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{C16F0011-290F-40C8-B46C-B407F55F3A8B}] => (Allow) H:\Steam\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{29EABC12-0168-492B-AA87-5DE552766CEE}] => (Allow) H:\Steam\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{69FE7FCB-C1BB-4669-87CC-4195384CD615}] => (Allow) H:\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{EF09F496-ED42-4488-A826-6F485548066D}] => (Allow) H:\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{3AC6DB7E-59D1-4F01-BBE9-5815E1D07621}] => (Allow) H:\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{A9D5BC25-D7E1-4E66-BF71-16FBF3468C10}] => (Allow) H:\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [TCP Query User{A30B8D2B-219E-4D35-A312-437AE2A9DDAA}C:\program files\adobe\adobe flash cc 2015\flash.exe] => (Allow) C:\program files\adobe\adobe flash cc 2015\flash.exe
FirewallRules: [UDP Query User{641E077D-016F-40CE-B689-549B4BC2A68A}C:\program files\adobe\adobe flash cc 2015\flash.exe] => (Allow) C:\program files\adobe\adobe flash cc 2015\flash.exe
FirewallRules: [{52A738DA-A642-4A50-A697-F434FB7E08EA}] => (Allow) H:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{D67019A4-99FB-4BDF-B04E-7F54D944655E}] => (Allow) H:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [TCP Query User{F3CD6377-9945-4EAA-A97A-965E59815CDA}H:\games\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) H:\games\neverwinter_en\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{2A9B244F-03D9-442E-9D97-0C41B59A9A14}H:\games\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) H:\games\neverwinter_en\neverwinter\live\gameclient.exe
FirewallRules: [{1D474BFA-1BB4-4BD9-8AF1-BB63B7FE75D5}] => (Allow) H:\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{FABCC8B9-BE6D-4F56-9BD6-04FE6497F857}] => (Allow) H:\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{04942E22-6192-4076-AFB9-F54E75215FCB}] => (Allow) H:\Steam\steamapps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe
FirewallRules: [{10849989-5F66-4E6B-8E01-AD3CB239D8D0}] => (Allow) H:\Steam\steamapps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe
FirewallRules: [{76A53066-99EE-4527-BF99-946F4229ECBA}] => (Allow) H:\Steam\steamapps\common\Move or Die\MoveOrDie.exe
FirewallRules: [{599ABD1F-D627-4794-8DBC-2C9D97AB3C67}] => (Allow) H:\Steam\steamapps\common\Move or Die\MoveOrDie.exe
FirewallRules: [{78A85555-A827-4988-B714-1A3E06742B8F}] => (Allow) H:\Steam\steamapps\common\Move or Die\Editor.exe
FirewallRules: [{DB9955DA-BFF8-4453-95AB-015837E9D809}] => (Allow) H:\Steam\steamapps\common\Move or Die\Editor.exe
FirewallRules: [TCP Query User{5E0C006D-65E7-475C-BF0B-8431B4D4812F}H:\steam\steamapps\common\move or die\love\win\love.exe] => (Allow) H:\steam\steamapps\common\move or die\love\win\love.exe
FirewallRules: [UDP Query User{C875AEB4-E2E4-4A33-BB12-0EF0791DC436}H:\steam\steamapps\common\move or die\love\win\love.exe] => (Allow) H:\steam\steamapps\common\move or die\love\win\love.exe
FirewallRules: [{FC6DA595-7A00-429C-9D90-688532B20CD9}] => (Allow) H:\Program Files\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{FCAD09E7-1277-4911-AA14-484167912861}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [UDP Query User{5BE44B94-B475-4B3A-B496-74692C821ED5}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [TCP Query User{81D153A7-895D-46AA-8BC0-A78430B16E9E}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{5EF6D10B-796B-4C7D-AACB-30B260B2F1BF}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{286D5FE2-B70C-4586-B6ED-047E6A1D29A1}] => (Allow) H:\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{0D2B08AB-AA92-4B25-88A0-56C55D31C483}] => (Allow) H:\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{1A286101-FB58-4CFE-B8F5-94A2DB6F6B4D}] => (Allow) H:\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{DB018683-001F-47FC-8DDC-4828CB2B875A}] => (Allow) H:\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{2915AE09-1676-4FB3-BC61-C1C9BAFF4933}] => (Allow) H:\Steam\steamapps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{C9A09867-12EB-4C30-9B55-62FED12EED93}] => (Allow) H:\Steam\steamapps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{174DE187-D527-455E-B359-6D3380BB06B0}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{3C39BAE7-8CB9-4C07-BE1F-B0C679B7CB05}] => (Allow) H:\Steam\steamapps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{0E2D9C0D-DD9E-4A12-8DC9-CABC43780A8F}] => (Allow) H:\Steam\steamapps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{7F5B193B-F8FE-4940-B124-8358E54AA24A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D443C1E1-603C-4644-89AE-7DB6A0D2B5B8}] => (Block) %ProgramFiles%\Sony\Vegas Pro 13.0\vegas130.exe
FirewallRules: [{7B04853E-CDB4-4DB5-A606-AAF4868F5C8D}] => (Block) %ProgramFiles%\Sony\Vegas Pro 13.0\vegas130.exe
FirewallRules: [{A1DB7175-29D5-4A1E-938B-4702B415D155}] => (Allow) H:\Steam\steamapps\common\GRAV\Binaries\Win64\CAGGame-Win64-Shipping.exe
FirewallRules: [{B9943DE3-36C4-4BA7-8305-5DF6E7F45D37}] => (Allow) H:\Steam\steamapps\common\GRAV\Binaries\Win64\CAGGame-Win64-Shipping.exe
FirewallRules: [TCP Query User{92215AED-356C-4A36-BA4F-1A52FC2708FC}H:\torrent downloads\portal knights\portal_knights_x64.exe] => (Allow) H:\torrent downloads\portal knights\portal_knights_x64.exe
FirewallRules: [UDP Query User{DC895F3B-1E06-4D54-963F-70CB6B826858}H:\torrent downloads\portal knights\portal_knights_x64.exe] => (Allow) H:\torrent downloads\portal knights\portal_knights_x64.exe
FirewallRules: [TCP Query User{68E3D473-D235-4F6E-B74A-EF3DCAE0B2FA}H:\games\portal knights\portal_knights_x64.exe] => (Allow) H:\games\portal knights\portal_knights_x64.exe
FirewallRules: [UDP Query User{27C0CDD7-6E0A-4292-BB5D-5DE9443AEE8E}H:\games\portal knights\portal_knights_x64.exe] => (Allow) H:\games\portal knights\portal_knights_x64.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{48DF6BCC-686F-4D38-B5F0-5277108FB29C}] => (Allow) LPort=80
FirewallRules: [{FD69E350-B9D1-4C26-B378-579DF3F772AD}] => (Allow) LPort=80
FirewallRules: [{8275D868-492E-4B66-945C-56E59DC84702}] => (Allow) LPort=80
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

