TechSpot

Possible Virus

By dsb2448
Jun 17, 2016
  1. Ensured the Anti-Virus is up to date.
    Downloaded Farbar Recovery Scan Tool and ran it.


    FRST.txt


    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
    Ran by Scott (administrator) on SCOTTS_LAPTOP (17-06-2016 09:59:20)
    Running from C:\Users\Scott\Desktop
    Loaded Profiles: Scott (Available Profiles: Scott & MSSQLFDLauncher$MSSQLSERVER2014)
    Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    () C:\Windows\BinEssentials\BinEssentials1110\BinEssentials.exe
    (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
    (JetBrains s.r.o) C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
    (Bitvise Limited) C:\Program Files\Bitvise SSH Server\BvSshServer.exe
    (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
    (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\pg_ctl.exe
    (hxxp://www.ruby-lang.org/) C:\metasploit\ruby\bin\ruby.exe
    (hxxp://www.ruby-lang.org/) C:\metasploit\ruby\bin\ruby.exe
    (hxxp://www.ruby-lang.org/) C:\metasploit\ruby\bin\ruby.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER2014\Reporting Services\ReportServer\bin\ReportingServicesService.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS12.MSSQLSERVER2014\OLAP\bin\msmdsrv.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    () C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    () C:\Windows\System32\igfxTray.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
    () C:\Program Files\StageLight\StagelightUpdate.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (Akamai Technologies, Inc.) C:\Users\Scott\AppData\Local\Akamai\netsession_win.exe
    (Akamai Technologies, Inc.) C:\Users\Scott\AppData\Local\Akamai\netsession_win.exe
    (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
    (Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
    (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
    (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
    (Lenovo) C:\Users\Scott\AppData\Local\Apps\2.0\62P143E9.PVX\GDLK0JCP.YBR\lsb...tion_91a10ba61c75c82d_0001.0005_a24d0d716055ed94\LSB.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Microsoft Corporation) C:\Windows\System32\msiexec.exe
    (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
    (Microsoft Corporation) C:\Windows\System32\SrTasks.exe
    (Microsoft Corporation) C:\Windows\System32\SrTasks.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
    () C:\ProgramData\Avg_Update_0516pi\AVG-Secure-Search-Update_0516pi.exe
    () C:\ProgramData\Avg_Update_0516pi\AVG-Secure-Search-Update_0516pi.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [402344 2015-12-19] ()
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-09-24] (Intel Corporation)
    HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
    HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-10-29] (Lenovo(beijing) Limited)
    HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-10-29] (Lenovo(beijing) Limited)
    HKLM\...\Run: [StageLightUpdate] => C:\Program Files\Stagelight\StagelightUpdate.exe [1397208 2014-10-31] ()
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15009400 2015-10-14] (Logitech Inc.)
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-10-22] (IDT, Inc.)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
    HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
    HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
    HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-08-26] (cyberlink)
    HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-02-27] (Power Software Ltd)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23972712 2016-05-31] (Dropbox, Inc.)
    HKLM-x32\...\Run: [Bitvise SSH Server Activation State Checker] => C:\Program Files\Bitvise SSH Server\BssActStateCheck.exe [245576 2015-08-05] (Bitvise Limited)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
    HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-05-18] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6570256 2016-06-09] (AVG Technologies CZ, s.r.o.)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2850384 2016-06-16] (Valve Corporation)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [Google Update] => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [11662848 2015-02-07] (Sand Studio)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Scott\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8547320 2016-01-20] (Binary Fortress Software)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [CS Dispatch] => C:\Users\Scott\AppData\Roaming\KaiJet\WormholeSwitch1117\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\Wormhole.exe [564304 2012-09-12] (KaiJet)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [MyComGames] => C:\Users\Scott\AppData\Local\MyComGames\MyComGames.exe [4071368 2015-08-03] ()
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\RunOnce: [PandaRunOnce] => C:\Users\Scott\Desktop\PANDAFREEAV.exe [2252720 2016-06-17] (Panda Security, S.L.)
    Lsa: [Authentication Packages] msv1_0 BvLsa
    ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Scott\AppData\Local\MEGAsync\ShellExtX64.dll No File
    ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Scott\AppData\Local\MEGAsync\ShellExtX64.dll No File
    ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Scott\AppData\Local\MEGAsync\ShellExtX64.dll No File
    ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Scott\AppData\Local\MEGAsync\ShellExtX32.dll No File
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Scott\AppData\Local\MEGAsync\ShellExtX32.dll No File
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Scott\AppData\Local\MEGAsync\ShellExtX32.dll No File
    Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PureVPN.lnk [2016-06-13]
    ShortcutTarget: PureVPN.lnk -> C:\Program Files (x86)\PureVPN\purevpn.exe (PureVPN)
    Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-10-30]
    ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
    Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-06-03]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\..\Interfaces\{589ca18f-ca28-4e51-b8ee-eaa55d172db6}: [NameServer] 8.8.8.8,208.104.2.36
    Tcpip\..\Interfaces\{fa6f26ed-a354-4d08-a180-9ee4c5f88571}: [NameServer] 8.8.8.8,4.4.4.4
    Tcpip\..\Interfaces\{fa6f26ed-a354-4d08-a180-9ee4c5f88571}: [DhcpNameServer] 8.8.8.8 208.104.2.36 208.104.244.45
    ManualProxies:

    Internet Explorer:
    ==================
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.google.com
    hxxp://home.lenovo.com
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://home.lenovo.com
    SearchScopes: HKU\.DEFAULT -> DefaultScope {D6DE40D8-08E4-4EC0-BBC8-AC8255F700C9} URL =
    SearchScopes: HKU\.DEFAULT -> {D6DE40D8-08E4-4EC0-BBC8-AC8255F700C9} URL =
    SearchScopes: HKU\S-1-5-21-437364399-4149591236-704665920-1001 -> {DAAC625F-CE8C-11E4-8285-D897BA3DCFE6} URL =
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation)
    BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-07] (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911
    FF NewTab: hxxps://www.google.com
    FF DefaultSearchEngine: Yahoo!
    FF DefaultSearchEngine.US: Google
    FF SelectedSearchEngine: Yahoo!
    FF Homepage: hxxp://www.google.com/
    FF Keyword.URL: hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=926458&p=
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-17] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-17] ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-04-27] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-04-27] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-437364399-4149591236-704665920-1001: @my.com/Games -> C:\Users\Scott\AppData\Local\MyComGames\NPMyComDetector.dll [2015-08-03] (My.com, Inc)
    FF Plugin HKU\S-1-5-21-437364399-4149591236-704665920-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin HKU\S-1-5-21-437364399-4149591236-704665920-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin HKU\S-1-5-21-437364399-4149591236-704665920-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
    FF Plugin HKU\S-1-5-21-437364399-4149591236-704665920-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-05-05] (The Happy Cloud)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
    FF Extension: Flash and Video Download - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-05-26]
    FF Extension: Tree Style Tab - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\extensions\treestyletab@piro.sakura.ne.jp.xpi [2016-06-17]
    FF Extension: YouTube Video and Audio Downloader - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2016-06-02]
    FF Extension: Ghostery - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\Extensions\firefox@ghostery.com.xpi [2016-05-03]
    FF Extension: Imagus - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2016-05-27]
    FF Extension: Adblock Plus - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
    FF Extension: YouTube Flash Video Player - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-05-03]

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR HomePage: Default -> hxxps://search.yahoo.com/?type=926458&fr=yo-yhp-ch
    CHR DefaultSearchKeyword: Default -> google.com_
    CHR Profile: C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (YouTube) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
    CHR Extension: (Adblock Plus) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-10]
    CHR Extension: (Google Search) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-10]
    CHR Extension: (Core) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkhcgfdghbiidgeccbldhfceleibkkpe [2016-06-10]
    CHR Extension: (Gmail) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
    CHR HKU\S-1-5-21-437364399-4149591236-704665920-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 Apache CouchDB01d083730f41c2b0; C:\Program Files (x86)\Apache Software Foundation\CouchDB\erts-5.10.3\bin\erlsrv.exe [146432 2014-01-05] () [File not signed]
    S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [636312 2016-06-09] (AVG Technologies CZ, s.r.o.)
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5165824 2016-06-09] (AVG Technologies CZ, s.r.o.)
    R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080592 2016-05-18] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [705528 2016-06-09] (AVG Technologies CZ, s.r.o.)
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-03-30] ()
    R2 BinEssentials; C:\WINDOWS\BinEssentials\BinEssentials1110\BinEssentials.exe [6656 2016-05-23] () [File not signed]
    S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-12-05] (BitRaider, LLC)
    R2 BvSshServer; C:\Program Files\Bitvise SSH Server\BvSshServer.exe [14578032 2015-08-05] (Bitvise Limited)
    S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2015-12-20] (Microsoft Corporation)
    S2 CLKMSVC10_3A60B698; C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-08-26] (CyberLink)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-01] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-01] (Dropbox, Inc.)
    S2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [4616216 2016-01-20] (Binary Fortress Software)
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
    U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-09-24] (Intel Corporation)
    R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
    R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-21] (Intel Corporation)
    R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [22744 2015-02-05] (Microsoft Corporation)
    R2 jetbrainsetw.104.0.20151218.123142; C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe [1495248 2015-12-18] (JetBrains s.r.o)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
    S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-12-05] (Lenovo)
    R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-10-14] (Logitech Inc.)
    R2 metasploitPostgreSQL; C:\metasploit\postgresql\bin\pg_ctl.exe [76288 2015-05-29] (PostgreSQL Global Development Group) [File not signed]
    R2 metasploitProSvc; C:\metasploit\ruby\bin\ruby.exe [107178 2015-05-29] (hxxp://www.ruby-lang.org/) [File not signed]
    R2 metasploitThin; C:\metasploit\ruby\bin\ruby.exe [107178 2015-05-29] (hxxp://www.ruby-lang.org/) [File not signed]
    R2 metasploitWorker; C:\metasploit\ruby\bin\ruby.exe [107178 2015-05-29] (hxxp://www.ruby-lang.org/) [File not signed]
    S2 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [220840 2015-03-19] (Microsoft Corporation)
    R2 MSOLAP$MSSQLSERVER2014; C:\Program Files\Microsoft SQL Server\MSAS12.MSSQLSERVER2014\OLAP\bin\msmdsrv.exe [51156160 2015-04-21] (Microsoft Corporation)
    S2 MSSQL$MSSQLSERVER2014; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER2014\MSSQL\Binn\sqlservr.exe [372416 2015-06-09] (Microsoft Corporation)
    S3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [42168 2014-08-23] (Microsoft Corporation)
    S3 MSSQLFDLauncher$MSSQLSERVER2014; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER2014\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation)
    S2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62275248 2015-03-19] (Microsoft Corporation)
    S2 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe [53298864 2014-08-23] (Microsoft Corporation)
    R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
    R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
    S3 OpenVPNService; C:\Program Files (x86)\PureVPN\bin\openvpnserv.exe [31872 2015-12-23] (The OpenVPN Project)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-26] (Electronic Arts)
    R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.)
    R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-09-15] ()
    S2 PSGenUn; C:\SMCLpav\SMCLpav.exe [274168 2015-10-09] (Panda Security, S.L.)
    S2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2195120 2014-08-23] (Microsoft Corporation)
    R2 ReportServer$MSSQLSERVER2014; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER2014\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2467008 2015-04-21] (Microsoft Corporation)
    R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
    S3 SQLAgent$MSSQLSERVER2014; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER2014\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-09] (Microsoft Corporation)
    S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [443576 2014-08-23] (Microsoft Corporation)
    R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340992 2014-10-22] (IDT, Inc.) [File not signed]
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
    S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
    S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
    S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [File not signed]
    S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [File not signed]
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2014-10-10] (LG Electronics Inc.)
    S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2014-10-10] (LG Electronics Inc.)
    S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2014-10-10] (LG Electronics Inc.)
    S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [307456 2016-05-18] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-05-02] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [247040 2016-05-05] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [51968 2016-05-02] (AVG Technologies CZ, s.r.o.)
    R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71936 2016-05-05] (AVG Technologies CZ, s.r.o.)
    R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
    S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2014-12-12] (BitRaider)
    S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)
    S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-10-30] (Microsoft Corporation)
    S3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [57344 2015-10-30] (Microsoft Corp.)
    R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
    R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel Corporation)
    R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [74344 2013-07-02] (Intel Corporation)
    R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
    R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
    S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
    R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation)
    R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
    R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-18] (Riverbed Technology, Inc.)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
    S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2014-08-23] (Microsoft Corporation)
    R1 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-21] (Microsoft Corporation)
    R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
    R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
    R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
    R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [192352 2016-04-28] (Oracle Corporation)
    R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
    S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation)
    S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
    S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-28] (Microsoft Corporation)
    S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
    S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
    S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-06-17 09:59 - 2016-06-17 10:01 - 00042474 _____ C:\Users\Scott\Desktop\FRST.txt
    2016-06-17 09:59 - 2016-06-17 09:59 - 00000000 ____D C:\FRST
    2016-06-17 09:57 - 2016-06-17 09:57 - 00003584 _____ C:\WINDOWS\System32\Tasks\AVG-SSU_0516pi_DELETE
    2016-06-17 09:57 - 2016-06-17 09:57 - 00003172 _____ C:\WINDOWS\System32\Tasks\AVG-SSU_0516pi
    2016-06-17 09:57 - 2016-06-17 09:57 - 00000000 ____D C:\ProgramData\Avg_Update_0516pi
    2016-06-17 09:55 - 2016-06-17 09:55 - 00000000 ____D C:\Users\Scott\AppData\Roaming\AVG
    2016-06-17 09:54 - 2016-06-17 09:54 - 00001020 _____ C:\Users\Public\Desktop\AVG Protection.lnk
    2016-06-17 09:54 - 2016-06-17 09:54 - 00000000 ____D C:\Users\Scott\AppData\Roaming\TuneUp Software
    2016-06-17 09:54 - 2016-06-17 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2016-06-17 09:52 - 2016-06-17 09:52 - 02386944 _____ (Farbar) C:\Users\Scott\Desktop\FRST64.exe
    2016-06-17 09:51 - 2016-06-17 09:51 - 00000000 ___HD C:\$AVG
    2016-06-17 09:49 - 2016-06-17 09:50 - 00000000 ____D C:\Program Files (x86)\AVG
    2016-06-17 09:48 - 2016-06-17 09:58 - 00000000 ____D C:\ProgramData\MFAData
    2016-06-17 09:48 - 2016-06-17 09:55 - 00000000 ____D C:\Users\Scott\AppData\Local\Avg
    2016-06-17 09:48 - 2016-06-17 09:51 - 00000000 ____D C:\ProgramData\Avg
    2016-06-17 09:48 - 2016-06-17 09:49 - 00000000 ____D C:\Users\Scott\AppData\Local\AvgSetupLog
    2016-06-17 09:48 - 2016-06-17 09:48 - 05051824 _____ (AVG Technologies) C:\Users\Scott\Desktop\avg_free_stb_all_2015_ltst_176.exe
    2016-06-17 09:48 - 2016-06-17 09:48 - 00000000 ____D C:\Users\Scott\AppData\Local\MFAData
    2016-06-17 09:48 - 2016-06-17 09:48 - 00000000 ____D C:\Users\Scott\AppData\Local\Avg2015
    2016-06-17 09:44 - 2016-06-17 09:44 - 01000448 _____ C:\Users\Scott\Desktop\uninstaller.exe
    2016-06-17 09:44 - 2016-06-17 09:44 - 00000002 _____ C:\WINDOWS\RAVTC.TMP
    2016-06-17 09:44 - 2016-06-17 09:44 - 00000002 _____ C:\WINDOWS\RAVDG.TMP
    2016-06-17 09:44 - 2016-06-17 09:44 - 00000000 ____D C:\SMCLpav
    2016-06-17 09:33 - 2016-06-17 09:33 - 02252720 _____ (Panda Security, S.L.) C:\Users\Scott\Desktop\PANDAFREEAV.exe
    2016-06-14 22:54 - 2016-05-28 02:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-06-14 22:54 - 2016-05-28 02:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-06-14 22:54 - 2016-05-28 01:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
    2016-06-14 22:54 - 2016-05-28 01:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
    2016-06-14 22:54 - 2016-05-28 01:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
     
  2. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    2016-06-14 22:54 - 2016-05-28 01:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
    2016-06-14 22:54 - 2016-05-28 01:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
    2016-06-14 22:54 - 2016-05-28 01:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
    2016-06-14 22:54 - 2016-05-28 01:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2016-06-14 22:54 - 2016-05-28 01:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2016-06-14 22:54 - 2016-05-28 01:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2016-06-14 22:54 - 2016-05-28 01:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2016-06-14 22:54 - 2016-05-28 00:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2016-06-14 22:54 - 2016-05-28 00:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2016-06-14 22:54 - 2016-05-28 00:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2016-06-14 22:54 - 2016-05-28 00:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2016-06-14 22:54 - 2016-05-28 00:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2016-06-14 22:54 - 2016-05-28 00:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2016-06-14 22:54 - 2016-05-28 00:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2016-06-14 22:54 - 2016-05-28 00:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2016-06-14 22:54 - 2016-05-28 00:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
    2016-06-14 22:54 - 2016-05-28 00:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
    2016-06-14 22:54 - 2016-05-28 00:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
    2016-06-14 22:54 - 2016-05-28 00:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-06-14 22:54 - 2016-05-28 00:29 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll
    2016-06-14 22:54 - 2016-05-28 00:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
    2016-06-14 22:54 - 2016-05-28 00:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2016-06-14 22:54 - 2016-05-28 00:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
    2016-06-14 22:54 - 2016-05-28 00:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2016-06-14 22:54 - 2016-05-28 00:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2016-06-14 22:54 - 2016-05-28 00:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
    2016-06-14 22:54 - 2016-05-28 00:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
    2016-06-14 22:54 - 2016-05-28 00:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
    2016-06-14 22:54 - 2016-05-28 00:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
    2016-06-14 22:54 - 2016-05-28 00:25 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll
    2016-06-14 22:54 - 2016-05-28 00:25 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll
    2016-06-14 22:54 - 2016-05-28 00:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2016-06-14 22:54 - 2016-05-28 00:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
    2016-06-14 22:54 - 2016-05-28 00:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
    2016-06-14 22:54 - 2016-05-28 00:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
    2016-06-14 22:54 - 2016-05-28 00:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
    2016-06-14 22:54 - 2016-05-28 00:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2016-06-14 22:54 - 2016-05-28 00:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2016-06-14 22:54 - 2016-05-28 00:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2016-06-14 22:54 - 2016-05-28 00:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
    2016-06-14 22:54 - 2016-05-28 00:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
    2016-06-14 22:54 - 2016-05-28 00:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
    2016-06-14 22:54 - 2016-05-28 00:21 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll
    2016-06-14 22:54 - 2016-05-28 00:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
    2016-06-14 22:54 - 2016-05-28 00:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
    2016-06-14 22:54 - 2016-05-28 00:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
    2016-06-14 22:54 - 2016-05-28 00:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
    2016-06-14 22:54 - 2016-05-28 00:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
    2016-06-14 22:54 - 2016-05-28 00:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
    2016-06-14 22:54 - 2016-05-28 00:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-06-14 22:54 - 2016-05-28 00:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2016-06-14 22:54 - 2016-05-28 00:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
    2016-06-14 22:54 - 2016-05-28 00:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
    2016-06-14 22:54 - 2016-05-28 00:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-06-14 22:54 - 2016-05-28 00:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2016-06-14 22:54 - 2016-05-28 00:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
    2016-06-14 22:54 - 2016-05-28 00:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2016-06-14 22:54 - 2016-05-28 00:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2016-06-14 22:54 - 2016-05-28 00:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
    2016-06-14 22:54 - 2016-05-28 00:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2016-06-14 22:54 - 2016-05-28 00:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2016-06-14 22:54 - 2016-05-28 00:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2016-06-14 22:54 - 2016-05-28 00:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
    2016-06-14 22:54 - 2016-05-28 00:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
    2016-06-14 22:54 - 2016-05-28 00:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2016-06-14 22:54 - 2016-05-28 00:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
    2016-06-14 22:54 - 2016-05-28 00:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
    2016-06-14 22:54 - 2016-05-28 00:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
    2016-06-14 22:54 - 2016-05-28 00:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
    2016-06-14 22:54 - 2016-05-28 00:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
    2016-06-14 22:54 - 2016-05-28 00:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2016-06-14 22:54 - 2016-05-28 00:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2016-06-14 22:54 - 2016-05-28 00:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2016-06-14 22:54 - 2016-05-28 00:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
    2016-06-14 22:54 - 2016-05-28 00:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2016-06-14 22:54 - 2016-05-28 00:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
    2016-06-14 22:54 - 2016-05-28 00:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2016-06-14 22:54 - 2016-05-28 00:14 - 03292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
    2016-06-14 22:54 - 2016-05-28 00:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
    2016-06-14 22:54 - 2016-05-28 00:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-06-14 22:54 - 2016-05-28 00:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2016-06-14 22:54 - 2016-05-28 00:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
    2016-06-14 22:54 - 2016-05-28 00:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2016-06-14 22:54 - 2016-05-28 00:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
    2016-06-14 22:54 - 2016-05-28 00:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2016-06-14 22:54 - 2016-05-28 00:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2016-06-14 22:54 - 2016-05-28 00:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
    2016-06-14 22:54 - 2016-05-28 00:11 - 02470912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll
    2016-06-14 22:54 - 2016-05-28 00:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
    2016-06-14 22:54 - 2016-05-28 00:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
    2016-06-14 22:54 - 2016-05-28 00:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2016-06-14 22:54 - 2016-05-28 00:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2016-06-14 22:54 - 2016-05-28 00:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
    2016-06-14 22:54 - 2016-05-28 00:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-06-14 22:54 - 2016-05-28 00:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2016-06-14 22:54 - 2016-05-28 00:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-06-14 22:54 - 2016-05-28 00:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2016-06-14 22:54 - 2016-05-28 00:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
    2016-06-14 22:54 - 2016-05-28 00:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2016-06-14 22:54 - 2016-05-28 00:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2016-06-14 22:54 - 2016-05-28 00:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2016-06-14 22:54 - 2016-05-28 00:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2016-06-14 22:54 - 2016-05-28 00:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2016-06-14 22:54 - 2016-05-28 00:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
    2016-06-14 22:54 - 2016-05-28 00:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
    2016-06-14 22:54 - 2016-05-28 00:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
    2016-06-14 22:54 - 2016-05-28 00:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2016-06-14 22:54 - 2016-05-28 00:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2016-06-14 22:54 - 2016-05-28 00:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2016-06-14 22:54 - 2016-05-28 00:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2016-06-14 22:54 - 2016-05-28 00:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2016-06-14 22:54 - 2016-05-28 00:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
    2016-06-14 22:54 - 2016-05-27 23:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-06-14 22:54 - 2016-05-27 23:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2016-06-14 22:53 - 2016-05-28 02:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2016-06-14 22:53 - 2016-05-28 02:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2016-06-14 22:53 - 2016-05-28 02:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2016-06-14 22:53 - 2016-05-28 02:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-06-14 22:53 - 2016-05-28 01:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-06-14 22:53 - 2016-05-28 01:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2016-06-14 22:53 - 2016-05-28 01:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
    2016-06-14 22:53 - 2016-05-28 01:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2016-06-14 22:53 - 2016-05-28 01:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2016-06-14 22:53 - 2016-05-28 01:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
    2016-06-14 22:53 - 2016-05-28 01:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
    2016-06-14 22:53 - 2016-05-28 01:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
    2016-06-14 22:53 - 2016-05-28 01:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2016-06-14 22:53 - 2016-05-28 01:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
    2016-06-14 22:53 - 2016-05-28 01:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
    2016-06-14 22:53 - 2016-05-28 01:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2016-06-14 22:53 - 2016-05-28 01:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2016-06-14 22:53 - 2016-05-28 01:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2016-06-14 22:53 - 2016-05-28 01:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2016-06-14 22:53 - 2016-05-28 01:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2016-06-14 22:53 - 2016-05-28 01:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2016-06-14 22:53 - 2016-05-28 01:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2016-06-14 22:53 - 2016-05-28 01:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2016-06-14 22:53 - 2016-05-28 01:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2016-06-14 22:53 - 2016-05-28 01:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
    2016-06-14 22:53 - 2016-05-28 01:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2016-06-14 22:53 - 2016-05-28 01:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-06-14 22:53 - 2016-05-28 01:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2016-06-14 22:53 - 2016-05-28 01:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
    2016-06-14 22:53 - 2016-05-28 01:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
    2016-06-14 22:53 - 2016-05-28 01:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
    2016-06-14 22:53 - 2016-05-28 00:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2016-06-14 22:53 - 2016-05-28 00:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2016-06-14 22:53 - 2016-05-28 00:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2016-06-14 22:53 - 2016-05-28 00:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2016-06-14 22:53 - 2016-05-28 00:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
    2016-06-14 22:53 - 2016-05-28 00:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
    2016-06-14 22:53 - 2016-05-28 00:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2016-06-14 22:53 - 2016-05-28 00:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
    2016-06-14 22:53 - 2016-05-28 00:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2016-06-14 22:53 - 2016-05-28 00:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
    2016-06-14 22:53 - 2016-05-28 00:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2016-06-14 22:53 - 2016-05-28 00:25 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
    2016-06-14 22:53 - 2016-05-28 00:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2016-06-14 22:53 - 2016-05-28 00:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
    2016-06-14 22:53 - 2016-05-28 00:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2016-06-14 22:53 - 2016-05-28 00:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2016-06-14 22:53 - 2016-05-28 00:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
    2016-06-14 22:53 - 2016-05-28 00:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
    2016-06-14 22:53 - 2016-05-28 00:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
    2016-06-14 22:53 - 2016-05-28 00:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2016-06-14 22:53 - 2016-05-28 00:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
    2016-06-14 22:53 - 2016-05-28 00:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
    2016-06-14 22:53 - 2016-05-28 00:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2016-06-14 22:53 - 2016-05-28 00:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2016-06-14 22:53 - 2016-05-28 00:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
    2016-06-14 22:53 - 2016-05-28 00:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2016-06-14 22:53 - 2016-05-28 00:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2016-06-14 22:53 - 2016-05-28 00:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2016-06-14 22:53 - 2016-05-28 00:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
    2016-06-14 22:53 - 2016-05-28 00:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
    2016-06-14 22:53 - 2016-05-28 00:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
    2016-06-14 22:53 - 2016-05-28 00:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2016-06-14 22:53 - 2016-05-28 00:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2016-06-14 22:53 - 2016-05-28 00:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2016-06-14 22:53 - 2016-05-28 00:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2016-06-14 22:53 - 2016-05-28 00:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2016-06-14 22:53 - 2016-05-28 00:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
    2016-06-14 22:53 - 2016-05-28 00:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2016-06-14 22:53 - 2016-05-28 00:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
    2016-06-14 22:53 - 2016-05-28 00:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2016-06-14 22:53 - 2016-05-28 00:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2016-06-14 22:53 - 2016-05-28 00:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2016-06-14 22:53 - 2016-05-28 00:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
    2016-06-14 22:53 - 2016-05-28 00:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2016-06-14 22:53 - 2016-05-28 00:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2016-06-14 22:53 - 2016-05-28 00:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
    2016-06-14 22:53 - 2016-05-28 00:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
    2016-06-14 22:53 - 2016-05-28 00:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
    2016-06-14 22:53 - 2016-05-28 00:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
    2016-06-14 22:53 - 2016-05-28 00:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2016-06-14 22:53 - 2016-05-28 00:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2016-06-14 22:53 - 2016-05-28 00:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2016-06-14 22:53 - 2016-05-28 00:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
    2016-06-14 22:53 - 2016-05-28 00:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
    2016-06-14 22:53 - 2016-05-28 00:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2016-06-14 22:53 - 2016-05-28 00:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2016-06-14 22:53 - 2016-05-28 00:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-06-14 22:53 - 2016-05-28 00:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2016-06-14 22:53 - 2016-05-28 00:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
    2016-06-14 22:53 - 2016-05-28 00:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2016-06-14 22:53 - 2016-05-28 00:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-06-14 22:53 - 2016-05-28 00:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2016-06-14 22:53 - 2016-05-28 00:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2016-06-14 22:53 - 2016-05-28 00:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-06-14 22:53 - 2016-05-28 00:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2016-06-14 22:53 - 2016-05-28 00:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2016-06-14 22:53 - 2016-05-28 00:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2016-06-14 22:53 - 2016-05-27 23:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2016-06-14 22:53 - 2016-05-27 23:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-06-14 22:53 - 2016-05-27 23:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-06-14 22:53 - 2016-05-27 23:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
    2016-06-14 22:53 - 2016-05-27 23:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2016-06-14 22:53 - 2016-05-27 23:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2016-06-14 22:53 - 2016-05-27 23:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
    2016-06-10 15:13 - 2016-06-10 15:13 - 00000000 ____D C:\Users\Scott\Tracing
    2016-06-10 15:12 - 2016-06-10 15:12 - 00000000 ___RD C:\Program Files (x86)\Skype
    2016-06-10 15:12 - 2016-06-10 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2016-06-06 20:35 - 2016-06-06 20:35 - 00000000 ____D C:\Program Files (x86)\PDFCanvas
    2016-06-05 00:58 - 2016-06-05 00:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2016-06-04 11:23 - 2016-06-04 11:23 - 00000000 ____D C:\WINDOWS\BinEssentials
    2016-06-03 12:13 - 2016-06-03 12:13 - 00000218 _____ C:\Users\Scott\AppData\Local\recently-used.xbel
    2016-06-02 23:08 - 2016-06-05 00:36 - 00000000 ____D C:\Users\Scott\Notebooks
    2016-05-31 21:58 - 2016-05-31 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
    2016-05-31 14:15 - 2016-06-10 23:54 - 00000000 ____D C:\ProgramData\Hero Lab
    2016-05-31 14:15 - 2016-06-01 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hero Lab
    2016-05-31 14:15 - 2016-06-01 17:55 - 00000000 ____D C:\Program Files (x86)\Hero Lab
    2016-05-31 14:15 - 2016-06-01 17:52 - 00000000 ____D C:\Users\Scott\Documents\Hero Lab
    2016-05-28 01:08 - 2016-05-28 01:08 - 00000000 ____D C:\Users\Scott\AppData\Local\USQLDataRoot
    2016-05-27 23:40 - 2016-05-27 23:40 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET Core 1.0 RC2 Local Feed
    2016-05-27 23:38 - 2016-05-27 23:39 - 00000000 ____D C:\Program Files\dotnet
    2016-05-27 21:59 - 2016-05-27 21:59 - 00000000 ____D C:\ProgramData\MonoTouch
    2016-05-27 21:59 - 2016-05-27 21:59 - 00000000 ____D C:\ProgramData\Mono for Android
    2016-05-27 21:33 - 2016-05-27 21:33 - 00000000 ____D C:\ProgramData\Monodoc
    2016-05-27 21:33 - 2016-05-27 21:33 - 00000000 ____D C:\Program Files (x86)\Xamarin
    2016-05-27 21:29 - 2016-05-27 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
    2016-05-27 21:28 - 2016-05-27 21:29 - 00000000 ____D C:\ProgramData\Git
    2016-05-27 21:28 - 2016-05-27 21:29 - 00000000 ____D C:\Program Files\Git
    2016-05-27 20:28 - 2016-05-27 20:28 - 00000000 ____D C:\Program Files (x86)\Common7
    2016-05-27 19:50 - 2016-05-27 19:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Azure Tools
    2016-05-27 19:48 - 2016-05-27 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Hive ODBC Driver 1.0 (64-bit)
    2016-05-27 19:48 - 2016-05-27 19:48 - 00000000 ____D C:\Program Files\VS2012Schemas
    2016-05-27 19:47 - 2016-05-27 19:48 - 00000000 ____D C:\Program Files\Microsoft Hive ODBC Driver
    2016-05-27 19:47 - 2016-05-27 19:47 - 03342336 _____ C:\Users\Scott\AzureStorageEmulatorDb44.mdf
    2016-05-27 19:47 - 2016-05-27 19:47 - 00835584 _____ C:\Users\Scott\AzureStorageEmulatorDb44_log.ldf
    2016-05-27 19:47 - 2016-05-27 19:47 - 00000000 ____D C:\Users\Scott\AppData\Local\AzureStorageEmulator
    2016-05-27 19:47 - 2016-05-27 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Hive ODBC Driver 1.0 (32-bit)
    2016-05-27 19:47 - 2016-05-27 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Azure
    2016-05-27 19:47 - 2016-05-27 19:47 - 00000000 ____D C:\ProgramData\dftmp
    2016-05-27 19:47 - 2016-05-27 19:47 - 00000000 ____D C:\Program Files\Microsoft SDKs
    2016-05-27 19:47 - 2016-05-27 19:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Hive ODBC Driver
    2016-05-27 19:46 - 2016-05-27 19:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Azure Quickstarts
    2016-05-26 12:46 - 2016-05-26 12:46 - 00000000 ____D C:\Users\Scott\AppData\LocalLow\DefaultCompany
    2016-05-26 12:20 - 2016-05-26 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.3.5f1 (64-bit)
    2016-05-26 12:19 - 2016-05-26 12:21 - 00000000 ____D C:\Program Files\Unity
    2016-05-23 12:27 - 2016-05-23 12:27 - 00000000 ____D C:\Users\Scott\Documents\Floor Plan Maker
    2016-05-23 12:27 - 2016-05-23 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Floor Plan Maker 7.9
    2016-05-23 12:27 - 2016-05-23 12:27 - 00000000 ____D C:\Program Files (x86)\Floor Plan Maker
    2016-05-21 19:54 - 2016-05-21 19:54 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
    2016-05-18 12:13 - 2016-05-18 12:13 - 00307456 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-06-17 09:57 - 2015-10-30 02:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
    2016-06-17 09:57 - 2014-12-03 09:06 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-06-17 09:54 - 2015-10-30 03:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
    2016-06-17 09:52 - 2015-08-01 14:47 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2016-06-17 09:47 - 2014-12-07 03:09 - 00000000 ____D C:\Users\Scott\AppData\Local\CrashDumps
    2016-06-17 09:45 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
    2016-06-17 09:40 - 2014-12-12 02:08 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-06-17 09:37 - 2014-12-03 21:08 - 00000000 ____D C:\Users\Scott\XBMC Media
    2016-06-17 09:34 - 2015-09-22 17:10 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-06-17 09:32 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-06-17 09:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-06-17 09:26 - 2015-12-20 14:01 - 00000000 ____D C:\Users\Scott\AppData\Local\Deployment
    2016-06-17 09:25 - 2015-12-20 10:09 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2016-06-17 09:25 - 2015-09-22 17:10 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-06-17 09:25 - 2015-08-01 14:47 - 00000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2016-06-17 09:25 - 2014-12-08 23:54 - 00000000 __SHD C:\Users\Scott\IntelGraphicsProfiles
    2016-06-17 05:14 - 2015-01-16 10:25 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-437364399-4149591236-704665920-1001UA.job
    2016-06-17 05:02 - 2015-04-15 22:07 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2016-06-17 02:29 - 2015-03-08 20:36 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Kodi
    2016-06-16 23:20 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-06-16 23:19 - 2015-05-11 09:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2016-06-16 23:14 - 2015-01-16 10:25 - 00000884 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-437364399-4149591236-704665920-1001Core.job
    2016-06-16 23:09 - 2015-12-20 10:16 - 00000000 ____D C:\Users\Scott
    2016-06-16 23:09 - 2014-12-03 23:50 - 00000000 __RHD C:\Users\Public\AccountPictures
    2016-06-16 23:08 - 2015-12-20 10:16 - 01346272 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-06-16 23:04 - 2015-12-20 11:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-06-16 23:04 - 2015-12-20 10:10 - 00000000 ____D C:\ProgramData\NVIDIA
    2016-06-16 23:04 - 2015-12-20 10:04 - 05068496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-06-16 23:04 - 2015-08-19 01:49 - 00147656 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_3A60B698.sys
    2016-06-16 23:04 - 2014-12-11 11:36 - 00000091 _____ C:\HaxLogs.txt
    2016-06-16 17:03 - 2015-10-30 02:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
    2016-06-16 17:00 - 2015-10-30 03:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2016-06-16 17:00 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2016-06-16 17:00 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\bcastdvr
    2016-06-16 16:14 - 2016-05-07 21:32 - 00000000 ____D C:\Users\Scott\Desktop\New folder (2)
    2016-06-16 16:10 - 2014-12-20 09:24 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E398E112-0111-4A16-AEB9-3F142D7E6517}
    2016-06-16 11:54 - 2015-03-08 20:56 - 00000000 ____D C:\Users\Scott\AppData\Roaming\vlc
    2016-06-15 14:19 - 2013-08-22 09:25 - 00000167 _____ C:\WINDOWS\win.ini
    2016-06-15 14:15 - 2014-12-03 13:38 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-06-15 14:06 - 2014-12-03 13:38 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-06-15 10:04 - 2014-12-03 08:53 - 00000000 ____D C:\Users\Scott\AppData\Local\Packages
    2016-06-14 14:33 - 2015-10-30 03:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2016-06-14 14:33 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2016-06-13 08:35 - 2015-11-17 10:27 - 00000000 ____D C:\ProgramData\purevpn
    2016-06-12 23:21 - 2014-12-23 19:20 - 00000000 ____D C:\Users\Scott\Documents\Mount&Blade Warband Savegames
    2016-06-12 15:05 - 2014-12-19 00:19 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Skype
    2016-06-12 01:41 - 2015-09-08 08:23 - 00000000 ____D C:\Users\Scott\.oracle_jre_usage
    2016-06-10 19:49 - 2015-05-16 10:28 - 00000132 _____ C:\Users\Scott\AppData\Roaming\Adobe PNG Format CS6 Prefs
    2016-06-10 18:34 - 2014-12-03 11:52 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
    2016-06-10 15:12 - 2014-12-19 00:19 - 00000000 ____D C:\Users\Scott\AppData\Local\Skype
    2016-06-10 15:12 - 2014-12-19 00:13 - 00000000 ____D C:\ProgramData\Skype
    2016-06-08 20:36 - 2014-12-03 10:11 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-06-07 23:55 - 2015-08-19 18:32 - 00000258 __RSH C:\ProgramData\ntuser.pol
    2016-06-07 23:52 - 2015-10-30 03:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
    2016-06-07 23:51 - 2015-12-20 10:16 - 00000000 ____D C:\Users\MSSQLFDLauncher$MSSQLSERVER2014
    2016-06-07 23:51 - 2015-09-22 09:15 - 00000000 ____D C:\Users\Scott\OS ISO
    2016-06-07 23:03 - 2015-04-15 22:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2016-06-07 23:02 - 2015-04-15 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-06-07 08:19 - 2016-05-12 16:55 - 00007387 _____ C:\WINDOWS\system32\hst.pcm
    2016-06-06 20:25 - 2016-04-07 18:53 - 00000000 ____D C:\Users\Scott\AppData\Local\Discord
    2016-06-06 20:25 - 2016-04-07 18:52 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
    2016-06-06 20:25 - 2015-01-13 22:00 - 00000000 ____D C:\Users\Scott\AppData\Local\SquirrelTemp
    2016-06-05 00:58 - 2015-08-01 14:47 - 00000000 ____D C:\Program Files (x86)\Dropbox
    2016-06-04 11:19 - 2014-12-05 09:56 - 00000000 ____D C:\Users\Scott\AppData\Local\Unity
    2016-06-03 14:50 - 2014-12-05 09:56 - 00000000 ____D C:\ProgramData\Unity
    2016-06-03 01:44 - 2015-10-31 08:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2016-06-02 11:56 - 2014-12-07 10:51 - 00000000 ____D C:\Program Files (x86)\TeamViewer
    2016-06-02 09:56 - 2015-10-16 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
    2016-06-02 09:56 - 2015-10-16 09:20 - 00000000 ____D C:\Program Files\Nexus Mod Manager
    2016-05-31 22:12 - 2014-12-15 12:57 - 00000000 ____D C:\Users\Scott\VirtualBox VMs
    2016-05-31 22:12 - 2014-12-15 12:56 - 00000000 ____D C:\Users\Scott\.VirtualBox
    2016-05-31 10:45 - 2015-02-03 15:43 - 00000000 ____D C:\Users\Scott\AppData\Local\Pushbullet
    2016-05-31 07:37 - 2015-09-22 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    2016-05-29 13:55 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
    2016-05-28 01:55 - 2015-12-20 10:08 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2016-05-28 01:11 - 2015-09-10 19:00 - 00000000 ____D C:\Users\Scott\Documents\Visual Studio 2015
    2016-05-28 00:11 - 2015-07-28 19:51 - 00000000 ____D C:\Users\Scott\Game ISO
    2016-05-28 00:07 - 2014-10-29 04:03 - 00000000 ____D C:\ProgramData\Package Cache
    2016-05-27 23:54 - 2015-09-10 18:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
    2016-05-27 23:52 - 2015-01-28 19:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
    2016-05-27 23:40 - 2014-12-03 13:48 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
    2016-05-27 22:03 - 2015-10-30 03:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2016-05-27 22:03 - 2014-12-22 22:10 - 00000000 ____D C:\Program Files\SharePoint Client Components
    2016-05-27 21:59 - 2015-09-10 19:05 - 00000000 ____D C:\Users\Scott\AppData\Local\Xamarin
    2016-05-27 21:35 - 2015-01-28 19:38 - 00000000 ____D C:\Program Files (x86)\AppInsights
    2016-05-27 21:33 - 2015-12-20 12:52 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2016-05-27 20:55 - 2015-12-20 17:06 - 00001518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
    2016-05-27 20:55 - 2014-12-22 21:57 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
    2016-05-27 20:55 - 2014-12-22 21:53 - 00000000 ____D C:\WINDOWS\system32\1033
    2016-05-27 20:33 - 2014-12-22 21:58 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
    2016-05-27 20:29 - 2015-01-28 19:38 - 00000000 ____D C:\Program Files (x86)\NuGet
    2016-05-27 20:28 - 2015-09-10 18:43 - 00001509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
    2016-05-27 20:12 - 2015-01-16 17:25 - 00000000 ____D C:\Program Files (x86)\Java
    2016-05-27 20:12 - 2014-12-11 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-05-26 12:46 - 2015-05-29 17:08 - 00000000 ____D C:\Users\Scott\Documents\Unity Projects
    2016-05-26 12:46 - 2015-05-29 17:00 - 00000000 ____D C:\Users\Scott\AppData\LocalLow\Unity
    2016-05-26 12:08 - 2015-03-02 08:45 - 00000000 ____D C:\Users\Scott\Documents\Quill Tilemap
    2016-05-23 22:07 - 2015-04-12 15:23 - 00000000 ____D C:\Users\Scott\AppData\Roaming\DarkSoulsII
    2016-05-21 21:08 - 2014-12-29 16:10 - 00000000 ____D C:\Users\Scott\Documents\Adobe
    2016-05-21 21:08 - 2014-12-03 08:53 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Adobe
    2016-05-21 19:55 - 2015-09-16 04:27 - 00000000 ____D C:\tmp
    2016-05-21 19:51 - 2014-12-05 09:58 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Unity
    2016-05-21 17:39 - 2015-09-13 20:22 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2015 Tools for Unity
    2016-05-21 17:39 - 2015-08-28 00:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
    2016-05-18 08:14 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\NDF

