Solved MSE getting turned off randomly

M

mtrx83

Posts: 17   +0
MSE started turning itself off at random points a few days ago. It happens about every 4-6 hours it seems. I have been a bit lax on safe computer practices in the past so infection wouldn't surprise me (I'm more cautious now :)). Thanks in advance for the help.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by MothMatt (administrator) on FRANCES (11-11-2015 12:45:19)
Running from C:\Users\MothMatt\Desktop
Loaded Profiles: MothMatt (Available Profiles: MothMatt)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\MothMatt\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-24] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-26] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [592704 2015-09-29] (Razer Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [917112 2015-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\Run: [Google Update] => C:\Users\MothMatt\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\MothMatt\AppData\Local\Akamai\netsession_win.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2014-09-11]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{43A4EBCC-9722-4500-A5F4-301509F67541}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1913142570-876064918-947292865-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/UP97_FRPage
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-09] (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-04-22] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\MothMatt\AppData\Roaming\Mozilla\Firefox\Profiles\s36ftqyu.default
FF DefaultSearchEngine: Bing
FF DefaultSearchEngine.US: Google
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxps://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\MothMatt\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1913142570-876064918-947292865-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\MothMatt\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1913142570-876064918-947292865-1001: @talk.google.com/O1DPlugin -> C:\Users\MothMatt\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1913142570-876064918-947292865-1001: @tools.google.com/Google Update;version=3 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1913142570-876064918-947292865-1001: @tools.google.com/Google Update;version=9 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1913142570-876064918-947292865-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MothMatt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-10-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1913142570-876064918-947292865-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Users\MothMatt\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\MothMatt\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\MothMatt\AppData\Roaming\Mozilla\Firefox\Profiles\s36ftqyu.default\searchplugins\bingp.xml [2014-12-12]
FF SearchPlugin: C:\Users\MothMatt\AppData\Roaming\Mozilla\Firefox\Profiles\s36ftqyu.default\searchplugins\firefox-add-ons.xml [2015-08-18]
FF Extension: Firebug - C:\Users\MothMatt\AppData\Roaming\Mozilla\Firefox\Profiles\s36ftqyu.default\Extensions\firebug@software.joehewitt.com.xpi [2015-09-09]
FF Extension: Adblock Plus - C:\Users\MothMatt\AppData\Roaming\Mozilla\Firefox\Profiles\s36ftqyu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: DownThemAll! - C:\Users\MothMatt\AppData\Roaming\Mozilla\Firefox\Profiles\s36ftqyu.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-06-26]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\pdf.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.650.20) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 7 U65) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Unity Player) - C:\Users\MothMatt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\MothMatt\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => No File
CHR Plugin: (Google Talk Plugin) - C:\Users\MothMatt\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\MothMatt\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File
CHR Profile: C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Duolingo on the Web) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-01-14]
CHR Extension: (Google Docs) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Google Drive) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Adblock Plus) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-28]
CHR Extension: (Google Search) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (ARC Welder) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2015-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (ARC Welder) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2015-11-06]
CHR Extension: (MailTrack for Gmail) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2015-10-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Gmail) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR HKU\S-1-5-21-1913142570-876064918-947292865-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-10-31] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-26] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-26] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-26] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [15376384 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [638976 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2013-12-19] (Advanced Micro Devices) [File not signed]
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-01-08] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-01-26] (The OpenVPN Project)
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-10] (Razer, Inc.)
S1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-10] (Razer, Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-11-10] ()
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2013-04-24] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2013-04-24] (LG Electronics Inc.)
S3 UsbGps; C:\Windows\System32\DRIVERS\lgx64gps.sys [27136 2013-04-24] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2013-04-24] (LG Electronics Inc.)