03-03-2016 07:47:40 Installed SpyHunter
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/03/2016 04:18:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACOB-PC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/03/2016 04:18:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.10240.16603, time stamp: 0x5655390b
Faulting module name: CortanaApi.dll, version: 0.0.0.0, time stamp: 0x56553724
Exception code: 0x80000003
Fault offset: 0x0000000000151c4f
Faulting process id: 0xa88
Faulting application start time: 0xSearchUI.exe0
Faulting application path: SearchUI.exe1
Faulting module path: SearchUI.exe2
Report Id: SearchUI.exe3
Faulting package full name: SearchUI.exe4
Faulting package-relative application ID: SearchUI.exe5

Error: (03/03/2016 04:18:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACOB-PC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/03/2016 04:18:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.10240.16603, time stamp: 0x5655390b
Faulting module name: CortanaApi.dll, version: 0.0.0.0, time stamp: 0x56553724
Exception code: 0x80000003
Fault offset: 0x0000000000151c4f
Faulting process id: 0x848
Faulting application start time: 0xSearchUI.exe0
Faulting application path: SearchUI.exe1
Faulting module path: SearchUI.exe2
Report Id: SearchUI.exe3
Faulting package full name: SearchUI.exe4
Faulting package-relative application ID: SearchUI.exe5

Error: (03/03/2016 04:18:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.10240.16603, time stamp: 0x5655390b
Faulting module name: CortanaApi.dll, version: 0.0.0.0, time stamp: 0x56553724
Exception code: 0x80000003
Fault offset: 0x0000000000151c4f
Faulting process id: 0x918
Faulting application start time: 0xSearchUI.exe0
Faulting application path: SearchUI.exe1
Faulting module path: SearchUI.exe2
Report Id: SearchUI.exe3
Faulting package full name: SearchUI.exe4
Faulting package-relative application ID: SearchUI.exe5

Error: (03/03/2016 04:17:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACOB-PC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/03/2016 04:17:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.10240.16603, time stamp: 0x5655390b
Faulting module name: CortanaApi.dll, version: 0.0.0.0, time stamp: 0x56553724
Exception code: 0x80000003
Fault offset: 0x0000000000151c4f
Faulting process id: 0x898
Faulting application start time: 0xSearchUI.exe0
Faulting application path: SearchUI.exe1
Faulting module path: SearchUI.exe2
Report Id: SearchUI.exe3
Faulting package full name: SearchUI.exe4
Faulting package-relative application ID: SearchUI.exe5

Error: (03/03/2016 04:14:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACOB-PC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/03/2016 04:14:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.10240.16603, time stamp: 0x5655390b
Faulting module name: CortanaApi.dll, version: 0.0.0.0, time stamp: 0x56553724
Exception code: 0x80000003
Fault offset: 0x0000000000151c4f
Faulting process id: 0x1a8
Faulting application start time: 0xSearchUI.exe0
Faulting application path: SearchUI.exe1
Faulting module path: SearchUI.exe2
Report Id: SearchUI.exe3
Faulting package full name: SearchUI.exe4
Faulting package-relative application ID: SearchUI.exe5