    ==================== Files in the root of some directories =======

    2015-05-16 10:28 - 2016-06-10 19:49 - 0000132 _____ () C:\Users\Scott\AppData\Roaming\Adobe PNG Format CS6 Prefs
    2015-04-25 08:45 - 2015-06-08 11:51 - 0000600 _____ () C:\Users\Scott\AppData\Roaming\winscp.rnd
    2015-05-16 12:45 - 2015-05-16 12:45 - 0001456 _____ () C:\Users\Scott\AppData\Local\Adobe Save for Web 13.0 Prefs
    2015-07-30 15:33 - 2015-07-30 15:33 - 0000000 ___SH () C:\Users\Scott\AppData\Local\LumaEmu
    2015-04-25 07:50 - 2016-01-05 23:59 - 0000600 _____ () C:\Users\Scott\AppData\Local\PUTTY.RND
    2016-06-03 12:13 - 2016-06-03 12:13 - 0000218 _____ () C:\Users\Scott\AppData\Local\recently-used.xbel
    2015-05-05 23:03 - 2016-01-06 00:24 - 0007634 _____ () C:\Users\Scott\AppData\Local\resmon.resmoncfg
    2014-10-29 04:02 - 2014-10-29 04:02 - 0000000 ____N () C:\ProgramData\DP45977C.lfl
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000268 ___RH () C:\ProgramData\Hybrid Chords
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000268 ___RH () C:\ProgramData\Hybrid Morph
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000268 ___RH () C:\ProgramData\Hybrid Synthesizers
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000012 ___RH () C:\ProgramData\Internet Services
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000012 ___RH () C:\ProgramData\Jazz
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000012 ___RH () C:\ProgramData\Jingles
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
    2014-12-18 10:40 - 2015-05-30 13:55 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

    Files to move or delete:
    ====================
    C:\Users\Scott\connect.bat


    Some files in TEMP:
    ====================
    C:\Users\Admin\AppData\Local\Temp\drm_dyndata_7380006.dll
    C:\Users\Admin\AppData\Local\Temp\LenovoShareIt.exe
    C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll
    C:\Users\Admin\AppData\Local\Temp\nvStInst.exe
    C:\Users\Admin\AppData\Local\Temp\ose00001.exe
    C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Admin\AppData\Local\Temp\System.Data.SQLite.dll
    C:\Users\Admin\AppData\Local\Temp\System.Data.SQLitea74f23a0-8f5e-4dbd-93bd-65c53cee8f3a.dll
    C:\Users\Admin\AppData\Local\Temp\xmlUpdater.exe
    C:\Users\Admin\AppData\Local\Temp\_is1B66.exe
    C:\Users\Scott\AppData\Local\Temp\avg-9b143549-7322-4566-89be-a8079d1c6d79.exe
    C:\Users\Scott\AppData\Local\Temp\jre-8u66-windows-au.exe
    C:\Users\Scott\AppData\Local\Temp\jre-8u73-windows-au.exe
    C:\Users\Scott\AppData\Local\Temp\jre-8u77-windows-au.exe
    C:\Users\Scott\AppData\Local\Temp\jre-8u91-windows-au.exe
    C:\Users\Scott\AppData\Local\Temp\Nexus Mod Manager-0.61.13.exe
    C:\Users\Scott\AppData\Local\Temp\Nexus Mod Manager-0.61.23.exe
    C:\Users\Scott\AppData\Local\Temp\nvSCPAPI.dll
    C:\Users\Scott\AppData\Local\Temp\nvSCPAPI64.dll
    C:\Users\Scott\AppData\Local\Temp\nvStInst.exe
    C:\Users\Scott\AppData\Local\Temp\OKV50_GRAND_VINAY_PPI_3.exe
    C:\Users\Scott\AppData\Local\Temp\pushbullet_watchdog.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-06-16 12:10

    ==================== End of FRST.txt ============================
     
  3. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    Addition.txt

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:16-06-2016 01
    Ran by Scott (2016-06-17 10:02:30)
    Running from C:\Users\Scott\Desktop
    Windows 10 Home Version 1511 (X64) (2015-12-20 15:29:08)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-437364399-4149591236-704665920-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-437364399-4149591236-704665920-1006 - Limited - Enabled)
    DefaultAccount (S-1-5-21-437364399-4149591236-704665920-503 - Limited - Disabled)
    Guest (S-1-5-21-437364399-4149591236-704665920-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-437364399-4149591236-704665920-1003 - Limited - Enabled)
    Scott (S-1-5-21-437364399-4149591236-704665920-1001 - Administrator - Enabled) => C:\Users\Scott

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
    AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
    FW: Panda Firewall (Enabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    123D Design R1.8 (HKLM\...\123D Design) (Version: 1.8.34 - Autodesk, Inc.)
    7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
    Active Directory Authentication Library for SQL Server (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
    Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1100.286 - Microsoft Corporation) Hidden
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
    Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
    Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
    Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
    Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
    AirDroid 3.0.1 (HKLM-x32\...\AirDroid) (Version: 3.0.1 - Sand Studio)
    Akamai NetSession Interface (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
    Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.1245.53580 - Alcor Micro Corp.)
    Alcor Micro USB Card Reader (x32 Version: 20.2.1245.53580 - Alcor Micro Corp.) Hidden
    Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
    Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
    Apache CouchDB 1.6.1 (HKLM-x32\...\ApacheCouchDB_is1) (Version: - Apache Software Foundation)
    Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
    Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
    Arduino (HKLM-x32\...\Arduino) (Version: 1.0.6 - Arduino LLC)
    Atom (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\atom) (Version: 1.3.2 - GitHub Inc.)
    Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
    Aurora (HKLM-x32\...\{90893FB5-38AE-4164-B689-3214719D0D4A}_is1) (Version: 7.1.0 - Steve Walmsley)
    AutoHotkey 1.1.22.07 (HKLM\...\AutoHotkey) (Version: 1.1.22.07 - Lexikos)
    AVG (Version: 16.81.7640 - AVG Technologies) Hidden
    AVG 2016 (Version: 16.0.4604 - AVG Technologies) Hidden
    AVG Protection (HKLM\...\AVG) (Version: 2016.81.7640 - AVG Technologies)
    Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    Azure Resource Manager Tools (VS 2015) - v2.9 (x32 Version: 2.9.40317.6 - Microsoft Corporation) Hidden
    AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
    AzureTools.Notifications (x32 Version: 2.9.40518.2 - Microsoft Corporation) Hidden
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
    Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
    BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
    Bitvise SSH Server 6.31 (remove only) (HKLM-x32\...\Bitvise SSH Server) (Version: - )
    bl (x32 Version: 1.0.0 - Your Company Name) Hidden
    Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden
    Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation)
    Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Brackets (HKLM-x32\...\{B8D3F3D2-7482-4DE1-A4C9-7039F1966B83}) (Version: 1.3 - brackets.io)
    Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    calibre 64bit (HKLM\...\{2D534835-A873-4402-BEED-813FE50BF118}) (Version: 2.30.0 - Kovid Goyal)
    CintaNotes 2.8.5 (HKLM-x32\...\CintaNotes_is1) (Version: - Cinta Software)
    ClipboardFusion 3.2 (HKLM-x32\...\CE862FB9-804D-4D16-98F5-677FA31B647C_is1) (Version: 3.2.0.0 - Binary Fortress Software)
    Cloud Deployment Project for Microsoft Visual Studio 2015 - v2.9 (x32 Version: 2.9.40317.6 - Microsoft Corporation) Hidden
    Cloud Explorer - v1.0 (x32 Version: 2.9.40518.2 - Microsoft Corporation) Hidden
    CodeBlocks (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
    CodedUITest81 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)
    Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
    Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    cURL (HKLM\...\{660D6CF5-A9F8-473C-A102-34E7106E9B07}) (Version: 7.42.0 - Confused by Code)
    CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
    CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
    CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DARK SOULS III (HKLM\...\Steam App 374320) (Version: - FromSoftware, Inc.)
    DARK SOULS™ II: Scholar of the First Sin (HKLM\...\Steam App 335300) (Version: - FromSoftware, Inc)
    DC Universe Online Live (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\SOE-DC Universe Online Live) (Version: - Sony Online Entertainment)
    Democracy 3 (HKLM-x32\...\GOGPACKDEMOCRACY3_is1) (Version: 2.0.0.3 - GOG.com)
    Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.3 - Bloodshed Software)
    Discord (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Discord) (Version: 0.0.291 - Hammer & Chisel, Inc.)
    DisplayFusion 7.3.4 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.3.4.0 - Binary Fortress Software)
    Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
    Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
    Dotfuscator and Analytics Community Edition 5.19.1 (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
    Dropbox (HKLM-x32\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
    Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
    Dungeons and Dragons Online (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\DDO_midres_en) (Version: - )
    DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
    Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
    Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
    Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
    Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
    Europa Universalis IV (HKLM\...\Steam App 236850) (Version: - Paradox Development Studio)
    Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
    Factorio version 0.12.20 (HKLM\...\Factorio_is1) (Version: - )
    Factorio version 0.12.20 (HKLM-x32\...\Factorio_is1) (Version: - )
    Fallout (HKLM-x32\...\Steam App 38400) (Version: - Interplay Inc.)
    Fallout 2 (HKLM-x32\...\Steam App 38410) (Version: - Black Isle Studios)
    Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
    FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
    Floor Plan Maker 7.9 (HKLM-x32\...\Floor Plan Maker_is1) (Version: - EdrawSoft)
    FMW 1 (Version: 1.92.4 - AVG Technologies) Hidden
    Foldit (HKLM-x32\...\Foldit) (Version: - )
    FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
    Fran Bow (HKLM-x32\...\1438948561_is1) (Version: 2.2.0.3 - GOG.com)
    Free DVD Ripper Platinum 8.6.4 (HKLM-x32\...\Free DVD Ripper Platinum_is1) (Version: - FreeAudioVideoSoftTech, Inc.)
    Free Pascal 3.0.0 (HKLM-x32\...\FreePascal_is1) (Version: - Free Pascal Team)
    FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
    GDR 4213 for SQL Server 2014 (KB3070446) (64-bit) (HKLM\...\KB3070446) (Version: 12.1.4213.0 - Microsoft Corporation)
    GDR 6220 for SQL Server 2008 R2 (KB3045316) (64-bit) (HKLM\...\KB3045316) (Version: 10.53.6220.0 - Microsoft Corporation)
    GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
    Git version 2.8.1 (HKLM\...\Git_is1) (Version: 2.8.1 - The Git Development Community)
    GitHub (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.17.0 - GitHub, Inc.)
    GlassFish Server Open Source Edition 4.1 (HKLM\...\nbi-glassfish-mod-4.1.0.13.0) (Version: - )
    Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
    GnuCash 2.6.11 (HKLM-x32\...\GnuCash_is1) (Version: - GnuCash Development Team)
    GnuWin32: Make-3.81 (HKLM-x32\...\Make-3.81_is1) (Version: 3.81 - GnuWin32)
    GnuWin32: Make-3.81 (HKLM-x32\...\Make-src-3.81_is1) (Version: 3.81 - GnuWin32)
    GnuWin32: Wget-1.11.4-1 (HKLM-x32\...\Wget-1.11.4-1_is1) (Version: 1.11.4-1 - GnuWin32)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
    Google Cloud SDK (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Google Cloud SDK) (Version: - Google Inc.)
    Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
    GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
    Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
    Gtk# for .Net 2.12.25 (HKLM-x32\...\{889E7D77-2A98-4020-83B1-0296FA1BDE8A}) (Version: 2.12.25 - Xamarin, Inc.)
    Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
    Hammerwatch (HKLM-x32\...\Steam App 239070) (Version: - Crackshell)
    HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
    Happy Cloud Client (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.)
    Haskell Platform 2014.2.0.0 (HKLM\...\HaskellPlatform-2014.2.0.0) (Version: - Haskell.org)
    Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
    Hero Lab 7.6b (HKLM-x32\...\{760AA190-82DF-4A80-BE05-B9FEEC88946D}_is1) (Version: 7.6b - LWD Technology, Inc.)
    Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
    Host App Service (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Pokki) (Version: 0.269.7.611 - Pokki)
    Human Resource Machine (HKLM-x32\...\1444812654_is1) (Version: 2.0.0.1 - GOG.com)
    HuniePop (HKLM-x32\...\1443428641_is1) (Version: 2.0.0.1 - GOG.com)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6503.0 - IDT)
    IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
    InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
    Install Finalizer (x32 Version: 2.9.40518.2 - Microsoft Corporation) Hidden
    Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1013 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1337.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.5.1000 - Intel Corporation)
    Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{313c06de-4aa7-4a1f-930a-f10f80380426}) (Version: 17.14.0 - Intel Corporation)
    IntelliJ IDEA 15.0.3 (HKLM-x32\...\IntelliJ IDEA 15.0.3) (Version: 143.1821.5 - JetBrains s.r.o.)
    ISO Recorder (HKLM\...\{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}) (Version: 3.1.0 - Alex Feinman)
    Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
    Java SE Development Kit 7 Update 55 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
    Java SE Development Kit 7 Update 71 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
    Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
    Java SE Development Kit 8 Update 25 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
    Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
    JetBrains CLion 1.2.4 (HKLM-x32\...\CLion 1.2.4) (Version: 143.1186.2 - JetBrains s.r.o.)
    JetBrains DataGrip 1.0.1 (HKLM-x32\...\DataGrip 1.0.1) (Version: 143.1411.5 - JetBrains s.r.o.)
    JetBrains dotCover 10.0.2 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{d85de890-a4d5-5496-9d9a-5d4ab4ec417d}) (Version: 10.0.2 - JetBrains s.r.o.)
    JetBrains dotMemory 10.0.2 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{9b9e06eb-e7ea-5769-9f1e-debbc7edb320}) (Version: 10.0.2 - JetBrains s.r.o.)
    JetBrains dotPeek 10.0.2 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{a725fe38-0f31-5da7-a5ee-ac4904bbbc36}) (Version: 10.0.2 - JetBrains s.r.o.)
    JetBrains dotTrace 10.0.2 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{24b9d1a4-4025-5a9a-9d9a-3ea6fc4cda70}) (Version: 10.0.2 - JetBrains s.r.o.)
    JetBrains ETW Host Service (x32 Version: 104.0.4.0 - JetBrains s.r.o) Hidden
    JetBrains PhpStorm 10.0.3 (HKLM-x32\...\PhpStorm 10.0.3) (Version: 143.1770 - JetBrains s.r.o.)
    JetBrains PyCharm 5.0.4 (HKLM-x32\...\PyCharm 5.0.4) (Version: 143.1919.2 - JetBrains s.r.o.)
    JetBrains ReSharper 9 (x32 Version: 9.0.0.0 - JetBrains Inc) Hidden
    JetBrains ReSharper Ultimate in Visual Studio 2013 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{bf70078c-5e98-52f6-af00-eba9a1c75eec}) (Version: 10.0.2 - JetBrains s.r.o.)
    JetBrains ReSharper Ultimate in Visual Studio 2015 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{02ee0a0e-7567-5503-9c73-1d5e05353513}) (Version: 10.0.2 - JetBrains s.r.o.)
    JetBrains WebStorm 2016.1 (HKLM-x32\...\WebStorm 2016.1) (Version: 145.258.3 - JetBrains s.r.o.)
    KeepNote 0.7.8 (HKLM-x32\...\KeepNote_is1) (Version: - Matt Rasmussen)
    Kingdoms of Amalur: Reckoning™ (HKLM\...\Steam App 102500) (Version: - Big Huge Games)
    Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    Kodi (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Kodi) (Version: - XBMC-Foundation)
    LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
    Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
    Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
    Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
    Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
    Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
    Lenovo Reach (HKLM-x32\...\{3245D8C8-7FE0-4FD4-B04B-2720A333D592}) (Version: 1.1.3.5 - Stoneware, Inc.)
    Lenovo Service Bridge (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\cbe8636f7dd0cf1d) (Version: 1.5.1.0 - Lenovo)
    Lenovo Web Start (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
    LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.13.2.0 - LG Electronics)
    LibreOffice 4.3.5.2 (HKLM-x32\...\{1D4E90DA-C33C-40ED-BA00-75F6E6DF9CB0}) (Version: 4.3.5.2 - The Document Foundation)
    LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.6 - Thibaut Lauziere)
    LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
    LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
    LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden
    LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
    Logitech Gaming Software 8.75 (HKLM\...\Logitech Gaming Software) (Version: 8.75.30 - Logitech Inc.)
    Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)
    Magelo Sync (uninstall only) (HKLM\...\Magelo Sync) (Version: - )
    Magic DVD Ripper V9.0.0 (HKLM-x32\...\Magic DVD Ripper_is1) (Version: - Magic DVD Software, Inc.)
    MakeMKV v1.9.5 (HKLM-x32\...\MakeMKV) (Version: v1.9.5 - GuinpinSoft inc)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Massive Chalice (HKLM-x32\...\Massive Chalice_is1) (Version: - )
    Meld (HKLM-x32\...\{2C4CE0C7-E628-4349-9E5B-0B1AD3ACAA3B}) (Version: 3.12.3 - The Meld project)
    Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Metasploit (HKLM-x32\...\Metasploit 4.11.2) (Version: 4.11.2 - Rapid7)
    Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
    Microsoft .NET Core 1.0.0 RC2 - SDK Preview 1 (x64) (HKLM-x32\...\{2adee9e7-1f53-47dc-8e30-49ff0dec528e}) (Version: 1.0.0.2702 - Microsoft Corporation)
    Microsoft .NET Core 1.0.0 RC2 - VS 2015 Tooling Preview 1 (HKLM-x32\...\{22041006-8484-4b8d-a13c-40189695de2f}) (Version: 1.0.20513.14 - Microsoft Corporation)
    Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
    Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft ASP.Net Web Frameworks 5.1 Security Update (KB2994397) (HKLM-x32\...\{94F716A3-CBBA-4005-9516-1C4267DDB824}) (Version: 5.1.20821 - Microsoft Corporation)
    Microsoft ASP.NET Web Frameworks and Tools 2015 (HKLM-x32\...\{cdc58b12-e799-4bcb-a4f0-c4537fc10d00}) (Version: 3.2.40204.0 - Microsoft Corporation)
    Microsoft Azure App Service Tools v2.9.1 - Visual Studio 2015 (HKLM-x32\...\{cc50dd74-d143-4aba-bb65-caf2953d4302}) (Version: 14.0.20519.0 - Microsoft Corporation)
    Microsoft Azure Authoring Tools - v2.9.1 (HKLM\...\{A696D7AE-526D-49CE-85D4-6725BABCBD40}) (Version: 2.9.6499.4 - Microsoft Corporation)
    Microsoft Azure Compute Emulator - v2.9.1 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.1) (Version: 2.9.6499.4 - Microsoft Corporation)
    Microsoft Azure Data Lake Tools for Visual Studio 2015 (HKLM-x32\...\{CAF660D4-4F76-45BD-BCDE-B3E30245E83D}) (Version: 2.0.6000.0 - Microsoft Corporation)
    Microsoft Azure HDInsight Tools for Visual Studio 2015 (HKLM-x32\...\{AF08A038-7EFD-4852-B4C9-29D8DD708CDF}) (Version: 2.0.6000.0 - Microsoft Corporation)
    Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{83DBE1B7-4CA2-4F21-9FEE-3FF2C70942D4}) (Version: 2.9.0517.110 - Microsoft Corporation)
    Microsoft Azure Mobile App SDK V2.0 (HKLM-x32\...\{1784177A-10DD-4E9A-B58F-B6320D85CF06}) (Version: 2.0.40201.0 - Microsoft Corporation)
    Microsoft Azure PowerShell - May 2016 (HKLM-x32\...\{A0200E3F-B94B-4A58-928A-A5BB79866B3F}) (Version: 1.4.0 - Microsoft Corporation)
    Microsoft Azure Quickstarts (HKLM-x32\...\{A6ACA586-9C39-3F57-82B6-9345FF1672F9}) (Version: 1.6 - Microsoft Corporation)
    Microsoft Azure Storage Emulator - v4.4 (HKLM-x32\...\Microsoft Azure Storage Emulator - v4.4) (Version: 4.4.6891.0 - Microsoft Corporation)
    Microsoft Azure Storage Tools - v5.0.0 (HKLM-x32\...\{F34C2A31-A57C-43F9-BEA4-F3E4F59AF3F3}) (Version: 5.0.0.0 - Microsoft Corporation)
    Microsoft Azure Tools for Microsoft Visual Studio 2015 - v2.9 (HKLM-x32\...\{2f25fdd8-63d3-4ddb-99b6-9977192020ab}) (Version: 2.9.40518.2 - Microsoft Corporation)
    Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
    Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
    Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
    Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
    Microsoft Hive ODBC Driver (HKLM\...\{AC9970E8-7F55-4F50-A6D3-2BC041589904}) (Version: 1.0.5.5 - Microsoft Corporation)
    Microsoft Hive ODBC Driver (HKLM-x32\...\{7A580208-9E61-47FD-9AEB-DDDAA67CF0F6}) (Version: 1.0.5.5 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{18CBAFDF-A131-4BE8-8614-F7AF405A47EE}) (Version: 13.0.800.111 - Microsoft Corporation)
    Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
    Microsoft Office Developer Tools for Visual Studio 2015 (HKLM-x32\...\{0e53edcf-ba8e-4cff-804f-39f447ef5bf4}) (Version: 14.0.23928.0 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Project Professional 2013 (HKLM\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft Report Viewer for SQL Server 2016 CTP3.1 (HKLM-x32\...\{8E941158-0411-49C4-802A-B90276A05999}) (Version: 13.0.800.111 - Microsoft Corporation)
    Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2016 Policies CTP3.1 (HKLM-x32\...\{C7805221-3AED-435B-8146-D062D56E7477}) (Version: 13.0.800.111 - Microsoft Corporation)
    Microsoft SQL Server 2016 T-SQL Language Service CTP3.1 (HKLM\...\{58DEF719-6B58-453A-84E5-3F09F6C7278E}) (Version: 13.0.800.111 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Books Online (HKLM-x32\...\{74F7B314-0507-4F91-9A4E-B6C9B027E410}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{E534493E-80D2-4E37-8020-3ECAC55D9DB5}) (Version: 10.53.6000.34 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{2E06399C-2517-484D-B6C9-3B1113AFCD19}) (Version: 10.53.6220.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{E4A1FDA3-689D-44DA-9B39-86BD2270F522}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client (HKLM\...\{E2D10175-7411-4EA5-8E32-FA21262B435D}) (Version: 11.2.5592.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Setup (English) (HKLM\...\{977887EC-1C9B-47FA-8489-88E5E7F43D5E}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{E721A8AA-2632-4798-B439-6D4C8A689BB8}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{705AFC05-AD2F-473E-A2ED-BED746D473F2}) (Version: 12.1.4213.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Policies (HKLM-x32\...\{1C30FE7E-8A8C-4492-89D6-10CB20C3B0EB}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Setup (English) (HKLM\...\{2975950A-6723-4FD2-9719-78DD9C30A7F4}) (Version: 12.1.4213.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 Setup (English) (HKLM-x32\...\{C0955436-D3E5-4312-9F48-8018F6C03D7C}) (Version: 12.1.4213.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL Compiler Service (HKLM\...\{5BC5068F-1F64-4D2D-948F-E75F30B850CB}) (Version: 12.1.4213.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Microsoft SQL Server 2014 T-SQL Language Service (HKLM\...\{7FE9A69F-6D91-4E2E-86B5-E2EB27AE6041}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2016 CTP3.1 (64-bit) (HKLM\...\Microsoft SQL Server SQL16CTP3.1) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2016 CTP3.1 (HKLM-x32\...\Microsoft SQL Server SQL16CTP3.1) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2016 LocalDB RC0 (HKLM\...\{9CED5D08-5664-4668-A927-CD6C60C4175D}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Microsoft SQL Server 2016 Management Objects RC0 (HKLM-x32\...\{948B5F49-A57E-46B4-9F1E-145D7A9E66D7}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Microsoft SQL Server 2016 Management Objects RC0 (x64) (HKLM\...\{F6F8053F-D328-4ACA-93A1-A49E495899F2}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Microsoft SQL Server 2016 T-SQL Language Service RC0 (HKLM-x32\...\{1852BD30-570B-4E47-8752-461448E8E250}) (Version: 13.0.12000.52 - Microsoft Corporation)
    Microsoft SQL Server 2016 T-SQL ScriptDom RC0 (HKLM\...\{D9F55D00-A8AB-4518-A56E-D9D5E615542A}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (14.0.60311.1) (HKLM-x32\...\{28292CA9-8D65-4E37-95A3-753EEB38F122}) (Version: 14.0.60311.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools 2015 (HKLM-x32\...\{2956ec52-98f0-4007-9462-ae613be5df16}) (Version: 14.0.50730.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
    Microsoft SQL Server Data-Tier Application Framework (x86) (HKLM-x32\...\{2B56F3F1-CFDB-444C-97A1-4DEB476225D8}) (Version: 13.0.3135.1 - Microsoft Corporation)
    Microsoft SQL Server Management Studio - November 2015 (HKLM-x32\...\{35963214-b644-4bbf-83a4-ac8653b15e20}) (Version: 13.0.800.111 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.53.6000.34 - Microsoft Corporation)
    Microsoft Sync Framework Runtime v1.0 (x64) (HKLM\...\{53D7A054-4598-4947-A159-E8FCC77720AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
    Microsoft Sync Services for ADO.NET v2.0 (x64) (HKLM\...\{817BCC2B-76A8-4C8B-8B55-FD916C6969CC}) (Version: 2.0.1215.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{DEB263CA-0386-4648-8382-FB78DBFA2C5F}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{E3F613C1-105F-4717-BFE7-007729A95D67}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM\...\{495CC0B4-D4C3-4D87-8317-F66BA48C5552}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM-x32\...\{3A87F9F2-D65D-4BA9-8459-E5BBE31EA64D}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Visual C# 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C# 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
    Microsoft Visual Studio 2008 Shell (integrated mode) - ENU (HKLM-x32\...\{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio 2013 Tools for Unity (HKLM-x32\...\{91F5EADD-EA29-4F18-AC55-D5C55BEA6C7A}) (Version: 2.0.0.0 - Microsoft Corporation)
    Microsoft Visual Studio 2015 Installer Projects Extension (HKLM-x32\...\{b6373d26-565f-4644-857c-f830ea7a0c56}) (Version: 14.0.23205 - Microsoft Corporation)
    Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{D68E6605-F852-4936-AB64-04B80E0C85AD}) (Version: 2.2.0.0 - Microsoft Corporation)
    Microsoft Visual Studio Enterprise 2015 (HKLM-x32\...\{aaff6d8c-30d0-4446-82ae-1f1650eab4b9}) (Version: 14.0.23107.178 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
    Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{84e72603-1a6a-4c51-81b3-de36aabcc4f8}) (Version: 12.0.30501 - Microsoft Corporation)
    Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
    Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    MKVToolNix 8.2.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 8.2.0 - Moritz Bunkus)
    Module Microsoft Report Viewer pour Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Morrowind (HKLM-x32\...\{C325F588-D6B1-4A7F-B6A2-914C75DDA348}) (Version: - )
    Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
    MRO for Windows 3.2.3 (HKLM\...\MRO for Windows 3.2.3_is1) (Version: 3.2.3 - Microsoft)
    MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
    Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    Mumble 1.2.10 (HKLM-x32\...\{63243F5C-E941-4461-A4B0-2689A9A3BF13}) (Version: 1.2.10 - Thorvald Natvig)
    Music Manager (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\MusicManager) (Version: - Google, Inc.)
    MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall)
    My.com Game Center (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\MyComGames) (Version: 3.140 - My.com B.V.)
    MySQL Workbench 6.3 CE (HKLM\...\{2F531783-BBF7-40CF-ACF5-2EB4CD83CAF6}) (Version: 6.3.3 - Oracle Corporation)
    NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
    Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.23 - Black Tree Gaming)
    Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
    Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
    Nitro Pro 9 (HKLM\...\{70B831B7-A8EE-4C5F-8F34-F383D24B3A04}) (Version: 9.0.5.9 - Nitro)
    Node.js (HKLM\...\{40435563-20B0-4DA3-8E52-E5BF28ABE5C3}) (Version: 0.12.2 - Joyent, Inc. and other Node contributors)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
    NVIDIA 3D Vision Driver 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 365.10 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
    NVIDIA Graphics Driver 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.10 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
    Oblivion: Game of the Year Deluxe Edition (HKLM-x32\...\{ED75073E-C7B4-4EBE-8AEC-9C4CA41E5F2F}}_is1) (Version: - Bethesda Softworks)
    OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.13.4 - OBS Project)
    Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
    Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
    OpenAL (HKLM-x32\...\OpenAL) (Version: - )
    Oracle VM VirtualBox 5.0.20 (HKLM\...\{8209969B-9A31-4021-B0D8-E6F719F7F995}) (Version: 5.0.20 - Oracle Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Overlook Fing (HKLM-x32\...\Overlook Fing 2.2) (Version: 2.2 - Overlook)
    Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
    Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
    PCGen60600 (HKLM-x32\...\PCGen60600) (Version: - )
    PDF Plug-In 1.6 (HKLM-x32\...\{75569847-6E3F-4D03-A4E8-8EC528E155A9}_is1) (Version: 1.6 - Lone Wolf Development, Inc.)
     
  4. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    ph (x32 Version: 1.0.0 - Your Company Name) Hidden
    PHP Tools for Visual Studio (HKLM-x32\...\{D2988F46-CA0E-4E64-9991-1699074C36AC}) (Version: 1.19.8776 - DEVSENSE)
    Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.1 - Nikon)
    Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com)
    Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
    Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
    PowerISO (HKLM-x32\...\PowerISO) (Version: 6.2 - Power Software Ltd)
    PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Prerequisites for SSDT RC0 (HKLM-x32\...\{AB72EB1C-9CF4-4274-984D-5EDA8BF37A08}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Project and Item Templates for Visual Studio Community 2015 - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
    PureVPN (HKLM-x32\...\PureVPN_is1) (Version: 4.0.0.0 - PureVPN)
    Pushbullet version 312 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 312 - Pushbullet Inc)
    Python 2.7.11 (HKLM-x32\...\{16E52445-1392-469F-9ADB-FC03AF00CD61}) (Version: 2.7.11150 - Python Software Foundation)
    Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
    Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
    Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
    R for Windows 3.2.0 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\R for Windows 3.2.0_is1) (Version: 3.2.0 - R Core Team)
    R Tools 0.2 for Visual Studio 2015 (HKLM-x32\...\{6c4e6209-c811-4d62-93bf-cedea639cb28}) (Version: 0.2.20304.1341 - Microsoft Corporation)
    R Tools 0.2 for Visual Studio 2015 (x32 Version: 0.2.20304.1341 - Microsoft Corporation) Hidden
    Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.3 beta r2468 - )
    Reassembly (HKLM-x32\...\Steam App 329130) (Version: - Anisoptera Games)
    Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
    Release Management for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    RIFT (HKLM-x32\...\Glyph RIFT) (Version: - Trion Worlds, Inc.)
    Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
    Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    Roslyn Language Services - x86 (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
    RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1103 - RStudio)
    SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
    SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
    Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
    Service Pack 1 for SQL Server 2014 (KB3058865) (HKLM-x32\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
    Service Pack 2 for SQL Server 2012 (KB2958429) (64-bit) (HKLM\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
    Service Pack 3 for SQL Server 2008 R2 (KB2979597) (64-bit) (HKLM\...\KB2979597) (Version: 10.53.6000.34 - Microsoft Corporation)
    SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.11.0 - Lenovo Group Limited)
    SharePoint Client Components (HKLM\...\{95150004-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4711.1001 - Microsoft Corporation)
    SharePoint Client Components (HKLM\...\{95160003-1163-0409-1000-0000000FF1CE}) (Version: 16.0.4002.1211 - Microsoft Corporation)
    SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
    Sid Meier's Civilization IV - Beyond the Sword (HKLM-x32\...\Sid Meier's Civilization IV - Beyond the Sword) (Version: - GameStop)
    Sid Meier's Civilization IV - Warlords (HKLM-x32\...\Sid Meier's Civilization IV - Warlords) (Version: - GameStop)
    Sid Meier's Civilization IV (HKLM-x32\...\Sid Meier's Civilization IV) (Version: - GameStop)
    Sid Meier's Civilization IV Colonization (HKLM-x32\...\Sid Meier's Civilization IV Colonization) (Version: - GameStop)
    SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
    skyforge_mycom (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\skyforge_mycom) (Version: 1.29 - My.com B.V.)
    Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
    Skyrim Script Extender (SKSE) (HKLM\...\Steam App 365720) (Version: - The SKSE Team)
    Smilebox (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Smilebox) (Version: 1.0.0.29487 - Smilebox, Inc.)
    Snowflake Suite (HKLM-x32\...\{392317D4-B4DF-42D6-908C-BAEFACEC9024}) (Version: 4.0.0 - Natural User Interface Technologies AB)
    Space Engineers (HKLM\...\Steam App 244850) (Version: - Keen Software House)
    SQL Server 2008 R2 Reporting Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Analysis Services (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 BI Development Studio (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Client Tools (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Common Files (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Full text search (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Integration Services (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Management Studio (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Reporting Services (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2014 Analysis Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Client Tools (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Common Files (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Data quality service (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
    SQL Server 2014 Data quality service (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Database Engine Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Database Engine Shared (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Full text search (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
    SQL Server 2014 Management Studio (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Master Data Services (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
    SQL Server 2014 Master Data Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Reporting Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 SQL Data Quality Common (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2016 CTP3.1 Batch Parser (HKLM\...\{FE3880B8-7C5D-45BE-AAC0-9A831480A0A7}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 Client Tools (x32 Version: 13.0.800.111 - Microsoft Corporation) Hidden
    SQL Server 2016 CTP3.1 Client Tools Extensions (x32 Version: 13.0.800.111 - Microsoft Corporation) Hidden
    SQL Server 2016 CTP3.1 Common Files (x32 Version: 13.0.800.111 - Microsoft Corporation) Hidden
    SQL Server 2016 CTP3.1 Connection Info (HKLM\...\{13E6D0B2-2C84-4407-BB93-F40F84C1E6D1}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 Connection Info (HKLM\...\{A832D8C5-5458-4657-A7A5-245D0EE1B3B6}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 DMF (HKLM\...\{4472920F-C127-4D94-8F6A-0CF97CEBFB14}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 DMF (HKLM\...\{97FAAA31-FB0C-4AA3-9251-1291FD101219}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 Management Studio (x32 Version: 13.0.800.111 - Microsoft Corporation) Hidden
    SQL Server 2016 CTP3.1 Management Studio Extensions (x32 Version: 13.0.800.111 - Microsoft Corporation) Hidden
    SQL Server 2016 CTP3.1 Shared Management Objects (HKLM\...\{588E3E59-2876-41BD-BE02-5EF73D6F4155}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 Shared Management Objects (HKLM\...\{9B432C25-32AA-4D4D-9350-553416D8372C}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 Shared Management Objects Extensions (HKLM\...\{6D0F42A2-2F96-4DB9-812E-C246840A189F}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 Shared Management Objects Extensions (HKLM\...\{8AAF9358-E79B-4921-B455-1C2CC4B45B4B}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 SQL Diagnostics (HKLM\...\{50945A99-FE83-4817-B9CB-06A8B0E0EB3C}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 XEvent (HKLM\...\{92AA5F84-7A25-4A1F-937D-ABCFB04B80F9}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 XEvent (HKLM\...\{C3EA6B70-B3DF-4771-8EF7-6AA61CBB6968}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Sql Server Customer Experience Improvement Program (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    Sql Server Customer Experience Improvement Program (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    Stagelight (HKLM\...\StageLight) (Version: 2.0.0.5045 - Open Labs, LLC.)
    Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: - Bioware/EA)
    Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
    Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
    Start Menu (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Pokki_Start_Menu) (Version: 0.269.7.611 - Pokki)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Sublime Text Build 3065 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
    SUPERHOT (HKLM-x32\...\1456141688_is1) (Version: 2.0.0.4 - GOG.com)
    Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
    System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
    System Requirements Lab Detection (HKLM-x32\...\{2D05AE75-86EC-4BC8-B289-7C91E00E7C08}) (Version: 2.2.4.0 - Husdawg, LLC)
    Tales of Maj'Eyal (HKLM\...\Steam App 259680) (Version: - DarkGod)
    Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Team Explorer for Microsoft Visual Studio 2015 Update 2 (x32 Version: 14.95.25118 - Microsoft) Hidden
    TeamSpeak 3 Client (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
    TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
    Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
    The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
    The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
    TIS-100 (HKLM-x32\...\1436869408_is1) (Version: 2.0.0.2 - GOG.com)
    Tom Clancy's Splinter Cell (HKLM-x32\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - )
    TreeSize Free V3.3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3.2 - JAM Software)
    Trove (HKLM-x32\...\Glyph Trove) (Version: - Trion Worlds, Inc.)
    TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
    TypeScript Power Tool (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden
    TypeScript Power Tool (x32 Version: 1.7.4.0 - Microsoft Corporation) Hidden
    TypeScript Power Tool (x32 Version: 1.8.9.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.31.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 (HKLM-x32\...\{4cde0c8c-47b3-448f-babf-fe5d392432a6}) (Version: 1.5.23128.0 - Microsoft Corporation)
    TypeScript Tools for Microsoft Visual Studio 2015 1.7.4.0 (HKLM-x32\...\{33e2204a-4ec6-4458-895a-47e2a404d990}) (Version: 1.7.24720.0 - Microsoft Corporation)
    Uninstall Finalizer (x32 Version: 2.9.40518.2 - Microsoft Corporation) Hidden
    Unity (HKLM-x32\...\Unity) (Version: 5.3.5f1 - Unity Technologies ApS)
    Unity Web Player (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
    Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
    Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
    Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
    Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
    Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
    Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
    Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
    Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
    Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
    Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
    User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
    User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
    ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.2 - Nikon)
    Vim 7.4 (self-installing) (HKLM\...\Vim 7.4) (Version: - )
    Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation)
    Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
    Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    VS Update core components (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
    vs_update2notification (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
    Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
    WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version: - Hervé Leclerc (HeL))
    WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
    WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
    Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
    Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{940596e5-652a-4970-8a5a-492e73ed0fbb}) (Version: 12.0.30501.0 - Microsoft Corporation)
    WinMerge 2011 (HKLM\...\WinMerge 2011) (Version: 2011.004.525 - Jochen Neubeck)
    WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
    WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
    WinSCP 5.7.3 (HKLM-x32\...\winscp3_is1) (Version: 5.7.3 - Martin Prikryl)
    WinX DVD Ripper 5.6.2 (HKLM-x32\...\WinX DVD Ripper_is1) (Version: - Digiarty Software, Inc.)
    WinX Free MP4 to AVI Converter 5.0.9 (HKLM-x32\...\WinX Free MP4 to AVI Converter_is1) (Version: - Digiarty Software, Inc.)
    Wireshark 1.12.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.3 - The Wireshark developer community, hxxp://www.wireshark.org)
    Workflow Manager Client 1.0 (Version: 2.0.50408.1 - Microsoft Corporation) Hidden
    Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.50408.2 - Microsoft Corporation) Hidden
    World of Tanks (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version: - Wargaming.net)
    Xamarin (HKLM-x32\...\{65CD25FC-75EA-42F9-BCC4-394C57923E32}) (Version: 4.0.4.4 - Xamarin)
    Xamarin Studio 5.7.1 (HKLM-x32\...\{C0015978-FD2F-4EBB-984B-2D7B5416F426}) (Version: 5.7.1.17 - Xamarin)
    XBMC (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\XBMC) (Version: - Team XBMC)
    Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Scott\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {00F6317D-8112-48DB-9187-56ADC74931EF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {0267377E-D39C-4DFC-9D59-6FB15ECDD7A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
    Task: {066A0FCD-51DE-4EF7-B910-BBF851B588CD} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03] (Synaptics Incorporated)
    Task: {0C652705-11B2-4265-800F-B51F4B89A170} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {111CC5E9-C75B-481E-AE78-DCB960F089CF} - \Optimize Start Menu Cache Files-S-1-5-21-437364399-4149591236-704665920-1001 -> No File <==== ATTENTION
    Task: {18949893-0227-4A35-A6FE-C0DC8A9B09D9} - System32\Tasks\User Made\Set background => C:\Users\Scott\Desktop\wall.bat
    Task: {2130844E-9BEB-4C05-B211-FA24F2A64AB4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {26AC1195-4E02-48A2-A112-4CF6030143AF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-437364399-4149591236-704665920-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
    Task: {2724C7D1-B95E-449D-B1A8-CC7A4FA32703} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-437364399-4149591236-704665920-1001Core => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {2C63CE28-50AC-47A8-9625-990A2AE1624C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-01] (Dropbox, Inc.)
    Task: {2EFCF522-89D4-42E1-B781-B7BC6C9F1D0C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {3119D5E4-9527-4990-BA6B-242D394CE832} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {40A8C19F-A518-45CF-9526-2A6CDB59EFCA} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-05-15] (Microsoft Corporation)
    Task: {426D3123-CA77-40DD-9E63-9AAAE26801D4} - \Optimize Start Menu Cache Files-S-1-5-21-437364399-4149591236-704665920-1004 -> No File <==== ATTENTION
    Task: {46672404-4F52-4E13-865B-19DD395C9547} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs
    Task: {488E0D3C-C39E-4AEC-9DB0-40C402417E00} - System32\Tasks\AVG-SSU_0516pi => C:\ProgramData\Avg_Update_0516pi\AVG-Secure-Search-Update_0516pi.exe [2016-05-03] ()
    Task: {57FC6D4D-1C2B-48EC-A2AD-2268124AD2F4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {583CAEE5-9075-4434-BB6E-AD83DC43245D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {61CE9152-A06D-4756-9402-AEA0B6DD4961} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {69B4E95F-376F-4288-ABEB-79E44ACDB742} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {72A8A0A4-59E8-40E5-9874-B49FC841A5B0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
    Task: {77E4EB7C-02C7-4C59-ADB8-5E2347247388} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
    Task: {7D51A567-9F80-455C-831F-D52217BB9E0F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {880DA157-7419-4527-87B2-7C9BF9638872} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
    Task: {99686F05-C550-408B-969C-5764C1CA8318} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-01] (Dropbox, Inc.)
    Task: {99852D94-2D58-4AF1-9E7B-CFC1E8BEA185} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {9E9B835B-5012-414D-9D3B-3DBAC6ECF100} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {B0EBC0E1-0E40-4DB2-A5BF-A864AB2D9A20} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {B78FE0DD-C51F-4969-9E16-F638E9839D11} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {BACCF506-AD77-4AC2-8D21-F2610AC93EC5} - System32\Tasks\AVG-SSU_0516pi_DELETE => C:\ProgramData\Avg_Update_0516pi\AVG-Secure-Search-Update_0516pi.exe [2016-05-03] ()
    Task: {BC69C425-FA8C-40E5-A51B-F103E194A1D6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {C8245AEE-2726-4B8F-B3CA-6524D0E9B077} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22] (Google Inc.)
    Task: {CA245D25-43C6-49C5-A3A4-CB73F991D99D} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
    Task: {CBB12C6E-AFFF-4B81-B43B-D64AAE209E3C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {D7322BEC-FE11-4EDE-862A-48D24C99AA02} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-437364399-4149591236-704665920-1001UA => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {D7707A22-4B6D-4179-9C6F-E239366FF1C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {D9376591-545B-4527-8171-4207FE34C896} - \User_Feed_Synchronization-{69D52457-0F04-43FE-ACE2-EC66C4E89135} -> No File <==== ATTENTION
    Task: {FC36E975-DA36-49EA-AC08-38E32932B3A3} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-17] (Adobe Systems Incorporated)
    Task: {FC3C97C3-D920-4354-94A1-1822D5C8A381} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {FE3ACB26-5187-4F86-A7D0-E1F8A205786C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-437364399-4149591236-704665920-1001Core.job => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-437364399-4149591236-704665920-1001UA.job => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    Shortcut: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Netwide Assembler 2.11.08\nasm-shell.lnk -> C:\Users\Scott\AppData\Local\nasm\nasmpath.bat ()

    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files\nodejs\nodevars.bat"
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Cloud SDK\Google Cloud SDK Shell.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\Scott\AppData\Local\Google\Cloud SDK\cloud_env.bat""
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Any.do.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=ocgddccilgpeepgglnlpchkpgamkgmld
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Caret.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=fljalecfjciodhpcledpamjachpmelml
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Codebox For Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=olgdakcibohojhibghcbaipbjnamobhl
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Keypress Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=ghfooiajeobmcfhmajcblmompfdehnli
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Nitrous Lite.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=efdcneeepllhjlbejkfnaolelbpdacai
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Python.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=nodpmmidbgeganfponihbgmfcoiibffi
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Ra.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=egipeapdjjhflkafmacobnmdbdkanoag
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Smartsheet Chrome App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=alehdleagcgnimdipdmllebddejplpbi
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zed Code Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=pfmjnmeipppmcebplngmhfkleiinphhp