S3 vzandnetadb; C:\Windows\System32\Drivers\lgvzandnetadb.sys [31744 2013-05-08] (Google Inc)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-11 12:45 - 2015-11-11 12:45 - 00023525 _____ C:\Users\MothMatt\Desktop\FRST.txt
2015-11-11 12:33 - 2015-11-11 12:43 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-11 12:32 - 2015-11-11 12:43 - 00000000 ____D C:\Users\MothMatt\Desktop\mbar
2015-11-11 12:26 - 2015-11-11 12:45 - 00000000 ____D C:\FRST
2015-11-11 12:05 - 2015-10-29 11:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 12:05 - 2015-10-29 11:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 12:05 - 2015-10-29 11:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 12:05 - 2015-10-29 11:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 12:05 - 2015-10-29 11:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 12:05 - 2015-10-29 11:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 12:05 - 2015-10-29 11:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 11:18 - 2015-11-11 11:18 - 00001511 _____ C:\Users\MothMatt\Desktop\Unity 5.2.2.lnk
2015-11-11 01:40 - 2015-11-11 01:40 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-11-10 23:53 - 2015-11-10 23:53 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2015 Tools for Unity
2015-11-10 23:53 - 2015-11-10 23:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2015-11-10 23:51 - 2015-11-11 11:38 - 00000000 ____D C:\Users\MothMatt\Documents\Visual Studio 2015
2015-11-10 23:49 - 2015-11-10 23:49 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2015-11-10 23:49 - 2015-11-10 23:49 - 00000000 ____D C:\Program Files (x86)\ShellDir
2015-11-10 23:47 - 2015-11-10 23:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
2015-11-10 23:47 - 2015-11-10 23:47 - 00000000 ____D C:\Program Files (x86)\AppInsights
2015-11-10 23:45 - 2015-11-10 23:45 - 00000000 ____D C:\ProgramData\NuGet
2015-11-10 23:45 - 2015-11-10 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-11-10 23:45 - 2015-11-10 23:45 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-11-10 23:45 - 2015-11-10 23:45 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2015-11-10 23:44 - 2015-11-10 23:44 - 00001534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2015-11-10 23:44 - 2015-11-10 23:44 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2015-11-10 23:42 - 2015-11-10 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2015-11-10 23:41 - 2015-11-10 23:41 - 00000000 ____D C:\Windows\symbols
2015-11-10 23:40 - 2015-11-10 23:40 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2015-11-10 23:38 - 2015-11-10 23:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-11-10 23:29 - 2015-11-10 23:29 - 02198528 _____ (Farbar) C:\Users\MothMatt\Desktop\FRST64.exe
2015-11-10 23:22 - 2015-11-10 23:22 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-11-10 23:17 - 2015-11-10 23:17 - 00000883 _____ C:\Users\Public\Desktop\Unity 5.2.2f1 (64-bit).lnk
2015-11-10 23:16 - 2015-11-10 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.2.2f1 (64-bit)
2015-11-10 23:05 - 2015-11-10 23:17 - 00000000 ____D C:\Program Files\Unity 5.2.2
2015-11-10 20:38 - 2015-11-10 20:39 - 00000000 ____D C:\Users\MothMatt\Desktop\pics of me
2015-11-10 19:46 - 2015-11-10 20:34 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-11-10 19:46 - 2015-11-10 20:18 - 00000000 ____D C:\ProgramData\RogueKiller
2015-11-10 19:33 - 2015-11-10 19:34 - 18979400 _____ C:\Users\MothMatt\Desktop\RogueKiller.exe
2015-11-10 19:26 - 2015-11-10 19:26 - 00000003 _____ C:\Windows\system32\HRUPPROG.TXT
2015-11-10 19:26 - 2015-11-10 19:26 - 00000003 _____ C:\Windows\system32\HRUPPROG.EXIT
2015-11-10 18:24 - 2015-11-10 18:24 - 00000000 ____D C:\Users\MothMatt\Desktop\text101 web build v0.10
2015-11-10 16:22 - 2015-11-10 16:32 - 00000000 ____D C:\Users\MothMatt\Desktop\whatthehell_Data
2015-11-10 16:22 - 2014-09-26 08:07 - 11590656 _____ C:\Users\MothMatt\Desktop\whatthehell.exe
2015-11-10 16:20 - 2015-11-10 16:20 - 00226714 _____ C:\Users\MothMatt\Desktop\Desktop.unity3d
2015-11-10 16:20 - 2015-11-10 16:20 - 00003990 _____ C:\Users\MothMatt\Desktop\Desktop.html
2015-11-10 14:47 - 2015-10-20 12:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-10 14:47 - 2015-10-20 12:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-10 14:47 - 2015-10-20 12:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-10 14:47 - 2015-10-20 12:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-10 14:47 - 2015-10-20 12:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-10 14:47 - 2015-10-20 12:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-10 14:47 - 2015-10-20 12:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-10 14:47 - 2015-10-20 12:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-10 14:47 - 2015-10-20 12:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-10 14:47 - 2015-10-20 12:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-10 14:47 - 2015-10-20 12:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-10 14:47 - 2015-10-20 11:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-10 14:47 - 2015-10-20 11:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-10 14:47 - 2015-10-20 11:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-10 14:47 - 2015-10-20 11:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-10 14:47 - 2015-10-20 11:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-10 14:47 - 2015-10-19 19:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-10 14:47 - 2015-10-19 19:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-10 14:47 - 2015-10-19 19:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-10 14:47 - 2015-10-19 19:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-10 14:47 - 2015-10-19 19:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-10 14:47 - 2015-10-19 19:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-10 14:47 - 2015-10-19 18:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-10 14:47 - 2015-10-19 18:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-10 14:47 - 2015-10-19 18:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-10 14:47 - 2015-10-19 18:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-10 14:47 - 2015-10-19 18:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-10 14:47 - 2015-09-23 07:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-10 14:47 - 2015-09-23 07:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-10 14:47 - 2015-09-23 07:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-10 14:46 - 2015-10-19 19:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-10 14:46 - 2015-10-19 19:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-10 14:46 - 2015-10-19 19:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-10 14:46 - 2015-10-19 19:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-10 14:46 - 2015-10-19 19:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-10 14:46 - 2015-10-19 19:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-10 14:46 - 2015-10-19 19:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-10 14:46 - 2015-10-19 19:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-10 14:46 - 2015-10-19 19:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-10 14:46 - 2015-10-19 19:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-10 14:46 - 2015-10-19 19:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-10 14:46 - 2015-10-19 19:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-10 14:46 - 2015-10-19 18:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
 
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-10 14:46 - 2015-10-19 18:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-10 14:46 - 2015-10-19 18:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-10 14:46 - 2015-10-19 18:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-10 14:46 - 2015-10-19 18:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-10 14:46 - 2015-10-19 18:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-10 14:46 - 2015-10-19 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-10 14:46 - 2015-10-19 18:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-10 14:46 - 2015-10-19 18:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-10 14:46 - 2015-10-19 18:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 17:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-10 14:46 - 2015-10-19 17:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-10 14:46 - 2015-10-19 17:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-10 14:46 - 2015-10-19 17:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-10 14:46 - 2015-10-19 17:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-10 14:46 - 2015-10-19 17:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 17:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 17:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 17:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-10 14:45 - 2015-10-17 10:56 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-10 14:45 - 2015-10-13 10:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-10 14:45 - 2015-10-13 10:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-10 14:45 - 2015-10-12 22:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-10 14:45 - 2015-10-01 12:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-10 14:45 - 2015-10-01 11:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 13:39 - 2015-11-10 13:39 - 00305048 _____ C:\Users\MothMatt\Desktop\prison.wav
2015-11-10 13:36 - 2015-11-10 13:36 - 00054369 _____ C:\Users\MothMatt\Desktop\prison.wma
2015-11-10 09:52 - 2015-11-10 09:52 - 00001590 _____ C:\Users\MothMatt\Desktop\Unity 4.6.20.lnk
2015-11-10 00:23 - 2015-11-10 00:23 - 00000000 ____D C:\Users\MothMatt\Desktop\BadAss_-_Boss_Themes_(MP3_+_Art)
2015-11-10 00:19 - 2015-11-10 00:19 - 00000000 ____D C:\Users\MothMatt\Desktop\BadAss_-_Boss_Themes_-_Volume_II_(MP3_+_Art)