Error: (03/03/2016 04:14:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACOB-PC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (03/03/2016 08:09:02 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Firewall service terminated with the following service-specific error: 
%%5

Error: (03/03/2016 08:07:49 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Firewall service terminated with the following service-specific error: 
%%5

Error: (03/03/2016 04:55:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network Connectivity Assistant service depends on the IP Helper service which failed to start because of the following error: 
%%1058

Error: (03/03/2016 04:55:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network Connectivity Assistant service depends on the IP Helper service which failed to start because of the following error: 
%%1058

Error: (03/03/2016 04:55:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Droid4XService service failed to start due to the following error: 
%%2

Error: (03/03/2016 04:55:23 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Firewall service terminated with the following service-specific error: 
%%5

Error: (03/03/2016 04:54:51 PM) (Source: DCOM) (EventID: 10010) (User: JACOB-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (03/03/2016 04:54:51 PM) (Source: DCOM) (EventID: 10010) (User: JACOB-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (03/03/2016 04:54:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/03/2016 04:54:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.


CodeIntegrity:
===================================
  Date: 2016-03-03 14:47:33.413
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 14:47:33.387
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 14:47:33.342
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 14:47:33.313
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 14:46:59.807
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 14:46:59.786
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 14:46:59.757
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 14:46:59.724
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 14:46:29.612
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 14:46:29.584
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 21%
Total physical RAM: 16326.2 MB
Available physical RAM: 12801.22 MB
Total Virtual: 22214.2 MB
Available Virtual: 17786.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.81 GB) (Free:21.06 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (Backup Drive) (Fixed) (Total:148.95 GB) (Free:115.72 GB) NTFS
Drive h: (Alt Drive) (Fixed) (Total:465.63 GB) (Free:159.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 8E8DD04F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00105012)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================


#4 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 AM

Posted 04 March 2016 - 01:36 PM

Hi
 

Going over your logs I noticed that you have Bittorent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall Bittorent, however that choice is up to you. If you choose to remove these programs, you can do so viaStart > Control Panel > Add/Remove Programs.

Please Uninstall:

 

=====================================================================================

Step 1:
 FRST Script:

 

Copy the below code to Notepad; Save As fixlist.txt to your Desktop.