    ==================== Loaded Modules (Whitelisted) ==============

    2015-10-30 03:17 - 2015-10-30 03:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
    2016-06-04 11:23 - 2016-05-23 15:07 - 00006656 _____ () C:\WINDOWS\BinEssentials\BinEssentials1110\BinEssentials.exe
    2015-08-05 23:22 - 2015-08-05 23:22 - 00710000 _____ () C:\Program Files\Bitvise SSH Server\CiProv64.dll
    2014-12-04 21:33 - 2015-09-15 20:23 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
    2016-02-22 18:36 - 2016-05-02 01:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
    2015-12-28 09:45 - 2016-05-02 01:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
    2016-04-13 10:02 - 2016-05-02 01:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
    2016-02-22 18:36 - 2016-05-02 01:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
    2014-10-29 04:38 - 2012-04-24 22:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    2016-04-13 10:02 - 2016-05-02 01:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
    2016-04-13 10:02 - 2016-05-02 01:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
    2016-04-13 10:02 - 2016-05-02 01:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
    2016-02-08 01:17 - 2016-05-02 01:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
    2015-06-14 18:25 - 2015-05-29 14:48 - 02524160 _____ () C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe
    2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2015-12-20 10:09 - 2016-04-27 08:18 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2016-04-12 22:35 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2016-04-12 22:35 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2014-05-12 05:49 - 2014-05-12 05:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
    2016-04-25 17:35 - 2016-04-25 17:35 - 00959176 _____ () C:\Users\Scott\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
    2015-07-18 00:35 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
    2015-12-20 21:44 - 2015-12-07 00:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
    2016-05-11 08:03 - 2016-04-23 00:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2014-10-31 15:17 - 2014-10-31 15:17 - 01397208 _____ () C:\Program Files\StageLight\StagelightUpdate.exe
    2015-03-06 20:07 - 2015-03-06 20:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
    2015-10-14 12:35 - 2015-10-14 12:35 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
    2015-03-06 20:07 - 2015-03-06 20:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
    2015-10-14 12:35 - 2015-10-14 12:35 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
    2016-04-13 10:02 - 2016-05-02 01:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
    2016-04-13 10:02 - 2016-05-02 01:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
    2016-04-18 20:11 - 2016-04-18 20:11 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    2016-06-14 22:54 - 2016-05-27 23:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2016-06-14 22:54 - 2016-05-27 23:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2016-06-14 22:54 - 2016-05-27 23:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2016-06-14 22:54 - 2016-05-27 23:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2016-06-17 09:57 - 2016-05-03 03:53 - 01986632 _____ () C:\ProgramData\Avg_Update_0516pi\AVG-Secure-Search-Update_0516pi.exe
    2015-06-14 18:25 - 2015-05-29 14:54 - 00137728 _____ () C:\metasploit\postgresql\bin\LIBPQ.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 00092094 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\encdb.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00091281 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\iso_8859_1.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00094060 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\trans\transdb.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00100075 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\thread.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00303269 _____ () C:\metasploit\ruby\lib\ruby\gems\2.1.0\extensions\x86-mingw32\2.1.0\ffi-1.9.6\ffi_c.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00105661 _____ () C:\metasploit\ruby\bin\libffi-6.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 00125273 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\pathname.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00101750 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\io\console.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00091445 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\etc.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00088515 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\digest\sha1.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00104704 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\digest.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00241186 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\socket.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00161614 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\zlib.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00091648 _____ () C:\metasploit\ruby\bin\zlib1.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 00124142 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\stringio.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00332163 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\date_core.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00086552 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\fcntl.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00600425 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\openssl.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00134832 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\fiddle.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00089696 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\utf_16le.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00094098 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\trans\utf_16_32.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00112595 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\strscan.so
    2015-06-14 18:28 - 2015-05-29 14:36 - 01822709 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\eventmachine-1.0.3\lib\rubyeventmachine.so
    2015-06-14 18:28 - 2015-05-29 14:40 - 00113800 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\thin-1.5.1\lib\thin_parser.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00122431 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\psych.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00442898 _____ () C:\metasploit\ruby\bin\libyaml-0-2.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 00272054 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\bigdecimal.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00088507 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\digest\md5.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00090653 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\digest\sha2.so
    2015-06-14 18:28 - 2015-05-29 14:36 - 00111432 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\bcrypt-3.1.10\lib\bcrypt_ext.so
    2015-06-14 18:28 - 2015-05-29 14:35 - 00114272 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\json-1.8.2\lib\json\ext\parser.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00089696 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\utf_16be.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00089184 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\utf_32be.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00089184 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\utf_32le.so
    2015-06-14 18:28 - 2015-05-29 14:35 - 00133854 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\json-1.8.2\lib\json\ext\generator.so
    2015-06-14 18:28 - 2015-05-29 14:39 - 00097691 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\network_interface-0.0.1\lib\network_interface_ext.so
    2015-06-14 18:27 - 2015-05-29 14:39 - 00124436 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\bundler\gems\pcaprub-c18d552b3095\lib\pcaprub.so
    2015-06-14 18:28 - 2015-05-29 14:38 - 00384856 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\pg-0.18.1\lib\pg_ext.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00281504 _____ () C:\metasploit\ruby\bin\libpq.dll
    2015-06-14 18:28 - 2015-05-29 14:39 - 00190878 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\msgpack-0.4.7\lib\msgpack.so
    2015-06-14 18:28 - 2015-05-29 14:39 - 00242650 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\nokogiri-1.6.6.2\lib\nokogiri\nokogiri.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00492977 _____ () C:\metasploit\ruby\bin\libexslt-0.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 04783408 _____ () C:\metasploit\ruby\bin\libxml2-2.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 01074547 _____ () C:\metasploit\ruby\bin\libxslt-1.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 00103828 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\racc\cparse.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00159140 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\dl.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00095383 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\windows_31j.so
    2015-06-14 18:28 - 2015-05-29 14:39 - 00137145 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\sqlite3-1.3.10\lib\sqlite3\sqlite3_native.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 02436518 _____ () C:\metasploit\ruby\bin\libsqlite3-0.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 00316819 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\win32ole.so
    2015-06-14 18:25 - 2015-05-29 14:54 - 01080832 _____ () C:\metasploit\postgresql\bin\libxml2.dll
    2014-10-29 04:00 - 2013-09-04 11:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2015-06-11 06:55 - 2016-05-02 02:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
    2016-04-25 17:35 - 2016-04-25 17:35 - 00679624 _____ () C:\Users\Scott\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
    2015-09-15 14:58 - 2015-09-15 14:58 - 08901184 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2016-06-17 09:49 - 2016-06-17 09:48 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
    2016-04-18 20:11 - 2016-04-18 20:11 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
    2016-04-18 20:11 - 2016-04-18 20:11 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Windows:nlsPreferences [386]
    AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
    AlternateDataStreams: C:\Users\Scott\AppData\Local\8RlDHsncAd:nh2MKWzheso6tNcS3rekZ7VRrZX [2080]
    AlternateDataStreams: C:\Users\Scott\AppData\Local\xYINKQSDMpodVRj:IrjEqlMskg9Ib4gNnZMNGgAs5xH [2010]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\clonewarsadventures.com -> clonewarsadventures.com
    IE trusted site: HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\freerealms.com -> freerealms.com
    IE trusted site: HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\localhost -> hxxps://localhost
    IE trusted site: HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\soe.com -> soe.com
    IE trusted site: HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\sony.com -> sony.com

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 09:25 - 2015-04-30 14:28 - 00001720 ____A C:\WINDOWS\system32\Drivers\etc\hosts

    127.0.0.1 activate.adobe.com
    127.0.0.1 practivate.adobe.com
    127.0.0.1 ereg.adobe.com
    127.0.0.1 activate.wip3.adobe.com
    127.0.0.1 wip3.adobe.com
    127.0.0.1 3dns-3.adobe.com
    127.0.0.1 3dns-2.adobe.com
    127.0.0.1 adobe-dns.adobe.com
    127.0.0.1 adobe-dns-2.adobe.com
    127.0.0.1 adobe-dns-3.adobe.com
    127.0.0.1 ereg.wip3.adobe.com
    127.0.0.1 activate-sea.adobe.com
    127.0.0.1 wwis-dubc1-vip60.adobe.com
    127.0.0.1 activate-sjc0.adobe.com
    127.0.0.1 adobe.activate.com
    127.0.0.1 hl2rcv.adobe.com
    127.0.0.1 209.34.83.73:443
    127.0.0.1 209.34.83.73:43
    127.0.0.1 209.34.83.73
    127.0.0.1 209.34.83.67:443
    127.0.0.1 209.34.83.67:43
    127.0.0.1 209.34.83.67
    127.0.0.1 ood.opsource.net
    127.0.0.1 CRL.VERISIGN.NET
    127.0.0.1 199.7.52.190:80
    127.0.0.1 199.7.52.190
    127.0.0.1 adobeereg.com
    127.0.0.1 OCSP.SPO1.VERISIGN.COM
    127.0.0.1 199.7.54.72:80
    127.0.0.1 199.7.54.72
     
  5. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-437364399-4149591236-704665920-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Scott\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
    DNS Servers: 8.8.8.8 - 208.104.2.36
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is disabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\Run: => "Energy Manager"
    HKLM\...\StartupApproved\Run: => "tvncontrol"
    HKLM\...\StartupApproved\Run32: => "APSDaemon"
    HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
    HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
    HKLM\...\StartupApproved\Run32: => "QuickTime Task"
    HKLM\...\StartupApproved\Run32: => "Dropbox"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "Pokki"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "Steam"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "AirDroid 3"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "f.lux"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "CS Dispatch"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "MyComGames"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "Ditto"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "GoogleDriveSync"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{DEE3F93A-871B-44FA-BF95-9E777077433A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reassembly\win32\ReassemblyRelease.exe
    FirewallRules: [{9A6A0480-D6D1-4717-B067-EF79CE5DF34D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reassembly\win32\ReassemblyRelease.exe
    FirewallRules: [{28E592C2-4517-4E67-BD64-E089CBA3F52E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{F35E421B-0E68-4794-8808-79688D16A4F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{50BF6968-39AB-4BB3-9B26-27724F3A4BD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 2\Fallout2Launcher.exe
    FirewallRules: [{1F9A3181-33AF-4F6E-8FF8-52C28DAEE406}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 2\Fallout2Launcher.exe
    FirewallRules: [{D7B2104E-F65A-4D47-9520-E91D97203954}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout\FalloutLauncher.exe
    FirewallRules: [{C6B2476F-CC2A-45D8-BD8A-34355ABA1C2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout\FalloutLauncher.exe
    FirewallRules: [{EED93C68-CED8-49E8-826E-C4CB7B761D1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
    FirewallRules: [{DC5F92D4-7C2C-4070-B098-C41A8DFAED72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
    FirewallRules: [UDP Query User{0294EFBE-E473-4870-ADD7-E4FA866BE8C1}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [TCP Query User{B8737ECD-BC1A-4707-90FF-C072AD9E8F12}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [UDP Query User{B5A669CB-EBFA-4EF7-95D1-93039204D7EF}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [TCP Query User{7DF627A6-D79C-4425-96A3-D8CA931FE044}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [{D18DCC2D-3538-42F2-8077-F3B566AAD483}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
    FirewallRules: [{578C7BE5-20F1-42D8-833C-8D5BD25D8ABE}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
    FirewallRules: [{226AF666-BC59-41CD-B2E7-8D29BA6A30F4}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
    FirewallRules: [{57402AC3-0988-476E-8FFA-C9070394258C}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
    FirewallRules: [UDP Query User{9641851F-4856-4705-9A1F-2DEC65A364B0}D:\steamlibrary\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) D:\steamlibrary\steamapps\common\tribes\binaries\win32\tribesascend.exe
    FirewallRules: [TCP Query User{BEA86F9F-8AB4-4DFE-9B2B-789D888CBFD5}D:\steamlibrary\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) D:\steamlibrary\steamapps\common\tribes\binaries\win32\tribesascend.exe
    FirewallRules: [{4FF68757-DBB9-4653-AE75-F583F1990BD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\Hammerwatch.exe
    FirewallRules: [{E5BB3CD0-37A5-474C-B3A9-B2C7D899126A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\Hammerwatch.exe
    FirewallRules: [{EB445E73-3D4A-45BB-92EA-270C614713BA}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
    FirewallRules: [{F798ABD7-6835-43BF-9B2D-707B29E346C2}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
    FirewallRules: [UDP Query User{8BB9D834-6EF3-4A14-B33D-959565C8FF28}C:\program files (x86)\hammerwatch\hammerwatch.exe] => (Allow) C:\program files (x86)\hammerwatch\hammerwatch.exe
    FirewallRules: [TCP Query User{3AD8C6E9-91CC-4557-AE23-481A287C801B}C:\program files (x86)\hammerwatch\hammerwatch.exe] => (Allow) C:\program files (x86)\hammerwatch\hammerwatch.exe
    FirewallRules: [{0E3C9814-9B68-419F-9C83-4CA6DECEFCA2}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe
    FirewallRules: [{F49D74CB-FA21-4BCA-BA71-7BF26DDC7CA4}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe
    FirewallRules: [{BC15351B-B77E-4550-8245-ED7B97A49E57}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
    FirewallRules: [{5ED8A68C-580B-4A07-9674-6FCA7AF7B40C}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
    FirewallRules: [UDP Query User{EC4B92E6-F034-46CF-B4BE-6D6E441108F9}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{1909D8E4-5456-4674-8042-9247F4298D11}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{1E88D4C8-408B-4F1F-942E-233EF4FFEA5B}C:\program files (x86)\r.g. mechanics\blood bowl - chaos edition\bb_chaos.exe] => (Block) C:\program files (x86)\r.g. mechanics\blood bowl - chaos edition\bb_chaos.exe
    FirewallRules: [TCP Query User{E7254EE0-5892-46C2-8522-F670A1315F12}C:\program files (x86)\r.g. mechanics\blood bowl - chaos edition\bb_chaos.exe] => (Block) C:\program files (x86)\r.g. mechanics\blood bowl - chaos edition\bb_chaos.exe
    FirewallRules: [{6FCBC5DA-21ED-4DF6-A410-6C037DE687AE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
    FirewallRules: [{F1660F78-91F0-457B-A391-0C68C89AB884}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
    FirewallRules: [{87689A4C-ED6D-4284-97CC-8365113BA6A7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
    FirewallRules: [{7678B1E6-1937-4A0A-99DE-7F556F884192}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
    FirewallRules: [UDP Query User{122430D1-9683-47E3-905E-E161A0E189CB}C:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe] => (Block) C:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe
    FirewallRules: [TCP Query User{DD69BC16-699C-40A5-9E02-58DB1E9F05DB}C:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe] => (Block) C:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe
    FirewallRules: [UDP Query User{A28CC644-7A31-459E-80E3-437019C53B8D}C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe
    FirewallRules: [TCP Query User{C59BBC11-587E-43EC-963A-9E7AE516CC21}C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe
    FirewallRules: [{1B4D42F2-B2AA-4257-A078-6AFD38CE6FA2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{A06A4422-9B8F-4835-8EDD-B22AE4BC0245}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{D8A51557-8BEC-48F2-ABA9-DA95A4895C3D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{B981D4A4-D863-4989-BE3A-9F0AF2B8D4BA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{4FF81F98-A868-49B2-9EE9-0BBCF46C267D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe
    FirewallRules: [{AC41CE3F-AC20-4D81-8FA7-AC635D284854}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe
    FirewallRules: [{2B79D20A-A7F1-4FB6-ABDB-969D29F0340F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe
    FirewallRules: [{B9E2F2EB-2883-4215-8E63-78FC20BDB741}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe
    FirewallRules: [UDP Query User{D1ABFE04-F0D1-452C-B74F-B95EF027E5BF}C:\program files\unity\editor\data\playbackengines\webglsupport\buildtools\emscripten_win\node\node.exe] => (Allow) C:\program files\unity\editor\data\playbackengines\webglsupport\buildtools\emscripten_win\node\node.exe
    FirewallRules: [TCP Query User{7CC69F29-4DB0-441D-9B7D-810AF8941177}C:\program files\unity\editor\data\playbackengines\webglsupport\buildtools\emscripten_win\node\node.exe] => (Allow) C:\program files\unity\editor\data\playbackengines\webglsupport\buildtools\emscripten_win\node\node.exe
    FirewallRules: [UDP Query User{6A9E2B15-188A-483A-A451-C0555FE64AE7}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{F7D2306B-3997-4417-ABC3-3C26D323B25B}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [{0484761D-B21C-4CC3-B87A-ACD96140EB59}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{0E883DC9-2B73-41AF-8C23-747E77DBCF58}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{19BFD850-E44B-43D2-A853-D1B13BA4F3E2}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{C5A3B1A5-B2C2-40B3-ACB6-14017E4A6D5F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{D412D3ED-D2E3-4545-8EF2-896FFFF5AB4D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{1EA7F175-9BD7-4318-927D-778CCC63A307}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{D489AABF-A842-4988-97C0-3B61545A6D8C}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [UDP Query User{324160E7-7853-4D9A-941C-B09E4F12D772}C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe
    FirewallRules: [TCP Query User{D6176637-7D46-463C-B2EE-A6A4E768B150}C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe
    FirewallRules: [UDP Query User{1DC6ECD6-4E5C-47C0-94B1-EF8600932C87}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe
    FirewallRules: [TCP Query User{2A221014-5992-46DA-9B3C-A8488463E870}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe
    FirewallRules: [UDP Query User{3D746BAF-2536-46CC-98F8-65EF6C526E7E}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe
    FirewallRules: [TCP Query User{E501E945-CB1B-433B-B59B-A4FF025036C5}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe
    FirewallRules: [UDP Query User{E524D3D0-F40F-41CC-AEFE-0558355E3C38}C:\users\scott\desktop\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\scott\desktop\utorrentportable\app\utorrent\utorrent.exe
    FirewallRules: [TCP Query User{9752BC02-35F7-42AA-9ABF-23A9EFBA9EDC}C:\users\scott\desktop\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\scott\desktop\utorrentportable\app\utorrent\utorrent.exe
    FirewallRules: [UDP Query User{CAA6B9B1-D0BC-45A8-80F2-464474B8AEBF}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
    FirewallRules: [TCP Query User{437E7CC1-EB7D-47E1-ABF3-81BBA19F4736}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
    FirewallRules: [UDP Query User{AF43AE01-865D-41AB-AD4C-689E258B4F78}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
    FirewallRules: [TCP Query User{DB3F600D-AA1F-40A7-8175-A389EEC0AE0E}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
    FirewallRules: [{97B23789-5A78-403F-91E5-EB9B00F13A1B}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe
    FirewallRules: [{DC34B716-24B3-4104-9C08-38F314457B8B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{63A05E12-7746-4512-B1F5-0D35F68496AC}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2013\UnityVS.OpenFile.exe
    FirewallRules: [{F8C68D27-41AB-4023-B2E1-ECF903774485}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{F2E42333-5DA2-470D-B3BA-1EB092F21E6B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{0378D620-897D-4805-99C5-91B58FC4ACA4}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
    FirewallRules: [{E44F458D-AD61-49E2-AC81-FCF660D51339}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
    FirewallRules: [{D733C4DF-EE73-487E-8FB2-6198BB7C065E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
    FirewallRules: [{9AECA665-2A42-49DE-8E07-A8C3941F8F90}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
    FirewallRules: [{1DDCC6B9-481F-452E-93DD-F064EFC0DEAA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{C5FA78DF-F6E3-4C59-A4F8-A3140E633BF6}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{73C2BC81-EB71-4B42-B326-3CBD19DBEF07}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
    FirewallRules: [{1FFF2232-F6F9-4AF1-9FBC-1CD31A312627}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
    FirewallRules: [{9EA390DA-3B4D-4FCF-8E74-8093122E705D}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{200056E4-16FC-4CA6-8007-FEDA33548DD0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{6293F061-74B1-4B40-92C1-11F9AD8B2E49}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{117B0EA1-4A89-4A26-8D12-865BE46E7DA0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{1FE173B8-DEC8-4693-A857-17E96A1A6A55}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{02445EB3-5045-40AF-A924-4446986DBD51}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{EB891616-2E04-4A3E-B19C-47E29D004D16}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{EDFC77B1-10A1-42CB-B376-339A67E92CE6}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{EC16CF82-7649-4C85-B2CC-7A7FD3ADF8B1}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{9FA7FF94-CC46-4AA3-87BE-8C806D1ECFED}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{69107F15-4970-4AB0-9D28-AFF7EC1C14F3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [TCP Query User{02F2FB2A-46ED-47A2-AADE-3EB61EC495FC}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
    FirewallRules: [UDP Query User{4927B1F1-0720-44BE-8C69-519FA60BD2CA}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
    FirewallRules: [TCP Query User{00FBC6DC-EEB7-4B59-BE1A-5DA37C7D28E8}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{5650A6B8-B569-4AD1-980E-DA78FDE4392A}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [{4E3D12F8-640D-4A0E-82FD-E384FFB447CA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
    FirewallRules: [{98A2A6D1-E917-4839-8841-D6282D4DE87D}] => (Allow) C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{1E3EF270-9A93-4C7C-AEC0-98DEC2C218ED}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{DF91577A-4E46-477E-A2A6-CF49C94C04BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{63DEB0AF-E5A9-4DF5-BC42-CD3F616DEDED}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{5C725C77-DAC7-47CF-BC7B-57E2222F03A3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{BB7C0E48-3901-4F60-AD6C-4AFED875600D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
    FirewallRules: [{6D0CBEE4-621D-46E6-9B34-460B01DC48C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
    FirewallRules: [TCP Query User{427DECF8-56A9-47BD-851D-6800F3C2ABE5}C:\program files (x86)\xbmc\xbmc.exe] => (Block) C:\program files (x86)\xbmc\xbmc.exe
    FirewallRules: [UDP Query User{5ED407F8-3512-46E2-A222-08377F15A6C9}C:\program files (x86)\xbmc\xbmc.exe] => (Block) C:\program files (x86)\xbmc\xbmc.exe
    FirewallRules: [TCP Query User{DF2D6FC0-F50D-4716-8809-B1761CFE370B}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{8B5BA331-DECC-4A8D-89C5-FCF6239AC2CE}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{DBF9160E-C8FF-4A13-A9F0-E4D99D4E7024}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{F15CD4F5-834F-427A-BEC7-05546F2F308B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{3436CB03-C6AE-41AB-BDA0-FE65AFFA40A6}] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{51237D64-4904-471E-AD96-01861785D155}] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{1FFAAE6A-7F3B-4089-8320-D598C92AED1B}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
    FirewallRules: [{29AABA3B-FAF0-4BD4-A400-8BDA74DF1054}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
    FirewallRules: [{7BFAED26-4694-4B0D-8AE2-272902466D82}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
    FirewallRules: [{DEE47194-A11A-4864-92E1-C3AD91F7C942}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{C6B65417-C67F-4715-A0BE-C874CAC7242E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{E623BA45-60B4-438E-9AA8-14A7953E928F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{97BB5314-C755-4FE6-9A00-A985B1CEE8E3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{5156BC3D-53C3-4B9B-A35E-D9879EA5FBB2}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [{6A861494-D468-499A-8B1D-DC59319B301A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [TCP Query User{44810F69-54AE-4649-9F42-AF0BD71F1603}C:\program files (x86)\airdroid\airdroid.exe] => (Block) C:\program files (x86)\airdroid\airdroid.exe
    FirewallRules: [UDP Query User{9C611B2D-6D35-46E8-8F90-7EEB66A928CB}C:\program files (x86)\airdroid\airdroid.exe] => (Block) C:\program files (x86)\airdroid\airdroid.exe
    FirewallRules: [{ADC78B1C-CDE6-4692-864A-7EC3297D6198}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{DD414C32-5658-44F8-85F7-D044AB492570}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{392D7785-08A2-4A5B-9A07-83E872143F08}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{27264615-61DD-4FDD-9B32-C36758B93382}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{5B4B0326-02CF-481B-B241-949417147729}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{6F2991B7-1A66-4488-B303-9B7B8DDBF36A}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{7B2C1AD3-C327-4F56-AD35-17D06B69BC22}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{AD106ADC-8388-446F-987E-3E1C2CE1015E}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
    FirewallRules: [{DB3535DA-EE69-43E3-8DE9-3DF02F6F8623}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
    FirewallRules: [{25FE024A-E89C-4EFD-B9CE-07EE0F8AD129}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{292B7E7F-B957-49E7-B468-CD52D5ABF213}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{531811B7-69BA-4E5F-A12A-50A0DF07DA61}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{265693C8-A135-448B-BF4E-C6B5CDEFAC35}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{E92B29E3-8A9E-45C8-AA6A-A76DF8148C8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
    FirewallRules: [{73775A14-22E3-4842-9C0E-031451F2E188}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
    FirewallRules: [{EE67B90F-1D76-4365-BCEC-755687286F9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
    FirewallRules: [{941CC227-47CB-4A0C-8A5E-794B82924E6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
    FirewallRules: [TCP Query User{6978B4F1-E69A-4E77-86CA-AD19984614CC}C:\program files (x86)\snowflake suite\bin\release\snowflake.exe] => (Block) C:\program files (x86)\snowflake suite\bin\release\snowflake.exe
    FirewallRules: [UDP Query User{AB048532-CF06-48E7-9E5C-654A8F4ABAB4}C:\program files (x86)\snowflake suite\bin\release\snowflake.exe] => (Block) C:\program files (x86)\snowflake suite\bin\release\snowflake.exe
    FirewallRules: [TCP Query User{919DC28A-B882-4391-A550-07D39EC22195}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
    FirewallRules: [UDP Query User{7AF9158F-9175-413F-BBD5-18DDFD84DC86}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
    FirewallRules: [{EAF039C5-26D6-4321-9AAD-944E818D529C}] => (Block) C:\games\world_of_tanks\wotlauncher.exe
    FirewallRules: [{C131AC89-50C1-4832-927C-339E9B6A9708}] => (Block) C:\games\world_of_tanks\wotlauncher.exe
    FirewallRules: [TCP Query User{698B2E09-3454-4E3B-B5BD-E9BEB8AC34B7}C:\program files (x86)\brackets\node.exe] => (Block) C:\program files (x86)\brackets\node.exe
    FirewallRules: [UDP Query User{33A42994-ADF1-4A06-83D2-3F52D189E9FA}C:\program files (x86)\brackets\node.exe] => (Block) C:\program files (x86)\brackets\node.exe
    FirewallRules: [TCP Query User{6543A478-4ACD-48B5-A207-9FE42A6E00DC}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
    FirewallRules: [UDP Query User{94CA9780-453C-4A83-8062-648578AE10C6}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
    FirewallRules: [TCP Query User{4F49A2E1-BC38-4160-8CB9-6DCEE3CA93FD}C:\program files (x86)\unity\editor\unity.exe] => (Block) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [UDP Query User{A6B1FFEE-DC4E-437E-A561-1E4634291072}C:\program files (x86)\unity\editor\unity.exe] => (Block) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [TCP Query User{FE7961E9-86FE-46B1-8131-938067069F71}C:\program files\java\jdk1.8.0_25\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_25\bin\java.exe
    FirewallRules: [UDP Query User{28DAAA4F-BA1F-4902-A787-A7A677C5FA77}C:\program files\java\jdk1.8.0_25\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_25\bin\java.exe
    FirewallRules: [{B5F5DBB3-2152-49A5-A506-6BE4B034BA16}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{7F353CAC-7B4C-49B9-893A-B853F7B234D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{C0B79D86-EE14-418A-9AFB-D9B29457D84A}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
    FirewallRules: [UDP Query User{BB4236CA-A52A-4C98-9D36-B0812501E806}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
    FirewallRules: [{AA7B9E25-36F8-4648-806B-ACBC00CA75D4}] => (Block) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
    FirewallRules: [{33482519-3DEE-4E68-93F5-7B49E8F4D12D}] => (Block) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
    FirewallRules: [{95B2F7CF-9103-4A5B-8DB5-826AFDD96582}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GearUp\bin64\Traktor.Amalgam.App.exe
    FirewallRules: [{E5336FED-C724-45E0-81D7-A3E665A221FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GearUp\bin64\Traktor.Amalgam.App.exe
    FirewallRules: [TCP Query User{A6CEC17A-3F73-4676-ABF9-5B261FA3BFE0}C:\users\scott\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\scott\appdata\roaming\utorrent\utorrent.exe
    FirewallRules: [UDP Query User{4E2B8688-BC91-49FC-9C6E-349898B4213A}C:\users\scott\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\scott\appdata\roaming\utorrent\utorrent.exe
    FirewallRules: [{2446E73C-AA32-4CB1-90F7-AACD9561F1DC}] => (Block) C:\users\scott\appdata\roaming\utorrent\utorrent.exe
    FirewallRules: [{406091FE-4E8D-4BDE-8314-709D116BD3CB}] => (Block) C:\users\scott\appdata\roaming\utorrent\utorrent.exe
    FirewallRules: [{CE15B7F5-ECFB-4A4D-ADED-01CBE9627C45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
    FirewallRules: [{601AB2E4-D575-4FEF-B42B-4C10062AF9BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
    FirewallRules: [TCP Query User{A9A1DC8B-9A64-48E9-A4E3-21D656F71C01}C:\program files (x86)\popcorn4tv\popcorn4tv.exe] => (Allow) C:\program files (x86)\popcorn4tv\popcorn4tv.exe
    FirewallRules: [UDP Query User{90D1BAAE-DFD0-43BF-8421-F7CA45873E98}C:\program files (x86)\popcorn4tv\popcorn4tv.exe] => (Allow) C:\program files (x86)\popcorn4tv\popcorn4tv.exe
    FirewallRules: [{38F496B9-5A9E-4735-88A8-5BF5553F6A4C}] => (Block) C:\program files (x86)\popcorn4tv\popcorn4tv.exe
    FirewallRules: [{6C0B6317-C4B8-419A-8197-3452B4B4DDCC}] => (Block) C:\program files (x86)\popcorn4tv\popcorn4tv.exe
    FirewallRules: [TCP Query User{BD96121D-29CE-4228-94D7-5BEF026E6526}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
    FirewallRules: [UDP Query User{723871E8-8DA0-4073-B56D-FD34F0D6F41A}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
    FirewallRules: [{F5FB10AD-F10F-4954-8D6B-23B9B328664D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
    FirewallRules: [{2647D4E8-AD4B-4A65-B8A2-F5F0AE982AF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
    FirewallRules: [{4357C94A-86B9-4541-BAE6-653E2082015F}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
    FirewallRules: [{BDDD2A46-3125-4AEA-BDA6-AF8891B58A5F}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
    FirewallRules: [{8AEB31F3-2491-4358-92D4-A662E5AF8A26}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
    FirewallRules: [{3A996999-7CDA-4AF0-AC82-0B9DBEDAA24E}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
    FirewallRules: [{413CCA12-0F6E-41CB-82A7-19A74B95430B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{6B8D5E82-4668-4111-8FBC-6775E132E538}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{7122BBFF-EA28-462D-93B8-D9E0D6A9ABB9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{D22492EB-D95F-4128-B03E-08E7F796C503}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [TCP Query User{30F21C5E-483F-4FDF-A0C2-9A1CBB73D5A7}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
    FirewallRules: [UDP Query User{34C83DA7-E42A-4746-AC61-D8F65F2D85EB}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
    FirewallRules: [{EEBFFC3C-E1D2-482B-AC48-0F75F9629129}] => (Block) C:\program files (x86)\kodi\kodi.exe
    FirewallRules: [{C73D19B5-AFA0-4E09-98AE-F5C530E2052E}] => (Block) C:\program files (x86)\kodi\kodi.exe
    FirewallRules: [TCP Query User{BEDDE179-3AFF-4AF2-8E6C-196E99FE6E0A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{CBDC26B8-B003-463B-AEFE-AEF0C9284343}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [TCP Query User{EECBE9FF-0093-4FF4-9D3D-7E385FC8FA05}C:\program files (x86)\ubisoft\far cry 4 inc. valley of the yetis\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\far cry 4 inc. valley of the yetis\bin\farcry4.exe
    FirewallRules: [UDP Query User{D251BC32-BD87-426F-AF43-176A0D1E1C63}C:\program files (x86)\ubisoft\far cry 4 inc. valley of the yetis\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\far cry 4 inc. valley of the yetis\bin\farcry4.exe
    FirewallRules: [{DF46E02A-E3CB-4E3C-8BC2-CF82E446CC29}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
    FirewallRules: [{4AC21FD9-68D0-4B1E-ABAE-88F3BA53797A}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
    FirewallRules: [{FEFCE374-C445-4CA7-A3CA-3F628F4B3299}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
    FirewallRules: [{3D84A9BB-F991-47CA-8C37-41769C96773C}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
    FirewallRules: [{E7B2E059-F4C9-4E3F-A882-BB9A7DE0D476}] => (Allow) C:\ProgramData\Turbine\DDO Unlimited\dndclient.exe
    FirewallRules: [{6D4C68E4-8314-40AC-BC69-C490E8EEBE28}] => (Allow) C:\ProgramData\Turbine\DDO Unlimited\dndclient.exe
    FirewallRules: [{96BABDFA-492B-4CFA-B4B9-68D7155709BF}] => (Allow) C:\ProgramData\Turbine\DDO Unlimited\TurbineLauncher.exe
    FirewallRules: [{F5CEDFDA-CA97-4E1F-959C-90F896621062}] => (Allow) C:\ProgramData\Turbine\DDO Unlimited\TurbineLauncher.exe
    FirewallRules: [TCP Query User{B570D40C-F5EC-453C-9FCE-97703F4FF302}C:\users\scott\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\scott\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{E7074929-E825-4B34-AC4F-742F5775922F}C:\users\scott\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\scott\appdata\local\akamai\netsession_win.exe
    FirewallRules: [{1C008720-7EFC-4A6A-837A-E6FE9CC934FF}] => (Allow) C:\Users\Scott\AppData\Roaming\BitTorrent\BitTorrent.exe
    FirewallRules: [{2EED86FD-B769-419F-8E9F-8FCA6AE5F070}] => (Allow) C:\Users\Scott\AppData\Roaming\BitTorrent\BitTorrent.exe
    FirewallRules: [TCP Query User{95F96EF0-059B-421B-B557-B139ABD65D9C}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
    FirewallRules: [UDP Query User{0183566E-749B-4632-B852-8D52041763CD}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
    FirewallRules: [TCP Query User{B95F1FDB-8C33-4A32-819D-308B7053A205}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.1\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.1\bin\idea.exe
    FirewallRules: [UDP Query User{E0797290-BAC9-4190-A9F2-39F17725F6D1}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.1\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.1\bin\idea.exe
    FirewallRules: [{9631842C-A6B4-4878-BB36-9110C3D4F053}] => (Block) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.1\bin\idea.exe
    FirewallRules: [{192F8DA6-A468-442E-9F3C-A6671925DAD5}] => (Block) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.1\bin\idea.exe
    FirewallRules: [{2E557DF7-31A8-41F2-82C1-4A4555A7C422}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
    FirewallRules: [{9F93CBFB-3713-4285-91B9-CB85CECF2A4D}] => (Allow) C:\Users\Admin\AppData\Local\Temp\nsdF533.tmp\CnetInstaller-10855016.exe
    FirewallRules: [{FF322227-D262-408D-AE75-1A7A6BC17D71}] => (Allow) C:\Users\Admin\AppData\Local\Temp\nsdF533.tmp\CnetInstaller-10855016.exe
    FirewallRules: [{7A046935-8AD4-4D88-A7DF-ED08C9EAA4CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Firefall\system\bin\FirefallClient.exe
    FirewallRules: [{5773F60B-6D8E-4937-90DD-EAD06C196992}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Firefall\system\bin\FirefallClient.exe
    FirewallRules: [TCP Query User{1DB1300C-7A79-4A22-A15C-C7768F2D9B7F}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
    FirewallRules: [UDP Query User{7360E101-3CCF-4F2D-8235-D903FF5EBC5F}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
    FirewallRules: [TCP Query User{3EC6C35C-3B89-4CDF-B051-E41FB77A922B}C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe
    FirewallRules: [UDP Query User{F02391FD-99FE-44C4-8A13-F93447E46F61}C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe
    FirewallRules: [TCP Query User{F8812981-FB59-4C69-990F-54606EF48A65}C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe
    FirewallRules: [UDP Query User{47E84D5D-0672-4DAA-83CA-981CCEED64CE}C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe
    FirewallRules: [{CA4D5D06-5F80-4D92-936F-855E712BEEC6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{2BC7E98F-EBC2-4EDC-87BF-7D083C197896}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{9E6B1CB8-82D7-4263-A395-3F3E1AC55C3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{808CAD6C-C0FE-4040-8687-EF1330F8743B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [TCP Query User{CE59D47D-FF9C-448A-8069-CB3730856984}C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Block) C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe
    FirewallRules: [UDP Query User{7B701AA5-D203-4D53-A292-A941452B3596}C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Block) C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe
    FirewallRules: [{51F985FF-61AC-465B-8A02-002DFE6A43AB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{EBF56E04-B97F-4AEA-984B-9B5FE5639399}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{4916580A-03AB-4DFF-9391-CC5EF326A290}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{DB83AA73-B630-4C92-BF76-39732B3D3AAE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{2149B1B5-B844-4352-AF18-AF023387E36F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    FirewallRules: [TCP Query User{A6C76367-5B5E-4E85-8199-4DC055C99359}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [UDP Query User{0E3CA6D0-1B0C-4BF0-A242-8A3103077A9C}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [TCP Query User{1AA7D9DC-36E4-4672-BE9C-221588CF5FED}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
    FirewallRules: [UDP Query User{0340CD79-A147-4D1C-88C3-E79A8C05C7D2}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
    FirewallRules: [TCP Query User{DA9001DB-F196-4018-A0DA-B70AF97F10C9}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
    FirewallRules: [UDP Query User{005FC4B0-821A-4C22-B465-FD2FADB8613E}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
    FirewallRules: [TCP Query User{6F6DFD57-F185-4C11-B441-2F2E6619C545}C:\program files\java\jdk1.8.0_45\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_45\bin\java.exe
    FirewallRules: [UDP Query User{720C451B-5BEE-4934-AF2E-8BBE9B40E69F}C:\program files\java\jdk1.8.0_45\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_45\bin\java.exe
    FirewallRules: [TCP Query User{F1BF682D-0CBA-4F4F-86D9-D1B38FEAAFBB}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe
    FirewallRules: [UDP Query User{827AD84C-C807-4C2A-9C39-F80FA20D186B}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe
    FirewallRules: [TCP Query User{51E4B9DC-CB9D-4EC0-9566-0A707F6C3B68}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe
    FirewallRules: [UDP Query User{8CA077EF-1C9D-494B-B17F-638E85A2AD1B}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe
    FirewallRules: [TCP Query User{F4E7EBBC-226D-4868-9ECD-F6DC756E9846}C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe
    FirewallRules: [UDP Query User{EF35DB27-9341-4D49-B632-4321ECBDDBAA}C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe
    FirewallRules: [TCP Query User{DEF3FDE8-2E24-4692-81BC-5BF88CBF2B65}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe
    FirewallRules: [UDP Query User{17220E90-0EAF-47B5-A291-0DF0E6775CA4}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe
    FirewallRules: [TCP Query User{3AD3D987-C7B5-43EB-8346-79469BFEC84D}C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe
    FirewallRules: [UDP Query User{1BBB473F-71EB-4A70-BACF-9728E5A95E8B}C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe
    FirewallRules: [TCP Query User{556B06B8-FEFC-4AFB-8B38-C0EC49457D77}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe
    FirewallRules: [UDP Query User{9FC6990A-7BBE-4C8E-8805-1A90FFB061EF}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe
    FirewallRules: [TCP Query User{1A84B5EC-F676-4AB6-912E-7910BF6BA13B}C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Block) C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe
    FirewallRules: [UDP Query User{B03024C2-75E7-43AC-871E-373FA0215BFA}C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Block) C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe
    FirewallRules: [TCP Query User{CA38C9B2-5F1B-438E-A96E-65679721E127}C:\program files\java\jdk1.8.0_45\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_45\bin\java.exe
    FirewallRules: [UDP Query User{B5117CB8-1565-45D7-A742-2CBDE99F2122}C:\program files\java\jdk1.8.0_45\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_45\bin\java.exe
    FirewallRules: [TCP Query User{8654AE78-1FA4-4A11-8DFC-606E169DE890}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [UDP Query User{B0DF1965-4713-4EA8-A9DE-02FCD0802497}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [TCP Query User{8EC1A092-6A29-41DD-95FB-E93533AFB8FF}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [UDP Query User{6AE92DD2-742B-4D63-A525-A97DD3FA3D1F}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [TCP Query User{47C2E813-8EBC-4EA2-A8C7-802763C59CF5}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [UDP Query User{B0D1AE50-F9F6-4C43-9589-BE4CF6FE9803}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [{EA5877F7-DEAC-4D05-9833-7A391FB6F8CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{76415A1D-0BD2-4C8E-8013-165D5B14C572}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{0B1BB7EA-0394-49AE-B6CE-2881C6AD0B02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{9080CFEC-66CA-4148-B552-59A2FBF9F917}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{D7419AB9-DE6A-48B6-898F-4B18B257CDE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [TCP Query User{4D303B5F-F526-4F93-B407-C536337839DD}C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe
    FirewallRules: [UDP Query User{8F121018-0545-4EBC-9484-5342F8FB0A45}C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe
    FirewallRules: [{2EC2D1A9-CA59-4611-8D05-1A506EB1B890}] => (Allow) LPort=12292
    FirewallRules: [{66F7879C-4F82-4EA0-ABFC-1B33C6C34FC7}] => (Allow) C:\Users\Scott\Desktop\DxtorySetup2.0.133-70994460.exe
    FirewallRules: [{7AD88666-06E5-4472-B268-058EB3F1F86A}] => (Allow) C:\Users\Scott\Desktop\DxtorySetup2.0.133-70994460.exe
    FirewallRules: [{2563C4F5-D851-4EAC-BFF9-BFE618A57364}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
    FirewallRules: [{A583BBA3-236E-42EC-9998-BA188BD29041}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
    FirewallRules: [{6F182F82-CEB9-48C1-BE2D-69F7CA6CA004}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
    FirewallRules: [{C933828D-E79E-440C-A35F-B5BA1A4258D2}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
    FirewallRules: [{7D8FE4FD-37A7-41F2-A8C5-9456A1966B79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
    FirewallRules: [{E828E815-5AF9-4FF7-A77C-9AFF4FC9DA43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
    FirewallRules: [{3EAABE6E-83BE-4BBE-BB40-C3804BFCCCC6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{F89CB547-125E-4093-9055-C6C16E95EB85}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{0BD2BC71-61C5-422D-85A5-118A01B8AF15}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{B91DD3C5-7C03-4CA1-B7A3-F8B8D1D8A3E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{D6C549A7-9C26-4FFC-8F69-AC8CBA1C194C}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64\Editor.exe
    FirewallRules: [{0EE55334-1887-4397-A232-CE42576D71B6}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64\Editor.exe
    FirewallRules: [{96F44D29-D9ED-4236-9A37-695E57D22843}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64\GameSDK.exe
    FirewallRules: [{058B87EA-E8B5-4895-872B-D66001D73B55}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64\GameSDK.exe
    FirewallRules: [{7DB3C4E5-D895-4114-BD95-A4EE464B840C}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64_release\GameSDK.exe
    FirewallRules: [{4BA59855-107C-465F-B987-4E976227F7CF}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64_release\GameSDK.exe
    FirewallRules: [{85C29762-EA5C-4426-B623-B6A7F08F9FB3}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86\GameSDK.exe
    FirewallRules: [{F5CD505D-43E8-4D4D-AB80-F8236AD83F0A}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86\GameSDK.exe
    FirewallRules: [{55163B10-14BD-4B8B-97E9-549350DFC8AF}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86_release\GameSDK.exe
    FirewallRules: [{D127F3C6-F7D2-4048-8E5D-A652381EB8A2}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86_release\GameSDK.exe
    FirewallRules: [{E6097CE1-5105-480E-B388-57552EECDF4C}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
    FirewallRules: [{9554DA22-FD97-48E2-ACA4-25BD46A18B38}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
    FirewallRules: [TCP Query User{37880A45-17D2-44BA-8D04-79D8703086C9}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
     