2015-11-09 22:35 - 2015-11-11 11:19 - 00000000 ____D C:\Users\MothMatt\Documents\repos
2015-11-09 22:11 - 2015-11-09 22:11 - 00000000 ____D C:\Users\MothMatt\Desktop\UnityCourse
2015-11-09 21:43 - 2015-11-10 19:46 - 00001076 _____ C:\Users\MothMatt\Desktop\110915.txt
2015-11-06 22:20 - 2015-11-06 22:20 - 00001807 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-11-06 22:18 - 2015-11-06 22:19 - 00000000 ____D C:\ProgramData\BlueStacks
2015-11-06 22:18 - 2015-11-06 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-11-06 22:18 - 2015-11-06 22:18 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-11-06 22:15 - 2015-11-06 22:26 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-11-06 22:15 - 2015-11-06 22:15 - 00000000 ____D C:\Users\MothMatt\AppData\Local\Bluestacks
2015-11-05 19:48 - 2015-11-05 20:31 - 00000000 ____D C:\Users\MothMatt\Downloads\Pokemon (1998) Seasons 1-14 -E.Rev 480p x264 MKV
2015-11-02 15:19 - 2015-11-02 15:19 - 00000000 ____D C:\ProgramData\.mono
2015-11-02 15:15 - 2015-11-02 15:15 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\Pokémon Trading Card Game Online
2015-10-30 20:57 - 2015-10-30 20:59 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\Tap_Dungeon
2015-10-30 07:21 - 2015-10-30 07:21 - 00002084 _____ C:\Users\MothMatt\AppData\Local\recently-used.xbel
2015-10-28 20:28 - 2015-11-09 09:14 - 00000997 _____ C:\Users\MothMatt\Desktop\102815.txt
2015-10-22 23:05 - 2015-10-22 23:05 - 00376520 _____ C:\Windows\Minidump\102315-46909-01.dmp
2015-10-21 00:24 - 2015-10-21 00:43 - 00000000 ____D C:\Users\MothMatt\Downloads\Back to the Future Part 2 (1989) [1080p]
2015-10-20 07:49 - 2015-11-03 18:32 - 00000000 ____D C:\Users\MothMatt\AppData\Local\osu!
2015-10-20 07:49 - 2015-10-20 07:49 - 00000948 _____ C:\Users\MothMatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2015-10-20 07:49 - 2015-10-20 07:49 - 00000940 _____ C:\Users\MothMatt\Desktop\osu!.lnk
2015-10-16 18:10 - 2015-11-03 17:39 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\Human Resource Machine
2015-10-15 17:37 - 2015-10-15 17:38 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\GameLoaderSteam
2015-10-15 01:01 - 2015-10-15 01:01 - 00001401 _____ C:\Users\Public\Desktop\SeaTools for Windows.lnk
2015-10-15 01:01 - 2015-10-15 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2015-10-15 01:01 - 2015-10-15 01:01 - 00000000 ____D C:\Program Files (x86)\Seagate
2015-10-14 20:53 - 2015-07-22 18:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-10-14 20:53 - 2015-07-22 18:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-10-14 20:53 - 2015-07-22 18:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-14 20:53 - 2015-07-22 11:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-14 20:53 - 2015-07-22 11:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-10-14 20:53 - 2015-07-22 10:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-10-14 20:53 - 2015-05-25 12:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-10-14 20:53 - 2015-05-25 12:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-10-14 20:53 - 2015-05-25 12:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-10-14 20:53 - 2015-05-25 12:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-10-14 20:53 - 2015-05-25 12:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-10-14 20:53 - 2015-05-25 12:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-10-14 20:53 - 2015-05-25 12:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-10-14 20:53 - 2015-05-25 12:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-10-14 20:53 - 2015-05-25 12:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-10-14 20:53 - 2015-05-25 12:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-10-14 20:53 - 2015-05-25 12:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-10-14 20:53 - 2015-05-25 12:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-10-14 20:52 - 2015-09-18 13:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-14 20:52 - 2015-09-18 13:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-14 20:52 - 2015-09-18 13:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-14 20:52 - 2015-09-18 13:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-14 20:52 - 2015-09-18 13:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-14 20:52 - 2015-09-18 13:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-14 20:52 - 2015-09-18 13:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 20:52 - 2015-08-05 11:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2015-10-14 20:52 - 2015-08-05 11:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-10-14 20:52 - 2015-07-18 07:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-14 20:52 - 2015-07-09 11:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-10-14 20:52 - 2015-07-09 11:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-10-14 20:52 - 2015-07-09 11:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-10-14 20:52 - 2015-07-09 11:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-10-14 