start
CustomCLSID: HKU\S-1-5-21-3949139464-329665614-2156926167-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FC211E1A9F7A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
IE trusted site: HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\aeriagames.com -> hxxp://aeriagames.com
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\MountPoints2: {e9ff8ee9-44c0-11e5-9bd6-c86000d089eb} - "F:\setup.exe" 
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\MountPoints2: {f469e49d-50e0-11e5-9be0-c86000d089eb} - "F:\SETUP.EXE" 
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
ProxyServer: [S-1-5-21-3949139464-329665614-2156926167-1000] => 199.200.120.36:8089
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
FF ProfilePath: C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\rb5fxjsj.default-1457046809890
CHR HomePage: Profile 1 -> hxxps://www.youtube.com/feed/subscriptions
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-02-11]
CHR Extension: (BetterTTV) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-07-30]
CHR Extension: (Facebook Video Downloader) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2015-07-30]
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37416 2015-09-11] (Wellbia.com Co., Ltd.)
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
2016-03-03 16:13 - 2016-03-03 16:13 - 00000000 ____D C:\Users\Jacob\Desktop\Old Firefox Data
2016-03-03 15:23 - 2016-03-03 15:23 - 00001348 _____ C:\Users\Public\Desktop\Anvi Browser Repair Tool.lnk
2016-03-03 15:06 - 2016-03-03 15:06 - 02283873 _____ C:\Users\Jacob\Documents\AkamaiFree.reg
cmd: dir /s C:\WINDOWS\B3CB613C58D34692B2DA8F3EAC6288D4.TMP
CMD: type "C:\WINDOWS\B3CB613C58D34692B2DA8F3EAC6288D4.TMP"
C:\Program Files (x86)\Enigma Software Group
C:\Users\Jacob\AppData\Roaming\Enigma Software Group
2016-03-01 20:05 - 2016-03-01 20:09 - 00000000 ____D C:\Users\Jacob\AppData\Local\Rogue Amoeba
2016-03-01 19:56 - 2016-03-03 11:56 - 00000000 ____D C:\ProgramData\HitmanPro
2016-03-01 12:18 - 2016-03-01 12:18 - 00000000 ____D C:\Users\Jacob\AppData\LocalLow\SUPERHOT_Team
2016-03-01 12:18 - 2016-03-01 12:18 - 00000000 ____D C:\Users\Jacob\AppData\Local\SUPERHOT_Sp_z_o.o
2016-03-01 12:16 - 2016-03-01 12:16 - 00000000 ____D C:\Users\Jacob\AppData\LocalLow\SUPERHOT Team
2016-02-29 14:29 - 2016-02-29 14:29 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Audiokinetic
2016-02-26 12:19 - 2016-02-26 12:19 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\SmartSteamEmu
2016-02-25 01:43 - 2016-02-25 01:43 - 00022151 _____ C:\Users\Jacob\AppData\Local\recently-used.xbel
2016-02-12 00:36 - 2016-02-12 01:19 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\HexChat
2016-02-10 11:00 - 2016-02-23 19:36 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Warner Bros. Interactive Entertainment
2016-02-04 13:40 - 2016-02-04 13:41 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\ImgBurn
2016-02-04 13:33 - 2016-02-04 13:33 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\WinISO Computing
2016-02-02 02:47 - 2016-02-02 02:47 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Auto Clicker
2016-02-02 00:35 - 2016-02-02 00:35 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\K-Meleon
2016-03-03 13:34 - 2016-01-29 01:46 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\vlc
2016-03-03 13:34 - 2015-09-11 14:12 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\FrostWire
2016-03-03 11:56 - 2015-12-05 13:12 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Citra team
2016-03-03 11:56 - 2015-10-25 17:36 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Winamp
2016-03-03 11:56 - 2015-08-10 23:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-03 11:56 - 2015-08-02 18:41 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\BitTorrent
2016-03-03 11:10 - 2015-11-11 18:46 - 00000000 ____D C:\Users\Jacob\AppData\Local\CrashDumps
2016-03-03 07:45 - 2015-11-04 04:38 - 00000000 ____D C:\Users\Jacob\AppData\LocalLow\BitTorrent
2016-03-03 05:12 - 2015-08-19 04:56 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\BoL
2016-02-26 10:56 - 2016-01-20 06:46 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2016-02-22 21:39 - 2015-09-20 16:06 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Riot Games
2016-02-22 15:45 - 2015-11-04 04:58 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Sony
2016-02-17 21:15 - 2015-11-04 04:40 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Audacity
2016-02-12 12:04 - 2015-11-04 05:31 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\OBS
2016-02-11 05:34 - 2015-07-31 19:25 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Battle.net
2016-02-11 05:15 - 2015-07-30 11:35 - 00000000 ____D C:\Users\Jacob\AppData\Local\Packages
2016-02-11 04:05 - 2015-07-30 11:48 - 00000000 ____D C:\Users\Jacob\AppData\Local\Comms
2016-02-05 01:06 - 2015-10-28 19:13 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\SpaceEngineers
2016-02-03 21:27 - 2015-11-03 17:30 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\CodeBlocks
2015-08-26 10:20 - 2015-11-10 20:25 - 0000132 _____ () C:\Users\Jacob\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-02-25 01:43 - 2016-02-25 01:43 - 0022151 _____ () C:\Users\Jacob\AppData\Local\recently-used.xbel
2016-02-29 08:52 - 2016-02-29 08:52 - 0007614 _____ () C:\Users\Jacob\AppData\Local\Resmon.ResmonCfg
2015-07-30 11:30 - 2015-07-30 11:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
C:\Users\Jacob\AppData\Local\Temp\130933816155906556.exe
C:\Users\Jacob\AppData\Local\Temp\130933816297829832.exe
C:\Users\Jacob\AppData\Local\Temp\13093381634296261781.exe
C:\Users\Jacob\AppData\Local\Temp\13093381649280305191.exe
C:\Users\Jacob\AppData\Local\Temp\130933816838267715.exe
C:\Users\Jacob\AppData\Local\Temp\13093381695932556335.exe
C:\Users\Jacob\AppData\Local\Temp\130933817353067925.exe
C:\Users\Jacob\AppData\Local\Temp\13093381746702688669.exe
C:\Users\Jacob\AppData\Local\Temp\130933817609823706.exe
C:\Users\Jacob\AppData\Local\Temp\13093381773366082865.exe
C:\Users\Jacob\AppData\Local\Temp\AAMHelper.exe
C:\Users\Jacob\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Jacob\AppData\Local\Temp\Bass.dll
C:\Users\Jacob\AppData\Local\Temp\Bass.Net.dll
C:\Users\Jacob\AppData\Local\Temp\borlndlm.dll
C:\Users\Jacob\AppData\Local\Temp\DelC5FD.exe
C:\Users\Jacob\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Jacob\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpd2fexj.dll
C:\Users\Jacob\AppData\Local\Temp\DSETUP.dll
C:\Users\Jacob\AppData\Local\Temp\dsetup32.dll
C:\Users\Jacob\AppData\Local\Temp\dt_3115.tmp.exe
C:\Users\Jacob\AppData\Local\Temp\DXSETUP.exe
C:\Users\Jacob\AppData\Local\Temp\FreemakeVideoDownloaderFull.exe
C:\Users\Jacob\AppData\Local\Temp\JDSetup130933818864850490.exe
C:\Users\Jacob\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Jacob\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Jacob\AppData\Local\Temp\LSW3.Dll
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.60.16.exe
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.61.1.exe
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.61.13.exe
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.61.5.exe
C:\Users\Jacob\AppData\Local\Temp\npp.6.8.6.Installer.exe
C:\Users\Jacob\AppData\Local\Temp\npp.6.8.8.Installer.exe
C:\Users\Jacob\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Jacob\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Jacob\AppData\Local\Temp\nvStInst.exe
C:\Users\Jacob\AppData\Local\Temp\proxy_vole524738876908531706.dll
C:\Users\Jacob\AppData\Local\Temp\proxy_vole7797790257355062845.dll
C:\Users\Jacob\AppData\Local\Temp\proxy_vole804048800473882900.dll
C:\Users\Jacob\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Jacob\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Jacob\AppData\Local\Temp\_is3191.exe
C:\Users\Jacob\AppData\Local\Temp\_is524B.exe
C:\Users\Jacob\AppData\Local\Temp\_isA55A.exe
C:\Users\Jacob\AppData\Local\Temp\_isAF80.exe
C:\Users\Jacob\AppData\Local\Temp\_isCA34.exe
Hosts:
Emptytemp:
end