  6. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    FirewallRules: [UDP Query User{644F2853-32B8-4305-A865-ADA10B9182F8}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
    FirewallRules: [{92C11C30-5720-47AC-A399-4E9BF8E463C3}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64\GameSDK.exe
    FirewallRules: [{78C08C55-3A84-45BB-814F-99CAE88B77C9}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64\GameSDK.exe
    FirewallRules: [{1D2DA952-5318-4661-BD89-33A19A06C9B1}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64_release\GameSDK.exe
    FirewallRules: [{9068B9D4-8400-45FE-816B-E443EC223BB4}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64_release\GameSDK.exe
    FirewallRules: [{4F771628-5969-4B26-B875-1F1321F5AB90}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86\GameSDK.exe
    FirewallRules: [{E75272B7-7128-43FE-89DE-26212B248B9D}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86\GameSDK.exe
    FirewallRules: [{36613AD2-8516-431A-A99E-BE29CA9F3A19}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86_release\GameSDK.exe
    FirewallRules: [{41FDF913-56E4-4EA4-94DB-F463EB129910}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86_release\GameSDK.exe
    FirewallRules: [TCP Query User{AFBEBA24-663E-4719-A52E-941799904FF6}C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe
    FirewallRules: [UDP Query User{56B9F099-F98A-4549-9195-B1563E31C86D}C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe
    FirewallRules: [{4E08063A-59BC-40B0-9256-78DFB77C60C9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{88A6380B-9773-4E41-9105-2FD85F70AD77}] => (Allow) LPort=2869
    FirewallRules: [{72EABC08-031D-4371-9551-293D145020ED}] => (Allow) LPort=1900
    FirewallRules: [{F1A6BB8E-CCE6-4A86-B495-B26E7F4778D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{F14BF63C-3495-4B30-AC09-A0F4DAB760AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{5DA32D01-A3E6-4C8B-B9AB-7C9ADD8846E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{14C51B5C-7F58-4EA0-ADCE-1044487EE703}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{B0708F41-C902-44B8-9692-7564FD53920A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{1574036E-9155-4106-947E-1D673563D747}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{BE6B6590-6FB6-4020-B71B-27CF90854BAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{897C8A5C-5A07-4F15-BCCA-9F6CC8317C6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [{D025E8DB-C65C-432C-AAD0-155FF798754F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{515C2ACC-F53C-4C83-AD8C-629FE0284FA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{0FEC6983-2669-4E28-AB0E-381FDFE2D7A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{6B2FEB4D-F6EF-4631-97C2-5AC7F5E65826}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{E6D25A83-B6A8-4253-94DB-E0DAC5048A3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{4D22F04C-6704-4052-A34E-A90E7B5CEBC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [{134B976B-E09D-4908-B96C-8BBF4AFBBE21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
    FirewallRules: [{34F5DF65-950B-4253-844B-9B833F402A56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
    FirewallRules: [{9A908749-4D51-447F-8853-FFA944B9C4AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
    FirewallRules: [{7DC5CE0D-2201-493A-801C-C8BD1D9DED46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
    FirewallRules: [{9647E6C3-4242-4E98-ABCB-ACBA2F11159E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\HammerEditor.exe
    FirewallRules: [{FA431A2A-5226-4D3A-B00C-225AD20E3938}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\HammerEditor.exe
    FirewallRules: [TCP Query User{A6ECF8FE-23AA-495F-B506-79BC28449619}C:\program files (x86)\jetbrains\datagrip 1.0.1\jre\jre\bin\java.exe] => (Block) C:\program files (x86)\jetbrains\datagrip 1.0.1\jre\jre\bin\java.exe
    FirewallRules: [UDP Query User{93D74231-13A8-4BCD-8DA2-C01B13F2DB33}C:\program files (x86)\jetbrains\datagrip 1.0.1\jre\jre\bin\java.exe] => (Block) C:\program files (x86)\jetbrains\datagrip 1.0.1\jre\jre\bin\java.exe
    FirewallRules: [TCP Query User{937D7AFC-4EEA-45FF-8936-7DCE46428919}C:\program files (x86)\jetbrains\datagrip 1.0.1\bin\datagrip.exe] => (Block) C:\program files (x86)\jetbrains\datagrip 1.0.1\bin\datagrip.exe
    FirewallRules: [UDP Query User{98C0A7F9-65E0-485F-AC2C-77FAE0EB7A25}C:\program files (x86)\jetbrains\datagrip 1.0.1\bin\datagrip.exe] => (Block) C:\program files (x86)\jetbrains\datagrip 1.0.1\bin\datagrip.exe
    FirewallRules: [TCP Query User{357CE253-4815-4542-9688-C21DAA09D43B}C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe
    FirewallRules: [UDP Query User{E0F06926-01A2-4CD9-B6C2-7F4F72A06743}C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe
    FirewallRules: [TCP Query User{C3C183ED-3760-45CE-9C2E-1F7FD28F022A}C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe
    FirewallRules: [UDP Query User{465FB1AE-29D9-44DA-AAFF-7DC9CF947FB9}C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe
    FirewallRules: [TCP Query User{581609B4-DC22-4476-A825-BF91A83A585C}C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe
    FirewallRules: [UDP Query User{D0F73A24-C460-4DB6-9AE7-0820519E0E15}C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe
    FirewallRules: [TCP Query User{A172BC76-1CAB-4456-80D5-54CD559340FD}C:\program files (x86)\jetbrains\phpstorm 10.0.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 10.0.3\jre\jre\bin\java.exe
    FirewallRules: [UDP Query User{2A43EF65-337E-47C4-B986-F5C6E49B5085}C:\program files (x86)\jetbrains\phpstorm 10.0.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 10.0.3\jre\jre\bin\java.exe
    FirewallRules: [{F87601B9-3D49-493D-83E5-21429C131B17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
    FirewallRules: [{53E601A7-51BD-4857-8989-552637FF8D27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
    FirewallRules: [{7235F66D-4AA1-43E0-833A-254F773892CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
    FirewallRules: [{9282BDF3-3779-472B-A8F9-BDD6BF70CF16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
    FirewallRules: [{15315158-FDB6-4E95-B0AD-F71E410B0851}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TalesMajEyal\t-engine.exe
    FirewallRules: [{D91252FC-589E-47BB-AFFF-D524DCE683ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TalesMajEyal\t-engine.exe
    FirewallRules: [{C4BAA3E8-20E7-43B9-A9C2-B4B1C3E52486}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
    FirewallRules: [{A9AA9E58-DC17-4E2E-BCFB-4915D4B36F0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
    FirewallRules: [{7C7EF64F-A93E-47EA-ACF2-74A1BC097E7A}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe
    FirewallRules: [{2A391C1C-DC7C-4517-BD0A-B0C318CFCCB3}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe
    FirewallRules: [{CDF91773-2480-4A29-88A8-6AAA60251221}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
    FirewallRules: [{73AEBE7E-43DE-4FC0-842D-EFB386D5DA2E}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
    FirewallRules: [{2AEB39A1-8856-46EF-AB10-052A63272B10}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\skse_steam_boot.exe
    FirewallRules: [{67824E2F-8427-4FF1-ABDA-8D494DBAD7BF}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\skse_steam_boot.exe
    FirewallRules: [{726B9132-A1DC-40AB-ACD5-A2B85D42ED7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reassembly\win32\ReassemblyRelease.exe
    FirewallRules: [{A4852DF8-2AEB-449C-92F7-427C6F327C9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reassembly\win32\ReassemblyRelease.exe
    FirewallRules: [{BD261B21-A6BF-494E-B8CC-0D3BBBF682DD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    FirewallRules: [{F2AC02A6-54A4-4511-85DD-465D3F63A72C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{0574CEA4-BD17-4DE7-9D9F-49E483F1DCD7}] => (Allow) C:\Users\Scott\Downloads\uTorrentPortable\App\uTorrent\uTorrent.exe
    FirewallRules: [{E3E23095-9447-49BE-9016-FB68CB342371}] => (Allow) C:\Users\Scott\Downloads\uTorrentPortable\App\uTorrent\uTorrent.exe
    FirewallRules: [{9F71856B-24F0-483C-B65B-4912B42762A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
    FirewallRules: [{03171EF6-5EE9-405F-B4D9-92B72395C7F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
    FirewallRules: [{A4792ACA-8750-4284-8AA3-B4450645ECD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KOAReckoning\Reckoning.exe
    FirewallRules: [{5CF13158-ACB7-4601-B5A4-0E6875458045}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KOAReckoning\Reckoning.exe
    FirewallRules: [{834EE11E-1C0B-42AE-8ACB-534AAE276384}] => (Allow) C:\Program Files\Bitvise SSH Server\BvSshServer.exe
    FirewallRules: [{27476A3D-4C5D-4D0C-85A1-1BE60B2FE6E4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{855A0375-0917-4B8B-BB12-712E3EE328CB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{FB41BC35-4F7B-44C5-BD68-58D467BF4F0E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
    FirewallRules: [{44DE7B2A-1A99-4669-B039-72457174E1E3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
    FirewallRules: [{2B8DF882-BAF1-444F-9DDB-FFA1D0D0A256}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [{5E4D6687-0B10-4ADF-BDB8-0C0BA588D5AB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [{604A71D6-A65C-4123-8A33-0865A9594E58}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
    FirewallRules: [{AC589DE8-F64A-449A-8CD8-D8F4FAD7397D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

    ==================== Restore Points =========================

    15-06-2016 14:04:51 Windows Update
    17-06-2016 09:50:10 Installed AVG 2016
    17-06-2016 09:50:58 Installed AVG

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/17/2016 10:05:49 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.36, time stamp: 0x56eb679c
    Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a84cbb
    Exception code: 0xc000027b
    Fault offset: 0x00166fb1
    Faulting process id: 0x1d70
    Faulting application start time: 0xSkypeHost.exe0
    Faulting application path: SkypeHost.exe1
    Faulting module path: SkypeHost.exe2
    Report Id: SkypeHost.exe3
    Faulting package full name: SkypeHost.exe4
    Faulting package-relative application ID: SkypeHost.exe5

    Error: (06/17/2016 09:51:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    Details:
    AddLegacyDriverFiles: Unable to back up image of binary PSKMAD.

    System Error:
    The system cannot find the file specified.
    .

    Error: (06/17/2016 09:51:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    Details:
    AddLegacyDriverFiles: Unable to back up image of binary PSINProc.

    System Error:
    The system cannot find the file specified.
    .

    Error: (06/17/2016 09:51:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    Details:
    AddLegacyDriverFiles: Unable to back up image of binary PSINKNC.

    System Error:
    The system cannot find the file specified.
    .

    Error: (06/17/2016 09:51:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    Details:
    AddLegacyDriverFiles: Unable to back up image of binary PSINFile.

    System Error:
    The system cannot find the file specified.
    .

    Error: (06/17/2016 09:51:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    Details:
    AddLegacyDriverFiles: Unable to back up image of binary NNSTLSC.

    System Error:
    The system cannot find the file specified.
    .

    Error: (06/17/2016 09:51:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    Details:
    AddLegacyDriverFiles: Unable to back up image of binary NNSSTRM.

    System Error:
    The system cannot find the file specified.
    .

    Error: (06/17/2016 09:51:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    Details:
    AddLegacyDriverFiles: Unable to back up image of binary NNSPRV.

    System Error:
    The system cannot find the file specified.
    .

    Error: (06/17/2016 09:51:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    Details:
    AddLegacyDriverFiles: Unable to back up image of binary NNSPROT.

    System Error:
    The system cannot find the file specified.
    .

    Error: (06/17/2016 09:51:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    Details:
    AddLegacyDriverFiles: Unable to back up image of binary NNSPOP3.

    System Error:
    The system cannot find the file specified.
    .


    System errors:
    =============
    Error: (06/17/2016 09:45:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Panda Protection Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (06/17/2016 09:45:08 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
    Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Panda Product Service service, but this action failed with the following error:
    %%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


    Error: (06/17/2016 09:45:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Panda Product Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

    Error: (06/17/2016 09:31:41 AM) (Source: DCOM) (EventID: 10001) (User: Scotts_Laptop)
    Description: "C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer15616App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mcaUnavailableUnavailable

    Error: (06/17/2016 09:28:07 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

    Error: (06/17/2016 05:15:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The User Data Access_19ab14c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (06/17/2016 05:15:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The User Data Storage_19ab14c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (06/17/2016 05:15:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Contact Data_19ab14c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (06/17/2016 05:15:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Sync Host_19ab14c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (06/17/2016 05:15:38 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable


    CodeIntegrity:
    ===================================
    Date: 2016-06-17 09:59:18.076
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-06-17 09:59:18.058
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-06-17 09:59:17.769
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-06-17 09:59:17.753
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-06-17 09:55:56.190
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-06-17 09:55:56.173
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-06-17 09:55:55.937
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-06-17 09:55:55.919
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-06-17 09:55:55.702
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-06-17 09:55:55.679
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz
    Percentage of memory in use: 34%
    Total physical RAM: 16308.27 MB
    Available physical RAM: 10711.21 MB
    Total Virtual: 18740.27 MB
    Available Virtual: 12747.41 MB

    ==================== Drives ================================

    Drive c: (Windows8_OS) (Fixed) (Total:889.98 GB) (Free:55.21 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:7.87 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: BCA4DEE7)

    Partition: GPT.

    ==================== End of Addition.txt ============================
     
  7. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =================================

    [​IMG] What are the actual issues?

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2
    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
    [​IMG] Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
    NOTE. If you already have MBAM 2.0 installed scroll down.
    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    If you already have MBAM 2.0 installed:
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    How to get logs:
    (Export log to save as txt)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • Attach that saved log to your next reply.
    (Copy to clipboard for pasting into forum replies or tickets)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.
    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
  8. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    Hello Broni,

    What are the actual issues?

    I was watching YouTube and playing a game on steam Thursday night and every thing was fine, But I went to move my computer to my bed to continue watching YouTube and a new audio channel show up named "No Name Available" that keeps repeating "Important Security Message. Please call the number provided to be guided to remove any virus on your computer" but there is no popup with a number to call (Not that I would call anyway).

    As I am writing this AVG detected three Trojan horses:
    Crypt_r.AKH
    Dropper.Agent.BMHD
    Generic18.CFYT
     
  9. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Go on with my previous reply.
     
  10. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    Here are the logs you requested. The audio channel called "No Name Available" has disappeared.

    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

    RogueKiller V12.3.3.0 [Jun 13 2016] (Free) by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/software/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 10 (10.0.10586) 64 bits version
    Started in : Normal mode
    User : Scott [Administrator]
    Started from : C:\Users\Scott\Desktop\RogueKiller.exe
    Mode : Delete -- Date : 06/21/2016 00:32:12

    ¤¤¤ Processes : 3 ¤¤¤
    [Suspicious.Path] AVG-Secure-Search-Update_0516pi.exe(2180) -- C:\ProgramData\Avg_Update_0516pi\AVG-Secure-Search-Update_0516pi.exe[7] -> Killed [TermProc]
    [Suspicious.Path] AVG-Secure-Search-Update_0516pi.exe(1008) -- C:\ProgramData\Avg_Update_0516pi\AVG-Secure-Search-Update_0516pi.exe[7] -> Killed [TermProc]
    [Suspicious.Path] LSB.exe(12424) -- C:\Users\Scott\AppData\Local\Apps\2.0\62P143E9.PVX\GDLK0JCP.YBR\lsb...tion_91a10ba61c75c82d_0001.0005_a24d0d716055ed94\LSB.exe[-] -> Killed [TermProc]

    ¤¤¤ Registry : 23 ¤¤¤
    [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Overlook -> Deleted
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} [x] -> Deleted
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} [x] -> Deleted
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} [x] -> Deleted
    [Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} [x] -> Deleted
    [Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} [x] -> Deleted
    [Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} [x] -> Deleted
    [Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Windows\CurrentVersion\Run | CS Dispatch : C:\Users\Scott\AppData\Roaming\KaiJet\WormholeSwitch1117\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\Wormhole.exe -GN:RunFromRegistry [7][x] -> Deleted
    [Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Windows\CurrentVersion\Run | MyComGames : "C:\Users\Scott\AppData\Local\MyComGames\MyComGames.exe" -autostart [7][x] -> Deleted
    [Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Windows\CurrentVersion\Run | CS Dispatch : C:\Users\Scott\AppData\Roaming\KaiJet\WormholeSwitch1117\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\Wormhole.exe -GN:RunFromRegistry [7][x] -> ERROR [2]
    [Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Windows\CurrentVersion\Run | MyComGames : "C:\Users\Scott\AppData\Local\MyComGames\MyComGames.exe" -autostart [7][x] -> ERROR [2]
    [PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Deleted
    [PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> ERROR [2]
    [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13.msn.com/?pc=LCJB -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
    [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13.msn.com/?pc=LCJB -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 8.8.8.8 208.104.2.36 208.104.244.45 ([-][United States][X]) -> Replaced ()
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 8.8.8.8 208.104.2.36 208.104.244.45 ([-][United States][United States]) -> Replaced ()
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{589ca18f-ca28-4e51-b8ee-eaa55d172db6} | NameServer : 8.8.8.8,208.104.2.36 ([-][United States]) -> Replaced ()
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{fa6f26ed-a354-4d08-a180-9ee4c5f88571} | NameServer : 8.8.8.8,4.4.4.4 ([-][United States]) -> Replaced ()
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{fa6f26ed-a354-4d08-a180-9ee4c5f88571} | DhcpNameServer : 8.8.8.8 208.104.2.36 208.104.244.45 ([-][United States][X]) -> Replaced ()
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{589ca18f-ca28-4e51-b8ee-eaa55d172db6} | NameServer : 8.8.8.8,208.104.2.36 ([-][United States]) -> Replaced ()
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{fa6f26ed-a354-4d08-a180-9ee4c5f88571} | NameServer : 8.8.8.8,4.4.4.4 ([-][United States]) -> Replaced ()
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{fa6f26ed-a354-4d08-a180-9ee4c5f88571} | DhcpNameServer : 8.8.8.8 208.104.2.36 208.104.244.45 ([-][United States][X]) -> Replaced ()

    ¤¤¤ Tasks : 3 ¤¤¤
    [Suspicious.Path] \AVG-SSU_0516pi -- C:\ProgramData\Avg_Update_0516pi\AVG-Secure-Search-Update_0516pi.exe (/CMPID=0516pi /RUNBY=AV) -> Deleted
    [Suspicious.Path] \AVG-SSU_0516pi_DELETE -- C:\ProgramData\Avg_Update_0516pi\AVG-Secure-Search-Update_0516pi.exe (/CMPID=0516pi /CMPN_DELETE_ALL /RUNBY=AV) -> Deleted
    [Suspicious.Path] \OFFICE2013ACT -- C:\ProgramData\Office2013\OFFICEICON.vbs -> Deleted

    ¤¤¤ Files : 7 ¤¤¤
    [PUP][File] C:\Windows\SECOH-QAD.exe -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo Web Start.lnk [LNK@] C:\Users\Scott\AppData\Local\Pokki\Engine\HOSTAP~1.EXE /OPEN"04bb6df446330549a2cb8d67fbd1a745025b7bd1" -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk [LNK@] C:\Users\Scott\AppData\Local\Pokki\Engine\HOSTAP~1.EXE /OPEN"f22abfeae27a67446927d078890381efc546d3e1" -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk [LNK@] C:\Users\Scott\AppData\Local\Pokki\Engine\HOSTAP~1.EXE /OPEN"menu" -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\analytics.db -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\avcodec-54.dll -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\avformat-54.dll -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\avutil-51.dll -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\chrome.pak -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\chrome_100_percent.pak -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\chrome_touch_100_percent.pak -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\chrome_touch_140_percent.pak -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\chrome_touch_180_percent.pak -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\content_resources.pak -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\D3DCompiler_43.dll -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\d3dx9_43.dll -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\en-US.pak -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\First Run -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\HostAppService.exe -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\icudt.dll -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\auditsPanel.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\AuditsPanel.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\breadcrumbList.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\cmdevtools.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\codemirror.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\CodeMirrorTextEditor.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\cssNamedFlows.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\dataGrid.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\devTools.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\devtools.html -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\DevTools.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\devtools_extension_api.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\elementsPanel.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\ElementsPanel.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\filteredItemSelectionDialog.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\heapProfiler.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\HeapSnapshotWorker.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\helpScreen.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\applicationCache.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\back.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\breakpointBorder.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\breakpointConditionalBorder.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\breakpointConditionalCounterBorder.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\breakpointCounterBorder.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\checker.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\closeButtons.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\cookie.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\database.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\databaseTable.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\debuggerContinue.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\debuggerPause.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\debuggerStepInto.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\debuggerStepOut.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\debuggerStepOver.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\deleteIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\disclosureTriangleSmallDown.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\disclosureTriangleSmallDownBlack.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\disclosureTriangleSmallDownWhite.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\disclosureTriangleSmallRight.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\disclosureTriangleSmallRightBlack.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\disclosureTriangleSmallRightDown.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\disclosureTriangleSmallRightDownBlack.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\disclosureTriangleSmallRightDownWhite.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\disclosureTriangleSmallRightWhite.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\domain.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\errorIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\errorMediumIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\errorRedDot.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\fileSystem.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\forward.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\frame.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\glossyHeader.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\glossyHeaderPressed.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\glossyHeaderSelected.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\glossyHeaderSelectedPressed.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\goArrow.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\graphLabelCalloutLeft.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\graphLabelCalloutRight.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\indexedDB.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\indexedDBIndex.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\indexedDBObjectStore.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\localStorage.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\namedFlowOverflow.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\navigatorShowHideButton.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\paneAddButtons.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\paneBottomGrow.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\paneBottomGrowActive.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\paneElementStateButtons.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\paneFilterButtons.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\paneGrowHandleLine.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\paneRefreshButtons.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\paneSettingsButtons.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\popoverArrows.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\popoverBackground.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\profileGroupIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\profileIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\profileSmallIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\profilesSilhouette.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\programCounterBorder.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\radioDot.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\regionEmpty.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\regionFit.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\regionOverset.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\resourceCSSIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\resourceDocumentIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\resourceDocumentIconSmall.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\resourceJSIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\resourcePlainIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\resourcePlainIconSmall.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\resourcesSizeGraphIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\resourcesTimeGraphIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\scriptsSilhouette.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\searchNext.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\searchPrev.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\searchSmallBlue.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\searchSmallBrightBlue.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\searchSmallGray.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\searchSmallWhite.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\segment.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\segmentChromium.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\segmentEnd.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\segmentHover.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\segmentHoverChromium.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\segmentHoverEnd.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\segmentHoverEndChromium.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\segmentSelected.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\segmentSelectedChromium.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\segmentSelectedEnd.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\segmentSelectedEndChromium.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\sessionStorage.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\spinner.gif -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\spinnerActive.gif -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\spinnerActiveSelected.gif -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\spinnerInactive.gif -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\spinnerInactiveSelected.gif -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\splitviewDimple.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\splitviewDividerBackground.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\statusbarButtonGlyphs.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\statusbarButtonGlyphs2x.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\statusbarResizerHorizontal.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\statusbarResizerVertical.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\successGreenDot.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\thumbActiveHoriz.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\thumbActiveVert.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\thumbHoriz.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\thumbHoverHoriz.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\thumbHoverVert.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\thumbVert.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\tickMark.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelineHollowPillBlue.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelineHollowPillGray.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelineHollowPillGreen.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelineHollowPillOrange.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelineHollowPillPurple.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelineHollowPillRed.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelineHollowPillYellow.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelinePillBlue.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelinePillGray.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelinePillGreen.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelinePillOrange.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelinePillPurple.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelinePillRed.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\timelinePillYellow.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\toolbarIcons.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\toolbarIconsSmall.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\toolbarItemSelected.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\trackHoriz.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\trackVert.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\treeDownTriangleBlack.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\treeDownTriangleWhite.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\treeRightTriangleBlack.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\treeRightTriangleWhite.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\treeUpTriangleBlack.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\treeUpTriangleWhite.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\userInputIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\userInputPreviousIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\userInputResultIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\warningIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\warningMediumIcon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\warningOrangeDot.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images\warningsErrors.png -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\Images -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\indexedDBViews.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\inspectorCommon.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\nativeMemoryProfiler.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\navigatorView.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\networkLogView.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\networkPanel.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\NetworkPanel.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\panelEnablerView.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\profilesPanel.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\ProfilesPanel.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\resourcesPanel.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\ResourcesPanel.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\resourceView.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\revisionHistory.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\ScriptFormatterWorker.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\scriptsPanel.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\ScriptsPanel.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\splitView.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\tabbedPane.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\textEditor.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\textPrompt.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\timelinePanel.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\TimelinePanel.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector\webGLProfiler.css -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\inspector -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\libEGL.dll -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\libGLESv2.dll -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\libPokki.dll -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\Microsoft.VC90.CRT\msvcr90.dll -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\Microsoft.VC90.CRT -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\nacl_irt_x86_32.nexe -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\nacl_irt_x86_64.nexe -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\resources.pak -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\StartMenuIndexer.exe -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\apps.html -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\build\build -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\build\Gruntfile.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\build\package.json -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\build\README.md -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\build -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\color-auto.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\history-blank-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\history-blank-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\history-blank-192.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\history-blank-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic1-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic1-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic1-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic1b-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic1b-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic1b-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic2-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic2-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic2-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic2b-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic2b-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic2b-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic3-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic3-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark\updates-graphic3-96.png -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\dark -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\default-program-icon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\favoriter-close.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\folder-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\folder-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\folder-192.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\folder-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\folder-fullscreen.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\folders-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\folders-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\folders-192.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\folders-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\generic-folder-19.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\generic-folder-42.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\history-blank-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\history-blank-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\history-blank-192.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\history-blank-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\history-clear-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\history-clear-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\history-clear-192.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\history-clear-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\home-icon-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\home-icon-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\home-icon-192.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\home-icon-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\icon-options.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\label-close-icon-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\label-close-icon-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\label-close-icon-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\label-info-icon-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\label-info-icon-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\label-info-icon-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\metro-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\metro-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\modern-ui-folder-icon-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\modern-ui-folder-icon-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\modern-ui-folder-icon-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\oem\lenovo\get-started-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\oem\lenovo\get-started-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\oem\lenovo\get-started-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\oem\lenovo\onboarding-120.gif -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\oem\lenovo\onboarding-144.gif -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\oem\lenovo\onboarding-96.gif -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\oem\lenovo\onboarding-static-120.gif -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\oem\lenovo\onboarding-static-144.gif -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\oem\lenovo\onboarding-static-96.gif -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\oem\lenovo -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\oem -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\popular_apps-icon.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\prompt-close-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\prompt-close-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\prompt-close-192.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\prompt-close-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\samplebg.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\search-close-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\search-close-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\search-close-192.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\search-close-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\star-120.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\star-144.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\star-192.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\star-96.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\sticky_banner\close-x-1.25x.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\sticky_banner\close-x-1.5x.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\sticky_banner\close-x-1x.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\sticky_banner\close-x-2.5x.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\sticky_banner\close-x-2x.png -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images\sticky_banner -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\images -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\config.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\chroma.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\ember-1.0.0-pre.2.min.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\handlebars-1.0.rc.1.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\handlebars.runtime-1.0.rc.1.min.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\html5sql.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\intel-2in1.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\intel-display.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\intel-technologyaccess.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\jquery-1.8.2.min.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\jquery.mobile.custom.min.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\LocalStore.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\md5.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\SmoothScroll.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib\util.js -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\lib -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\controllers\favorites.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\controllers\menu.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\controllers\recommended.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\controllers\search.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\controllers\settings.js -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\controllers -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\models\app.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\models\favorite.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\models\folder.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\models\language.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\models\notification.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\models\shortcut.js -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\models -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\models.concat.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\app.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\appIcon.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\appNotifications.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\appPage.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\appResults.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\appResultsByTopLevel.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\appResultsGridByTopLevel.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\bubbleLayout.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\confirmAnalytics.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\confirmSettings.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\customSelectColor.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\favorite.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\favorites.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\favoritesFull.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\folder.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\folderGrid.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\folderIcon.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\fullscreenLayout.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\launcher.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\launcherFull.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\notification.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\oemOnboarding.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\pokkiApp.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\promptBubble.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\recommendedApp.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\recommendedApps.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\search.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\searchFull.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\settings.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\shortcut.handlebars -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates\updates.handlebars -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\templates.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\allApps.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\app.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\appIcon.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\appNotifications.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\appPage.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\appScroller.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\bubble.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\confirmAnalytics.js -> Deleted
     
  11. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\confirmSettings.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\controlPanel.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\customSelectColor.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\favorite.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\favoriteFull.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\favorites.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\favoritesFull.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\folder.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\fullScreen.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\menu.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\menuFull.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\notification.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\pokkiApp.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\promptBubble.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\search.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\settings.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\shortcut.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views\updates.js -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform\views.concat.js -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\platform.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\sidebar\StickyToast.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\sidebar\test.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\sidebar\Toast.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\sidebar\Toasts.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\sidebar\util.js -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\sidebar -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts\sidebar.js -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\scripts -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\styles\apps.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\styles\dpi120.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\styles\dpi120fullscreen.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\styles\dpi144.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\styles\dpi192.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\styles\dpi192fullscreen.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\styles\dpi240fullscreen.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\styles\dpi96fullscreen.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\styles\fullscreen.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\styles\sidebar.css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\styles\themes\dark.css -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\styles\themes -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\styles -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\arrow-sm.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\arrow.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\caution.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\checkmark.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\mag-120.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\mag-144.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\mag-96.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\mag-fs-150.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\metro-icon.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\notifications-120.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\notifications-144.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\notifications-96.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\option-arrow.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\page-left.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\page-right.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\powerbutton-150.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\scroll-down.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\scroll-up.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\showmore-150.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\toast-close.svg -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg\x-fs-150.svg -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets\svg -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\assets -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\da\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\da -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\de\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\de -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\en-US\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\en-US -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\es\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\es -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\es-419\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\es-419 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\fi\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\fi -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\fr\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\fr -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\it\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\it -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\ja\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\ja -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\ko\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\ko -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\no\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\no -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\pt-BR\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\pt-BR -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\ru\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\ru -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\sv\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\sv -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\zh-CN\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\zh-CN -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\zh-TW\strings.txt -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages\zh-TW -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\languages -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications\sidebar.html -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps\notifications -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine\sysapps -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Engine\wow_helper.exe -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Engine -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\engine_update.db -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\IconCache\persistent\Lenovo Air Hockey Touch.ico -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\IconCache\persistent\Lenovo Web Start.ico -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\IconCache\persistent\Lenovo.ico -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\IconCache\persistent\PC App Store.ico -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\IconCache\persistent -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\IconCache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\notifications.db -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\background.html -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\css\override.css -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\css -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\images\icon_19.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\images\icon_256.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\images\icon_29.png -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\images\icon_42.png -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\images -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\js\lib\pokkiHelper.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\js\lib\pokkiHostedFramework-2.1.1.min.js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\js\lib\SmoothScroll.js -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\js\lib -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\js -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575\manifest.json -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1\b5893d8b7002b0da20b4e92e9669bd4ee9aa5575 -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Pokkies\04bb6df446330549a2cb8d67fbd1a745025b7bd1 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1.pokki -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Pokkies\installed_pokkies.db -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Pokkies -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Setup\Opera\WinServicesUpdater.exe -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Setup\Opera -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Setup\SHAREit\WinServicesUpdater.exe -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Setup\SHAREit -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Setup\Skype\WinServicesUpdater.exe -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Setup\Skype -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Setup\slweblbg\WinServicesUpdater.exe -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Setup\slweblbg -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Setup -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Shortcuts\Lenovo Air Hockey Touch.lnk -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Shortcuts\Lenovo.url -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\Shortcuts -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\Uninstall.exe -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Archived History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Archived History-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Cache\data_0 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Cache\data_1 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Cache\data_2 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Cache\data_3 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Cache\index -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Cookies -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Cookies-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Extension State\000045.log -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Extension State\CURRENT -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Extension State\LOCK -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Extension State\MANIFEST-000044 -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Extension State -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Favicons -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Favicons-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\History Provider Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\History-journal -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Local Storage -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Managed Mode Settings -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Network Action Predictor -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Network Action Predictor-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Preferences -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\README -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\User StyleSheets\Custom.css -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\User StyleSheets -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Visited Links -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Web Data -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1\Web Data-journal -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Archived History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Archived History-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Cache\data_0 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Cache\data_1 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Cache\data_2 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Cache\data_3 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Cache\index -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Cookies -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Cookies-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Extension State\000045.log -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Extension State\CURRENT -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Extension State\LOCK -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Extension State\MANIFEST-000044 -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Extension State -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Favicons -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Favicons-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\History Provider Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\History-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Managed Mode Settings -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Network Action Predictor -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Network Action Predictor-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\Preferences -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet\README -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\04bb6df446330549a2cb8d67fbd1a745025b7bd1-websheet -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Archived History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Archived History-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Cache\data_0 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Cache\data_1 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Cache\data_2 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Cache\data_3 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Cache\index -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Cookies -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Cookies-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Extension State\000043.log -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Extension State\CURRENT -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Extension State\LOCK -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Extension State\MANIFEST-000042 -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Extension State -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Favicons -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Favicons-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\History Provider Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\History-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Managed Mode Settings -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Network Action Predictor -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Network Action Predictor-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Preferences -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\README -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Shortcuts -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Default\Shortcuts-journal -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\Default -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Archived History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Archived History-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_0 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_1 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_2 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_3 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\index -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cookies -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cookies-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Extension State\000045.log -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Extension State\CURRENT -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Extension State\LOCK -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Extension State\MANIFEST-000044 -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Extension State -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Favicons -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Favicons-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\History Provider Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\History-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Local Storage\file__0.localstorage -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Local Storage\file__0.localstorage-journal -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Local Storage -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Managed Mode Settings -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Network Action Predictor -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Network Action Predictor-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Preferences -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\README -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\User StyleSheets\Custom.css -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\User StyleSheets -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Visited Links -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Web Data -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Web Data-journal -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Archived History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Archived History-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_0 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_1 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_2 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_3 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\index -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cookies -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cookies-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State\000045.log -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State\CURRENT -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State\LOCK -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State\MANIFEST-000044 -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Favicons -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Favicons-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\History Provider Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\History-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Managed Mode Settings -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Network Action Predictor -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Network Action Predictor-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Preferences -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\README -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\Local State -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Archived History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Archived History-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Cache\data_0 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Cache\data_1 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Cache\data_2 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Cache\data_3 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Cache\f_000003 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Cache\f_000005 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Cache\index -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Cookies -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Cookies-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\databases\Databases.db -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\databases\Databases.db-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\databases\file__0\1 -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\databases\file__0 -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\databases -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Extension State\000029.log -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Extension State\CURRENT -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Extension State\LOCK -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Extension State\MANIFEST-000028 -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Extension State -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Favicons -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Favicons-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\History Provider Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\History-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Local Storage\file__0.localstorage -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Local Storage\file__0.localstorage-journal -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Local Storage -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Managed Mode Settings -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Network Action Predictor -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Network Action Predictor-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Preferences -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\QuotaManager -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\QuotaManager-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\README -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\User StyleSheets\Custom.css -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\User StyleSheets -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Visited Links -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Web Data -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications\Web Data-journal -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Archived History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Archived History-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_0 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_1 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_2 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_3 -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Cache\index -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Cookies -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Cookies-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Extension State\000029.log -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Extension State\CURRENT -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Extension State\LOCK -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Extension State\MANIFEST-000028 -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Extension State -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Favicons -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Favicons-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\History -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\History Provider Cache -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\History-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Managed Mode Settings -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Network Action Predictor -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Network Action Predictor-journal -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\Preferences -> Deleted
    [PUP][File] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet\README -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData\notifications-websheet -> Deleted
    [PUP][Folder] C:\Users\Scott\AppData\Local\Pokki\UserData -> Deleted
    [PUP][File] C:\ProgramData\Pokki\PC App Store.lnk [LNK@] C:\Users\Scott\AppData\Local\Pokki\Engine\HOSTAP~1.EXE /OPEN"f22abfeae27a67446927d078890381efc546d3e1" -> Deleted
    [PUP][File] C:\ProgramData\Pokki\Start Menu.lnk [LNK@] C:\Users\Scott\AppData\Local\Pokki\Engine\HOSTAP~1.EXE /OPEN"menu" -> Deleted

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: ST1000LM014-SSHD-8GB +++++
    --- User ---
    [MBR] 4bcb2fcedaca9506a99b6ebe87b4d5e5
    [BSP] dd821757b1db949475bca0a7a9c4faed : Empty|VT.Unknown MBR Code
    Partition table:
    0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB
    1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB
    2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB
    3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB
    4 - Basic data partition | Offset (sectors): 4892672 | Size: 911335 MB
    5 - Basic data partition | Offset (sectors): 1871306752 | Size: 25600 MB
    6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1923735552 | Size: 14545 MB
    User = LL1 ... OK
    User = LL2 ... OK


    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 6/21/2016
    Scan Time: 7:35 AM
    Logfile: MBAM.txt
    Administrator: Yes

    Version: 2.2.1.1043
    Malware Database: v2016.06.21.03
    Rootkit Database: v2016.05.27.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 10
    CPU: x64
    File System: NTFS
    User: Scott

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 805985
    Time Elapsed: 45 min, 19 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 1
    PUP.Optional.Spigot, C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=926458&p=");), Replaced,[267109f6f8a1e2544f5b236d659f21df]

    Physical Sectors: 0
    (No malicious items detected)


    (end)


    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

    # AdwCleaner v5.200 - Logfile created 21/06/2016 at 09:35:34
    # Updated 14/06/2016 by ToolsLib
    # Database : 2016-06-20.3 [Server]
    # Operating system : Windows 10 Home (X64)
    # Username : Scott - SCOTTS_LAPTOP
    # Running from : C:\Users\Scott\Desktop\adwcleaner_5.200.exe
    # Option : Scan
    # Support : https://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Folders ] *****

    Folder Found : C:\ProgramData\pokki
    Folder Found : C:\ProgramData\{f6623d69-358c-7306-f662-23d69358f5a4}
    Folder Found : C:\ProgramData\Application Data\pokki
    Folder Found : C:\ProgramData\Application Data\{f6623d69-358c-7306-f662-23d69358f5a4}
    Folder Found : C:\Users\Scott\AppData\Local\MalwareProtectionLive
    Folder Found : C:\Users\Scott\AppData\Local\StormFall
    Folder Found : C:\Users\Default User\AppData\Local\Pokki
    Folder Found : C:\Users\Default\AppData\Local\Pokki

    ***** [ Files ] *****

    File Found : C:\END
    File Found : C:\Users\Scott\Desktop\uninstaller.exe

    ***** [ DLL ] *****


    ***** [ WMI ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
    Key Found : HKCU\Software\Classes\Directory\shell\pokki
    Key Found : HKCU\Software\Classes\Drive\shell\pokki
    Key Found : HKCU\Software\Classes\lnkfile\shell\pokki
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
    Key Found : HKCU\Software\Classes\pokki
    Key Found : HKU\S-1-5-21-437364399-4149591236-704665920-1001\Software\Classes\pokki
    Key Found : HKCU\Software\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
    Key Found : HKCU\Software\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
    Key Found : HKCU\Software\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{79F768ED-0B12-42EF-8257-36751A0ECF3A}]
    Key Found : HKCU\Software\Pokki
    Key Found : HKCU\Software\WEBAPP
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2C98B47-B5F4-94AA-281D-4135416774CF}
    Key Found : HKU\S-1-5-21-437364399-4149591236-704665920-1001\Software\Pokki
    Key Found : HKU\S-1-5-21-437364399-4149591236-704665920-1001\Software\WEBAPP
    Key Found : HKU\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DAAC625F-CE8C-11E4-8285-D897BA3DCFE6}
    Key Found : HKU\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DAAC625F-CE8C-11E4-8285-D897BA3DCFE6}
    Value Found : HKU\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
    Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Policies
    Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SYSSECURE
    Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\BugFixxer

    ***** [ Web browsers ] *****

    [C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\prefs.js] Found : user_pref("extensions.Imagus.sieve", "{\"dereferers\":{\"link\":\"^[^/]{3,70}/\\\\??(hxxps?:[^?#]+\\\\.(?:jpe?g|a?png|gif|bmp|svgz?|web[pm]|og[gv])).*\",\"ci\":1,\"dc\":1,\"loop\":1,\"to\":\"$1\"},\"f[...]
    [C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\prefs.js] Found : user_pref("extensions.x4IbfQoK9TzWs3K3.scode", "(function(){try{if(window.location.href.indexOf(\"qdYFrdr5qdg4pda6rTY4qTaHqY\")>-1){return;}}catch(e){}try{var d=[[\"livewebcams.xyz\",\"secure.dditserv[...]
    [C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : search.iminent.com
    [C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
    [C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
    [C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : homepage-web.com

    *************************

    C:\AdwCleaner\AdwCleaner[S1].txt - [4601 bytes] - [21/06/2016 09:35:34]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4674 bytes] ##########


    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.6 (04.25.2016)
    Operating System: Windows 10 Home x64
    Ran by Scott (Administrator) on Tue 06/21/2016 at 9:54:46.33
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 4

    Successfully deleted: C:\Users\Scott\AppData\Roaming\new version available (Folder)
    Successfully deleted: C:\WINDOWS\prefetch\AVG_FREE_STB_ALL_2015_LTST_17-AA2E18E4.pf (File)
    Successfully deleted: C:\WINDOWS\prefetch\PANDAFREEAV.EXE-169D6238.pf (File)
    Successfully deleted: C:\WINDOWS\system32\REND87E.tmp (File)



    Registry: 2

    Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} (Registry Key)
    Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} (Registry Key)




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Tue 06/21/2016 at 9:58:12.98
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  12. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

    • Double click to run it.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
     
  13. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
    Ran by Scott (administrator) on SCOTTS_LAPTOP (21-06-2016 21:09:28)
    Running from C:\Users\Scott\Desktop
    Loaded Profiles: Scott (Available Profiles: Scott & MSSQLFDLauncher$MSSQLSERVER2014)
    Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (JetBrains s.r.o) C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
    (hxxp://www.ruby-lang.org/) C:\metasploit\ruby\bin\ruby.exe
    (hxxp://www.ruby-lang.org/) C:\metasploit\ruby\bin\ruby.exe
    (hxxp://www.ruby-lang.org/) C:\metasploit\ruby\bin\ruby.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\pg_ctl.exe
    () C:\Windows\BinEssentials\BinEssentials1110\BinEssentials.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
    (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
    (Bitvise Limited) C:\Program Files\Bitvise SSH Server\BvSshServer.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER2014\Reporting Services\ReportServer\bin\ReportingServicesService.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS12.MSSQLSERVER2014\OLAP\bin\msmdsrv.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    () C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe
    () C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    () C:\Windows\System32\igfxTray.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
    () C:\Program Files\StageLight\StagelightUpdate.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (Akamai Technologies, Inc.) C:\Users\Scott\AppData\Local\Akamai\netsession_win.exe
    (Akamai Technologies, Inc.) C:\Users\Scott\AppData\Local\Akamai\netsession_win.exe
    (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
    (Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
    (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
    (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
    (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Lenovo) C:\Users\Scott\AppData\Local\Apps\2.0\62P143E9.PVX\GDLK0JCP.YBR\lsb...tion_91a10ba61c75c82d_0001.0005_a24d0d716055ed94\LSB.exe
    (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
    () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
    (Google Inc.) C:\Users\Scott\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
    (NVIDIA Corporation) C:\Users\Scott\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [402344 2015-12-19] ()
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-09-24] (Intel Corporation)
    HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
    HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-10-29] (Lenovo(beijing) Limited)
    HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-10-29] (Lenovo(beijing) Limited)
    HKLM\...\Run: [StageLightUpdate] => C:\Program Files\Stagelight\StagelightUpdate.exe [1397208 2014-10-31] ()
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15009400 2015-10-14] (Logitech Inc.)
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-10-22] (IDT, Inc.)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
    HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
    HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
    HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-08-26] (cyberlink)
    HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-02-27] (Power Software Ltd)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23972712 2016-05-31] (Dropbox, Inc.)
    HKLM-x32\...\Run: [Bitvise SSH Server Activation State Checker] => C:\Program Files\Bitvise SSH Server\BssActStateCheck.exe [245576 2015-08-05] (Bitvise Limited)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
    HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-05-18] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6570256 2016-06-09] (AVG Technologies CZ, s.r.o.)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2850384 2016-06-16] (Valve Corporation)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [Google Update] => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [11662848 2015-02-07] (Sand Studio)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Scott\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8547320 2016-01-20] (Binary Fortress Software)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
    Lsa: [Authentication Packages] msv1_0 BvLsa
    ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
    Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PureVPN.lnk [2016-06-13]
    ShortcutTarget: PureVPN.lnk -> C:\Program Files (x86)\PureVPN\purevpn.exe (PureVPN)
    Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-10-30]
    ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
    Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-06-03]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 208.104.2.36 208.104.244.45
    Tcpip\..\Interfaces\{fa6f26ed-a354-4d08-a180-9ee4c5f88571}: [DhcpNameServer] 8.8.8.8 208.104.2.36 208.104.244.45