20:52 - 2015-06-25 04:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-14 20:52 - 2015-06-25 04:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-14 20:52 - 2015-06-25 04:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-14 20:52 - 2015-06-25 03:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-10-14 20:52 - 2015-06-03 14:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-10-14 20:52 - 2015-04-27 13:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-10-14 20:52 - 2015-04-27 13:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-10-14 20:52 - 2015-04-27 13:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-10-14 20:52 - 2015-04-27 13:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-10-14 20:52 - 2015-04-27 13:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-10-14 20:52 - 2015-04-27 13:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-10-14 20:52 - 2015-04-27 13:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-10-14 20:52 - 2015-04-27 13:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-10-14 20:52 - 2015-04-10 21:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-10-14 20:52 - 2015-01-28 21:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-10-14 20:52 - 2015-01-28 21:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-10-14 20:48 - 2015-08-27 12:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-14 20:48 - 2015-08-27 12:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-14 20:48 - 2015-08-27 12:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-10-14 20:48 - 2015-08-27 12:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-14 20:48 - 2015-08-27 11:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-10-14 20:48 - 2015-08-27 11:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-10-14 20:48 - 2015-08-27 11:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-10-14 20:48 - 2015-08-27 11:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-10-14 04:28 - 2015-08-06 12:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 04:28 - 2015-08-06 12:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 04:28 - 2015-08-06 11:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 04:28 - 2015-08-06 11:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 04:27 - 2015-10-01 12:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 04:27 - 2015-10-01 12:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 04:27 - 2015-10-01 12:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 04:27 - 2015-10-01 12:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 04:27 - 2015-10-01 12:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 04:27 - 2015-10-01 12:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 04:27 - 2015-10-01 12:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 04:27 - 2015-10-01 11:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 04:27 - 2015-10-01 11:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-13 21:38 - 2015-10-23 06:49 - 00000000 ____D C:\Users\MothMatt\Desktop\REAL LIFE
2015-10-13 14:11 - 2015-10-15 01:27 - 00000000 ____D C:\Users\MothMatt\Downloads\The Pentagon Wars [1998 Comedy] .x264

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-11 12:39 - 2014-08-20 01:22 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-11 12:38 - 2014-08-20 01:21 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-11 12:38 - 2013-11-27 09:54 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-11 12:35 - 2009-07-13 22:45 - 00022560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-11 12:35 - 2009-07-13 22:45 - 00022560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-11 12:23 - 2013-10-31 23:03 - 02051218 _____ C:\Windows\WindowsUpdate.log
2015-11-11 12:22 - 2009-07-13 23:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-11 12:17 - 2013-10-31 23:15 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-11 12:16 - 2009-07-13 22:51 - 00079381 _____ C:\Windows\setupact.log
2015-11-11 12:15 - 2014-09-11 19:09 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-11 12:15 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-11 12:10 - 2013-10-31 23:38 - 00774592 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 11:58 - 2013-10-31 23:15 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-11 11:55 - 2014-09-07 17:21 - 00007622 _____ C:\Users\MothMatt\AppData\Local\Resmon.ResmonCfg
2015-11-11 11:54 - 2013-11-04 01:49 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001UA.job
2015-11-11 11:19 - 2013-12-22 23:49 - 00000000 ____D C:\ProgramData\Unity
2015-11-11 11:09 - 2009-07-13 22:45 - 05025472 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-11 01:54 - 2013-11-04 01:49 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001Core.job
2015-11-11 01:53 - 2013-11-01 01:11 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 01:45 - 2013-11-01 01:11 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 00:01 - 2013-12-22 19:37 - 00000000 ____D C:\Users\MothMatt\AppData\Local\Unity