Close Notepad.

NOTE: It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST64 and press the Fix button just once and wait.

If the tool needed a restart please make sure you let the system to restart normally and let the tool complete its run after restart.

The tool will make a log on the Desktop (Fixlog.txt). Attach it to your reply.

Note: If the tool warns you about an outdated version please download and run the updated version.

 

 

Step 2:

Scan with Zemana AntiMalware Free:

  • Turn off the real time scanner of any existing antivirus and firewall programs while performing scan
  • Please download and install Zemana AntiMalware Free
  • Double-click software shortcut on the desktop and follow the prompts to install the program .
  • If an update is available, click the Update now button.
  • At the end Click Settings > Advanced > ''I have read the warning an wish to proceed anyway'' Click
  • Auto Launch > Untick the box next
  • Scan type > Smart scan (Default)
  • Close all open files, folders and browsers
  • Click scan now ''Run as Administrator'' and a threat Scan will begin.
  • When the scan is complete, Press report and send me report.
  • Please PC restart now.

Have a nice day.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#5 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 AM

Posted 07 March 2016 - 05:10 PM

Are you still with me  ?


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#6 ThatBenderGuy

ThatBenderGuy
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:51 PM

Posted 09 March 2016 - 06:41 PM

Yes I am, sorry. Here is the fixlog.txt

 

The anti-virus you told me to install did not give me a button for "Report" as well as after I ran FRST64 I can no longer open my start menu.