    Internet Explorer:
    ==================
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.google.com
    hxxp://home.lenovo.com
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://home.lenovo.com
    SearchScopes: HKU\.DEFAULT -> DefaultScope {D6DE40D8-08E4-4EC0-BBC8-AC8255F700C9} URL =
    SearchScopes: HKU\.DEFAULT -> {D6DE40D8-08E4-4EC0-BBC8-AC8255F700C9} URL =
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911
    FF NewTab: hxxps://www.google.com
    FF DefaultSearchEngine: Yahoo!
    FF DefaultSearchEngine.US: Google
    FF SelectedSearchEngine: Yahoo!
    FF Homepage: hxxp://www.google.com/
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-20] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-20] ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-04-27] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-04-27] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-437364399-4149591236-704665920-1001: @my.com/Games -> C:\Users\Scott\AppData\Local\MyComGames\NPMyComDetector.dll [2015-08-03] (My.com, Inc)
    FF Plugin HKU\S-1-5-21-437364399-4149591236-704665920-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin HKU\S-1-5-21-437364399-4149591236-704665920-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin HKU\S-1-5-21-437364399-4149591236-704665920-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
    FF Plugin HKU\S-1-5-21-437364399-4149591236-704665920-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-05-05] (The Happy Cloud)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
    FF Extension: Flash and Video Download - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-05-26]
    FF Extension: Tree Style Tab - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\extensions\treestyletab@piro.sakura.ne.jp.xpi [2016-06-17]
    FF Extension: YouTube Video and Audio Downloader - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2016-06-02]
    FF Extension: Ghostery - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\Extensions\firefox@ghostery.com.xpi [2016-05-03]
    FF Extension: Imagus - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2016-05-27]
    FF Extension: Adblock Plus - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
    FF Extension: YouTube Flash Video Player - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\og7rb9po.default-1429536121911\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-06-21]

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR HomePage: Default -> hxxps://search.yahoo.com/?type=926458&fr=yo-yhp-ch
    CHR DefaultSearchKeyword: Default -> google.com_
    CHR Profile: C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (YouTube) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
    CHR Extension: (Adblock Plus) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-10]
    CHR Extension: (Google Search) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-10]
    CHR Extension: (Core) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkhcgfdghbiidgeccbldhfceleibkkpe [2016-06-10]
    CHR Extension: (Gmail) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
    CHR HKU\S-1-5-21-437364399-4149591236-704665920-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 Apache CouchDB01d083730f41c2b0; C:\Program Files (x86)\Apache Software Foundation\CouchDB\erts-5.10.3\bin\erlsrv.exe [146432 2014-01-05] () [File not signed]
    S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [636312 2016-06-09] (AVG Technologies CZ, s.r.o.)
    S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5165824 2016-06-09] (AVG Technologies CZ, s.r.o.)
    R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080592 2016-05-18] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [705528 2016-06-09] (AVG Technologies CZ, s.r.o.)
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-03-30] ()
    R2 BinEssentials; C:\WINDOWS\BinEssentials\BinEssentials1110\BinEssentials.exe [6656 2016-05-23] () [File not signed]
    S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-12-05] (BitRaider, LLC)
    R2 BvSshServer; C:\Program Files\Bitvise SSH Server\BvSshServer.exe [14578032 2015-08-05] (Bitvise Limited)
    S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2015-12-20] (Microsoft Corporation)
    S2 CLKMSVC10_3A60B698; C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-08-26] (CyberLink)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-01] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-01] (Dropbox, Inc.)
    R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [4616216 2016-01-20] (Binary Fortress Software)
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
    U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-09-24] (Intel Corporation)
    R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
    R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-21] (Intel Corporation)
    R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [22744 2015-02-05] (Microsoft Corporation)
    R2 jetbrainsetw.104.0.20151218.123142; C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe [1495248 2015-12-18] (JetBrains s.r.o)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
    S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-12-05] (Lenovo)
    R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-10-14] (Logitech Inc.)
    R2 metasploitPostgreSQL; C:\metasploit\postgresql\bin\pg_ctl.exe [76288 2015-05-29] (PostgreSQL Global Development Group) [File not signed]
    R2 metasploitProSvc; C:\metasploit\ruby\bin\ruby.exe [107178 2015-05-29] (hxxp://www.ruby-lang.org/) [File not signed]
    R2 metasploitThin; C:\metasploit\ruby\bin\ruby.exe [107178 2015-05-29] (hxxp://www.ruby-lang.org/) [File not signed]
    R2 metasploitWorker; C:\metasploit\ruby\bin\ruby.exe [107178 2015-05-29] (hxxp://www.ruby-lang.org/) [File not signed]
    S2 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [220840 2015-03-19] (Microsoft Corporation)
    R2 MSOLAP$MSSQLSERVER2014; C:\Program Files\Microsoft SQL Server\MSAS12.MSSQLSERVER2014\OLAP\bin\msmdsrv.exe [51156160 2015-04-21] (Microsoft Corporation)
    S2 MSSQL$MSSQLSERVER2014; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER2014\MSSQL\Binn\sqlservr.exe [372416 2015-06-09] (Microsoft Corporation)
    S3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [42168 2014-08-23] (Microsoft Corporation)
    S3 MSSQLFDLauncher$MSSQLSERVER2014; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER2014\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation)
    S2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62275248 2015-03-19] (Microsoft Corporation)
    S2 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe [53298864 2014-08-23] (Microsoft Corporation)
    R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
    R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
    S3 OpenVPNService; C:\Program Files (x86)\PureVPN\bin\openvpnserv.exe [31872 2015-12-23] (The OpenVPN Project)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-26] (Electronic Arts)
    R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-09-15] ()
    S2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2195120 2014-08-23] (Microsoft Corporation)
    R2 ReportServer$MSSQLSERVER2014; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER2014\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2467008 2015-04-21] (Microsoft Corporation)
    R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
    S3 SQLAgent$MSSQLSERVER2014; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER2014\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-09] (Microsoft Corporation)
    S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [443576 2014-08-23] (Microsoft Corporation)
    R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340992 2014-10-22] (IDT, Inc.) [File not signed]
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
    S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
    S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
    S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [File not signed]
    S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [File not signed]
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2014-10-10] (LG Electronics Inc.)
    S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2014-10-10] (LG Electronics Inc.)
    S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2014-10-10] (LG Electronics Inc.)
    S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [307456 2016-05-18] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-05-02] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [247040 2016-05-05] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [51968 2016-05-02] (AVG Technologies CZ, s.r.o.)
    R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71936 2016-05-05] (AVG Technologies CZ, s.r.o.)
    R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
    S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2014-12-12] (BitRaider)
    S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)
    S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-10-30] (Microsoft Corporation)
    S3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [57344 2015-10-30] (Microsoft Corp.)
    R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
    R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel Corporation)
    R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [74344 2013-07-02] (Intel Corporation)
    R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
    R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
    S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
    R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation)
    R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-18] (Riverbed Technology, Inc.)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
    S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2014-08-23] (Microsoft Corporation)
    R1 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-21] (Microsoft Corporation)
    R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
    R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-06-20] ()
    R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
    R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [192352 2016-04-28] (Oracle Corporation)
    R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
    S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation)
    S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
    S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-28] (Microsoft Corporation)
    S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
    S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
    S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-06-21 21:09 - 2016-06-21 21:10 - 00039579 _____ C:\Users\Scott\Desktop\FRST.txt
    2016-06-21 21:07 - 2016-06-21 21:07 - 00000000 ____D C:\Users\Scott\Desktop\FRST-OlderVersion
    2016-06-21 16:38 - 2016-06-21 16:38 - 00001087 _____ C:\Users\Scott\Desktop\MusicBee.lnk
    2016-06-21 16:38 - 2016-06-21 16:38 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
    2016-06-21 12:34 - 2016-06-21 21:06 - 00000000 ____D C:\Users\Scott\Desktop\Anti Virus
    2016-06-21 09:41 - 2016-06-21 09:41 - 00000002 _____ C:\WINDOWS\RAVDG.TMP
    2016-06-21 09:35 - 2016-06-21 09:51 - 00000000 ____D C:\AdwCleaner
    2016-06-20 22:52 - 2016-06-20 22:52 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
    2016-06-20 22:49 - 2016-06-21 00:36 - 00000000 ____D C:\ProgramData\RogueKiller
    2016-06-17 09:59 - 2016-06-21 21:09 - 00000000 ____D C:\FRST
    2016-06-17 09:57 - 2016-06-17 09:57 - 00000000 ____D C:\ProgramData\Avg_Update_0516pi
    2016-06-17 09:55 - 2016-06-17 09:55 - 00000000 ____D C:\Users\Scott\AppData\Roaming\AVG
    2016-06-17 09:54 - 2016-06-17 09:54 - 00000000 ____D C:\Users\Scott\AppData\Roaming\TuneUp Software
    2016-06-17 09:54 - 2016-06-17 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2016-06-17 09:52 - 2016-06-21 21:07 - 02387456 _____ (Farbar) C:\Users\Scott\Desktop\FRST64.exe
    2016-06-17 09:51 - 2016-06-17 09:51 - 00000000 ___HD C:\$AVG
    2016-06-17 09:49 - 2016-06-17 09:50 - 00000000 ____D C:\Program Files (x86)\AVG
    2016-06-17 09:48 - 2016-06-21 07:36 - 00000000 ____D C:\ProgramData\MFAData
    2016-06-17 09:48 - 2016-06-17 09:55 - 00000000 ____D C:\Users\Scott\AppData\Local\Avg
    2016-06-17 09:48 - 2016-06-17 09:51 - 00000000 ____D C:\ProgramData\Avg
    2016-06-17 09:48 - 2016-06-17 09:49 - 00000000 ____D C:\Users\Scott\AppData\Local\AvgSetupLog
    2016-06-17 09:48 - 2016-06-17 09:48 - 00000000 ____D C:\Users\Scott\AppData\Local\MFAData
    2016-06-17 09:48 - 2016-06-17 09:48 - 00000000 ____D C:\Users\Scott\AppData\Local\Avg2015
    2016-06-17 09:44 - 2016-06-21 10:05 - 00000000 ____D C:\SMCLpav
    2016-06-14 22:54 - 2016-05-28 02:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-06-14 22:54 - 2016-05-28 02:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-06-14 22:54 - 2016-05-28 01:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
    2016-06-14 22:54 - 2016-05-28 01:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
    2016-06-14 22:54 - 2016-05-28 01:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
    2016-06-14 22:54 - 2016-05-28 01:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
    2016-06-14 22:54 - 2016-05-28 01:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
    2016-06-14 22:54 - 2016-05-28 01:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
    2016-06-14 22:54 - 2016-05-28 01:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2016-06-14 22:54 - 2016-05-28 01:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2016-06-14 22:54 - 2016-05-28 01:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2016-06-14 22:54 - 2016-05-28 01:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2016-06-14 22:54 - 2016-05-28 00:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2016-06-14 22:54 - 2016-05-28 00:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2016-06-14 22:54 - 2016-05-28 00:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2016-06-14 22:54 - 2016-05-28 00:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2016-06-14 22:54 - 2016-05-28 00:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2016-06-14 22:54 - 2016-05-28 00:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2016-06-14 22:54 - 2016-05-28 00:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2016-06-14 22:54 - 2016-05-28 00:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2016-06-14 22:54 - 2016-05-28 00:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
    2016-06-14 22:54 - 2016-05-28 00:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
    2016-06-14 22:54 - 2016-05-28 00:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
    2016-06-14 22:54 - 2016-05-28 00:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-06-14 22:54 - 2016-05-28 00:29 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll
    2016-06-14 22:54 - 2016-05-28 00:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
    2016-06-14 22:54 - 2016-05-28 00:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2016-06-14 22:54 - 2016-05-28 00:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
    2016-06-14 22:54 - 2016-05-28 00:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2016-06-14 22:54 - 2016-05-28 00:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2016-06-14 22:54 - 2016-05-28 00:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
    2016-06-14 22:54 - 2016-05-28 00:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
    2016-06-14 22:54 - 2016-05-28 00:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
    2016-06-14 22:54 - 2016-05-28 00:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
    2016-06-14 22:54 - 2016-05-28 00:25 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll
    2016-06-14 22:54 - 2016-05-28 00:25 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll
    2016-06-14 22:54 - 2016-05-28 00:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2016-06-14 22:54 - 2016-05-28 00:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
    2016-06-14 22:54 - 2016-05-28 00:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
    2016-06-14 22:54 - 2016-05-28 00:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
    2016-06-14 22:54 - 2016-05-28 00:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
    2016-06-14 22:54 - 2016-05-28 00:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2016-06-14 22:54 - 2016-05-28 00:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2016-06-14 22:54 - 2016-05-28 00:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2016-06-14 22:54 - 2016-05-28 00:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
    2016-06-14 22:54 - 2016-05-28 00:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
    2016-06-14 22:54 - 2016-05-28 00:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
    2016-06-14 22:54 - 2016-05-28 00:21 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll
    2016-06-14 22:54 - 2016-05-28 00:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
    2016-06-14 22:54 - 2016-05-28 00:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
    2016-06-14 22:54 - 2016-05-28 00:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
    2016-06-14 22:54 - 2016-05-28 00:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
    2016-06-14 22:54 - 2016-05-28 00:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
    2016-06-14 22:54 - 2016-05-28 00:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
    2016-06-14 22:54 - 2016-05-28 00:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-06-14 22:54 - 2016-05-28 00:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2016-06-14 22:54 - 2016-05-28 00:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
    2016-06-14 22:54 - 2016-05-28 00:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
    2016-06-14 22:54 - 2016-05-28 00:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-06-14 22:54 - 2016-05-28 00:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2016-06-14 22:54 - 2016-05-28 00:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
    2016-06-14 22:54 - 2016-05-28 00:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2016-06-14 22:54 - 2016-05-28 00:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2016-06-14 22:54 - 2016-05-28 00:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
    2016-06-14 22:54 - 2016-05-28 00:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2016-06-14 22:54 - 2016-05-28 00:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2016-06-14 22:54 - 2016-05-28 00:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2016-06-14 22:54 - 2016-05-28 00:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
    2016-06-14 22:54 - 2016-05-28 00:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
    2016-06-14 22:54 - 2016-05-28 00:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
     
  14. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    2016-06-14 22:54 - 2016-05-28 00:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
    2016-06-14 22:54 - 2016-05-28 00:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
    2016-06-14 22:54 - 2016-05-28 00:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
    2016-06-14 22:54 - 2016-05-28 00:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
    2016-06-14 22:54 - 2016-05-28 00:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
    2016-06-14 22:54 - 2016-05-28 00:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2016-06-14 22:54 - 2016-05-28 00:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2016-06-14 22:54 - 2016-05-28 00:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2016-06-14 22:54 - 2016-05-28 00:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
    2016-06-14 22:54 - 2016-05-28 00:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2016-06-14 22:54 - 2016-05-28 00:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
    2016-06-14 22:54 - 2016-05-28 00:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2016-06-14 22:54 - 2016-05-28 00:14 - 03292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
    2016-06-14 22:54 - 2016-05-28 00:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
    2016-06-14 22:54 - 2016-05-28 00:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-06-14 22:54 - 2016-05-28 00:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2016-06-14 22:54 - 2016-05-28 00:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
    2016-06-14 22:54 - 2016-05-28 00:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2016-06-14 22:54 - 2016-05-28 00:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
    2016-06-14 22:54 - 2016-05-28 00:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2016-06-14 22:54 - 2016-05-28 00:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2016-06-14 22:54 - 2016-05-28 00:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
    2016-06-14 22:54 - 2016-05-28 00:11 - 02470912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll
    2016-06-14 22:54 - 2016-05-28 00:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
    2016-06-14 22:54 - 2016-05-28 00:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
    2016-06-14 22:54 - 2016-05-28 00:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2016-06-14 22:54 - 2016-05-28 00:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2016-06-14 22:54 - 2016-05-28 00:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
    2016-06-14 22:54 - 2016-05-28 00:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-06-14 22:54 - 2016-05-28 00:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2016-06-14 22:54 - 2016-05-28 00:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-06-14 22:54 - 2016-05-28 00:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2016-06-14 22:54 - 2016-05-28 00:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
    2016-06-14 22:54 - 2016-05-28 00:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2016-06-14 22:54 - 2016-05-28 00:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2016-06-14 22:54 - 2016-05-28 00:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2016-06-14 22:54 - 2016-05-28 00:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2016-06-14 22:54 - 2016-05-28 00:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2016-06-14 22:54 - 2016-05-28 00:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
    2016-06-14 22:54 - 2016-05-28 00:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
    2016-06-14 22:54 - 2016-05-28 00:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
    2016-06-14 22:54 - 2016-05-28 00:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2016-06-14 22:54 - 2016-05-28 00:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2016-06-14 22:54 - 2016-05-28 00:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2016-06-14 22:54 - 2016-05-28 00:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2016-06-14 22:54 - 2016-05-28 00:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2016-06-14 22:54 - 2016-05-28 00:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
    2016-06-14 22:54 - 2016-05-27 23:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-06-14 22:54 - 2016-05-27 23:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2016-06-14 22:53 - 2016-05-28 02:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2016-06-14 22:53 - 2016-05-28 02:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2016-06-14 22:53 - 2016-05-28 02:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2016-06-14 22:53 - 2016-05-28 02:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-06-14 22:53 - 2016-05-28 01:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-06-14 22:53 - 2016-05-28 01:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2016-06-14 22:53 - 2016-05-28 01:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
    2016-06-14 22:53 - 2016-05-28 01:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2016-06-14 22:53 - 2016-05-28 01:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2016-06-14 22:53 - 2016-05-28 01:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
    2016-06-14 22:53 - 2016-05-28 01:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
    2016-06-14 22:53 - 2016-05-28 01:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
    2016-06-14 22:53 - 2016-05-28 01:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2016-06-14 22:53 - 2016-05-28 01:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
    2016-06-14 22:53 - 2016-05-28 01:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
    2016-06-14 22:53 - 2016-05-28 01:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2016-06-14 22:53 - 2016-05-28 01:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2016-06-14 22:53 - 2016-05-28 01:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2016-06-14 22:53 - 2016-05-28 01:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2016-06-14 22:53 - 2016-05-28 01:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2016-06-14 22:53 - 2016-05-28 01:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2016-06-14 22:53 - 2016-05-28 01:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2016-06-14 22:53 - 2016-05-28 01:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2016-06-14 22:53 - 2016-05-28 01:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2016-06-14 22:53 - 2016-05-28 01:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
    2016-06-14 22:53 - 2016-05-28 01:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2016-06-14 22:53 - 2016-05-28 01:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-06-14 22:53 - 2016-05-28 01:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2016-06-14 22:53 - 2016-05-28 01:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
    2016-06-14 22:53 - 2016-05-28 01:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
    2016-06-14 22:53 - 2016-05-28 01:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
    2016-06-14 22:53 - 2016-05-28 00:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2016-06-14 22:53 - 2016-05-28 00:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2016-06-14 22:53 - 2016-05-28 00:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2016-06-14 22:53 - 2016-05-28 00:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2016-06-14 22:53 - 2016-05-28 00:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
    2016-06-14 22:53 - 2016-05-28 00:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
    2016-06-14 22:53 - 2016-05-28 00:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2016-06-14 22:53 - 2016-05-28 00:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
    2016-06-14 22:53 - 2016-05-28 00:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2016-06-14 22:53 - 2016-05-28 00:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
    2016-06-14 22:53 - 2016-05-28 00:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2016-06-14 22:53 - 2016-05-28 00:25 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
    2016-06-14 22:53 - 2016-05-28 00:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2016-06-14 22:53 - 2016-05-28 00:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
    2016-06-14 22:53 - 2016-05-28 00:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2016-06-14 22:53 - 2016-05-28 00:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2016-06-14 22:53 - 2016-05-28 00:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
    2016-06-14 22:53 - 2016-05-28 00:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
    2016-06-14 22:53 - 2016-05-28 00:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
    2016-06-14 22:53 - 2016-05-28 00:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2016-06-14 22:53 - 2016-05-28 00:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
    2016-06-14 22:53 - 2016-05-28 00:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
    2016-06-14 22:53 - 2016-05-28 00:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2016-06-14 22:53 - 2016-05-28 00:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2016-06-14 22:53 - 2016-05-28 00:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
    2016-06-14 22:53 - 2016-05-28 00:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2016-06-14 22:53 - 2016-05-28 00:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2016-06-14 22:53 - 2016-05-28 00:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2016-06-14 22:53 - 2016-05-28 00:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
    2016-06-14 22:53 - 2016-05-28 00:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
    2016-06-14 22:53 - 2016-05-28 00:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
    2016-06-14 22:53 - 2016-05-28 00:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2016-06-14 22:53 - 2016-05-28 00:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2016-06-14 22:53 - 2016-05-28 00:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2016-06-14 22:53 - 2016-05-28 00:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2016-06-14 22:53 - 2016-05-28 00:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2016-06-14 22:53 - 2016-05-28 00:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
    2016-06-14 22:53 - 2016-05-28 00:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2016-06-14 22:53 - 2016-05-28 00:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
    2016-06-14 22:53 - 2016-05-28 00:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2016-06-14 22:53 - 2016-05-28 00:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2016-06-14 22:53 - 2016-05-28 00:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2016-06-14 22:53 - 2016-05-28 00:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
    2016-06-14 22:53 - 2016-05-28 00:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2016-06-14 22:53 - 2016-05-28 00:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2016-06-14 22:53 - 2016-05-28 00:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
    2016-06-14 22:53 - 2016-05-28 00:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
    2016-06-14 22:53 - 2016-05-28 00:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
    2016-06-14 22:53 - 2016-05-28 00:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
    2016-06-14 22:53 - 2016-05-28 00:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2016-06-14 22:53 - 2016-05-28 00:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2016-06-14 22:53 - 2016-05-28 00:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2016-06-14 22:53 - 2016-05-28 00:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
    2016-06-14 22:53 - 2016-05-28 00:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
    2016-06-14 22:53 - 2016-05-28 00:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2016-06-14 22:53 - 2016-05-28 00:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2016-06-14 22:53 - 2016-05-28 00:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-06-14 22:53 - 2016-05-28 00:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2016-06-14 22:53 - 2016-05-28 00:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
    2016-06-14 22:53 - 2016-05-28 00:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2016-06-14 22:53 - 2016-05-28 00:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-06-14 22:53 - 2016-05-28 00:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2016-06-14 22:53 - 2016-05-28 00:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2016-06-14 22:53 - 2016-05-28 00:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-06-14 22:53 - 2016-05-28 00:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2016-06-14 22:53 - 2016-05-28 00:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2016-06-14 22:53 - 2016-05-28 00:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2016-06-14 22:53 - 2016-05-27 23:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2016-06-14 22:53 - 2016-05-27 23:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-06-14 22:53 - 2016-05-27 23:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-06-14 22:53 - 2016-05-27 23:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
    2016-06-14 22:53 - 2016-05-27 23:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2016-06-14 22:53 - 2016-05-27 23:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2016-06-14 22:53 - 2016-05-27 23:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
    2016-06-10 15:13 - 2016-06-10 15:13 - 00000000 ____D C:\Users\Scott\Tracing
    2016-06-10 15:12 - 2016-06-10 15:12 - 00000000 ___RD C:\Program Files (x86)\Skype
    2016-06-10 15:12 - 2016-06-10 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2016-06-06 20:35 - 2016-06-06 20:35 - 00000000 ____D C:\Program Files (x86)\PDFCanvas
    2016-06-05 00:58 - 2016-06-05 00:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2016-06-04 11:23 - 2016-06-04 11:23 - 00000000 ____D C:\WINDOWS\BinEssentials
    2016-06-03 12:13 - 2016-06-03 12:13 - 00000218 _____ C:\Users\Scott\AppData\Local\recently-used.xbel
    2016-06-02 23:08 - 2016-06-05 00:36 - 00000000 ____D C:\Users\Scott\Notebooks
    2016-05-31 21:58 - 2016-05-31 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
    2016-05-31 14:15 - 2016-06-10 23:54 - 00000000 ____D C:\ProgramData\Hero Lab
    2016-05-31 14:15 - 2016-06-01 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hero Lab
    2016-05-31 14:15 - 2016-06-01 17:55 - 00000000 ____D C:\Program Files (x86)\Hero Lab
    2016-05-31 14:15 - 2016-06-01 17:52 - 00000000 ____D C:\Users\Scott\Documents\Hero Lab
    2016-05-28 01:08 - 2016-05-28 01:08 - 00000000 ____D C:\Users\Scott\AppData\Local\USQLDataRoot
    2016-05-27 23:40 - 2016-05-27 23:40 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET Core 1.0 RC2 Local Feed
    2016-05-27 23:38 - 2016-05-27 23:39 - 00000000 ____D C:\Program Files\dotnet
    2016-05-27 21:59 - 2016-05-27 21:59 - 00000000 ____D C:\ProgramData\MonoTouch
    2016-05-27 21:59 - 2016-05-27 21:59 - 00000000 ____D C:\ProgramData\Mono for Android
    2016-05-27 21:33 - 2016-05-27 21:33 - 00000000 ____D C:\ProgramData\Monodoc
    2016-05-27 21:33 - 2016-05-27 21:33 - 00000000 ____D C:\Program Files (x86)\Xamarin
    2016-05-27 21:29 - 2016-05-27 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
    2016-05-27 21:28 - 2016-05-27 21:29 - 00000000 ____D C:\ProgramData\Git
    2016-05-27 21:28 - 2016-05-27 21:29 - 00000000 ____D C:\Program Files\Git
    2016-05-27 20:28 - 2016-05-27 20:28 - 00000000 ____D C:\Program Files (x86)\Common7
    2016-05-27 19:50 - 2016-05-27 19:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Azure Tools
    2016-05-27 19:48 - 2016-05-27 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Hive ODBC Driver 1.0 (64-bit)
    2016-05-27 19:48 - 2016-05-27 19:48 - 00000000 ____D C:\Program Files\VS2012Schemas
    2016-05-27 19:47 - 2016-05-27 19:48 - 00000000 ____D C:\Program Files\Microsoft Hive ODBC Driver
    2016-05-27 19:47 - 2016-05-27 19:47 - 03342336 _____ C:\Users\Scott\AzureStorageEmulatorDb44.mdf
    2016-05-27 19:47 - 2016-05-27 19:47 - 00835584 _____ C:\Users\Scott\AzureStorageEmulatorDb44_log.ldf
    2016-05-27 19:47 - 2016-05-27 19:47 - 00000000 ____D C:\Users\Scott\AppData\Local\AzureStorageEmulator
    2016-05-27 19:47 - 2016-05-27 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Hive ODBC Driver 1.0 (32-bit)
    2016-05-27 19:47 - 2016-05-27 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Azure
    2016-05-27 19:47 - 2016-05-27 19:47 - 00000000 ____D C:\ProgramData\dftmp
    2016-05-27 19:47 - 2016-05-27 19:47 - 00000000 ____D C:\Program Files\Microsoft SDKs
    2016-05-27 19:47 - 2016-05-27 19:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Hive ODBC Driver
    2016-05-27 19:46 - 2016-05-27 19:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Azure Quickstarts
    2016-05-26 12:46 - 2016-05-26 12:46 - 00000000 ____D C:\Users\Scott\AppData\LocalLow\DefaultCompany
    2016-05-26 12:20 - 2016-05-26 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.3.5f1 (64-bit)
    2016-05-26 12:19 - 2016-05-26 12:21 - 00000000 ____D C:\Program Files\Unity
    2016-05-23 12:27 - 2016-05-23 12:27 - 00000000 ____D C:\Users\Scott\Documents\Floor Plan Maker
    2016-05-23 12:27 - 2016-05-23 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Floor Plan Maker 7.9
    2016-05-23 12:27 - 2016-05-23 12:27 - 00000000 ____D C:\Program Files (x86)\Floor Plan Maker

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-06-21 21:05 - 2014-12-07 03:09 - 00000000 ____D C:\Users\Scott\AppData\Local\CrashDumps
    2016-06-21 18:14 - 2015-01-16 10:25 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-437364399-4149591236-704665920-1001UA.job
    2016-06-21 17:52 - 2015-08-01 14:47 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2016-06-21 17:40 - 2014-12-12 02:08 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-06-21 17:34 - 2015-09-22 17:10 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-06-21 16:50 - 2015-01-14 23:24 - 00000000 ____D C:\Users\Scott\AppData\Roaming\MusicBee
    2016-06-21 16:38 - 2015-01-11 20:36 - 00000000 ____D C:\Program Files (x86)\MusicBee
    2016-06-21 15:10 - 2014-12-20 09:24 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E398E112-0111-4A16-AEB9-3F142D7E6517}
    2016-06-21 15:09 - 2015-12-20 14:01 - 00000000 ____D C:\Users\Scott\AppData\Local\Deployment
    2016-06-21 15:08 - 2015-09-22 17:10 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-06-21 15:07 - 2015-12-20 10:09 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2016-06-21 15:07 - 2015-08-01 14:47 - 00000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2016-06-21 15:07 - 2014-12-08 23:54 - 00000000 __SHD C:\Users\Scott\IntelGraphicsProfiles
    2016-06-21 12:28 - 2015-12-20 10:16 - 01346272 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-06-21 12:28 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
    2016-06-21 12:25 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\NDF
    2016-06-21 10:18 - 2014-12-15 12:56 - 00000000 ____D C:\Users\Scott\.VirtualBox
    2016-06-21 10:15 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
    2016-06-21 10:05 - 2015-09-26 23:26 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Panda Security
    2016-06-21 10:05 - 2015-09-26 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
    2016-06-21 10:05 - 2015-09-26 23:23 - 00000000 ____D C:\ProgramData\Panda Security
    2016-06-21 09:41 - 2015-12-20 11:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-06-21 09:41 - 2015-12-20 10:10 - 00000000 ____D C:\ProgramData\NVIDIA
    2016-06-21 09:41 - 2015-08-19 01:49 - 00147656 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_3A60B698.sys
    2016-06-21 09:41 - 2014-12-11 11:36 - 00000091 _____ C:\HaxLogs.txt
    2016-06-21 09:40 - 2015-10-30 02:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
    2016-06-21 08:31 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-06-21 08:25 - 2015-04-15 22:07 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2016-06-21 08:14 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-06-20 23:14 - 2015-01-16 10:25 - 00000884 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-437364399-4149591236-704665920-1001Core.job
    2016-06-20 09:47 - 2014-12-03 10:11 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-06-17 09:57 - 2015-10-30 02:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
    2016-06-17 09:57 - 2014-12-03 09:06 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-06-17 09:54 - 2015-10-30 03:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
    2016-06-17 09:37 - 2014-12-03 21:08 - 00000000 ____D C:\Users\Scott\XBMC Media
    2016-06-17 02:29 - 2015-03-08 20:36 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Kodi
    2016-06-16 23:20 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-06-16 23:19 - 2015-05-11 09:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2016-06-16 23:09 - 2015-12-20 10:16 - 00000000 ____D C:\Users\Scott
    2016-06-16 23:09 - 2014-12-03 23:50 - 00000000 __RHD C:\Users\Public\AccountPictures
    2016-06-16 23:04 - 2015-12-20 10:04 - 05068496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-06-16 17:00 - 2015-10-30 03:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2016-06-16 17:00 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2016-06-16 17:00 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\bcastdvr
    2016-06-16 16:14 - 2016-05-07 21:32 - 00000000 ____D C:\Users\Scott\Desktop\New folder (2)
    2016-06-16 11:54 - 2015-03-08 20:56 - 00000000 ____D C:\Users\Scott\AppData\Roaming\vlc
    2016-06-15 14:19 - 2013-08-22 09:25 - 00000167 _____ C:\WINDOWS\win.ini
    2016-06-15 14:15 - 2014-12-03 13:38 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-06-15 14:06 - 2014-12-03 13:38 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-06-15 10:04 - 2014-12-03 08:53 - 00000000 ____D C:\Users\Scott\AppData\Local\Packages
    2016-06-14 14:33 - 2015-10-30 03:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2016-06-14 14:33 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2016-06-13 08:35 - 2015-11-17 10:27 - 00000000 ____D C:\ProgramData\purevpn
    2016-06-12 23:21 - 2014-12-23 19:20 - 00000000 ____D C:\Users\Scott\Documents\Mount&Blade Warband Savegames
    2016-06-12 15:05 - 2014-12-19 00:19 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Skype
    2016-06-12 01:41 - 2015-09-08 08:23 - 00000000 ____D C:\Users\Scott\.oracle_jre_usage
    2016-06-10 19:49 - 2015-05-16 10:28 - 00000132 _____ C:\Users\Scott\AppData\Roaming\Adobe PNG Format CS6 Prefs
    2016-06-10 18:34 - 2014-12-03 11:52 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
    2016-06-10 15:12 - 2014-12-19 00:19 - 00000000 ____D C:\Users\Scott\AppData\Local\Skype
    2016-06-10 15:12 - 2014-12-19 00:13 - 00000000 ____D C:\ProgramData\Skype
    2016-06-07 23:55 - 2015-08-19 18:32 - 00000258 __RSH C:\ProgramData\ntuser.pol
    2016-06-07 23:52 - 2015-10-30 03:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
    2016-06-07 23:51 - 2015-12-20 10:16 - 00000000 ____D C:\Users\MSSQLFDLauncher$MSSQLSERVER2014
    2016-06-07 23:51 - 2015-09-22 09:15 - 00000000 ____D C:\Users\Scott\OS ISO
    2016-06-07 23:03 - 2015-04-15 22:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2016-06-07 23:02 - 2015-04-15 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-06-07 08:19 - 2016-05-12 16:55 - 00007387 _____ C:\WINDOWS\system32\hst.pcm
    2016-06-06 20:25 - 2016-04-07 18:53 - 00000000 ____D C:\Users\Scott\AppData\Local\Discord
    2016-06-06 20:25 - 2016-04-07 18:52 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
    2016-06-06 20:25 - 2015-01-13 22:00 - 00000000 ____D C:\Users\Scott\AppData\Local\SquirrelTemp
    2016-06-05 00:58 - 2015-08-01 14:47 - 00000000 ____D C:\Program Files (x86)\Dropbox
    2016-06-04 11:19 - 2014-12-05 09:56 - 00000000 ____D C:\Users\Scott\AppData\Local\Unity
    2016-06-03 14:50 - 2014-12-05 09:56 - 00000000 ____D C:\ProgramData\Unity
    2016-06-03 01:44 - 2015-10-31 08:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2016-06-02 11:56 - 2014-12-07 10:51 - 00000000 ____D C:\Program Files (x86)\TeamViewer
    2016-06-02 09:56 - 2015-10-16 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
    2016-06-02 09:56 - 2015-10-16 09:20 - 00000000 ____D C:\Program Files\Nexus Mod Manager
    2016-05-31 22:12 - 2014-12-15 12:57 - 00000000 ____D C:\Users\Scott\VirtualBox VMs
    2016-05-31 10:45 - 2015-02-03 15:43 - 00000000 ____D C:\Users\Scott\AppData\Local\Pushbullet
    2016-05-31 07:37 - 2015-09-22 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    2016-05-28 01:55 - 2015-12-20 10:08 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2016-05-28 01:11 - 2015-09-10 19:00 - 00000000 ____D C:\Users\Scott\Documents\Visual Studio 2015
    2016-05-28 00:11 - 2015-07-28 19:51 - 00000000 ____D C:\Users\Scott\Game ISO
    2016-05-28 00:07 - 2014-10-29 04:03 - 00000000 ____D C:\ProgramData\Package Cache
    2016-05-27 23:54 - 2015-09-10 18:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
    2016-05-27 23:52 - 2015-01-28 19:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
    2016-05-27 23:40 - 2014-12-03 13:48 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
    2016-05-27 22:03 - 2015-10-30 03:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2016-05-27 22:03 - 2014-12-22 22:10 - 00000000 ____D C:\Program Files\SharePoint Client Components
    2016-05-27 21:59 - 2015-09-10 19:05 - 00000000 ____D C:\Users\Scott\AppData\Local\Xamarin
    2016-05-27 21:35 - 2015-01-28 19:38 - 00000000 ____D C:\Program Files (x86)\AppInsights
    2016-05-27 21:33 - 2015-12-20 12:52 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2016-05-27 20:55 - 2015-12-20 17:06 - 00001518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
    2016-05-27 20:55 - 2014-12-22 21:57 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
    2016-05-27 20:55 - 2014-12-22 21:53 - 00000000 ____D C:\WINDOWS\system32\1033
    2016-05-27 20:33 - 2014-12-22 21:58 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
    2016-05-27 20:29 - 2015-01-28 19:38 - 00000000 ____D C:\Program Files (x86)\NuGet
    2016-05-27 20:28 - 2015-09-10 18:43 - 00001509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
    2016-05-27 20:12 - 2015-01-16 17:25 - 00000000 ____D C:\Program Files (x86)\Java
    2016-05-27 20:12 - 2014-12-11 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-05-26 12:46 - 2015-05-29 17:08 - 00000000 ____D C:\Users\Scott\Documents\Unity Projects
    2016-05-26 12:46 - 2015-05-29 17:00 - 00000000 ____D C:\Users\Scott\AppData\LocalLow\Unity
    2016-05-26 12:08 - 2015-03-02 08:45 - 00000000 ____D C:\Users\Scott\Documents\Quill Tilemap
    2016-05-23 22:07 - 2015-04-12 15:23 - 00000000 ____D C:\Users\Scott\AppData\Roaming\DarkSoulsII

    ==================== Files in the root of some directories =======

    2015-05-16 10:28 - 2016-06-10 19:49 - 0000132 _____ () C:\Users\Scott\AppData\Roaming\Adobe PNG Format CS6 Prefs
    2015-04-25 08:45 - 2015-06-08 11:51 - 0000600 _____ () C:\Users\Scott\AppData\Roaming\winscp.rnd
    2015-05-16 12:45 - 2015-05-16 12:45 - 0001456 _____ () C:\Users\Scott\AppData\Local\Adobe Save for Web 13.0 Prefs
    2015-07-30 15:33 - 2015-07-30 15:33 - 0000000 ___SH () C:\Users\Scott\AppData\Local\LumaEmu
    2015-04-25 07:50 - 2016-01-05 23:59 - 0000600 _____ () C:\Users\Scott\AppData\Local\PUTTY.RND
    2016-06-03 12:13 - 2016-06-03 12:13 - 0000218 _____ () C:\Users\Scott\AppData\Local\recently-used.xbel
    2015-05-05 23:03 - 2016-01-06 00:24 - 0007634 _____ () C:\Users\Scott\AppData\Local\resmon.resmoncfg
    2014-10-29 04:02 - 2014-10-29 04:02 - 0000000 ____N () C:\ProgramData\DP45977C.lfl
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000268 ___RH () C:\ProgramData\Hybrid Chords
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000268 ___RH () C:\ProgramData\Hybrid Morph
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000268 ___RH () C:\ProgramData\Hybrid Synthesizers
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000012 ___RH () C:\ProgramData\Internet Services
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000012 ___RH () C:\ProgramData\Jazz
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000012 ___RH () C:\ProgramData\Jingles
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
    2014-12-18 10:40 - 2015-05-30 13:55 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

    Files to move or delete:
    ====================
    C:\Users\Scott\connect.bat


    Some files in TEMP:
    ====================
    C:\Users\Admin\AppData\Local\Temp\drm_dyndata_7380006.dll
    C:\Users\Admin\AppData\Local\Temp\LenovoShareIt.exe
    C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll
    C:\Users\Admin\AppData\Local\Temp\nvStInst.exe
    C:\Users\Admin\AppData\Local\Temp\ose00001.exe
    C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Admin\AppData\Local\Temp\System.Data.SQLite.dll
    C:\Users\Admin\AppData\Local\Temp\System.Data.SQLitea74f23a0-8f5e-4dbd-93bd-65c53cee8f3a.dll
    C:\Users\Admin\AppData\Local\Temp\xmlUpdater.exe
    C:\Users\Admin\AppData\Local\Temp\_is1B66.exe
    C:\Users\Scott\AppData\Local\Temp\avg-9b143549-7322-4566-89be-a8079d1c6d79.exe
    C:\Users\Scott\AppData\Local\Temp\dllnt_dump.dll
    C:\Users\Scott\AppData\Local\Temp\jre-8u66-windows-au.exe
    C:\Users\Scott\AppData\Local\Temp\jre-8u73-windows-au.exe
    C:\Users\Scott\AppData\Local\Temp\jre-8u77-windows-au.exe
    C:\Users\Scott\AppData\Local\Temp\jre-8u91-windows-au.exe
    C:\Users\Scott\AppData\Local\Temp\libeay32.dll
    C:\Users\Scott\AppData\Local\Temp\msvcr120.dll
    C:\Users\Scott\AppData\Local\Temp\Nexus Mod Manager-0.61.13.exe
    C:\Users\Scott\AppData\Local\Temp\Nexus Mod Manager-0.61.23.exe
    C:\Users\Scott\AppData\Local\Temp\nvSCPAPI.dll
    C:\Users\Scott\AppData\Local\Temp\nvSCPAPI64.dll
    C:\Users\Scott\AppData\Local\Temp\nvStInst.exe
    C:\Users\Scott\AppData\Local\Temp\OKV50_GRAND_VINAY_PPI_3.exe
    C:\Users\Scott\AppData\Local\Temp\pushbullet_watchdog.exe
    C:\Users\Scott\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-06-16 12:10

    ==================== End of FRST.txt ============================



    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
    Ran by Scott (2016-06-21 21:10:42)
    Running from C:\Users\Scott\Desktop
    Windows 10 Home Version 1511 (X64) (2015-12-20 15:29:08)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-437364399-4149591236-704665920-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-437364399-4149591236-704665920-1006 - Limited - Enabled)
    DefaultAccount (S-1-5-21-437364399-4149591236-704665920-503 - Limited - Disabled)
    Guest (S-1-5-21-437364399-4149591236-704665920-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-437364399-4149591236-704665920-1003 - Limited - Enabled)
    Scott (S-1-5-21-437364399-4149591236-704665920-1001 - Administrator - Enabled) => C:\Users\Scott

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    123D Design R1.8 (HKLM\...\123D Design) (Version: 1.8.34 - Autodesk, Inc.)
    7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
    Active Directory Authentication Library for SQL Server (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
    Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1100.286 - Microsoft Corporation) Hidden
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
    Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
    Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
    Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
    Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
    AirDroid 3.0.1 (HKLM-x32\...\AirDroid) (Version: 3.0.1 - Sand Studio)
    Akamai NetSession Interface (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
    Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.1245.53580 - Alcor Micro Corp.)
    Alcor Micro USB Card Reader (x32 Version: 20.2.1245.53580 - Alcor Micro Corp.) Hidden
    Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
    Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
    Apache CouchDB 1.6.1 (HKLM-x32\...\ApacheCouchDB_is1) (Version: - Apache Software Foundation)
    Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
    Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
    Arduino (HKLM-x32\...\Arduino) (Version: 1.0.6 - Arduino LLC)
    Atom (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\atom) (Version: 1.3.2 - GitHub Inc.)
    Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
    Aurora (HKLM-x32\...\{90893FB5-38AE-4164-B689-3214719D0D4A}_is1) (Version: 7.1.0 - Steve Walmsley)
    AutoHotkey 1.1.22.07 (HKLM\...\AutoHotkey) (Version: 1.1.22.07 - Lexikos)
    AVG (Version: 16.81.7640 - AVG Technologies) Hidden
    AVG 2016 (Version: 16.0.4604 - AVG Technologies) Hidden
    AVG Protection (HKLM\...\AVG) (Version: 2016.81.7640 - AVG Technologies)
    Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    Azure Resource Manager Tools (VS 2015) - v2.9 (x32 Version: 2.9.40317.6 - Microsoft Corporation) Hidden
    AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
    AzureTools.Notifications (x32 Version: 2.9.40518.2 - Microsoft Corporation) Hidden
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
    Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
    BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
    Bitvise SSH Server 6.31 (remove only) (HKLM-x32\...\Bitvise SSH Server) (Version: - )
    bl (x32 Version: 1.0.0 - Your Company Name) Hidden
    Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden
    Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation)
    Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Brackets (HKLM-x32\...\{B8D3F3D2-7482-4DE1-A4C9-7039F1966B83}) (Version: 1.3 - brackets.io)
    Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    calibre 64bit (HKLM\...\{2D534835-A873-4402-BEED-813FE50BF118}) (Version: 2.30.0 - Kovid Goyal)
    CintaNotes 2.8.5 (HKLM-x32\...\CintaNotes_is1) (Version: - Cinta Software)
    ClipboardFusion 3.2 (HKLM-x32\...\CE862FB9-804D-4D16-98F5-677FA31B647C_is1) (Version: 3.2.0.0 - Binary Fortress Software)
    Cloud Deployment Project for Microsoft Visual Studio 2015 - v2.9 (x32 Version: 2.9.40317.6 - Microsoft Corporation) Hidden
    Cloud Explorer - v1.0 (x32 Version: 2.9.40518.2 - Microsoft Corporation) Hidden
    CodeBlocks (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
    CodedUITest81 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)
    Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
    Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    cURL (HKLM\...\{660D6CF5-A9F8-473C-A102-34E7106E9B07}) (Version: 7.42.0 - Confused by Code)
    CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
    CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
    CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DARK SOULS III (HKLM\...\Steam App 374320) (Version: - FromSoftware, Inc.)
    DARK SOULS™ II: Scholar of the First Sin (HKLM\...\Steam App 335300) (Version: - FromSoftware, Inc)
    DC Universe Online Live (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\SOE-DC Universe Online Live) (Version: - Sony Online Entertainment)
    Democracy 3 (HKLM-x32\...\GOGPACKDEMOCRACY3_is1) (Version: 2.0.0.3 - GOG.com)
    Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.3 - Bloodshed Software)
    Discord (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Discord) (Version: 0.0.291 - Hammer & Chisel, Inc.)
    DisplayFusion 7.3.4 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.3.4.0 - Binary Fortress Software)
    Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
    Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
    Dotfuscator and Analytics Community Edition 5.19.1 (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
    Dropbox (HKLM-x32\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
    Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
    Dungeons and Dragons Online (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\DDO_midres_en) (Version: - )
    DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
    Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
    Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
    Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
    Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
    Europa Universalis IV (HKLM\...\Steam App 236850) (Version: - Paradox Development Studio)
    Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
    Factorio version 0.12.20 (HKLM\...\Factorio_is1) (Version: - )
    Factorio version 0.12.20 (HKLM-x32\...\Factorio_is1) (Version: - )
    Fallout (HKLM-x32\...\Steam App 38400) (Version: - Interplay Inc.)
    Fallout 2 (HKLM-x32\...\Steam App 38410) (Version: - Black Isle Studios)
    Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
    FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
    Floor Plan Maker 7.9 (HKLM-x32\...\Floor Plan Maker_is1) (Version: - EdrawSoft)
    FMW 1 (Version: 1.92.4 - AVG Technologies) Hidden
    Foldit (HKLM-x32\...\Foldit) (Version: - )
    FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
    Fran Bow (HKLM-x32\...\1438948561_is1) (Version: 2.2.0.3 - GOG.com)
    Free DVD Ripper Platinum 8.6.4 (HKLM-x32\...\Free DVD Ripper Platinum_is1) (Version: - FreeAudioVideoSoftTech, Inc.)
    Free Pascal 3.0.0 (HKLM-x32\...\FreePascal_is1) (Version: - Free Pascal Team)
    FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
    GDR 4213 for SQL Server 2014 (KB3070446) (64-bit) (HKLM\...\KB3070446) (Version: 12.1.4213.0 - Microsoft Corporation)
    GDR 6220 for SQL Server 2008 R2 (KB3045316) (64-bit) (HKLM\...\KB3045316) (Version: 10.53.6220.0 - Microsoft Corporation)
    GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
    Git version 2.8.1 (HKLM\...\Git_is1) (Version: 2.8.1 - The Git Development Community)
    GitHub (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.17.0 - GitHub, Inc.)
    GlassFish Server Open Source Edition 4.1 (HKLM\...\nbi-glassfish-mod-4.1.0.13.0) (Version: - )
    Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
    GnuCash 2.6.11 (HKLM-x32\...\GnuCash_is1) (Version: - GnuCash Development Team)
    GnuWin32: Make-3.81 (HKLM-x32\...\Make-3.81_is1) (Version: 3.81 - GnuWin32)
    GnuWin32: Make-3.81 (HKLM-x32\...\Make-src-3.81_is1) (Version: 3.81 - GnuWin32)
    GnuWin32: Wget-1.11.4-1 (HKLM-x32\...\Wget-1.11.4-1_is1) (Version: 1.11.4-1 - GnuWin32)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
    Google Cloud SDK (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Google Cloud SDK) (Version: - Google Inc.)
    Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
     
  15. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
    GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
    Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
    Gtk# for .Net 2.12.25 (HKLM-x32\...\{889E7D77-2A98-4020-83B1-0296FA1BDE8A}) (Version: 2.12.25 - Xamarin, Inc.)
    Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
    Hammerwatch (HKLM-x32\...\Steam App 239070) (Version: - Crackshell)
    HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
    Happy Cloud Client (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.)
    Haskell Platform 2014.2.0.0 (HKLM\...\HaskellPlatform-2014.2.0.0) (Version: - Haskell.org)
    Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
    Hero Lab 7.6b (HKLM-x32\...\{760AA190-82DF-4A80-BE05-B9FEEC88946D}_is1) (Version: 7.6b - LWD Technology, Inc.)
    Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
    Human Resource Machine (HKLM-x32\...\1444812654_is1) (Version: 2.0.0.1 - GOG.com)
    HuniePop (HKLM-x32\...\1443428641_is1) (Version: 2.0.0.1 - GOG.com)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6503.0 - IDT)
    IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
    InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
    Install Finalizer (x32 Version: 2.9.40518.2 - Microsoft Corporation) Hidden
    Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1013 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1337.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.5.1000 - Intel Corporation)
    Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{313c06de-4aa7-4a1f-930a-f10f80380426}) (Version: 17.14.0 - Intel Corporation)
    IntelliJ IDEA 15.0.3 (HKLM-x32\...\IntelliJ IDEA 15.0.3) (Version: 143.1821.5 - JetBrains s.r.o.)
    ISO Recorder (HKLM\...\{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}) (Version: 3.1.0 - Alex Feinman)
    Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
    Java SE Development Kit 7 Update 55 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
    Java SE Development Kit 7 Update 71 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
    Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
    Java SE Development Kit 8 Update 25 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
    Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
    JetBrains CLion 1.2.4 (HKLM-x32\...\CLion 1.2.4) (Version: 143.1186.2 - JetBrains s.r.o.)
    JetBrains DataGrip 1.0.1 (HKLM-x32\...\DataGrip 1.0.1) (Version: 143.1411.5 - JetBrains s.r.o.)
    JetBrains dotCover 10.0.2 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{d85de890-a4d5-5496-9d9a-5d4ab4ec417d}) (Version: 10.0.2 - JetBrains s.r.o.)
    JetBrains dotMemory 10.0.2 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{9b9e06eb-e7ea-5769-9f1e-debbc7edb320}) (Version: 10.0.2 - JetBrains s.r.o.)
    JetBrains dotPeek 10.0.2 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{a725fe38-0f31-5da7-a5ee-ac4904bbbc36}) (Version: 10.0.2 - JetBrains s.r.o.)
    JetBrains dotTrace 10.0.2 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{24b9d1a4-4025-5a9a-9d9a-3ea6fc4cda70}) (Version: 10.0.2 - JetBrains s.r.o.)
    JetBrains ETW Host Service (x32 Version: 104.0.4.0 - JetBrains s.r.o) Hidden
    JetBrains PhpStorm 10.0.3 (HKLM-x32\...\PhpStorm 10.0.3) (Version: 143.1770 - JetBrains s.r.o.)
    JetBrains PyCharm 5.0.4 (HKLM-x32\...\PyCharm 5.0.4) (Version: 143.1919.2 - JetBrains s.r.o.)
    JetBrains ReSharper 9 (x32 Version: 9.0.0.0 - JetBrains Inc) Hidden
    JetBrains ReSharper Ultimate in Visual Studio 2013 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{bf70078c-5e98-52f6-af00-eba9a1c75eec}) (Version: 10.0.2 - JetBrains s.r.o.)
    JetBrains ReSharper Ultimate in Visual Studio 2015 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{02ee0a0e-7567-5503-9c73-1d5e05353513}) (Version: 10.0.2 - JetBrains s.r.o.)
    JetBrains WebStorm 2016.1 (HKLM-x32\...\WebStorm 2016.1) (Version: 145.258.3 - JetBrains s.r.o.)
    KeepNote 0.7.8 (HKLM-x32\...\KeepNote_is1) (Version: - Matt Rasmussen)
    Kingdoms of Amalur: Reckoning™ (HKLM\...\Steam App 102500) (Version: - Big Huge Games)
    Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    Kodi (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Kodi) (Version: - XBMC-Foundation)
    LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
    Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
    Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
    Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
    Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
    Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
    Lenovo Reach (HKLM-x32\...\{3245D8C8-7FE0-4FD4-B04B-2720A333D592}) (Version: 1.1.3.5 - Stoneware, Inc.)
    Lenovo Service Bridge (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\cbe8636f7dd0cf1d) (Version: 1.5.1.0 - Lenovo)
    LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.13.2.0 - LG Electronics)
    LibreOffice 4.3.5.2 (HKLM-x32\...\{1D4E90DA-C33C-40ED-BA00-75F6E6DF9CB0}) (Version: 4.3.5.2 - The Document Foundation)
    LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.6 - Thibaut Lauziere)
    LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
    LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
    LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden
    LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
    Logitech Gaming Software 8.75 (HKLM\...\Logitech Gaming Software) (Version: 8.75.30 - Logitech Inc.)
    Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)
    Magelo Sync (uninstall only) (HKLM\...\Magelo Sync) (Version: - )
    Magic DVD Ripper V9.0.0 (HKLM-x32\...\Magic DVD Ripper_is1) (Version: - Magic DVD Software, Inc.)
    MakeMKV v1.9.5 (HKLM-x32\...\MakeMKV) (Version: v1.9.5 - GuinpinSoft inc)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Massive Chalice (HKLM-x32\...\Massive Chalice_is1) (Version: - )
    Meld (HKLM-x32\...\{2C4CE0C7-E628-4349-9E5B-0B1AD3ACAA3B}) (Version: 3.12.3 - The Meld project)
    Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Metasploit (HKLM-x32\...\Metasploit 4.11.2) (Version: 4.11.2 - Rapid7)
    Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
    Microsoft .NET Core 1.0.0 RC2 - SDK Preview 1 (x64) (HKLM-x32\...\{2adee9e7-1f53-47dc-8e30-49ff0dec528e}) (Version: 1.0.0.2702 - Microsoft Corporation)
    Microsoft .NET Core 1.0.0 RC2 - VS 2015 Tooling Preview 1 (HKLM-x32\...\{22041006-8484-4b8d-a13c-40189695de2f}) (Version: 1.0.20513.14 - Microsoft Corporation)
    Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
    Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft ASP.Net Web Frameworks 5.1 Security Update (KB2994397) (HKLM-x32\...\{94F716A3-CBBA-4005-9516-1C4267DDB824}) (Version: 5.1.20821 - Microsoft Corporation)
    Microsoft ASP.NET Web Frameworks and Tools 2015 (HKLM-x32\...\{cdc58b12-e799-4bcb-a4f0-c4537fc10d00}) (Version: 3.2.40204.0 - Microsoft Corporation)
    Microsoft Azure App Service Tools v2.9.1 - Visual Studio 2015 (HKLM-x32\...\{cc50dd74-d143-4aba-bb65-caf2953d4302}) (Version: 14.0.20519.0 - Microsoft Corporation)
    Microsoft Azure Authoring Tools - v2.9.1 (HKLM\...\{A696D7AE-526D-49CE-85D4-6725BABCBD40}) (Version: 2.9.6499.4 - Microsoft Corporation)
    Microsoft Azure Compute Emulator - v2.9.1 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.1) (Version: 2.9.6499.4 - Microsoft Corporation)
    Microsoft Azure Data Lake Tools for Visual Studio 2015 (HKLM-x32\...\{CAF660D4-4F76-45BD-BCDE-B3E30245E83D}) (Version: 2.0.6000.0 - Microsoft Corporation)
    Microsoft Azure HDInsight Tools for Visual Studio 2015 (HKLM-x32\...\{AF08A038-7EFD-4852-B4C9-29D8DD708CDF}) (Version: 2.0.6000.0 - Microsoft Corporation)
    Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{83DBE1B7-4CA2-4F21-9FEE-3FF2C70942D4}) (Version: 2.9.0517.110 - Microsoft Corporation)
    Microsoft Azure Mobile App SDK V2.0 (HKLM-x32\...\{1784177A-10DD-4E9A-B58F-B6320D85CF06}) (Version: 2.0.40201.0 - Microsoft Corporation)
    Microsoft Azure PowerShell - May 2016 (HKLM-x32\...\{A0200E3F-B94B-4A58-928A-A5BB79866B3F}) (Version: 1.4.0 - Microsoft Corporation)
    Microsoft Azure Quickstarts (HKLM-x32\...\{A6ACA586-9C39-3F57-82B6-9345FF1672F9}) (Version: 1.6 - Microsoft Corporation)
    Microsoft Azure Storage Emulator - v4.4 (HKLM-x32\...\Microsoft Azure Storage Emulator - v4.4) (Version: 4.4.6891.0 - Microsoft Corporation)
    Microsoft Azure Storage Tools - v5.0.0 (HKLM-x32\...\{F34C2A31-A57C-43F9-BEA4-F3E4F59AF3F3}) (Version: 5.0.0.0 - Microsoft Corporation)
    Microsoft Azure Tools for Microsoft Visual Studio 2015 - v2.9 (HKLM-x32\...\{2f25fdd8-63d3-4ddb-99b6-9977192020ab}) (Version: 2.9.40518.2 - Microsoft Corporation)
    Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
    Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
    Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
    Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
    Microsoft Hive ODBC Driver (HKLM\...\{AC9970E8-7F55-4F50-A6D3-2BC041589904}) (Version: 1.0.5.5 - Microsoft Corporation)
    Microsoft Hive ODBC Driver (HKLM-x32\...\{7A580208-9E61-47FD-9AEB-DDDAA67CF0F6}) (Version: 1.0.5.5 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{18CBAFDF-A131-4BE8-8614-F7AF405A47EE}) (Version: 13.0.800.111 - Microsoft Corporation)
    Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
    Microsoft Office Developer Tools for Visual Studio 2015 (HKLM-x32\...\{0e53edcf-ba8e-4cff-804f-39f447ef5bf4}) (Version: 14.0.23928.0 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Project Professional 2013 (HKLM\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft Report Viewer for SQL Server 2016 CTP3.1 (HKLM-x32\...\{8E941158-0411-49C4-802A-B90276A05999}) (Version: 13.0.800.111 - Microsoft Corporation)
    Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2016 Policies CTP3.1 (HKLM-x32\...\{C7805221-3AED-435B-8146-D062D56E7477}) (Version: 13.0.800.111 - Microsoft Corporation)
    Microsoft SQL Server 2016 T-SQL Language Service CTP3.1 (HKLM\...\{58DEF719-6B58-453A-84E5-3F09F6C7278E}) (Version: 13.0.800.111 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Books Online (HKLM-x32\...\{74F7B314-0507-4F91-9A4E-B6C9B027E410}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{E534493E-80D2-4E37-8020-3ECAC55D9DB5}) (Version: 10.53.6000.34 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{2E06399C-2517-484D-B6C9-3B1113AFCD19}) (Version: 10.53.6220.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{E4A1FDA3-689D-44DA-9B39-86BD2270F522}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client (HKLM\...\{E2D10175-7411-4EA5-8E32-FA21262B435D}) (Version: 11.2.5592.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Setup (English) (HKLM\...\{977887EC-1C9B-47FA-8489-88E5E7F43D5E}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{E721A8AA-2632-4798-B439-6D4C8A689BB8}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{705AFC05-AD2F-473E-A2ED-BED746D473F2}) (Version: 12.1.4213.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Policies (HKLM-x32\...\{1C30FE7E-8A8C-4492-89D6-10CB20C3B0EB}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Setup (English) (HKLM\...\{2975950A-6723-4FD2-9719-78DD9C30A7F4}) (Version: 12.1.4213.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 Setup (English) (HKLM-x32\...\{C0955436-D3E5-4312-9F48-8018F6C03D7C}) (Version: 12.1.4213.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL Compiler Service (HKLM\...\{5BC5068F-1F64-4D2D-948F-E75F30B850CB}) (Version: 12.1.4213.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Microsoft SQL Server 2014 T-SQL Language Service (HKLM\...\{7FE9A69F-6D91-4E2E-86B5-E2EB27AE6041}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2016 CTP3.1 (64-bit) (HKLM\...\Microsoft SQL Server SQL16CTP3.1) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2016 CTP3.1 (HKLM-x32\...\Microsoft SQL Server SQL16CTP3.1) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2016 LocalDB RC0 (HKLM\...\{9CED5D08-5664-4668-A927-CD6C60C4175D}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Microsoft SQL Server 2016 Management Objects RC0 (HKLM-x32\...\{948B5F49-A57E-46B4-9F1E-145D7A9E66D7}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Microsoft SQL Server 2016 Management Objects RC0 (x64) (HKLM\...\{F6F8053F-D328-4ACA-93A1-A49E495899F2}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Microsoft SQL Server 2016 T-SQL Language Service RC0 (HKLM-x32\...\{1852BD30-570B-4E47-8752-461448E8E250}) (Version: 13.0.12000.52 - Microsoft Corporation)
    Microsoft SQL Server 2016 T-SQL ScriptDom RC0 (HKLM\...\{D9F55D00-A8AB-4518-A56E-D9D5E615542A}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (14.0.60311.1) (HKLM-x32\...\{28292CA9-8D65-4E37-95A3-753EEB38F122}) (Version: 14.0.60311.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools 2015 (HKLM-x32\...\{2956ec52-98f0-4007-9462-ae613be5df16}) (Version: 14.0.50730.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
    Microsoft SQL Server Data-Tier Application Framework (x86) (HKLM-x32\...\{2B56F3F1-CFDB-444C-97A1-4DEB476225D8}) (Version: 13.0.3135.1 - Microsoft Corporation)
    Microsoft SQL Server Management Studio - November 2015 (HKLM-x32\...\{35963214-b644-4bbf-83a4-ac8653b15e20}) (Version: 13.0.800.111 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.53.6000.34 - Microsoft Corporation)
    Microsoft Sync Framework Runtime v1.0 (x64) (HKLM\...\{53D7A054-4598-4947-A159-E8FCC77720AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
    Microsoft Sync Services for ADO.NET v2.0 (x64) (HKLM\...\{817BCC2B-76A8-4C8B-8B55-FD916C6969CC}) (Version: 2.0.1215.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{DEB263CA-0386-4648-8382-FB78DBFA2C5F}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{E3F613C1-105F-4717-BFE7-007729A95D67}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM\...\{495CC0B4-D4C3-4D87-8317-F66BA48C5552}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM-x32\...\{3A87F9F2-D65D-4BA9-8459-E5BBE31EA64D}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Visual C# 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C# 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
    Microsoft Visual Studio 2008 Shell (integrated mode) - ENU (HKLM-x32\...\{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio 2013 Tools for Unity (HKLM-x32\...\{91F5EADD-EA29-4F18-AC55-D5C55BEA6C7A}) (Version: 2.0.0.0 - Microsoft Corporation)
    Microsoft Visual Studio 2015 Installer Projects Extension (HKLM-x32\...\{b6373d26-565f-4644-857c-f830ea7a0c56}) (Version: 14.0.23205 - Microsoft Corporation)
    Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{D68E6605-F852-4936-AB64-04B80E0C85AD}) (Version: 2.2.0.0 - Microsoft Corporation)
    Microsoft Visual Studio Enterprise 2015 (HKLM-x32\...\{aaff6d8c-30d0-4446-82ae-1f1650eab4b9}) (Version: 14.0.23107.178 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
    Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{84e72603-1a6a-4c51-81b3-de36aabcc4f8}) (Version: 12.0.30501 - Microsoft Corporation)
    Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
    Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    MKVToolNix 8.2.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 8.2.0 - Moritz Bunkus)
    Module Microsoft Report Viewer pour Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Morrowind (HKLM-x32\...\{C325F588-D6B1-4A7F-B6A2-914C75DDA348}) (Version: - )
    Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
    MRO for Windows 3.2.3 (HKLM\...\MRO for Windows 3.2.3_is1) (Version: 3.2.3 - Microsoft)
    MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
    Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    Mumble 1.2.10 (HKLM-x32\...\{63243F5C-E941-4461-A4B0-2689A9A3BF13}) (Version: 1.2.10 - Thorvald Natvig)
    Music Manager (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\MusicManager) (Version: - Google, Inc.)
    MusicBee 3.0 (HKLM-x32\...\MusicBee) (Version: 3.0 - Steven Mayall)
    My.com Game Center (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\MyComGames) (Version: 3.140 - My.com B.V.)
    MySQL Workbench 6.3 CE (HKLM\...\{2F531783-BBF7-40CF-ACF5-2EB4CD83CAF6}) (Version: 6.3.3 - Oracle Corporation)
    NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
    Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.23 - Black Tree Gaming)
    Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
    Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
    Nitro Pro 9 (HKLM\...\{70B831B7-A8EE-4C5F-8F34-F383D24B3A04}) (Version: 9.0.5.9 - Nitro)
    Node.js (HKLM\...\{40435563-20B0-4DA3-8E52-E5BF28ABE5C3}) (Version: 0.12.2 - Joyent, Inc. and other Node contributors)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
    NVIDIA 3D Vision Driver 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 365.10 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
    NVIDIA Graphics Driver 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.10 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
    Oblivion: Game of the Year Deluxe Edition (HKLM-x32\...\{ED75073E-C7B4-4EBE-8AEC-9C4CA41E5F2F}}_is1) (Version: - Bethesda Softworks)
    OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.13.4 - OBS Project)
    Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
    Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
    OpenAL (HKLM-x32\...\OpenAL) (Version: - )
    Oracle VM VirtualBox 5.0.20 (HKLM\...\{8209969B-9A31-4021-B0D8-E6F719F7F995}) (Version: 5.0.20 - Oracle Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Overlook Fing (HKLM-x32\...\Overlook Fing 2.2) (Version: 2.2 - Overlook)
    PCGen60600 (HKLM-x32\...\PCGen60600) (Version: - )
    PDF Plug-In 1.6 (HKLM-x32\...\{75569847-6E3F-4D03-A4E8-8EC528E155A9}_is1) (Version: 1.6 - Lone Wolf Development, Inc.)
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    ph (x32 Version: 1.0.0 - Your Company Name) Hidden
    PHP Tools for Visual Studio (HKLM-x32\...\{D2988F46-CA0E-4E64-9991-1699074C36AC}) (Version: 1.19.8776 - DEVSENSE)
    Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.1 - Nikon)
    Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com)
    Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
    Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
    PowerISO (HKLM-x32\...\PowerISO) (Version: 6.2 - Power Software Ltd)
    PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Prerequisites for SSDT RC0 (HKLM-x32\...\{AB72EB1C-9CF4-4274-984D-5EDA8BF37A08}) (Version: 13.0.1100.286 - Microsoft Corporation)
    Project and Item Templates for Visual Studio Community 2015 - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
    PureVPN (HKLM-x32\...\PureVPN_is1) (Version: 4.0.0.0 - PureVPN)
    Pushbullet version 312 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 312 - Pushbullet Inc)
    Python 2.7.11 (HKLM-x32\...\{16E52445-1392-469F-9ADB-FC03AF00CD61}) (Version: 2.7.11150 - Python Software Foundation)
    Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
    Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
    Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
    R for Windows 3.2.0 (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\R for Windows 3.2.0_is1) (Version: 3.2.0 - R Core Team)
    R Tools 0.2 for Visual Studio 2015 (HKLM-x32\...\{6c4e6209-c811-4d62-93bf-cedea639cb28}) (Version: 0.2.20304.1341 - Microsoft Corporation)
    R Tools 0.2 for Visual Studio 2015 (x32 Version: 0.2.20304.1341 - Microsoft Corporation) Hidden
    Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.3 beta r2468 - )
    Reassembly (HKLM-x32\...\Steam App 329130) (Version: - Anisoptera Games)
    Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
    Release Management for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    RIFT (HKLM-x32\...\Glyph RIFT) (Version: - Trion Worlds, Inc.)
    Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
    Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    Roslyn Language Services - x86 (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
    RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1103 - RStudio)
    SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
    SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
    Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
    Service Pack 1 for SQL Server 2014 (KB3058865) (HKLM-x32\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
    Service Pack 2 for SQL Server 2012 (KB2958429) (64-bit) (HKLM\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
    Service Pack 3 for SQL Server 2008 R2 (KB2979597) (64-bit) (HKLM\...\KB2979597) (Version: 10.53.6000.34 - Microsoft Corporation)
    SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.11.0 - Lenovo Group Limited)
    SharePoint Client Components (HKLM\...\{95150004-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4711.1001 - Microsoft Corporation)
    SharePoint Client Components (HKLM\...\{95160003-1163-0409-1000-0000000FF1CE}) (Version: 16.0.4002.1211 - Microsoft Corporation)
    SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
    Sid Meier's Civilization IV - Beyond the Sword (HKLM-x32\...\Sid Meier's Civilization IV - Beyond the Sword) (Version: - GameStop)
    Sid Meier's Civilization IV - Warlords (HKLM-x32\...\Sid Meier's Civilization IV - Warlords) (Version: - GameStop)
    Sid Meier's Civilization IV (HKLM-x32\...\Sid Meier's Civilization IV) (Version: - GameStop)
    Sid Meier's Civilization IV Colonization (HKLM-x32\...\Sid Meier's Civilization IV Colonization) (Version: - GameStop)
    SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
    skyforge_mycom (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\skyforge_mycom) (Version: 1.29 - My.com B.V.)
    Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
    Skyrim Script Extender (SKSE) (HKLM\...\Steam App 365720) (Version: - The SKSE Team)
    Smilebox (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\Smilebox) (Version: 1.0.0.29487 - Smilebox, Inc.)
    Snowflake Suite (HKLM-x32\...\{392317D4-B4DF-42D6-908C-BAEFACEC9024}) (Version: 4.0.0 - Natural User Interface Technologies AB)
    Space Engineers (HKLM\...\Steam App 244850) (Version: - Keen Software House)
    SQL Server 2008 R2 Reporting Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Analysis Services (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 BI Development Studio (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Client Tools (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Common Files (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Full text search (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Integration Services (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Management Studio (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP2 Reporting Services (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    SQL Server 2014 Analysis Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Client Tools (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Common Files (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Data quality service (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
    SQL Server 2014 Data quality service (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Database Engine Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Database Engine Shared (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Full text search (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
    SQL Server 2014 Management Studio (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Master Data Services (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
    SQL Server 2014 Master Data Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Reporting Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 SQL Data Quality Common (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2016 CTP3.1 Batch Parser (HKLM\...\{FE3880B8-7C5D-45BE-AAC0-9A831480A0A7}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 Client Tools (x32 Version: 13.0.800.111 - Microsoft Corporation) Hidden
    SQL Server 2016 CTP3.1 Client Tools Extensions (x32 Version: 13.0.800.111 - Microsoft Corporation) Hidden
    SQL Server 2016 CTP3.1 Common Files (x32 Version: 13.0.800.111 - Microsoft Corporation) Hidden
    SQL Server 2016 CTP3.1 Connection Info (HKLM\...\{13E6D0B2-2C84-4407-BB93-F40F84C1E6D1}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 Connection Info (HKLM\...\{A832D8C5-5458-4657-A7A5-245D0EE1B3B6}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 DMF (HKLM\...\{4472920F-C127-4D94-8F6A-0CF97CEBFB14}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 DMF (HKLM\...\{97FAAA31-FB0C-4AA3-9251-1291FD101219}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 Management Studio (x32 Version: 13.0.800.111 - Microsoft Corporation) Hidden
    SQL Server 2016 CTP3.1 Management Studio Extensions (x32 Version: 13.0.800.111 - Microsoft Corporation) Hidden
    SQL Server 2016 CTP3.1 Shared Management Objects (HKLM\...\{588E3E59-2876-41BD-BE02-5EF73D6F4155}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 Shared Management Objects (HKLM\...\{9B432C25-32AA-4D4D-9350-553416D8372C}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 Shared Management Objects Extensions (HKLM\...\{6D0F42A2-2F96-4DB9-812E-C246840A189F}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 Shared Management Objects Extensions (HKLM\...\{8AAF9358-E79B-4921-B455-1C2CC4B45B4B}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 SQL Diagnostics (HKLM\...\{50945A99-FE83-4817-B9CB-06A8B0E0EB3C}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 XEvent (HKLM\...\{92AA5F84-7A25-4A1F-937D-ABCFB04B80F9}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server 2016 CTP3.1 XEvent (HKLM\...\{C3EA6B70-B3DF-4771-8EF7-6AA61CBB6968}) (Version: 13.0.800.111 - Microsoft Corporation)
    SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Sql Server Customer Experience Improvement Program (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
    Sql Server Customer Experience Improvement Program (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    Stagelight (HKLM\...\StageLight) (Version: 2.0.0.5045 - Open Labs, LLC.)
    Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: - Bioware/EA)
    Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
    Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Sublime Text Build 3065 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
    SUPERHOT (HKLM-x32\...\1456141688_is1) (Version: 2.0.0.4 - GOG.com)
    Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
    System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
    System Requirements Lab Detection (HKLM-x32\...\{2D05AE75-86EC-4BC8-B289-7C91E00E7C08}) (Version: 2.2.4.0 - Husdawg, LLC)
    Tales of Maj'Eyal (HKLM\...\Steam App 259680) (Version: - DarkGod)
    Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Team Explorer for Microsoft Visual Studio 2015 Update 2 (x32 Version: 14.95.25118 - Microsoft) Hidden
    TeamSpeak 3 Client (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
    TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
    Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
    The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
    The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
    TIS-100 (HKLM-x32\...\1436869408_is1) (Version: 2.0.0.2 - GOG.com)
    Tom Clancy's Splinter Cell (HKLM-x32\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - )
    TreeSize Free V3.3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3.2 - JAM Software)
    Trove (HKLM-x32\...\Glyph Trove) (Version: - Trion Worlds, Inc.)
    TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
    TypeScript Power Tool (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden
    TypeScript Power Tool (x32 Version: 1.7.4.0 - Microsoft Corporation) Hidden
    TypeScript Power Tool (x32 Version: 1.8.9.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.31.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 (HKLM-x32\...\{4cde0c8c-47b3-448f-babf-fe5d392432a6}) (Version: 1.5.23128.0 - Microsoft Corporation)
    TypeScript Tools for Microsoft Visual Studio 2015 1.7.4.0 (HKLM-x32\...\{33e2204a-4ec6-4458-895a-47e2a404d990}) (Version: 1.7.24720.0 - Microsoft Corporation)
    Uninstall Finalizer (x32 Version: 2.9.40518.2 - Microsoft Corporation) Hidden
    Unity (HKLM-x32\...\Unity) (Version: 5.3.5f1 - Unity Technologies ApS)
    Unity Web Player (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
     
  16. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
    Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
    Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
    Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
    Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
    Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
    Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
    Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
    Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
    Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
    User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
    User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
    ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.2 - Nikon)
    Vim 7.4 (self-installing) (HKLM\...\Vim 7.4) (Version: - )
    Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation)
    Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
    Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    VS Update core components (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
    vs_update2notification (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
    Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
    WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version: - Hervé Leclerc (HeL))
    WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
    WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
    Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
    Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{940596e5-652a-4970-8a5a-492e73ed0fbb}) (Version: 12.0.30501.0 - Microsoft Corporation)
    WinMerge 2011 (HKLM\...\WinMerge 2011) (Version: 2011.004.525 - Jochen Neubeck)
    WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
    WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
    WinSCP 5.7.3 (HKLM-x32\...\winscp3_is1) (Version: 5.7.3 - Martin Prikryl)
    WinX DVD Ripper 5.6.2 (HKLM-x32\...\WinX DVD Ripper_is1) (Version: - Digiarty Software, Inc.)
    WinX Free MP4 to AVI Converter 5.0.9 (HKLM-x32\...\WinX Free MP4 to AVI Converter_is1) (Version: - Digiarty Software, Inc.)
    Wireshark 1.12.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.3 - The Wireshark developer community, hxxp://www.wireshark.org)
    Workflow Manager Client 1.0 (Version: 2.0.50408.1 - Microsoft Corporation) Hidden
    Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.50408.2 - Microsoft Corporation) Hidden
    World of Tanks (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version: - Wargaming.net)
    Xamarin (HKLM-x32\...\{65CD25FC-75EA-42F9-BCC4-394C57923E32}) (Version: 4.0.4.4 - Xamarin)
    Xamarin Studio 5.7.1 (HKLM-x32\...\{C0015978-FD2F-4EBB-984B-2D7B5416F426}) (Version: 5.7.1.17 - Xamarin)
    XBMC (HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\XBMC) (Version: - Team XBMC)
    Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Scott\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-437364399-4149591236-704665920-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {00F6317D-8112-48DB-9187-56ADC74931EF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {0267377E-D39C-4DFC-9D59-6FB15ECDD7A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
    Task: {066A0FCD-51DE-4EF7-B910-BBF851B588CD} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03] (Synaptics Incorporated)
    Task: {0C652705-11B2-4265-800F-B51F4B89A170} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {111CC5E9-C75B-481E-AE78-DCB960F089CF} - \Optimize Start Menu Cache Files-S-1-5-21-437364399-4149591236-704665920-1001 -> No File <==== ATTENTION
    Task: {18949893-0227-4A35-A6FE-C0DC8A9B09D9} - System32\Tasks\User Made\Set background => C:\Users\Scott\Desktop\wall.bat
    Task: {2130844E-9BEB-4C05-B211-FA24F2A64AB4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {26AC1195-4E02-48A2-A112-4CF6030143AF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-437364399-4149591236-704665920-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
    Task: {2724C7D1-B95E-449D-B1A8-CC7A4FA32703} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-437364399-4149591236-704665920-1001Core => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {2C63CE28-50AC-47A8-9625-990A2AE1624C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-01] (Dropbox, Inc.)
    Task: {2EFCF522-89D4-42E1-B781-B7BC6C9F1D0C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {3119D5E4-9527-4990-BA6B-242D394CE832} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {40A8C19F-A518-45CF-9526-2A6CDB59EFCA} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-05-15] (Microsoft Corporation)
    Task: {426D3123-CA77-40DD-9E63-9AAAE26801D4} - \Optimize Start Menu Cache Files-S-1-5-21-437364399-4149591236-704665920-1004 -> No File <==== ATTENTION
    Task: {57FC6D4D-1C2B-48EC-A2AD-2268124AD2F4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {583CAEE5-9075-4434-BB6E-AD83DC43245D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {61CE9152-A06D-4756-9402-AEA0B6DD4961} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {69B4E95F-376F-4288-ABEB-79E44ACDB742} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {72A8A0A4-59E8-40E5-9874-B49FC841A5B0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
    Task: {77E4EB7C-02C7-4C59-ADB8-5E2347247388} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
    Task: {7D51A567-9F80-455C-831F-D52217BB9E0F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {880DA157-7419-4527-87B2-7C9BF9638872} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
    Task: {99686F05-C550-408B-969C-5764C1CA8318} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-01] (Dropbox, Inc.)
    Task: {99852D94-2D58-4AF1-9E7B-CFC1E8BEA185} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {9E9B835B-5012-414D-9D3B-3DBAC6ECF100} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {B0EBC0E1-0E40-4DB2-A5BF-A864AB2D9A20} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {B78FE0DD-C51F-4969-9E16-F638E9839D11} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {BC69C425-FA8C-40E5-A51B-F103E194A1D6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {C8245AEE-2726-4B8F-B3CA-6524D0E9B077} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22] (Google Inc.)
    Task: {CA245D25-43C6-49C5-A3A4-CB73F991D99D} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
    Task: {CBB12C6E-AFFF-4B81-B43B-D64AAE209E3C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {D7322BEC-FE11-4EDE-862A-48D24C99AA02} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-437364399-4149591236-704665920-1001UA => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {D7707A22-4B6D-4179-9C6F-E239366FF1C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {D9376591-545B-4527-8171-4207FE34C896} - \User_Feed_Synchronization-{69D52457-0F04-43FE-ACE2-EC66C4E89135} -> No File <==== ATTENTION
    Task: {FC36E975-DA36-49EA-AC08-38E32932B3A3} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-20] (Adobe Systems Incorporated)
    Task: {FC3C97C3-D920-4354-94A1-1822D5C8A381} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {FE3ACB26-5187-4F86-A7D0-E1F8A205786C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-437364399-4149591236-704665920-1001Core.job => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-437364399-4149591236-704665920-1001UA.job => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    Shortcut: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Netwide Assembler 2.11.08\nasm-shell.lnk -> C:\Users\Scott\AppData\Local\nasm\nasmpath.bat ()

    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files\nodejs\nodevars.bat"
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Cloud SDK\Google Cloud SDK Shell.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\Scott\AppData\Local\Google\Cloud SDK\cloud_env.bat""
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Any.do.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=ocgddccilgpeepgglnlpchkpgamkgmld
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Caret.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=fljalecfjciodhpcledpamjachpmelml
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Codebox For Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=olgdakcibohojhibghcbaipbjnamobhl
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Keypress Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=ghfooiajeobmcfhmajcblmompfdehnli
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Nitrous Lite.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=efdcneeepllhjlbejkfnaolelbpdacai
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Python.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=nodpmmidbgeganfponihbgmfcoiibffi
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Ra.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=egipeapdjjhflkafmacobnmdbdkanoag
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Smartsheet Chrome App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=alehdleagcgnimdipdmllebddejplpbi
    ShortcutWithArgument: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zed Code Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=pfmjnmeipppmcebplngmhfkleiinphhp

    ==================== Loaded Modules (Whitelisted) ==============

    2015-10-30 03:17 - 2015-10-30 03:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
    2016-06-04 11:23 - 2016-05-23 15:07 - 00006656 _____ () C:\WINDOWS\BinEssentials\BinEssentials1110\BinEssentials.exe
    2016-02-22 18:36 - 2016-05-02 01:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
    2015-12-28 09:45 - 2016-05-02 01:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
    2016-04-13 10:02 - 2016-05-02 01:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
    2016-02-22 18:36 - 2016-05-02 01:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
    2014-10-29 04:38 - 2012-04-24 22:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    2014-12-04 21:33 - 2015-09-15 20:23 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
    2015-08-05 23:22 - 2015-08-05 23:22 - 00710000 _____ () C:\Program Files\Bitvise SSH Server\CiProv64.dll
    2016-04-13 10:02 - 2016-05-02 01:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
    2016-04-13 10:02 - 2016-05-02 01:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
    2016-04-13 10:02 - 2016-05-02 01:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
    2016-02-08 01:17 - 2016-05-02 01:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
    2015-06-14 18:25 - 2015-05-29 14:48 - 02524160 _____ () C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe
    2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2015-12-20 10:09 - 2016-04-27 08:18 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2016-04-12 22:35 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2016-04-12 22:35 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2016-04-25 17:35 - 2016-04-25 17:35 - 00959176 _____ () C:\Users\Scott\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
    2015-09-15 14:58 - 2015-09-15 14:58 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2015-07-18 00:35 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
    2015-12-20 21:44 - 2015-12-07 00:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
    2016-05-11 08:03 - 2016-04-23 00:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2016-05-11 08:03 - 2016-04-23 00:25 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
    2014-10-31 15:17 - 2014-10-31 15:17 - 01397208 _____ () C:\Program Files\StageLight\StagelightUpdate.exe
    2015-03-06 20:07 - 2015-03-06 20:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
    2015-10-14 12:35 - 2015-10-14 12:35 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
    2015-03-06 20:07 - 2015-03-06 20:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
    2015-10-14 12:35 - 2015-10-14 12:35 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
    2016-06-03 15:03 - 2016-06-03 15:03 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
    2016-06-03 15:03 - 2016-06-03 15:03 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
    2016-06-03 15:03 - 2016-06-03 15:03 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
    2016-03-04 07:38 - 2016-03-04 07:39 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
    2016-06-14 22:54 - 2016-05-27 23:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2016-06-14 22:54 - 2016-05-27 23:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2016-06-14 22:54 - 2016-05-27 23:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2016-06-14 22:54 - 2016-05-27 23:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2016-04-13 10:02 - 2016-05-02 01:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
    2016-04-13 10:02 - 2016-05-02 01:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
    2016-04-18 20:11 - 2016-04-18 20:11 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    2015-06-14 18:25 - 2015-05-29 14:53 - 00092094 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\encdb.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00091281 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\iso_8859_1.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00094060 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\trans\transdb.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00100075 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\thread.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00303269 _____ () C:\metasploit\ruby\lib\ruby\gems\2.1.0\extensions\x86-mingw32\2.1.0\ffi-1.9.6\ffi_c.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00105661 _____ () C:\metasploit\ruby\bin\libffi-6.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 00125273 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\pathname.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00091445 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\etc.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00101750 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\io\console.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00088515 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\digest\sha1.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00104704 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\digest.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00241186 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\socket.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00161614 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\zlib.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00091648 _____ () C:\metasploit\ruby\bin\zlib1.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 00124142 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\stringio.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00332163 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\date_core.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00086552 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\fcntl.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00600425 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\openssl.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00134832 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\fiddle.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00089696 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\utf_16le.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00094098 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\trans\utf_16_32.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00112595 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\strscan.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00122431 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\psych.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00442898 _____ () C:\metasploit\ruby\bin\libyaml-0-2.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 00272054 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\bigdecimal.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00088507 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\digest\md5.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00090653 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\digest\sha2.so
    2015-06-14 18:28 - 2015-05-29 14:36 - 00111432 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\bcrypt-3.1.10\lib\bcrypt_ext.so
    2015-06-14 18:28 - 2015-05-29 14:35 - 00114272 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\json-1.8.2\lib\json\ext\parser.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00089696 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\utf_16be.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00089184 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\utf_32be.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00089184 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\utf_32le.so
    2015-06-14 18:28 - 2015-05-29 14:35 - 00133854 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\json-1.8.2\lib\json\ext\generator.so
    2015-06-14 18:28 - 2015-05-29 14:39 - 00097691 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\network_interface-0.0.1\lib\network_interface_ext.so
    2015-06-14 18:27 - 2015-05-29 14:39 - 00124436 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\bundler\gems\pcaprub-c18d552b3095\lib\pcaprub.so
    2015-06-14 18:28 - 2015-05-29 14:38 - 00384856 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\pg-0.18.1\lib\pg_ext.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00281504 _____ () C:\metasploit\ruby\bin\libpq.dll
    2015-06-14 18:28 - 2015-05-29 14:39 - 00190878 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\msgpack-0.4.7\lib\msgpack.so
    2015-06-14 18:28 - 2015-05-29 14:39 - 00242650 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\nokogiri-1.6.6.2\lib\nokogiri\nokogiri.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 01074547 _____ () C:\metasploit\ruby\bin\libxslt-1.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 00492977 _____ () C:\metasploit\ruby\bin\libexslt-0.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 04783408 _____ () C:\metasploit\ruby\bin\libxml2-2.dll
    2015-06-14 18:25 - 2015-05-29 14:53 - 00103828 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\racc\cparse.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00159140 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\dl.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 00095383 _____ () C:\metasploit\ruby\lib\ruby\2.1.0\i386-mingw32\enc\windows_31j.so
    2015-06-14 18:28 - 2015-05-29 14:36 - 01822709 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\eventmachine-1.0.3\lib\rubyeventmachine.so
    2015-06-14 18:28 - 2015-05-29 14:40 - 00113800 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\thin-1.5.1\lib\thin_parser.so
    2015-06-14 18:28 - 2015-05-29 14:39 - 00137145 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\sqlite3-1.3.10\lib\sqlite3\sqlite3_native.so
    2015-06-14 18:25 - 2015-05-29 14:53 - 02436518 _____ () C:\metasploit\ruby\bin\libsqlite3-0.dll
    2015-06-14 18:25 - 2015-05-29 14:54 - 00137728 _____ () C:\metasploit\postgresql\bin\LIBPQ.dll
    2015-06-14 18:25 - 2015-05-29 14:54 - 01080832 _____ () C:\metasploit\postgresql\bin\libxml2.dll
    2014-10-29 04:00 - 2013-09-04 11:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2015-06-11 06:55 - 2016-05-02 02:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
    2016-06-17 09:49 - 2016-06-17 09:48 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
    2015-11-17 13:44 - 2015-11-17 13:44 - 00117248 _____ () C:\Users\Scott\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
    2015-11-17 13:45 - 2015-11-17 13:45 - 00234496 _____ () C:\Users\Scott\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
    2015-11-17 13:45 - 2015-11-17 13:45 - 00253440 _____ () C:\Users\Scott\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
    2015-11-17 13:44 - 2015-11-17 13:44 - 00344064 _____ () C:\Users\Scott\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
    2016-04-18 20:11 - 2016-04-18 20:11 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
    2016-04-18 20:11 - 2016-04-18 20:11 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Windows:nlsPreferences [386]
    AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
    AlternateDataStreams: C:\Users\Scott\AppData\Local\8RlDHsncAd:nh2MKWzheso6tNcS3rekZ7VRrZX [2080]
    AlternateDataStreams: C:\Users\Scott\AppData\Local\xYINKQSDMpodVRj:IrjEqlMskg9Ib4gNnZMNGgAs5xH [2010]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\clonewarsadventures.com -> clonewarsadventures.com
    IE trusted site: HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\freerealms.com -> freerealms.com
    IE trusted site: HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\localhost -> hxxps://localhost
    IE trusted site: HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\soe.com -> soe.com
    IE trusted site: HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\sony.com -> sony.com