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01

Ran by Jacob (2016-03-09 16:25:25) Run:1
Running from C:\Users\Jacob\Desktop
Loaded Profiles: Jacob (Available Profiles: Jacob)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CustomCLSID: HKU\S-1-5-21-3949139464-329665614-2156926167-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FC211E1A9F7A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
IE trusted site: HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\aeriagames.com -> hxxp://aeriagames.com
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\MountPoints2: {e9ff8ee9-44c0-11e5-9bd6-c86000d089eb} - "F:\setup.exe" 
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\...\MountPoints2: {f469e49d-50e0-11e5-9be0-c86000d089eb} - "F:\SETUP.EXE" 
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
ProxyServer: [S-1-5-21-3949139464-329665614-2156926167-1000] => 199.200.120.36:8089
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
FF ProfilePath: C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\rb5fxjsj.default-1457046809890
CHR HomePage: Profile 1 -> hxxps://www.youtube.com/feed/subscriptions
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-02-11]
CHR Extension: (BetterTTV) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-07-30]
CHR Extension: (Facebook Video Downloader) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2015-07-30]
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37416 2015-09-11] (Wellbia.com Co., Ltd.)
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
2016-03-03 16:13 - 2016-03-03 16:13 - 00000000 ____D C:\Users\Jacob\Desktop\Old Firefox Data
2016-03-03 15:23 - 2016-03-03 15:23 - 00001348 _____ C:\Users\Public\Desktop\Anvi Browser Repair Tool.lnk
2016-03-03 15:06 - 2016-03-03 15:06 - 02283873 _____ C:\Users\Jacob\Documents\AkamaiFree.reg
cmd: dir /s C:\WINDOWS\B3CB613C58D34692B2DA8F3EAC6288D4.TMP
CMD: type "C:\WINDOWS\B3CB613C58D34692B2DA8F3EAC6288D4.TMP"
C:\Program Files (x86)\Enigma Software Group
C:\Users\Jacob\AppData\Roaming\Enigma Software Group
2016-03-01 20:05 - 2016-03-01 20:09 - 00000000 ____D C:\Users\Jacob\AppData\Local\Rogue Amoeba
2016-03-01 19:56 - 2016-03-03 11:56 - 00000000 ____D C:\ProgramData\HitmanPro
2016-03-01 12:18 - 2016-03-01 12:18 - 00000000 ____D C:\Users\Jacob\AppData\LocalLow\SUPERHOT_Team
2016-03-01 12:18 - 2016-03-01 12:18 - 00000000 ____D C:\Users\Jacob\AppData\Local\SUPERHOT_Sp_z_o.o
2016-03-01 12:16 - 2016-03-01 12:16 - 00000000 ____D C:\Users\Jacob\AppData\LocalLow\SUPERHOT Team
2016-02-29 14:29 - 2016-02-29 14:29 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Audiokinetic
2016-02-26 12:19 - 2016-02-26 12:19 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\SmartSteamEmu
2016-02-25 01:43 - 2016-02-25 01:43 - 00022151 _____ C:\Users\Jacob\AppData\Local\recently-used.xbel
2016-02-12 00:36 - 2016-02-12 01:19 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\HexChat
2016-02-10 11:00 - 2016-02-23 19:36 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Warner Bros. Interactive Entertainment
2016-02-04 13:40 - 2016-02-04 13:41 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\ImgBurn
2016-02-04 13:33 - 2016-02-04 13:33 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\WinISO Computing
2016-02-02 02:47 - 2016-02-02 02:47 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Auto Clicker
2016-02-02 00:35 - 2016-02-02 00:35 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\K-Meleon
2016-03-03 13:34 - 2016-01-29 01:46 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\vlc
2016-03-03 13:34 - 2015-09-11 14:12 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\FrostWire
2016-03-03 11:56 - 2015-12-05 13:12 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Citra team
2016-03-03 11:56 - 2015-10-25 17:36 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Winamp
2016-03-03 11:56 - 2015-08-10 23:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-03 11:56 - 2015-08-02 18:41 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\BitTorrent
2016-03-03 11:10 - 2015-11-11 18:46 - 00000000 ____D C:\Users\Jacob\AppData\Local\CrashDumps
2016-03-03 07:45 - 2015-11-04 04:38 - 00000000 ____D C:\Users\Jacob\AppData\LocalLow\BitTorrent
2016-03-03 05:12 - 2015-08-19 04:56 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\BoL
2016-02-26 10:56 - 2016-01-20 06:46 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2016-02-22 21:39 - 2015-09-20 16:06 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Riot Games
2016-02-22 15:45 - 2015-11-04 04:58 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Sony
2016-02-17 21:15 - 2015-11-04 04:40 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Audacity
2016-02-12 12:04 - 2015-11-04 05:31 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\OBS
2016-02-11 05:34 - 2015-07-31 19:25 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Battle.net
2016-02-11 05:15 - 2015-07-30 11:35 - 00000000 ____D C:\Users\Jacob\AppData\Local\Packages
2016-02-11 04:05 - 2015-07-30 11:48 - 00000000 ____D C:\Users\Jacob\AppData\Local\Comms
2016-02-05 01:06 - 2015-10-28 19:13 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\SpaceEngineers
2016-02-03 21:27 - 2015-11-03 17:30 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\CodeBlocks
2015-08-26 10:20 - 2015-11-10 20:25 - 0000132 _____ () C:\Users\Jacob\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-02-25 01:43 - 2016-02-25 01:43 - 0022151 _____ () C:\Users\Jacob\AppData\Local\recently-used.xbel
2016-02-29 08:52 - 2016-02-29 08:52 - 0007614 _____ () C:\Users\Jacob\AppData\Local\Resmon.ResmonCfg
2015-07-30 11:30 - 2015-07-30 11:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
C:\Users\Jacob\AppData\Local\Temp\130933816155906556.exe
C:\Users\Jacob\AppData\Local\Temp\130933816297829832.exe
C:\Users\Jacob\AppData\Local\Temp\13093381634296261781.exe
C:\Users\Jacob\AppData\Local\Temp\13093381649280305191.exe
C:\Users\Jacob\AppData\Local\Temp\130933816838267715.exe
C:\Users\Jacob\AppData\Local\Temp\13093381695932556335.exe
C:\Users\Jacob\AppData\Local\Temp\130933817353067925.exe
C:\Users\Jacob\AppData\Local\Temp\13093381746702688669.exe
C:\Users\Jacob\AppData\Local\Temp\130933817609823706.exe
C:\Users\Jacob\AppData\Local\Temp\13093381773366082865.exe
C:\Users\Jacob\AppData\Local\Temp\AAMHelper.exe
C:\Users\Jacob\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Jacob\AppData\Local\Temp\Bass.dll
C:\Users\Jacob\AppData\Local\Temp\Bass.Net.dll
C:\Users\Jacob\AppData\Local\Temp\borlndlm.dll
C:\Users\Jacob\AppData\Local\Temp\DelC5FD.exe
C:\Users\Jacob\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Jacob\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpd2fexj.dll
C:\Users\Jacob\AppData\Local\Temp\DSETUP.dll
C:\Users\Jacob\AppData\Local\Temp\dsetup32.dll
C:\Users\Jacob\AppData\Local\Temp\dt_3115.tmp.exe
C:\Users\Jacob\AppData\Local\Temp\DXSETUP.exe
C:\Users\Jacob\AppData\Local\Temp\FreemakeVideoDownloaderFull.exe
C:\Users\Jacob\AppData\Local\Temp\JDSetup130933818864850490.exe
C:\Users\Jacob\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Jacob\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Jacob\AppData\Local\Temp\LSW3.Dll
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.60.16.exe
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.61.1.exe
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.61.13.exe
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.61.5.exe
C:\Users\Jacob\AppData\Local\Temp\npp.6.8.6.Installer.exe
C:\Users\Jacob\AppData\Local\Temp\npp.6.8.8.Installer.exe
C:\Users\Jacob\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Jacob\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Jacob\AppData\Local\Temp\nvStInst.exe
C:\Users\Jacob\AppData\Local\Temp\proxy_vole524738876908531706.dll
C:\Users\Jacob\AppData\Local\Temp\proxy_vole7797790257355062845.dll
C:\Users\Jacob\AppData\Local\Temp\proxy_vole804048800473882900.dll
C:\Users\Jacob\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Jacob\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Jacob\AppData\Local\Temp\_is3191.exe
C:\Users\Jacob\AppData\Local\Temp\_is524B.exe
C:\Users\Jacob\AppData\Local\Temp\_isA55A.exe
C:\Users\Jacob\AppData\Local\Temp\_isAF80.exe
C:\Users\Jacob\AppData\Local\Temp\_isCA34.exe
Hosts:
Emptytemp:
end
*****************
 