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 09:25 - 2015-04-30 14:28 - 00001720 ____A C:\WINDOWS\system32\Drivers\etc\hosts

    127.0.0.1 activate.adobe.com
    127.0.0.1 practivate.adobe.com
    127.0.0.1 ereg.adobe.com
    127.0.0.1 activate.wip3.adobe.com
    127.0.0.1 wip3.adobe.com
    127.0.0.1 3dns-3.adobe.com
    127.0.0.1 3dns-2.adobe.com
    127.0.0.1 adobe-dns.adobe.com
    127.0.0.1 adobe-dns-2.adobe.com
    127.0.0.1 adobe-dns-3.adobe.com
    127.0.0.1 ereg.wip3.adobe.com
    127.0.0.1 activate-sea.adobe.com
    127.0.0.1 wwis-dubc1-vip60.adobe.com
    127.0.0.1 activate-sjc0.adobe.com
    127.0.0.1 adobe.activate.com
    127.0.0.1 hl2rcv.adobe.com
    127.0.0.1 209.34.83.73:443
    127.0.0.1 209.34.83.73:43
    127.0.0.1 209.34.83.73
    127.0.0.1 209.34.83.67:443
    127.0.0.1 209.34.83.67:43
    127.0.0.1 209.34.83.67
    127.0.0.1 ood.opsource.net
    127.0.0.1 CRL.VERISIGN.NET
    127.0.0.1 199.7.52.190:80
    127.0.0.1 199.7.52.190
    127.0.0.1 adobeereg.com
    127.0.0.1 OCSP.SPO1.VERISIGN.COM
    127.0.0.1 199.7.54.72:80
    127.0.0.1 199.7.54.72

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-437364399-4149591236-704665920-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Scott\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
    DNS Servers: 8.8.8.8 - 208.104.2.36
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is disabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\Run: => "Energy Manager"
    HKLM\...\StartupApproved\Run: => "tvncontrol"
    HKLM\...\StartupApproved\Run32: => "APSDaemon"
    HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
    HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
    HKLM\...\StartupApproved\Run32: => "QuickTime Task"
    HKLM\...\StartupApproved\Run32: => "Dropbox"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "Steam"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "AirDroid 3"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "f.lux"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "CS Dispatch"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "MyComGames"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "Ditto"
    HKU\S-1-5-21-437364399-4149591236-704665920-1001\...\StartupApproved\Run: => "GoogleDriveSync"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{DEE3F93A-871B-44FA-BF95-9E777077433A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reassembly\win32\ReassemblyRelease.exe
    FirewallRules: [{9A6A0480-D6D1-4717-B067-EF79CE5DF34D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reassembly\win32\ReassemblyRelease.exe
    FirewallRules: [{28E592C2-4517-4E67-BD64-E089CBA3F52E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{F35E421B-0E68-4794-8808-79688D16A4F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{50BF6968-39AB-4BB3-9B26-27724F3A4BD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 2\Fallout2Launcher.exe
    FirewallRules: [{1F9A3181-33AF-4F6E-8FF8-52C28DAEE406}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 2\Fallout2Launcher.exe
    FirewallRules: [{D7B2104E-F65A-4D47-9520-E91D97203954}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout\FalloutLauncher.exe
    FirewallRules: [{C6B2476F-CC2A-45D8-BD8A-34355ABA1C2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout\FalloutLauncher.exe
    FirewallRules: [{EED93C68-CED8-49E8-826E-C4CB7B761D1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
    FirewallRules: [{DC5F92D4-7C2C-4070-B098-C41A8DFAED72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
    FirewallRules: [UDP Query User{0294EFBE-E473-4870-ADD7-E4FA866BE8C1}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [TCP Query User{B8737ECD-BC1A-4707-90FF-C072AD9E8F12}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [UDP Query User{B5A669CB-EBFA-4EF7-95D1-93039204D7EF}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [TCP Query User{7DF627A6-D79C-4425-96A3-D8CA931FE044}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [{D18DCC2D-3538-42F2-8077-F3B566AAD483}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
    FirewallRules: [{578C7BE5-20F1-42D8-833C-8D5BD25D8ABE}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
    FirewallRules: [{226AF666-BC59-41CD-B2E7-8D29BA6A30F4}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
    FirewallRules: [{57402AC3-0988-476E-8FFA-C9070394258C}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
    FirewallRules: [UDP Query User{9641851F-4856-4705-9A1F-2DEC65A364B0}D:\steamlibrary\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) D:\steamlibrary\steamapps\common\tribes\binaries\win32\tribesascend.exe
    FirewallRules: [TCP Query User{BEA86F9F-8AB4-4DFE-9B2B-789D888CBFD5}D:\steamlibrary\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) D:\steamlibrary\steamapps\common\tribes\binaries\win32\tribesascend.exe
    FirewallRules: [{4FF68757-DBB9-4653-AE75-F583F1990BD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\Hammerwatch.exe
    FirewallRules: [{E5BB3CD0-37A5-474C-B3A9-B2C7D899126A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\Hammerwatch.exe
    FirewallRules: [{EB445E73-3D4A-45BB-92EA-270C614713BA}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
    FirewallRules: [{F798ABD7-6835-43BF-9B2D-707B29E346C2}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
    FirewallRules: [UDP Query User{8BB9D834-6EF3-4A14-B33D-959565C8FF28}C:\program files (x86)\hammerwatch\hammerwatch.exe] => (Allow) C:\program files (x86)\hammerwatch\hammerwatch.exe
    FirewallRules: [TCP Query User{3AD8C6E9-91CC-4557-AE23-481A287C801B}C:\program files (x86)\hammerwatch\hammerwatch.exe] => (Allow) C:\program files (x86)\hammerwatch\hammerwatch.exe
    FirewallRules: [{0E3C9814-9B68-419F-9C83-4CA6DECEFCA2}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe
    FirewallRules: [{F49D74CB-FA21-4BCA-BA71-7BF26DDC7CA4}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe
    FirewallRules: [{BC15351B-B77E-4550-8245-ED7B97A49E57}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
    FirewallRules: [{5ED8A68C-580B-4A07-9674-6FCA7AF7B40C}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
    FirewallRules: [UDP Query User{EC4B92E6-F034-46CF-B4BE-6D6E441108F9}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{1909D8E4-5456-4674-8042-9247F4298D11}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{1E88D4C8-408B-4F1F-942E-233EF4FFEA5B}C:\program files (x86)\r.g. mechanics\blood bowl - chaos edition\bb_chaos.exe] => (Block) C:\program files (x86)\r.g. mechanics\blood bowl - chaos edition\bb_chaos.exe
    FirewallRules: [TCP Query User{E7254EE0-5892-46C2-8522-F670A1315F12}C:\program files (x86)\r.g. mechanics\blood bowl - chaos edition\bb_chaos.exe] => (Block) C:\program files (x86)\r.g. mechanics\blood bowl - chaos edition\bb_chaos.exe
    FirewallRules: [{6FCBC5DA-21ED-4DF6-A410-6C037DE687AE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
    FirewallRules: [{F1660F78-91F0-457B-A391-0C68C89AB884}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
     
  17. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    FirewallRules: [{87689A4C-ED6D-4284-97CC-8365113BA6A7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
    FirewallRules: [{7678B1E6-1937-4A0A-99DE-7F556F884192}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
    FirewallRules: [UDP Query User{122430D1-9683-47E3-905E-E161A0E189CB}C:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe] => (Block) C:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe
    FirewallRules: [TCP Query User{DD69BC16-699C-40A5-9E02-58DB1E9F05DB}C:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe] => (Block) C:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe
    FirewallRules: [UDP Query User{A28CC644-7A31-459E-80E3-437019C53B8D}C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe
    FirewallRules: [TCP Query User{C59BBC11-587E-43EC-963A-9E7AE516CC21}C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe
    FirewallRules: [{1B4D42F2-B2AA-4257-A078-6AFD38CE6FA2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{A06A4422-9B8F-4835-8EDD-B22AE4BC0245}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{D8A51557-8BEC-48F2-ABA9-DA95A4895C3D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{B981D4A4-D863-4989-BE3A-9F0AF2B8D4BA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{4FF81F98-A868-49B2-9EE9-0BBCF46C267D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe
    FirewallRules: [{AC41CE3F-AC20-4D81-8FA7-AC635D284854}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe
    FirewallRules: [{2B79D20A-A7F1-4FB6-ABDB-969D29F0340F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe
    FirewallRules: [{B9E2F2EB-2883-4215-8E63-78FC20BDB741}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe
    FirewallRules: [UDP Query User{D1ABFE04-F0D1-452C-B74F-B95EF027E5BF}C:\program files\unity\editor\data\playbackengines\webglsupport\buildtools\emscripten_win\node\node.exe] => (Allow) C:\program files\unity\editor\data\playbackengines\webglsupport\buildtools\emscripten_win\node\node.exe
    FirewallRules: [TCP Query User{7CC69F29-4DB0-441D-9B7D-810AF8941177}C:\program files\unity\editor\data\playbackengines\webglsupport\buildtools\emscripten_win\node\node.exe] => (Allow) C:\program files\unity\editor\data\playbackengines\webglsupport\buildtools\emscripten_win\node\node.exe
    FirewallRules: [UDP Query User{6A9E2B15-188A-483A-A451-C0555FE64AE7}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{F7D2306B-3997-4417-ABC3-3C26D323B25B}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [{0484761D-B21C-4CC3-B87A-ACD96140EB59}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{0E883DC9-2B73-41AF-8C23-747E77DBCF58}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{19BFD850-E44B-43D2-A853-D1B13BA4F3E2}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{C5A3B1A5-B2C2-40B3-ACB6-14017E4A6D5F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{D412D3ED-D2E3-4545-8EF2-896FFFF5AB4D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{1EA7F175-9BD7-4318-927D-778CCC63A307}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{D489AABF-A842-4988-97C0-3B61545A6D8C}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [UDP Query User{324160E7-7853-4D9A-941C-B09E4F12D772}C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe
    FirewallRules: [TCP Query User{D6176637-7D46-463C-B2EE-A6A4E768B150}C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe
    FirewallRules: [UDP Query User{1DC6ECD6-4E5C-47C0-94B1-EF8600932C87}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe
    FirewallRules: [TCP Query User{2A221014-5992-46DA-9B3C-A8488463E870}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe
    FirewallRules: [UDP Query User{3D746BAF-2536-46CC-98F8-65EF6C526E7E}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe
    FirewallRules: [TCP Query User{E501E945-CB1B-433B-B59B-A4FF025036C5}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe
    FirewallRules: [UDP Query User{E524D3D0-F40F-41CC-AEFE-0558355E3C38}C:\users\scott\desktop\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\scott\desktop\utorrentportable\app\utorrent\utorrent.exe
    FirewallRules: [TCP Query User{9752BC02-35F7-42AA-9ABF-23A9EFBA9EDC}C:\users\scott\desktop\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\scott\desktop\utorrentportable\app\utorrent\utorrent.exe
    FirewallRules: [UDP Query User{CAA6B9B1-D0BC-45A8-80F2-464474B8AEBF}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
    FirewallRules: [TCP Query User{437E7CC1-EB7D-47E1-ABF3-81BBA19F4736}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
    FirewallRules: [UDP Query User{AF43AE01-865D-41AB-AD4C-689E258B4F78}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
    FirewallRules: [TCP Query User{DB3F600D-AA1F-40A7-8175-A389EEC0AE0E}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
    FirewallRules: [{97B23789-5A78-403F-91E5-EB9B00F13A1B}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe
    FirewallRules: [{DC34B716-24B3-4104-9C08-38F314457B8B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{63A05E12-7746-4512-B1F5-0D35F68496AC}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2013\UnityVS.OpenFile.exe
    FirewallRules: [{F8C68D27-41AB-4023-B2E1-ECF903774485}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{F2E42333-5DA2-470D-B3BA-1EB092F21E6B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{0378D620-897D-4805-99C5-91B58FC4ACA4}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
    FirewallRules: [{E44F458D-AD61-49E2-AC81-FCF660D51339}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
    FirewallRules: [{D733C4DF-EE73-487E-8FB2-6198BB7C065E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
    FirewallRules: [{9AECA665-2A42-49DE-8E07-A8C3941F8F90}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
    FirewallRules: [{1DDCC6B9-481F-452E-93DD-F064EFC0DEAA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{C5FA78DF-F6E3-4C59-A4F8-A3140E633BF6}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{73C2BC81-EB71-4B42-B326-3CBD19DBEF07}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
    FirewallRules: [{1FFF2232-F6F9-4AF1-9FBC-1CD31A312627}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
    FirewallRules: [{9EA390DA-3B4D-4FCF-8E74-8093122E705D}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{200056E4-16FC-4CA6-8007-FEDA33548DD0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{6293F061-74B1-4B40-92C1-11F9AD8B2E49}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{117B0EA1-4A89-4A26-8D12-865BE46E7DA0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{1FE173B8-DEC8-4693-A857-17E96A1A6A55}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{02445EB3-5045-40AF-A924-4446986DBD51}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{EB891616-2E04-4A3E-B19C-47E29D004D16}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{EDFC77B1-10A1-42CB-B376-339A67E92CE6}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{EC16CF82-7649-4C85-B2CC-7A7FD3ADF8B1}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{9FA7FF94-CC46-4AA3-87BE-8C806D1ECFED}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{69107F15-4970-4AB0-9D28-AFF7EC1C14F3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [TCP Query User{02F2FB2A-46ED-47A2-AADE-3EB61EC495FC}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
    FirewallRules: [UDP Query User{4927B1F1-0720-44BE-8C69-519FA60BD2CA}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
    FirewallRules: [TCP Query User{00FBC6DC-EEB7-4B59-BE1A-5DA37C7D28E8}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{5650A6B8-B569-4AD1-980E-DA78FDE4392A}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [{4E3D12F8-640D-4A0E-82FD-E384FFB447CA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
    FirewallRules: [{98A2A6D1-E917-4839-8841-D6282D4DE87D}] => (Allow) C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{1E3EF270-9A93-4C7C-AEC0-98DEC2C218ED}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{DF91577A-4E46-477E-A2A6-CF49C94C04BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{63DEB0AF-E5A9-4DF5-BC42-CD3F616DEDED}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{5C725C77-DAC7-47CF-BC7B-57E2222F03A3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{BB7C0E48-3901-4F60-AD6C-4AFED875600D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
    FirewallRules: [{6D0CBEE4-621D-46E6-9B34-460B01DC48C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
    FirewallRules: [TCP Query User{427DECF8-56A9-47BD-851D-6800F3C2ABE5}C:\program files (x86)\xbmc\xbmc.exe] => (Block) C:\program files (x86)\xbmc\xbmc.exe
    FirewallRules: [UDP Query User{5ED407F8-3512-46E2-A222-08377F15A6C9}C:\program files (x86)\xbmc\xbmc.exe] => (Block) C:\program files (x86)\xbmc\xbmc.exe
    FirewallRules: [TCP Query User{DF2D6FC0-F50D-4716-8809-B1761CFE370B}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{8B5BA331-DECC-4A8D-89C5-FCF6239AC2CE}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{DBF9160E-C8FF-4A13-A9F0-E4D99D4E7024}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{F15CD4F5-834F-427A-BEC7-05546F2F308B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{3436CB03-C6AE-41AB-BDA0-FE65AFFA40A6}] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{51237D64-4904-471E-AD96-01861785D155}] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{1FFAAE6A-7F3B-4089-8320-D598C92AED1B}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
    FirewallRules: [{29AABA3B-FAF0-4BD4-A400-8BDA74DF1054}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
    FirewallRules: [{7BFAED26-4694-4B0D-8AE2-272902466D82}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
    FirewallRules: [{DEE47194-A11A-4864-92E1-C3AD91F7C942}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{C6B65417-C67F-4715-A0BE-C874CAC7242E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{E623BA45-60B4-438E-9AA8-14A7953E928F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{97BB5314-C755-4FE6-9A00-A985B1CEE8E3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{5156BC3D-53C3-4B9B-A35E-D9879EA5FBB2}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [{6A861494-D468-499A-8B1D-DC59319B301A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [TCP Query User{44810F69-54AE-4649-9F42-AF0BD71F1603}C:\program files (x86)\airdroid\airdroid.exe] => (Block) C:\program files (x86)\airdroid\airdroid.exe
    FirewallRules: [UDP Query User{9C611B2D-6D35-46E8-8F90-7EEB66A928CB}C:\program files (x86)\airdroid\airdroid.exe] => (Block) C:\program files (x86)\airdroid\airdroid.exe
    FirewallRules: [{ADC78B1C-CDE6-4692-864A-7EC3297D6198}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{DD414C32-5658-44F8-85F7-D044AB492570}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{392D7785-08A2-4A5B-9A07-83E872143F08}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{27264615-61DD-4FDD-9B32-C36758B93382}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{5B4B0326-02CF-481B-B241-949417147729}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{6F2991B7-1A66-4488-B303-9B7B8DDBF36A}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{7B2C1AD3-C327-4F56-AD35-17D06B69BC22}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{AD106ADC-8388-446F-987E-3E1C2CE1015E}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
    FirewallRules: [{DB3535DA-EE69-43E3-8DE9-3DF02F6F8623}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
    FirewallRules: [{25FE024A-E89C-4EFD-B9CE-07EE0F8AD129}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{292B7E7F-B957-49E7-B468-CD52D5ABF213}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{531811B7-69BA-4E5F-A12A-50A0DF07DA61}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{265693C8-A135-448B-BF4E-C6B5CDEFAC35}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{E92B29E3-8A9E-45C8-AA6A-A76DF8148C8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
    FirewallRules: [{73775A14-22E3-4842-9C0E-031451F2E188}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
    FirewallRules: [{EE67B90F-1D76-4365-BCEC-755687286F9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
    FirewallRules: [{941CC227-47CB-4A0C-8A5E-794B82924E6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
    FirewallRules: [TCP Query User{6978B4F1-E69A-4E77-86CA-AD19984614CC}C:\program files (x86)\snowflake suite\bin\release\snowflake.exe] => (Block) C:\program files (x86)\snowflake suite\bin\release\snowflake.exe
    FirewallRules: [UDP Query User{AB048532-CF06-48E7-9E5C-654A8F4ABAB4}C:\program files (x86)\snowflake suite\bin\release\snowflake.exe] => (Block) C:\program files (x86)\snowflake suite\bin\release\snowflake.exe
    FirewallRules: [TCP Query User{919DC28A-B882-4391-A550-07D39EC22195}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
    FirewallRules: [UDP Query User{7AF9158F-9175-413F-BBD5-18DDFD84DC86}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
    FirewallRules: [{EAF039C5-26D6-4321-9AAD-944E818D529C}] => (Block) C:\games\world_of_tanks\wotlauncher.exe
    FirewallRules: [{C131AC89-50C1-4832-927C-339E9B6A9708}] => (Block) C:\games\world_of_tanks\wotlauncher.exe
    FirewallRules: [TCP Query User{698B2E09-3454-4E3B-B5BD-E9BEB8AC34B7}C:\program files (x86)\brackets\node.exe] => (Block) C:\program files (x86)\brackets\node.exe
    FirewallRules: [UDP Query User{33A42994-ADF1-4A06-83D2-3F52D189E9FA}C:\program files (x86)\brackets\node.exe] => (Block) C:\program files (x86)\brackets\node.exe
    FirewallRules: [TCP Query User{6543A478-4ACD-48B5-A207-9FE42A6E00DC}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
    FirewallRules: [UDP Query User{94CA9780-453C-4A83-8062-648578AE10C6}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
    FirewallRules: [TCP Query User{4F49A2E1-BC38-4160-8CB9-6DCEE3CA93FD}C:\program files (x86)\unity\editor\unity.exe] => (Block) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [UDP Query User{A6B1FFEE-DC4E-437E-A561-1E4634291072}C:\program files (x86)\unity\editor\unity.exe] => (Block) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [TCP Query User{FE7961E9-86FE-46B1-8131-938067069F71}C:\program files\java\jdk1.8.0_25\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_25\bin\java.exe
    FirewallRules: [UDP Query User{28DAAA4F-BA1F-4902-A787-A7A677C5FA77}C:\program files\java\jdk1.8.0_25\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_25\bin\java.exe
    FirewallRules: [{B5F5DBB3-2152-49A5-A506-6BE4B034BA16}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{7F353CAC-7B4C-49B9-893A-B853F7B234D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{C0B79D86-EE14-418A-9AFB-D9B29457D84A}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
    FirewallRules: [UDP Query User{BB4236CA-A52A-4C98-9D36-B0812501E806}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
    FirewallRules: [{AA7B9E25-36F8-4648-806B-ACBC00CA75D4}] => (Block) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
    FirewallRules: [{33482519-3DEE-4E68-93F5-7B49E8F4D12D}] => (Block) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
    FirewallRules: [{95B2F7CF-9103-4A5B-8DB5-826AFDD96582}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GearUp\bin64\Traktor.Amalgam.App.exe
    FirewallRules: [{E5336FED-C724-45E0-81D7-A3E665A221FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GearUp\bin64\Traktor.Amalgam.App.exe
    FirewallRules: [TCP Query User{A6CEC17A-3F73-4676-ABF9-5B261FA3BFE0}C:\users\scott\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\scott\appdata\roaming\utorrent\utorrent.exe
    FirewallRules: [UDP Query User{4E2B8688-BC91-49FC-9C6E-349898B4213A}C:\users\scott\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\scott\appdata\roaming\utorrent\utorrent.exe
    FirewallRules: [{2446E73C-AA32-4CB1-90F7-AACD9561F1DC}] => (Block) C:\users\scott\appdata\roaming\utorrent\utorrent.exe
    FirewallRules: [{406091FE-4E8D-4BDE-8314-709D116BD3CB}] => (Block) C:\users\scott\appdata\roaming\utorrent\utorrent.exe
    FirewallRules: [{CE15B7F5-ECFB-4A4D-ADED-01CBE9627C45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
    FirewallRules: [{601AB2E4-D575-4FEF-B42B-4C10062AF9BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
    FirewallRules: [TCP Query User{A9A1DC8B-9A64-48E9-A4E3-21D656F71C01}C:\program files (x86)\popcorn4tv\popcorn4tv.exe] => (Allow) C:\program files (x86)\popcorn4tv\popcorn4tv.exe
    FirewallRules: [UDP Query User{90D1BAAE-DFD0-43BF-8421-F7CA45873E98}C:\program files (x86)\popcorn4tv\popcorn4tv.exe] => (Allow) C:\program files (x86)\popcorn4tv\popcorn4tv.exe
    FirewallRules: [{38F496B9-5A9E-4735-88A8-5BF5553F6A4C}] => (Block) C:\program files (x86)\popcorn4tv\popcorn4tv.exe
    FirewallRules: [{6C0B6317-C4B8-419A-8197-3452B4B4DDCC}] => (Block) C:\program files (x86)\popcorn4tv\popcorn4tv.exe
    FirewallRules: [TCP Query User{BD96121D-29CE-4228-94D7-5BEF026E6526}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
    FirewallRules: [UDP Query User{723871E8-8DA0-4073-B56D-FD34F0D6F41A}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
    FirewallRules: [{F5FB10AD-F10F-4954-8D6B-23B9B328664D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
    FirewallRules: [{2647D4E8-AD4B-4A65-B8A2-F5F0AE982AF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
    FirewallRules: [{4357C94A-86B9-4541-BAE6-653E2082015F}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
    FirewallRules: [{BDDD2A46-3125-4AEA-BDA6-AF8891B58A5F}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
    FirewallRules: [{8AEB31F3-2491-4358-92D4-A662E5AF8A26}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
    FirewallRules: [{3A996999-7CDA-4AF0-AC82-0B9DBEDAA24E}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
    FirewallRules: [{413CCA12-0F6E-41CB-82A7-19A74B95430B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{6B8D5E82-4668-4111-8FBC-6775E132E538}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{7122BBFF-EA28-462D-93B8-D9E0D6A9ABB9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{D22492EB-D95F-4128-B03E-08E7F796C503}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [TCP Query User{30F21C5E-483F-4FDF-A0C2-9A1CBB73D5A7}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
    FirewallRules: [UDP Query User{34C83DA7-E42A-4746-AC61-D8F65F2D85EB}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
    FirewallRules: [{EEBFFC3C-E1D2-482B-AC48-0F75F9629129}] => (Block) C:\program files (x86)\kodi\kodi.exe
    FirewallRules: [{C73D19B5-AFA0-4E09-98AE-F5C530E2052E}] => (Block) C:\program files (x86)\kodi\kodi.exe
    FirewallRules: [TCP Query User{BEDDE179-3AFF-4AF2-8E6C-196E99FE6E0A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{CBDC26B8-B003-463B-AEFE-AEF0C9284343}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [TCP Query User{EECBE9FF-0093-4FF4-9D3D-7E385FC8FA05}C:\program files (x86)\ubisoft\far cry 4 inc. valley of the yetis\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\far cry 4 inc. valley of the yetis\bin\farcry4.exe
    FirewallRules: [UDP Query User{D251BC32-BD87-426F-AF43-176A0D1E1C63}C:\program files (x86)\ubisoft\far cry 4 inc. valley of the yetis\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\far cry 4 inc. valley of the yetis\bin\farcry4.exe
    FirewallRules: [{DF46E02A-E3CB-4E3C-8BC2-CF82E446CC29}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
    FirewallRules: [{4AC21FD9-68D0-4B1E-ABAE-88F3BA53797A}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
    FirewallRules: [{FEFCE374-C445-4CA7-A3CA-3F628F4B3299}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
    FirewallRules: [{3D84A9BB-F991-47CA-8C37-41769C96773C}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
    FirewallRules: [{E7B2E059-F4C9-4E3F-A882-BB9A7DE0D476}] => (Allow) C:\ProgramData\Turbine\DDO Unlimited\dndclient.exe
    FirewallRules: [{6D4C68E4-8314-40AC-BC69-C490E8EEBE28}] => (Allow) C:\ProgramData\Turbine\DDO Unlimited\dndclient.exe
    FirewallRules: [{96BABDFA-492B-4CFA-B4B9-68D7155709BF}] => (Allow) C:\ProgramData\Turbine\DDO Unlimited\TurbineLauncher.exe
    FirewallRules: [{F5CEDFDA-CA97-4E1F-959C-90F896621062}] => (Allow) C:\ProgramData\Turbine\DDO Unlimited\TurbineLauncher.exe
    FirewallRules: [TCP Query User{B570D40C-F5EC-453C-9FCE-97703F4FF302}C:\users\scott\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\scott\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{E7074929-E825-4B34-AC4F-742F5775922F}C:\users\scott\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\scott\appdata\local\akamai\netsession_win.exe
    FirewallRules: [{1C008720-7EFC-4A6A-837A-E6FE9CC934FF}] => (Allow) C:\Users\Scott\AppData\Roaming\BitTorrent\BitTorrent.exe
    FirewallRules: [{2EED86FD-B769-419F-8E9F-8FCA6AE5F070}] => (Allow) C:\Users\Scott\AppData\Roaming\BitTorrent\BitTorrent.exe
    FirewallRules: [TCP Query User{95F96EF0-059B-421B-B557-B139ABD65D9C}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
    FirewallRules: [UDP Query User{0183566E-749B-4632-B852-8D52041763CD}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
    FirewallRules: [TCP Query User{B95F1FDB-8C33-4A32-819D-308B7053A205}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.1\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.1\bin\idea.exe
    FirewallRules: [UDP Query User{E0797290-BAC9-4190-A9F2-39F17725F6D1}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.1\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.1\bin\idea.exe
    FirewallRules: [{9631842C-A6B4-4878-BB36-9110C3D4F053}] => (Block) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.1\bin\idea.exe
    FirewallRules: [{192F8DA6-A468-442E-9F3C-A6671925DAD5}] => (Block) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.1\bin\idea.exe
    FirewallRules: [{2E557DF7-31A8-41F2-82C1-4A4555A7C422}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
    FirewallRules: [{9F93CBFB-3713-4285-91B9-CB85CECF2A4D}] => (Allow) C:\Users\Admin\AppData\Local\Temp\nsdF533.tmp\CnetInstaller-10855016.exe
    FirewallRules: [{FF322227-D262-408D-AE75-1A7A6BC17D71}] => (Allow) C:\Users\Admin\AppData\Local\Temp\nsdF533.tmp\CnetInstaller-10855016.exe
    FirewallRules: [{7A046935-8AD4-4D88-A7DF-ED08C9EAA4CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Firefall\system\bin\FirefallClient.exe
    FirewallRules: [{5773F60B-6D8E-4937-90DD-EAD06C196992}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Firefall\system\bin\FirefallClient.exe
    FirewallRules: [TCP Query User{1DB1300C-7A79-4A22-A15C-C7768F2D9B7F}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
    FirewallRules: [UDP Query User{7360E101-3CCF-4F2D-8235-D903FF5EBC5F}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
    FirewallRules: [TCP Query User{3EC6C35C-3B89-4CDF-B051-E41FB77A922B}C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe
    FirewallRules: [UDP Query User{F02391FD-99FE-44C4-8A13-F93447E46F61}C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe
    FirewallRules: [TCP Query User{F8812981-FB59-4C69-990F-54606EF48A65}C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe
    FirewallRules: [UDP Query User{47E84D5D-0672-4DAA-83CA-981CCEED64CE}C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm community edition 4.0.6\bin\pycharm.exe
    FirewallRules: [{CA4D5D06-5F80-4D92-936F-855E712BEEC6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{2BC7E98F-EBC2-4EDC-87BF-7D083C197896}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{9E6B1CB8-82D7-4263-A395-3F3E1AC55C3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{808CAD6C-C0FE-4040-8687-EF1330F8743B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [TCP Query User{CE59D47D-FF9C-448A-8069-CB3730856984}C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Block) C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe
    FirewallRules: [UDP Query User{7B701AA5-D203-4D53-A292-A941452B3596}C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Block) C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe
    FirewallRules: [{51F985FF-61AC-465B-8A02-002DFE6A43AB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{EBF56E04-B97F-4AEA-984B-9B5FE5639399}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{4916580A-03AB-4DFF-9391-CC5EF326A290}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{DB83AA73-B630-4C92-BF76-39732B3D3AAE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{2149B1B5-B844-4352-AF18-AF023387E36F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    FirewallRules: [TCP Query User{A6C76367-5B5E-4E85-8199-4DC055C99359}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [UDP Query User{0E3CA6D0-1B0C-4BF0-A242-8A3103077A9C}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [TCP Query User{1AA7D9DC-36E4-4672-BE9C-221588CF5FED}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
    FirewallRules: [UDP Query User{0340CD79-A147-4D1C-88C3-E79A8C05C7D2}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
    FirewallRules: [TCP Query User{DA9001DB-F196-4018-A0DA-B70AF97F10C9}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
    FirewallRules: [UDP Query User{005FC4B0-821A-4C22-B465-FD2FADB8613E}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
    FirewallRules: [TCP Query User{6F6DFD57-F185-4C11-B441-2F2E6619C545}C:\program files\java\jdk1.8.0_45\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_45\bin\java.exe
    FirewallRules: [UDP Query User{720C451B-5BEE-4934-AF2E-8BBE9B40E69F}C:\program files\java\jdk1.8.0_45\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_45\bin\java.exe
    FirewallRules: [TCP Query User{F1BF682D-0CBA-4F4F-86D9-D1B38FEAAFBB}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe
    FirewallRules: [UDP Query User{827AD84C-C807-4C2A-9C39-F80FA20D186B}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe
    FirewallRules: [TCP Query User{51E4B9DC-CB9D-4EC0-9566-0A707F6C3B68}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe
    FirewallRules: [UDP Query User{8CA077EF-1C9D-494B-B17F-638E85A2AD1B}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe
    FirewallRules: [TCP Query User{F4E7EBBC-226D-4868-9ECD-F6DC756E9846}C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe
    FirewallRules: [UDP Query User{EF35DB27-9341-4D49-B632-4321ECBDDBAA}C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe
    FirewallRules: [TCP Query User{DEF3FDE8-2E24-4692-81BC-5BF88CBF2B65}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe
    FirewallRules: [UDP Query User{17220E90-0EAF-47B5-A291-0DF0E6775CA4}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\bin\idea.exe
    FirewallRules: [TCP Query User{3AD3D987-C7B5-43EB-8346-79469BFEC84D}C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe
    FirewallRules: [UDP Query User{1BBB473F-71EB-4A70-BACF-9728E5A95E8B}C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_25\bin\java.exe
    FirewallRules: [TCP Query User{556B06B8-FEFC-4AFB-8B38-C0EC49457D77}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe
    FirewallRules: [UDP Query User{9FC6990A-7BBE-4C8E-8805-1A90FFB061EF}C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 14.1.3\jre\jre\bin\java.exe
    FirewallRules: [TCP Query User{1A84B5EC-F676-4AB6-912E-7910BF6BA13B}C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Block) C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe
    FirewallRules: [UDP Query User{B03024C2-75E7-43AC-871E-373FA0215BFA}C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Block) C:\users\scott\appdata\roaming\utorrent\updates\3.4.3_40298.exe
    FirewallRules: [TCP Query User{CA38C9B2-5F1B-438E-A96E-65679721E127}C:\program files\java\jdk1.8.0_45\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_45\bin\java.exe
    FirewallRules: [UDP Query User{B5117CB8-1565-45D7-A742-2CBDE99F2122}C:\program files\java\jdk1.8.0_45\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_45\bin\java.exe
    FirewallRules: [TCP Query User{8654AE78-1FA4-4A11-8DFC-606E169DE890}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [UDP Query User{B0DF1965-4713-4EA8-A9DE-02FCD0802497}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [TCP Query User{8EC1A092-6A29-41DD-95FB-E93533AFB8FF}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [UDP Query User{6AE92DD2-742B-4D63-A525-A97DD3FA3D1F}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [TCP Query User{47C2E813-8EBC-4EA2-A8C7-802763C59CF5}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [UDP Query User{B0D1AE50-F9F6-4C43-9589-BE4CF6FE9803}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [{EA5877F7-DEAC-4D05-9833-7A391FB6F8CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{76415A1D-0BD2-4C8E-8013-165D5B14C572}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{0B1BB7EA-0394-49AE-B6CE-2881C6AD0B02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{9080CFEC-66CA-4148-B552-59A2FBF9F917}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{D7419AB9-DE6A-48B6-898F-4B18B257CDE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [TCP Query User{4D303B5F-F526-4F93-B407-C536337839DD}C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe
    FirewallRules: [UDP Query User{8F121018-0545-4EBC-9484-5342F8FB0A45}C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\scott\downloads\utorrentportable\app\utorrent\utorrent.exe
    FirewallRules: [{2EC2D1A9-CA59-4611-8D05-1A506EB1B890}] => (Allow) LPort=12292
    FirewallRules: [{66F7879C-4F82-4EA0-ABFC-1B33C6C34FC7}] => (Allow) C:\Users\Scott\Desktop\DxtorySetup2.0.133-70994460.exe
    FirewallRules: [{7AD88666-06E5-4472-B268-058EB3F1F86A}] => (Allow) C:\Users\Scott\Desktop\DxtorySetup2.0.133-70994460.exe
    FirewallRules: [{2563C4F5-D851-4EAC-BFF9-BFE618A57364}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
    FirewallRules: [{A583BBA3-236E-42EC-9998-BA188BD29041}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
    FirewallRules: [{6F182F82-CEB9-48C1-BE2D-69F7CA6CA004}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
    FirewallRules: [{C933828D-E79E-440C-A35F-B5BA1A4258D2}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
    FirewallRules: [{7D8FE4FD-37A7-41F2-A8C5-9456A1966B79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
    FirewallRules: [{E828E815-5AF9-4FF7-A77C-9AFF4FC9DA43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
    FirewallRules: [{3EAABE6E-83BE-4BBE-BB40-C3804BFCCCC6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{F89CB547-125E-4093-9055-C6C16E95EB85}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{0BD2BC71-61C5-422D-85A5-118A01B8AF15}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{B91DD3C5-7C03-4CA1-B7A3-F8B8D1D8A3E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{D6C549A7-9C26-4FFC-8F69-AC8CBA1C194C}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64\Editor.exe
    FirewallRules: [{0EE55334-1887-4397-A232-CE42576D71B6}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64\Editor.exe
    FirewallRules: [{96F44D29-D9ED-4236-9A37-695E57D22843}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64\GameSDK.exe
    FirewallRules: [{058B87EA-E8B5-4895-872B-D66001D73B55}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64\GameSDK.exe
    FirewallRules: [{7DB3C4E5-D895-4114-BD95-A4EE464B840C}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64_release\GameSDK.exe
    FirewallRules: [{4BA59855-107C-465F-B987-4E976227F7CF}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64_release\GameSDK.exe
    FirewallRules: [{85C29762-EA5C-4426-B623-B6A7F08F9FB3}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86\GameSDK.exe
    FirewallRules: [{F5CD505D-43E8-4D4D-AB80-F8236AD83F0A}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86\GameSDK.exe
    FirewallRules: [{55163B10-14BD-4B8B-97E9-549350DFC8AF}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86_release\GameSDK.exe
    FirewallRules: [{D127F3C6-F7D2-4048-8E5D-A652381EB8A2}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86_release\GameSDK.exe
    FirewallRules: [{E6097CE1-5105-480E-B388-57552EECDF4C}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
    FirewallRules: [{9554DA22-FD97-48E2-ACA4-25BD46A18B38}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
    FirewallRules: [TCP Query User{37880A45-17D2-44BA-8D04-79D8703086C9}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
    FirewallRules: [UDP Query User{644F2853-32B8-4305-A865-ADA10B9182F8}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
    FirewallRules: [{92C11C30-5720-47AC-A399-4E9BF8E463C3}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64\GameSDK.exe
    FirewallRules: [{78C08C55-3A84-45BB-814F-99CAE88B77C9}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64\GameSDK.exe
    FirewallRules: [{1D2DA952-5318-4661-BD89-33A19A06C9B1}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64_release\GameSDK.exe
    FirewallRules: [{9068B9D4-8400-45FE-816B-E443EC223BB4}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x64_release\GameSDK.exe
    FirewallRules: [{4F771628-5969-4B26-B875-1F1321F5AB90}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86\GameSDK.exe
    FirewallRules: [{E75272B7-7128-43FE-89DE-26212B248B9D}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86\GameSDK.exe
    FirewallRules: [{36613AD2-8516-431A-A99E-BE29CA9F3A19}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86_release\GameSDK.exe
    FirewallRules: [{41FDF913-56E4-4EA4-94DB-F463EB129910}] => (Allow) D:\SteamLibrary\steamapps\common\CRYENGINE\bin\win_x86_release\GameSDK.exe
    FirewallRules: [TCP Query User{AFBEBA24-663E-4719-A52E-941799904FF6}C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe
    FirewallRules: [UDP Query User{56B9F099-F98A-4549-9195-B1563E31C86D}C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe
    FirewallRules: [{4E08063A-59BC-40B0-9256-78DFB77C60C9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{88A6380B-9773-4E41-9105-2FD85F70AD77}] => (Allow) LPort=2869
    FirewallRules: [{72EABC08-031D-4371-9551-293D145020ED}] => (Allow) LPort=1900
    FirewallRules: [{F1A6BB8E-CCE6-4A86-B495-B26E7F4778D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{F14BF63C-3495-4B30-AC09-A0F4DAB760AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{5DA32D01-A3E6-4C8B-B9AB-7C9ADD8846E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{14C51B5C-7F58-4EA0-ADCE-1044487EE703}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
     