"HKU\S-1-5-21-3949139464-329665614-2156926167-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FC211E1A9F7A}" => key removed successfully
"HKU\S-1-5-21-3949139464-329665614-2156926167-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aeriagames.com" => key removed successfully
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aeriagames.com => key not found. 
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => key removed successfully
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInternetIcon => value removed successfully
"HKU\S-1-5-21-3949139464-329665614-2156926167-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9ff8ee9-44c0-11e5-9bd6-c86000d089eb}" => key removed successfully
HKCR\CLSID\{e9ff8ee9-44c0-11e5-9bd6-c86000d089eb} => key not found. 
"HKU\S-1-5-21-3949139464-329665614-2156926167-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f469e49d-50e0-11e5-9be0-c86000d089eb}" => key removed successfully
HKCR\CLSID\{f469e49d-50e0-11e5-9be0-c86000d089eb} => key not found. 
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3949139464-329665614-2156926167-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3949139464-329665614-2156926167-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
"HKCR\PROTOCOLS\Handler\WSWSVCUchrome" => key removed successfully
FF ProfilePath: C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\rb5fxjsj.default-1457046809890 => FRST is scripted not to move this directory.
Chrome HomePage => removed successfully
Chrome Session Restore: => removed successfully
C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif => moved successfully
C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped => moved successfully
C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf => moved successfully
xhunter1 => service removed successfully
esgiguard => service removed successfully
wfpcapture => service removed successfully
C:\Users\Jacob\Desktop\Old Firefox Data => moved successfully
C:\Users\Public\Desktop\Anvi Browser Repair Tool.lnk => moved successfully
C:\Users\Jacob\Documents\AkamaiFree.reg => moved successfully
 
=========  dir /s C:\WINDOWS\B3CB613C58D34692B2DA8F3EAC6288D4.TMP =========
 
 Volume in drive C has no label.
 Volume Serial Number is 6429-DF4B
 
 Directory of C:\WINDOWS\B3CB613C58D34692B2DA8F3EAC6288D4.TMP
 
03/03/2016  02:28 PM    <DIR>          .
03/03/2016  02:28 PM    <DIR>          ..
03/03/2016  02:28 PM            27,499 WiseCustomCall.dll
03/03/2016  02:28 PM           179,526 WiseCustomCalla.dll
03/03/2016  02:28 PM           176,545 WiseCustomCalla17.dll
03/03/2016  02:28 PM           179,526 WiseCustomCalla18.exe
03/03/2016  02:28 PM           176,035 WiseCustomCalla19.dll
03/03/2016  02:28 PM           176,035 WiseCustomCalla2.dll
03/03/2016  02:28 PM           175,992 WiseCustomCalla20.dll
03/03/2016  02:28 PM           180,508 WiseCustomCalla21.dll
03/03/2016  11:11 AM           180,508 WiseCustomCalla21.exe
03/03/2016  02:28 PM             7,721 WiseData.ini
              10 File(s)      1,459,895 bytes
 
     Total Files Listed:
              10 File(s)      1,459,895 bytes
               2 Dir(s)  19,417,853,952 bytes free
 
========= End of CMD: =========
 
 
=========  type "C:\WINDOWS\B3CB613C58D34692B2DA8F3EAC6288D4.TMP" =========
 
Access is denied.
 