  18. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    FirewallRules: [{B0708F41-C902-44B8-9692-7564FD53920A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{1574036E-9155-4106-947E-1D673563D747}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{BE6B6590-6FB6-4020-B71B-27CF90854BAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{897C8A5C-5A07-4F15-BCCA-9F6CC8317C6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [{D025E8DB-C65C-432C-AAD0-155FF798754F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{515C2ACC-F53C-4C83-AD8C-629FE0284FA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{0FEC6983-2669-4E28-AB0E-381FDFE2D7A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{6B2FEB4D-F6EF-4631-97C2-5AC7F5E65826}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{E6D25A83-B6A8-4253-94DB-E0DAC5048A3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{4D22F04C-6704-4052-A34E-A90E7B5CEBC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [{134B976B-E09D-4908-B96C-8BBF4AFBBE21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
    FirewallRules: [{34F5DF65-950B-4253-844B-9B833F402A56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
    FirewallRules: [{9A908749-4D51-447F-8853-FFA944B9C4AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
    FirewallRules: [{7DC5CE0D-2201-493A-801C-C8BD1D9DED46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
    FirewallRules: [{9647E6C3-4242-4E98-ABCB-ACBA2F11159E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\HammerEditor.exe
    FirewallRules: [{FA431A2A-5226-4D3A-B00C-225AD20E3938}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\HammerEditor.exe
    FirewallRules: [TCP Query User{A6ECF8FE-23AA-495F-B506-79BC28449619}C:\program files (x86)\jetbrains\datagrip 1.0.1\jre\jre\bin\java.exe] => (Block) C:\program files (x86)\jetbrains\datagrip 1.0.1\jre\jre\bin\java.exe
    FirewallRules: [UDP Query User{93D74231-13A8-4BCD-8DA2-C01B13F2DB33}C:\program files (x86)\jetbrains\datagrip 1.0.1\jre\jre\bin\java.exe] => (Block) C:\program files (x86)\jetbrains\datagrip 1.0.1\jre\jre\bin\java.exe
    FirewallRules: [TCP Query User{937D7AFC-4EEA-45FF-8936-7DCE46428919}C:\program files (x86)\jetbrains\datagrip 1.0.1\bin\datagrip.exe] => (Block) C:\program files (x86)\jetbrains\datagrip 1.0.1\bin\datagrip.exe
    FirewallRules: [UDP Query User{98C0A7F9-65E0-485F-AC2C-77FAE0EB7A25}C:\program files (x86)\jetbrains\datagrip 1.0.1\bin\datagrip.exe] => (Block) C:\program files (x86)\jetbrains\datagrip 1.0.1\bin\datagrip.exe
    FirewallRules: [TCP Query User{357CE253-4815-4542-9688-C21DAA09D43B}C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe
    FirewallRules: [UDP Query User{E0F06926-01A2-4CD9-B6C2-7F4F72A06743}C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe
    FirewallRules: [TCP Query User{C3C183ED-3760-45CE-9C2E-1F7FD28F022A}C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe
    FirewallRules: [UDP Query User{465FB1AE-29D9-44DA-AAFF-7DC9CF947FB9}C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea 15.0.3\bin\idea.exe
    FirewallRules: [TCP Query User{581609B4-DC22-4476-A825-BF91A83A585C}C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe
    FirewallRules: [UDP Query User{D0F73A24-C460-4DB6-9AE7-0820519E0E15}C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 10.0.3\bin\phpstorm.exe
    FirewallRules: [TCP Query User{A172BC76-1CAB-4456-80D5-54CD559340FD}C:\program files (x86)\jetbrains\phpstorm 10.0.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 10.0.3\jre\jre\bin\java.exe
    FirewallRules: [UDP Query User{2A43EF65-337E-47C4-B986-F5C6E49B5085}C:\program files (x86)\jetbrains\phpstorm 10.0.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 10.0.3\jre\jre\bin\java.exe
    FirewallRules: [{F87601B9-3D49-493D-83E5-21429C131B17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
    FirewallRules: [{53E601A7-51BD-4857-8989-552637FF8D27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
    FirewallRules: [{7235F66D-4AA1-43E0-833A-254F773892CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
    FirewallRules: [{9282BDF3-3779-472B-A8F9-BDD6BF70CF16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
    FirewallRules: [{15315158-FDB6-4E95-B0AD-F71E410B0851}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TalesMajEyal\t-engine.exe
    FirewallRules: [{D91252FC-589E-47BB-AFFF-D524DCE683ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TalesMajEyal\t-engine.exe
    FirewallRules: [{C4BAA3E8-20E7-43B9-A9C2-B4B1C3E52486}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
    FirewallRules: [{A9AA9E58-DC17-4E2E-BCFB-4915D4B36F0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
    FirewallRules: [{7C7EF64F-A93E-47EA-ACF2-74A1BC097E7A}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe
    FirewallRules: [{2A391C1C-DC7C-4517-BD0A-B0C318CFCCB3}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe
    FirewallRules: [{CDF91773-2480-4A29-88A8-6AAA60251221}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
    FirewallRules: [{73AEBE7E-43DE-4FC0-842D-EFB386D5DA2E}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
    FirewallRules: [{2AEB39A1-8856-46EF-AB10-052A63272B10}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\skse_steam_boot.exe
    FirewallRules: [{67824E2F-8427-4FF1-ABDA-8D494DBAD7BF}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\skse_steam_boot.exe
    FirewallRules: [{726B9132-A1DC-40AB-ACD5-A2B85D42ED7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reassembly\win32\ReassemblyRelease.exe
    FirewallRules: [{A4852DF8-2AEB-449C-92F7-427C6F327C9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reassembly\win32\ReassemblyRelease.exe
    FirewallRules: [{BD261B21-A6BF-494E-B8CC-0D3BBBF682DD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    FirewallRules: [{0574CEA4-BD17-4DE7-9D9F-49E483F1DCD7}] => (Allow) C:\Users\Scott\Downloads\uTorrentPortable\App\uTorrent\uTorrent.exe
    FirewallRules: [{E3E23095-9447-49BE-9016-FB68CB342371}] => (Allow) C:\Users\Scott\Downloads\uTorrentPortable\App\uTorrent\uTorrent.exe
    FirewallRules: [{9F71856B-24F0-483C-B65B-4912B42762A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
    FirewallRules: [{03171EF6-5EE9-405F-B4D9-92B72395C7F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
    FirewallRules: [{A4792ACA-8750-4284-8AA3-B4450645ECD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KOAReckoning\Reckoning.exe
    FirewallRules: [{5CF13158-ACB7-4601-B5A4-0E6875458045}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KOAReckoning\Reckoning.exe
    FirewallRules: [{27476A3D-4C5D-4D0C-85A1-1BE60B2FE6E4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{855A0375-0917-4B8B-BB12-712E3EE328CB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{FB41BC35-4F7B-44C5-BD68-58D467BF4F0E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
    FirewallRules: [{44DE7B2A-1A99-4669-B039-72457174E1E3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
    FirewallRules: [{2B8DF882-BAF1-444F-9DDB-FFA1D0D0A256}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [{5E4D6687-0B10-4ADF-BDB8-0C0BA588D5AB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [{604A71D6-A65C-4123-8A33-0865A9594E58}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
    FirewallRules: [{AC589DE8-F64A-449A-8CD8-D8F4FAD7397D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
    FirewallRules: [{AB2EB77C-CA24-4267-A3BE-7FC0FD9AC324}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{BD66C209-8DDD-4D7A-BC4B-B0CD76373D89}] => (Allow) C:\Program Files\Bitvise SSH Server\BvSshServer.exe

    ==================== Restore Points =========================

    21-06-2016 09:54:51 JRT Pre-Junkware Removal

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/21/2016 09:05:58 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.36, time stamp: 0x56eb679c
    Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a84cbb
    Exception code: 0xc000027b
    Fault offset: 0x00166fb1
    Faulting process id: 0x1d2c
    Faulting application start time: 0xSkypeHost.exe0
    Faulting application path: SkypeHost.exe1
    Faulting module path: SkypeHost.exe2
    Report Id: SkypeHost.exe3
    Faulting package full name: SkypeHost.exe4
    Faulting package-relative application ID: SkypeHost.exe5

    Error: (06/21/2016 06:28:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 4766

    Error: (06/21/2016 06:28:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 4766

    Error: (06/21/2016 06:28:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (06/21/2016 06:28:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 3657

    Error: (06/21/2016 06:28:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 3657

    Error: (06/21/2016 06:28:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (06/21/2016 06:28:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 2547

    Error: (06/21/2016 06:28:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 2547

    Error: (06/21/2016 06:28:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    System errors:
    =============
    Error: (06/21/2016 09:08:56 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

    Error: (06/21/2016 05:22:58 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

    Error: (06/21/2016 05:20:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/21/2016 03:10:34 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

    Error: (06/21/2016 01:42:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The User Data Access_ddda0b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (06/21/2016 01:42:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The User Data Storage_ddda0b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (06/21/2016 01:42:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Contact Data_ddda0b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (06/21/2016 01:42:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Sync Host_ddda0b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (06/21/2016 01:42:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/21/2016 11:48:33 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}


    CodeIntegrity:
    ===================================
    Date: 2016-06-21 12:20:10.194
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-06-21 09:43:18.928
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2016-06-21 09:43:18.915
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2016-06-21 09:43:18.885
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2016-06-21 09:39:41.601
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-06-21 09:39:41.588
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-06-21 09:34:37.836
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-06-21 09:34:37.818
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-06-21 09:33:59.315
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2016-06-21 09:33:59.299
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\SMCLpav\Pav2WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz
    Percentage of memory in use: 23%
    Total physical RAM: 16308.27 MB
    Available physical RAM: 12448.4 MB
    Total Virtual: 18740.27 MB
    Available Virtual: 14206.9 MB

    ==================== Drives ================================

    Drive c: (Windows8_OS) (Fixed) (Total:889.98 GB) (Free:55.7 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:7.87 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: BCA4DEE7)

    Partition: GPT.

    ==================== End of Addition.txt ============================
     
  19. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
     

    Attached Files:

  20. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    Fix result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
    Ran by Scott (2016-06-22 00:14:32) Run:1
    Running from C:\Users\Scott\Desktop
    Loaded Profiles: Scott (Available Profiles: Scott & MSSQLFDLauncher$MSSQLSERVER2014)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
    S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
    S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
    2015-05-16 10:28 - 2016-06-10 19:49 - 0000132 _____ () C:\Users\Scott\AppData\Roaming\Adobe PNG Format CS6 Prefs
    2015-04-25 08:45 - 2015-06-08 11:51 - 0000600 _____ () C:\Users\Scott\AppData\Roaming\winscp.rnd
    2015-05-16 12:45 - 2015-05-16 12:45 - 0001456 _____ () C:\Users\Scott\AppData\Local\Adobe Save for Web 13.0 Prefs
    2015-07-30 15:33 - 2015-07-30 15:33 - 0000000 ___SH () C:\Users\Scott\AppData\Local\LumaEmu
    2015-04-25 07:50 - 2016-01-05 23:59 - 0000600 _____ () C:\Users\Scott\AppData\Local\PUTTY.RND
    2016-06-03 12:13 - 2016-06-03 12:13 - 0000218 _____ () C:\Users\Scott\AppData\Local\recently-used.xbel
    2015-05-05 23:03 - 2016-01-06 00:24 - 0007634 _____ () C:\Users\Scott\AppData\Local\resmon.resmoncfg
    2014-10-29 04:02 - 2014-10-29 04:02 - 0000000 ____N () C:\ProgramData\DP45977C.lfl
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000268 ___RH () C:\ProgramData\Hybrid Chords
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000268 ___RH () C:\ProgramData\Hybrid Morph
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000268 ___RH () C:\ProgramData\Hybrid Synthesizers
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000012 ___RH () C:\ProgramData\Internet Services
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000012 ___RH () C:\ProgramData\Jazz
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000012 ___RH () C:\ProgramData\Jingles
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
    2014-12-18 10:40 - 2015-05-30 13:55 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
    2014-12-18 10:40 - 2014-12-18 10:40 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
    C:\Users\Scott\connect.bat
    C:\Users\Admin\AppData\Local\Temp\drm_dyndata_7380006.dll
    C:\Users\Admin\AppData\Local\Temp\LenovoShareIt.exe
    C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll
    C:\Users\Admin\AppData\Local\Temp\nvStInst.exe
    C:\Users\Admin\AppData\Local\Temp\ose00001.exe
    C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Admin\AppData\Local\Temp\System.Data.SQLite.dll
    C:\Users\Admin\AppData\Local\Temp\System.Data.SQLitea74f23a0-8f5e-4dbd-93bd-65c53cee8f3a.dll
    C:\Users\Admin\AppData\Local\Temp\xmlUpdater.exe
    C:\Users\Admin\AppData\Local\Temp\_is1B66.exe
    C:\Users\Scott\AppData\Local\Temp\avg-9b143549-7322-4566-89be-a8079d1c6d79.exe
    C:\Users\Scott\AppData\Local\Temp\dllnt_dump.dll
    C:\Users\Scott\AppData\Local\Temp\jre-8u66-windows-au.exe
    C:\Users\Scott\AppData\Local\Temp\jre-8u73-windows-au.exe
    C:\Users\Scott\AppData\Local\Temp\jre-8u77-windows-au.exe
    C:\Users\Scott\AppData\Local\Temp\jre-8u91-windows-au.exe
    C:\Users\Scott\AppData\Local\Temp\libeay32.dll
    C:\Users\Scott\AppData\Local\Temp\msvcr120.dll
    C:\Users\Scott\AppData\Local\Temp\Nexus Mod Manager-0.61.13.exe
    C:\Users\Scott\AppData\Local\Temp\Nexus Mod Manager-0.61.23.exe
    C:\Users\Scott\AppData\Local\Temp\nvSCPAPI.dll
    C:\Users\Scott\AppData\Local\Temp\nvSCPAPI64.dll
    C:\Users\Scott\AppData\Local\Temp\nvStInst.exe
    C:\Users\Scott\AppData\Local\Temp\OKV50_GRAND_VINAY_PPI_3.exe
    C:\Users\Scott\AppData\Local\Temp\pushbullet_watchdog.exe
    C:\Users\Scott\AppData\Local\Temp\sqlite3.dll
    Task: {00F6317D-8112-48DB-9187-56ADC74931EF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {0C652705-11B2-4265-800F-B51F4B89A170} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {111CC5E9-C75B-481E-AE78-DCB960F089CF} - \Optimize Start Menu Cache Files-S-1-5-21-437364399-4149591236-704665920-1001 -> No File <==== ATTENTION
    Task: {2EFCF522-89D4-42E1-B781-B7BC6C9F1D0C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {3119D5E4-9527-4990-BA6B-242D394CE832} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {426D3123-CA77-40DD-9E63-9AAAE26801D4} - \Optimize Start Menu Cache Files-S-1-5-21-437364399-4149591236-704665920-1004 -> No File <==== ATTENTION
    Task: {583CAEE5-9075-4434-BB6E-AD83DC43245D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {7D51A567-9F80-455C-831F-D52217BB9E0F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {99852D94-2D58-4AF1-9E7B-CFC1E8BEA185} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {B0EBC0E1-0E40-4DB2-A5BF-A864AB2D9A20} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {B78FE0DD-C51F-4969-9E16-F638E9839D11} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {BC69C425-FA8C-40E5-A51B-F103E194A1D6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {D7707A22-4B6D-4179-9C6F-E239366FF1C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {D9376591-545B-4527-8171-4207FE34C896} - \User_Feed_Synchronization-{69D52457-0F04-43FE-ACE2-EC66C4E89135} -> No File <==== ATTENTION
    AlternateDataStreams: C:\Windows:nlsPreferences [386]
    AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
    AlternateDataStreams: C:\Users\Scott\AppData\Local\8RlDHsncAd:nh2MKWzheso6tNcS3rekZ7VRrZX [2080]
    AlternateDataStreams: C:\Users\Scott\AppData\Local\xYINKQSDMpodVRj:IrjEqlMskg9Ib4gNnZMNGgAs5xH [2010]


    *****************

    "HKLM\SOFTWARE\Policies\Google" => key removed successfully
    VBoxNetFlt => service removed successfully
    vmci => service removed successfully
    VMnetAdapter => service removed successfully
    C:\Users\Scott\AppData\Roaming\Adobe PNG Format CS6 Prefs => moved successfully
    C:\Users\Scott\AppData\Roaming\winscp.rnd => moved successfully
    C:\Users\Scott\AppData\Local\Adobe Save for Web 13.0 Prefs => moved successfully
    C:\Users\Scott\AppData\Local\LumaEmu => moved successfully
    C:\Users\Scott\AppData\Local\PUTTY.RND => moved successfully
    C:\Users\Scott\AppData\Local\recently-used.xbel => moved successfully
    C:\Users\Scott\AppData\Local\resmon.resmoncfg => moved successfully
    Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
    C:\ProgramData\Hybrid Chords => moved successfully
    C:\ProgramData\Hybrid Morph => moved successfully
    C:\ProgramData\Hybrid Synthesizers => moved successfully
    C:\ProgramData\Internet Services => moved successfully
    C:\ProgramData\Jazz => moved successfully
    C:\ProgramData\Jingles => moved successfully
    C:\ProgramData\PKP_DLes.DAT => moved successfully
    C:\ProgramData\PKP_DLet.DAT => moved successfully
    C:\ProgramData\PKP_DLev.DAT => moved successfully
    C:\Users\Scott\connect.bat => moved successfully
    C:\Users\Admin\AppData\Local\Temp\drm_dyndata_7380006.dll => moved successfully
    C:\Users\Admin\AppData\Local\Temp\LenovoShareIt.exe => moved successfully
    C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll => moved successfully
    C:\Users\Admin\AppData\Local\Temp\nvStInst.exe => moved successfully
    C:\Users\Admin\AppData\Local\Temp\ose00001.exe => moved successfully
    C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe => moved successfully
    C:\Users\Admin\AppData\Local\Temp\System.Data.SQLite.dll => moved successfully
    C:\Users\Admin\AppData\Local\Temp\System.Data.SQLitea74f23a0-8f5e-4dbd-93bd-65c53cee8f3a.dll => moved successfully
    C:\Users\Admin\AppData\Local\Temp\xmlUpdater.exe => moved successfully
    C:\Users\Admin\AppData\Local\Temp\_is1B66.exe => moved successfully
    C:\Users\Scott\AppData\Local\Temp\avg-9b143549-7322-4566-89be-a8079d1c6d79.exe => moved successfully
    C:\Users\Scott\AppData\Local\Temp\dllnt_dump.dll => moved successfully
    C:\Users\Scott\AppData\Local\Temp\jre-8u66-windows-au.exe => moved successfully
    C:\Users\Scott\AppData\Local\Temp\jre-8u73-windows-au.exe => moved successfully
    C:\Users\Scott\AppData\Local\Temp\jre-8u77-windows-au.exe => moved successfully
    C:\Users\Scott\AppData\Local\Temp\jre-8u91-windows-au.exe => moved successfully
    C:\Users\Scott\AppData\Local\Temp\libeay32.dll => moved successfully
    C:\Users\Scott\AppData\Local\Temp\msvcr120.dll => moved successfully
    C:\Users\Scott\AppData\Local\Temp\Nexus Mod Manager-0.61.13.exe => moved successfully
    C:\Users\Scott\AppData\Local\Temp\Nexus Mod Manager-0.61.23.exe => moved successfully
    C:\Users\Scott\AppData\Local\Temp\nvSCPAPI.dll => moved successfully
    C:\Users\Scott\AppData\Local\Temp\nvSCPAPI64.dll => moved successfully
    C:\Users\Scott\AppData\Local\Temp\nvStInst.exe => moved successfully
    C:\Users\Scott\AppData\Local\Temp\OKV50_GRAND_VINAY_PPI_3.exe => moved successfully
    C:\Users\Scott\AppData\Local\Temp\pushbullet_watchdog.exe => moved successfully
    C:\Users\Scott\AppData\Local\Temp\sqlite3.dll => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{00F6317D-8112-48DB-9187-56ADC74931EF}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00F6317D-8112-48DB-9187-56ADC74931EF}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C652705-11B2-4265-800F-B51F4B89A170}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C652705-11B2-4265-800F-B51F4B89A170}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{111CC5E9-C75B-481E-AE78-DCB960F089CF}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{111CC5E9-C75B-481E-AE78-DCB960F089CF}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-437364399-4149591236-704665920-1001" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2EFCF522-89D4-42E1-B781-B7BC6C9F1D0C}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EFCF522-89D4-42E1-B781-B7BC6C9F1D0C}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3119D5E4-9527-4990-BA6B-242D394CE832}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3119D5E4-9527-4990-BA6B-242D394CE832}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{426D3123-CA77-40DD-9E63-9AAAE26801D4}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{426D3123-CA77-40DD-9E63-9AAAE26801D4}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-437364399-4149591236-704665920-1004" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{583CAEE5-9075-4434-BB6E-AD83DC43245D}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{583CAEE5-9075-4434-BB6E-AD83DC43245D}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D51A567-9F80-455C-831F-D52217BB9E0F}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D51A567-9F80-455C-831F-D52217BB9E0F}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99852D94-2D58-4AF1-9E7B-CFC1E8BEA185}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99852D94-2D58-4AF1-9E7B-CFC1E8BEA185}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0EBC0E1-0E40-4DB2-A5BF-A864AB2D9A20}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0EBC0E1-0E40-4DB2-A5BF-A864AB2D9A20}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B78FE0DD-C51F-4969-9E16-F638E9839D11}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B78FE0DD-C51F-4969-9E16-F638E9839D11}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC69C425-FA8C-40E5-A51B-F103E194A1D6}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC69C425-FA8C-40E5-A51B-F103E194A1D6}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7707A22-4B6D-4179-9C6F-E239366FF1C2}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7707A22-4B6D-4179-9C6F-E239366FF1C2}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9376591-545B-4527-8171-4207FE34C896}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9376591-545B-4527-8171-4207FE34C896}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\User_Feed_Synchronization-{69D52457-0F04-43FE-ACE2-EC66C4E89135}" => key removed successfully
    C:\Windows => ":nlsPreferences" ADS removed successfully.
    C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
    C:\Users\Scott\AppData\Local\8RlDHsncAd => ":nh2MKWzheso6tNcS3rekZ7VRrZX" ADS removed successfully.
    C:\Users\Scott\AppData\Local\xYINKQSDMpodVRj => ":IrjEqlMskg9Ib4gNnZMNGgAs5xH" ADS removed successfully.

    Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-22 00:16:44)

    "C:\ProgramData\DP45977C.lfl" => Could not move

    ==== End of Fixlog 00:16:44 ====
     
  21. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Last scans...

    [​IMG] Download Security Check from here or here and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
    NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
    NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


    [​IMG] Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services

    Press "Scan".
    It will create a log (FSS.txt) in the same directory the tool is run.
    Please copy and paste the log to your reply.


    [​IMG] Download Temp File Cleaner (TFC)
    Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.


    [​IMG] Download Sophos Free Virus Removal Tool and save it to your desktop.
    • Double click the icon and select Run
    • Click Next
    • Select I accept the terms in this license agreement, then click Next twice
    • Click Install
    • Click Finish to launch the program
    • Once the virus database has been updated click Start Scanning
    • If any threats are found click Details, then View log file... (bottom left hand corner)
    • Copy and paste the results in your reply
    • Close the Notepad document, close the Threat Details screen, then click Start cleanup
    • Click Exit to close the program
     
  22. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    Here are the first two logs. I am running Sophos Free Virus Removal Tool now, but it has been running for 4 hours and does not show much progress. Is this normal?

    Results of screen317's Security Check version 1.014 --- 12/23/15
    x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Windows Firewall Disabled!
    Windows Defender
    AVG AntiVirus Free Edition
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Visual Studio Extensions for Windows Library for JavaScript
    Microsoft VisualStudio JavaScript Project System
    Java 8 Update 91
    Java SE Development Kit 7 Update 55
    Java SE Development Kit 7 Update 71
    Java SE Development Kit 8 Update 25
    Microsoft VisualStudio JavaScript Language Service
    Visual Studio Extensions for Windows Library for JavaScript
    Java version 32-bit out of Date!
    Adobe Flash Player 22.0.0.192
    Mozilla Firefox (43.0.4)
    Google Chrome (51.0.2704.103)
    Google Chrome (51.0.2704.84)
    Google Chrome (SetupMetrics.pma..)
    ````````Process Check: objlist.exe by Laurent````````
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: %
    ````````````````````End of Log``````````````````````


    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

    Farbar Service Scanner Version: 27-01-2016
    Ran by Scott (administrator) on 23-06-2016 at 18:11:23
    Running from "C:\Users\Scott\Desktop"
    Microsoft Windows 10 Home (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall"=DWORD:0


    System Restore:
    ============
     
  23. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Yes, it may take time.

    FSS log is incomplete.
     
  24. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    Farbar Service Scanner Version: 27-01-2016
    Ran by Scott (administrator) on 23-06-2016 at 23:35:57
    Running from "C:\Users\Scott\Desktop"
    Microsoft Windows 10 Home (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall"=DWORD:0


    System Restore:
    ============

    System Restore Policy:
    ========================


    Security Center:
    ============


    Windows Update:
    ============
    wuauserv Service is not running. Checking service configuration:
    The start type of wuauserv service is set to Demand. The default start type is Auto.
    The ImagePath of wuauserv service is OK.
    The ServiceDll of wuauserv service is OK.


    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============
    WinDefend Service is not running. Checking service configuration:
    The start type of WinDefend service is set to Demand. The default start type is Auto.
    The ImagePath of WinDefend service is OK.


    Windows Defender Disabled Policy:
    ==========================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
    "DisableAntiSpyware"=DWORD:1


    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => File is digitally signed
    C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
    C:\Windows\System32\drivers\afd.sys => File is digitally signed
    C:\Windows\System32\drivers\tdx.sys => File is digitally signed
    C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
    C:\Windows\System32\dnsrslvr.dll => File is digitally signed
    C:\Windows\System32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\System32\mpssvc.dll => File is digitally signed
    C:\Windows\System32\bfe.dll => File is digitally signed
    C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
    C:\Windows\System32\SDRSVC.dll => File is digitally signed
    C:\Windows\System32\vssvc.exe => File is digitally signed
    C:\Windows\System32\wscsvc.dll => File is digitally signed
    C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
    C:\Windows\System32\wuaueng.dll => File is digitally signed
    C:\Windows\System32\qmgr.dll => File is digitally signed
    C:\Windows\System32\es.dll => File is digitally signed
    C:\Windows\System32\cryptsvc.dll => File is digitally signed
    C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
    C:\Windows\System32\ipnathlp.dll => File is digitally signed
    C:\Windows\System32\iphlpsvc.dll => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed


    **** End of log ****
     
  25. dsb2448

    dsb2448 TS Rookie Topic Starter Posts: 19

    2016-06-23 22:36:01.885 Sophos Virus Removal Tool version 2.5.5
    2016-06-23 22:36:01.885 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

    2016-06-23 22:36:01.885 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

    2016-06-23 22:36:01.885 Windows version 6.2 SP 0.0 build 9200 SM=0x300 PT=0x1 WOW64
    2016-06-23 22:36:01.886 Checking for updates...
    2016-06-23 22:36:01.972 Update progress: proxy server not available
    2016-06-23 22:36:12.188 Option all = no
    2016-06-23 22:36:12.188 Option recurse = yes
    2016-06-23 22:36:12.189 Option archive = no
    2016-06-23 22:36:12.189 Option service = yes
    2016-06-23 22:36:12.189 Option confirm = yes
    2016-06-23 22:36:12.189 Option sxl = yes
    2016-06-23 22:36:12.190 Option max-data-age = 35
    2016-06-23 22:36:12.190 Option EnableSafeClean = yes
    2016-06-23 22:36:14.706 Option vdl-logging = yes
    2016-06-23 22:36:14.714 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2016-06-23 22:36:14.714 Machine ID: a59b2d19259f463ebdb0f459f7605fbd
    2016-06-23 22:36:14.770 Component SVRTcli.exe version 2.5.5
    2016-06-23 22:36:14.770 Component control.dll version 2.5.5
    2016-06-23 22:36:14.770 Component SVRTservice.exe version 2.5.5
    2016-06-23 22:36:14.770 Component engine\osdp.dll version 1.44.1.2250
    2016-06-23 22:36:14.770 Component engine\veex.dll version 3.65.0.2250
    2016-06-23 22:36:14.770 Component engine\savi.dll version 9.0.1.2250
    2016-06-23 22:36:14.798 Component rkdisk.dll version 1.5.30.0
    2016-06-23 22:36:14.798 Version info: Product version 2.5.5
    2016-06-23 22:36:14.799 Version info: Detection engine 3.65.0
    2016-06-23 22:36:14.799 Version info: Detection data 5.26
    2016-06-23 22:36:14.799 Version info: Build date 4/5/2016
    2016-06-23 22:36:14.799 Version info: Data files added 517
    2016-06-23 22:36:14.799 Version info: Last successful update (not yet updated)
    2016-06-23 22:36:37.215 Downloading updates...
    2016-06-23 22:36:37.218 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
    2016-06-23 22:36:37.218 Update progress: [I49502] Found supplement SAVIW32 LATEST
    2016-06-23 22:36:37.218 Update progress: [I49502] Found supplement IDE527 LATEST
    2016-06-23 22:36:37.218 Update progress: [I49502] Found supplement IDE528 LATEST
    2016-06-23 22:36:37.218 Update progress: [I49502] Found supplement IDE529 LATEST
    2016-06-23 22:36:37.218 Update progress: [I49502] Found supplement IDE530 LATEST
    2016-06-23 22:36:37.218 Update progress: [I49502] Found supplement IDE531 LATEST
    2016-06-23 22:36:37.218 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
    2016-06-23 22:36:37.218 Update progress: [I19463] Syncing product SAVIW32 70
    2016-06-23 22:36:53.821 Update progress: [I19463] Syncing product IDE527 142
    2016-06-23 22:36:55.286 Update progress: [I19463] Syncing product IDE528 127
    2016-06-23 22:36:55.286 Update progress: [I19463] Syncing product IDE529 135
    2016-06-23 22:36:55.286 Update progress: [I19463] Syncing product IDE530 120
    2016-06-23 22:36:55.530 Installing updates...
    2016-06-23 22:36:56.135 Error level 1
    2016-06-23 22:36:56.219 Update progress: [I19463] Syncing product IDE531 1
    2016-06-23 22:37:05.068 Update successful
    2016-06-23 22:37:16.252 Option all = no
    2016-06-23 22:37:16.253 Option recurse = yes
    2016-06-23 22:37:16.253 Option archive = no
    2016-06-23 22:37:16.253 Option service = yes
    2016-06-23 22:37:16.253 Option confirm = yes
    2016-06-23 22:37:16.253 Option sxl = yes
    2016-06-23 22:37:16.254 Option max-data-age = 35
    2016-06-23 22:37:16.254 Option EnableSafeClean = yes
    2016-06-23 22:37:17.011 Option vdl-logging = yes
    2016-06-23 22:37:17.013 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2016-06-23 22:37:17.013 Machine ID: a59b2d19259f463ebdb0f459f7605fbd
    2016-06-23 22:37:17.013 Component SVRTcli.exe version 2.5.5
    2016-06-23 22:37:17.013 Component control.dll version 2.5.5
    2016-06-23 22:37:17.013 Component SVRTservice.exe version 2.5.5
    2016-06-23 22:37:17.013 Component engine\osdp.dll version 1.44.1.2250
    2016-06-23 22:37:17.013 Component engine\veex.dll version 3.65.0.2250
    2016-06-23 22:37:17.014 Component engine\savi.dll version 9.0.1.2250
    2016-06-23 22:37:17.014 Component rkdisk.dll version 1.5.30.0
    2016-06-23 22:37:17.014 Version info: Product version 2.5.5
    2016-06-23 22:37:17.015 Version info: Detection engine 3.65.0
    2016-06-23 22:37:17.015 Version info: Detection data 5.26
    2016-06-23 22:37:17.015 Version info: Build date 4/5/2016
    2016-06-23 22:37:17.015 Version info: Data files added 518
    2016-06-23 22:37:17.015 Version info: Last successful update 6/23/2016 6:37:05 PM

    2016-06-24 00:22:40.959 >>> Virus 'Mal/VMProtBad-A' found in file C:\Users\Scott\Game ISO\Holy Potatoes! A Weapon Shop!\steam_api.dll
    2016-06-24 02:15:00.504 >>> Virus 'Troj/SWFDlr-AS' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2011-2110.swf
    2016-06-24 02:15:04.585 >>> Virus 'Exp/20110611-A' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2011-0611.swf
    2016-06-24 02:15:09.089 >>> Virus 'Troj/SWFDlr-V' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2010-1297.swf
    2016-06-24 02:15:13.660 >>> Virus 'Troj/ExpSWF-B' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2012-0754.swf
    2016-06-24 02:15:17.828 >>> Virus 'Mal/JavaKC-H' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-0840\vuln\Exploit.class
    2016-06-24 02:15:23.767 >>> Virus 'Exp/20133906-A' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2013-3906\word\media\image1.jpeg
    2016-06-24 02:15:32.909 >>> Virus 'Troj/SWFExp-CZ' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2014-0497\Vickers.swf
    2016-06-24 02:15:46.066 >>> Virus 'Troj/SwfExp-CX' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2014-0515\Graph.swf
    2016-06-24 02:16:27.902 >>> Virus 'Troj/MSIL-ATW' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2013-0074\SilverApp1.dll
    2016-06-24 02:16:32.460 >>> Virus 'Troj/SWFExp-GV' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2015-0313\msf.swf
    2016-06-24 02:16:41.855 >>> Virus 'Troj/JavaDl-FO' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2011-3544\Exploit.class
    2016-06-24 02:16:51.123 >>> Virus 'Mal/JavaKC-F' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-0094\Exploit$1.class
    2016-06-24 02:16:57.133 >>> Virus 'Mal/JavaImr-C' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-0094\Exploit$2.class
    2016-06-24 02:17:02.397 >>> Virus 'Mal/JavaKC-P' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-0094\Exploit.class
    2016-06-24 02:17:23.713 >>> Virus 'Mal/JavaCL-C' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-0094\PayloadClassLoader.class
    2016-06-24 02:17:27.826 >>> Virus 'Mal/JavaCL-C' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-4452\AppletX.class
    2016-06-24 02:22:42.491 >>> Virus 'Mal/JavaExpl-D' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2012-4681\Exploit.class
    2016-06-24 02:22:59.602 >>> Virus 'Mal/JavaMid-D' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2010-0842\MixerMidiApplet.class
    2016-06-24 02:23:07.857 >>> Virus 'Exp/20121535-A' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2012-1535\Main.swf
    2016-06-24 02:23:12.582 >>> Virus 'Exp/20125076-A' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2012-5076\Exploit.class
    2016-06-24 02:23:22.114 >>> Virus 'Exp/20132465-A' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2013-2465\Exploit.class
    2016-06-24 02:33:02.804 >>> Virus 'Mal/JavaExpl-D' found in file C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\metasploit-payloads-0.0.3\data\java\metasploit\Payload.class
    2016-06-24 03:24:57.447 Could not open C:\hiberfil.sys
    2016-06-24 03:26:24.966 Could not check C:\metasploit\apps\pro\msf3\data\exploits\CVE-2008-0320.doc (corrupt)
    2016-06-24 03:26:34.131 >>> Virus 'Troj/ExpSWF-B' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2008-5499.swf
    2016-06-24 03:26:41.772 >>> Virus 'Mal/JavaKC-S' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-0094\Exploit$1$1.class
    2016-06-24 03:26:47.108 >>> Virus 'Mal/JavaKC-F' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-0094\Exploit$1.class
    2016-06-24 03:26:52.384 >>> Virus 'Mal/JavaImr-C' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-0094\Exploit$2.class
    2016-06-24 03:26:57.688 >>> Virus 'Mal/JavaKC-P' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-0094\Exploit.class
    2016-06-24 03:27:33.257 >>> Virus 'Mal/JavaCL-C' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-0094\PayloadClassLoader.class
    2016-06-24 03:27:39.443 >>> Virus 'Mal/Generic-S' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2010-0232\kitrap0d.x86.dll
    2016-06-24 03:27:50.822 >>> Virus 'Mal/JavaKC-H' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-0840\vuln\Exploit$1.class
    2016-06-24 03:28:01.604 >>> Virus 'Mal/JavaKC-H' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-0840\vuln\Exploit.class
    2016-06-24 03:28:07.123 >>> Virus 'Mal/JavaMid-D' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2010-0842\MixerMidiApplet.class
    2016-06-24 03:28:12.859 >>> Virus 'Troj/SWFDlr-V' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2010-1297.swf
    2016-06-24 03:28:23.214 >>> Virus 'Mal/JavaCL-C' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2010-4452\AppletX.class
    2016-06-24 03:28:23.228 Could not check C:\metasploit\apps\pro\msf3\data\exploits\CVE-2011-0105.xlb (corrupt)
    2016-06-24 03:28:29.121 >>> Virus 'Exp/20110611-A' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2011-0611.swf
    2016-06-24 03:28:29.121 Disinfection not offered
    2016-06-24 03:28:35.905 >>> Virus 'Troj/SWFDlr-AS' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2011-2110.swf
    2016-06-24 03:28:36.019 Could not check C:\metasploit\apps\pro\msf3\data\exploits\CVE-2011-3400\CVE-2011-3400.vsd (corrupt)
    2016-06-24 03:28:41.633 >>> Virus 'Troj/JavaDl-FO' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2011-3544\Exploit.class
    2016-06-24 03:28:47.405 >>> Virus 'Troj/ExpSWF-B' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2012-0754.swf
    2016-06-24 03:28:53.164 >>> Virus 'Exp/20121535-A' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2012-1535\Main.swf
    2016-06-24 03:28:53.211 Could not check C:\metasploit\apps\pro\msf3\data\exploits\CVE-2012-2516\template_mof.chm (corrupt)
    2016-06-24 03:28:53.219 Could not check C:\metasploit\apps\pro\msf3\data\exploits\CVE-2012-2516\template_payload.chm (corrupt)
    2016-06-24 03:29:03.804 >>> Virus 'Mal/JavaExpl-D' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2012-4681\Exploit.class
    2016-06-24 03:29:09.252 >>> Virus 'Exp/20125076-A' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2012-5076\Exploit.class
    2016-06-24 03:29:15.147 >>> Virus 'Troj/MSIL-ATW' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2013-0074\SilverApp1.dll
    2016-06-24 03:29:21.965 >>> Virus 'Exp/20132465-A' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2013-2465\Exploit.class
    2016-06-24 03:29:27.947 >>> Virus 'Exp/20133906-A' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2013-3906\word\media\image1.jpeg
    2016-06-24 03:29:33.617 >>> Virus 'Mal/Generic-S' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2013-5045\CVE-2013-5045.dll
    2016-06-24 03:29:39.323 >>> Virus 'Troj/ExpSWF-B' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2013-5331\Exploit.swf
    2016-06-24 03:29:45.112 >>> Virus 'Mal/Generic-S' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2014-0257\CVE-2014-0257.dll
    2016-06-24 03:29:50.746 >>> Virus 'Troj/SWFExp-DB' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2014-0322\AsXploit.swf
    2016-06-24 03:29:56.296 >>> Virus 'Troj/SWFExp-CZ' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2014-0497\Vickers.swf
    2016-06-24 03:30:02.006 >>> Virus 'Troj/SwfExp-CX' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2014-0515\Graph.swf
    2016-06-24 03:30:07.566 >>> Virus 'Exp/20141761-A' found in file C:\metasploit\apps\pro\msf3\data\exploits\cve-2014-1761.rtf
    2016-06-24 03:30:12.950 >>> Virus 'Mal/Generic-S' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2014-4113\cve-2014-4113.x86.dll
    2016-06-24 03:30:18.857 >>> Virus 'Troj/SWFExp-GV' found in file C:\metasploit\apps\pro\msf3\data\exploits\CVE-2015-0313\msf.swf
    2016-06-24 03:30:24.142 >>> Virus 'Mal/Generic-S' found in file C:\metasploit\apps\pro\msf3\data\exploits\jre7u17\Exploit.class
    2016-06-24 03:30:30.050 >>> Virus 'Mal/Generic-S' found in file C:\metasploit\apps\pro\msf3\data\exploits\ntapphelpcachecontrol\exploit.dll
    2016-06-24 03:30:44.229 >>> Virus 'Mal/Generic-S' found in file C:\metasploit\apps\pro\msf3\data\vncdll.x86.dll
    2016-06-24 03:32:24.579 >>> Virus 'Mal/JavaExpl-D' found in file C:\metasploit\apps\pro\vendor\bundle\ruby\2.1.0\gems\metasploit-payloads-0.0.3\data\java\metasploit\Payload.class
    2016-06-24 03:34:32.986 Could not open C:\pagefile.sys
    2016-06-24 05:49:50.376 Could not open C:\swapfile.sys
    2016-06-24 05:49:50.567 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
    2016-06-24 05:49:50.568 Could not open C:\System Volume Information\{ce633dbe-3936-11e6-8374-d897ba3ce607}{3808876b-c176-4e48-b7ae-04046e6cc752}
    2016-06-24 07:05:15.433 >>> Virus 'Mal/VMProtBad-A' found in file C:\Users\Scott\Game ISO\Holy Potatoes! A Weapon Shop!\steam_api.dll
    2016-06-24 07:27:39.248 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
    2016-06-24 07:27:39.249 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
    2016-06-24 07:27:47.496 Could not open C:\Windows\System32\config\BBI
    2016-06-24 07:27:47.847 Could not open C:\Windows\System32\config\RegBack\DEFAULT
    2016-06-24 07:27:47.860 Could not open C:\Windows\System32\config\RegBack\SAM
    2016-06-24 07:27:47.862 Could not open C:\Windows\System32\config\RegBack\SECURITY
    2016-06-24 07:27:47.869 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
    2016-06-24 07:27:47.871 Could not open C:\Windows\System32\config\RegBack\SYSTEM
    2016-06-24 07:48:35.225 The following items will be cleaned up:
    2016-06-24 07:48:35.225 Troj/ExpSWF-B
    2016-06-24 07:48:35.225 Mal/JavaKC-S
    2016-06-24 07:48:35.225 Mal/JavaKC-F
    2016-06-24 07:48:35.226 Mal/JavaImr-C
    2016-06-24 07:48:35.226 Mal/JavaKC-P
    2016-06-24 07:48:35.226 Mal/JavaCL-C
    2016-06-24 07:48:35.226 Mal/Generic-S
    2016-06-24 07:48:35.226 Mal/JavaKC-H
    2016-06-24 07:48:35.226 Mal/JavaMid-D
    2016-06-24 07:48:35.226 Troj/SWFDlr-V
    2016-06-24 07:48:35.226 Troj/SWFDlr-AS
    2016-06-24 07:48:35.226 Troj/JavaDl-FO
    2016-06-24 07:48:35.226 Exp/20121535-A
    2016-06-24 07:48:35.226 Mal/JavaExpl-D
    2016-06-24 07:48:35.226 Exp/20125076-A
    2016-06-24 07:48:35.226 Troj/MSIL-ATW
    2016-06-24 07:48:35.226 Exp/20132465-A
    2016-06-24 07:48:35.226 Exp/20133906-A
    2016-06-24 07:48:35.226 Troj/SWFExp-DB
    2016-06-24 07:48:35.226 Troj/SWFExp-CZ
    2016-06-24 07:48:35.226 Troj/SwfExp-CX
    2016-06-24 07:48:35.227 Exp/20141761-A
    2016-06-24 07:48:35.227 Troj/SWFExp-GV
    2016-06-24 07:48:35.227 Mal/VMProtBad-A
    2016-06-24 07:48:35.227 Exp/20110611-A
    2016-06-24 07:48:35.227 Mal/VMProtBad-A
    2016-06-24 07:48:35.227 Troj/SWFDlr-AS
    2016-06-24 07:48:35.227 Exp/20110611-A
    2016-06-24 07:48:35.227 Troj/SWFDlr-V
    2016-06-24 07:48:35.227 Troj/ExpSWF-B
    2016-06-24 07:48:35.227 Mal/JavaKC-H
    2016-06-24 07:48:35.227 Exp/20133906-A
    2016-06-24 07:48:35.227 Troj/SWFExp-CZ
    2016-06-24 07:48:35.227 Troj/SwfExp-CX
    2016-06-24 07:48:35.227 Troj/MSIL-ATW
    2016-06-24 07:48:35.227 Troj/SWFExp-GV
    2016-06-24 07:48:35.228 Troj/JavaDl-FO
    2016-06-24 07:48:35.228 Mal/JavaKC-F
    2016-06-24 07:48:35.228 Mal/JavaImr-C
    2016-06-24 07:48:35.228 Mal/JavaKC-P
    2016-06-24 07:48:35.228 Mal/JavaCL-C
    2016-06-24 07:48:35.228 Mal/JavaCL-C
    2016-06-24 07:48:35.228 Mal/JavaExpl-D
    2016-06-24 07:48:35.228 Mal/JavaMid-D
    2016-06-24 07:48:35.228 Exp/20121535-A
    2016-06-24 07:48:35.228 Exp/20125076-A
    2016-06-24 07:48:35.228 Exp/20132465-A
    2016-06-24 07:48:35.228 Mal/JavaExpl-D
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...