========= End of CMD: =========
 
C:\Program Files (x86)\Enigma Software Group => moved successfully
C:\Users\Jacob\AppData\Roaming\Enigma Software Group => moved successfully
C:\Users\Jacob\AppData\Local\Rogue Amoeba => moved successfully
C:\ProgramData\HitmanPro => moved successfully
C:\Users\Jacob\AppData\LocalLow\SUPERHOT_Team => moved successfully
C:\Users\Jacob\AppData\Local\SUPERHOT_Sp_z_o.o => moved successfully
C:\Users\Jacob\AppData\LocalLow\SUPERHOT Team => moved successfully
C:\Users\Jacob\AppData\Roaming\Audiokinetic => moved successfully
C:\Users\Jacob\AppData\Roaming\SmartSteamEmu => moved successfully
C:\Users\Jacob\AppData\Local\recently-used.xbel => moved successfully
C:\Users\Jacob\AppData\Roaming\HexChat => moved successfully
C:\Users\Jacob\AppData\Roaming\Warner Bros. Interactive Entertainment => moved successfully
C:\Users\Jacob\AppData\Roaming\ImgBurn => moved successfully
C:\Users\Jacob\AppData\Roaming\WinISO Computing => moved successfully
C:\Users\Jacob\AppData\Roaming\Auto Clicker => moved successfully
C:\Users\Jacob\AppData\Roaming\K-Meleon => moved successfully
C:\Users\Jacob\AppData\Roaming\vlc => moved successfully
C:\Users\Jacob\AppData\Roaming\FrostWire => moved successfully
C:\Users\Jacob\AppData\Roaming\Citra team => moved successfully
C:\Users\Jacob\AppData\Roaming\Winamp => moved successfully
C:\ProgramData\Package Cache => moved successfully
C:\Users\Jacob\AppData\Roaming\BitTorrent => moved successfully
C:\Users\Jacob\AppData\Local\CrashDumps => moved successfully
C:\Users\Jacob\AppData\LocalLow\BitTorrent => moved successfully
C:\Users\Jacob\AppData\Roaming\BoL => moved successfully
C:\WINDOWS\System32\Tasks\NCH Software => moved successfully
C:\Users\Jacob\AppData\Roaming\Riot Games => moved successfully
C:\Users\Jacob\AppData\Roaming\Sony => moved successfully
C:\Users\Jacob\AppData\Roaming\Audacity => moved successfully
C:\Users\Jacob\AppData\Roaming\OBS => moved successfully
C:\Users\Jacob\AppData\Roaming\Battle.net => moved successfully
 
"C:\Users\Jacob\AppData\Local\Packages" folder move:
 
Could not move "C:\Users\Jacob\AppData\Local\Packages" => Scheduled to move on reboot.
 
 
"C:\Users\Jacob\AppData\Local\Comms" folder move:
 
Could not move "C:\Users\Jacob\AppData\Local\Comms" => Scheduled to move on reboot.
 
C:\Users\Jacob\AppData\Roaming\SpaceEngineers => moved successfully
C:\Users\Jacob\AppData\Roaming\CodeBlocks => moved successfully
C:\Users\Jacob\AppData\Roaming\Adobe PNG Format CS6 Prefs => moved successfully
"C:\Users\Jacob\AppData\Local\recently-used.xbel" => not found.
C:\Users\Jacob\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\Jacob\AppData\Local\Temp\130933816155906556.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\130933816297829832.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\13093381634296261781.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\13093381649280305191.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\130933816838267715.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\13093381695932556335.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\130933817353067925.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\13093381746702688669.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\130933817609823706.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\13093381773366082865.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\AAMHelper.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\AdobeApplicationManager.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\Bass.dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\Bass.Net.dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\borlndlm.dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\DelC5FD.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\drm_dialogs.dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpd2fexj.dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\DSETUP.dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\dsetup32.dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\dt_3115.tmp.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\DXSETUP.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\FreemakeVideoDownloaderFull.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\JDSetup130933818864850490.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\jre-8u66-windows-au.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\jre-8u73-windows-au.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\LSW3.Dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.60.16.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.61.1.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.61.13.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\Nexus Mod Manager-0.61.5.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\npp.6.8.6.Installer.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\npp.6.8.8.Installer.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\nvSCPAPI.dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\nvSCPAPI64.dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\nvStInst.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\proxy_vole524738876908531706.dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\proxy_vole7797790257355062845.dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\proxy_vole804048800473882900.dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll => moved successfully
C:\Users\Jacob\AppData\Local\Temp\xmlUpdater.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\_is3191.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\_is524B.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\_isA55A.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\_isAF80.exe => moved successfully
C:\Users\Jacob\AppData\Local\Temp\_isCA34.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.7 GB temporary data Removed.
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-09 16:27:07)
 
C:\Users\Jacob\AppData\Local\Packages => moved successfully
C:\Users\Jacob\AppData\Local\Comms => Is moved successfully
 
==== End of Fixlog 16:27:07 ====


#7 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 AM

Posted 13 March 2016 - 03:18 PM

Hello,

Are you still with me.?


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#8 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,625 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 PM

Posted 23 March 2016 - 04:00 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/607037 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users