2015-11-11 00:01 - 2010-11-20 21:47 - 00323234 _____ C:\Windows\PFRO.log
2015-11-10 23:53 - 2009-07-13 23:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-11-10 23:50 - 2015-03-04 23:43 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-11-10 23:49 - 2015-03-04 23:33 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-11-10 23:43 - 2015-03-04 23:40 - 00000000 ____D C:\Windows\SysWOW64\1033
2015-11-10 23:41 - 2015-03-04 23:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-11-10 23:41 - 2015-03-04 23:33 - 00000000 ____D C:\Windows\system32\1033
2015-11-10 23:39 - 2013-11-02 13:47 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-10 23:38 - 2009-07-13 21:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-11-10 23:21 - 2013-12-22 23:20 - 00000000 ____D C:\Users\Public\Documents\Unity Projects
2015-11-10 22:31 - 2013-11-01 00:45 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\Skype
2015-11-10 22:27 - 2013-12-09 20:34 - 00000000 ____D C:\Users\MothMatt\AppData\Local\Battle.net
2015-11-10 21:34 - 2014-02-01 22:32 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2015-11-10 21:24 - 2015-01-20 16:28 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-11-10 20:49 - 2013-12-09 20:34 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-10 20:39 - 2013-11-01 06:26 - 00000000 ____D C:\Users\MothMatt\Desktop\images
2015-11-10 20:18 - 2013-11-27 18:01 - 00000000 ___DC C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
2015-11-10 19:30 - 2014-04-04 17:53 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-11-10 19:27 - 2014-03-20 19:58 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2015-11-10 19:27 - 2014-03-20 19:57 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2015-11-10 19:27 - 2013-10-31 23:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-10 19:22 - 2014-09-11 21:30 - 00000000 ____D C:\Users\MothMatt\Heaven
2015-11-10 19:22 - 2014-03-07 11:25 - 00000000 ____D C:\Program Files (x86)\Rogue Legacy Demo
2015-11-10 19:21 - 2014-11-16 11:49 - 00000000 ____D C:\wamp
2015-11-10 19:16 - 2015-03-04 23:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-11-10 18:51 - 2013-10-31 23:07 - 00079048 _____ C:\Users\MothMatt\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-10 18:38 - 2013-11-27 09:54 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-10 18:38 - 2013-11-27 09:54 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-10 18:38 - 2013-11-27 09:54 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-10 18:37 - 2013-11-01 00:32 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-10 13:41 - 2013-11-01 02:27 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\vlc
2015-11-09 18:36 - 2013-11-01 06:33 - 00000000 ____D C:\Users\MothMatt\.gimp-2.8
2015-11-09 09:23 - 2013-10-31 23:40 - 00000000 ____D C:\ProgramData\Oracle
2015-11-09 09:22 - 2014-07-25 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-09 09:22 - 2013-10-31 23:39 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-09 09:21 - 2015-09-16 21:19 - 00000000 ____D C:\Users\MothMatt\.oracle_jre_usage
2015-11-09 09:21 - 2014-07-25 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-11-09 09:20 - 2014-07-25 16:42 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-09 00:07 - 2014-02-02 10:33 - 00000000 ____D C:\Users\MothMatt\Documents\StarCraft II
2015-11-06 22:20 - 2009-07-13 21:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-05 22:57 - 2013-11-17 05:14 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\BitTorrent
2015-11-01 22:21 - 2015-09-27 18:14 - 00000000 ____D C:\Program Files (x86)\StarCraft II - Legacy of the Void Beta
2015-11-01 22:17 - 2015-01-11 22:52 - 00000000 ____D C:\Users\MothMatt\AppData\Local\Warframe
2015-11-01 20:44 - 2013-11-01 02:46 - 00157410 _____ C:\Windows\DirectX.log
2015-11-01 20:35 - 2013-11-01 00:45 - 00000000 ____D C:\ProgramData\Skype
2015-10-30 07:20 - 2013-11-13 18:04 - 00000000 ____D C:\Users\MothMatt\AppData\Local\gtk-2.0
2015-10-22 23:05 - 2014-01-09 22:27 - 00000000 ____D C:\Windows\Minidump
2015-10-22 23:04 - 2014-01-09 22:27 - 678008850 _____ C:\Windows\MEMORY.DMP
2015-10-22 22:53 - 2015-10-03 03:31 - 00004022 _____ C:\Users\MothMatt\Desktop\100515.txt
2015-10-22 22:48 - 2015-09-17 22:18 - 00000000 ____D C:\Users\MothMatt\Desktop\olp
2015-10-21 10:11 - 2013-11-01 02:46 - 00000000 ____D C:\Users\MothMatt\Documents\My Games
2015-10-16 20:32 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2015-10-15 01:27 - 2014-05-26 21:37 - 00000000 ____D C:\Users\MothMatt\Downloads\TV Shows
2015-10-14 21:36 - 2015-04-14 16:22 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-14 21:36 - 2015-04-14 16:22 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-14 21:36 - 2015-04-14 16:22 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-14 21:36 - 2015-04-14 16:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-14 21:36 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-10-14 09:13 - 2015-09-10 16:28 - 00003234 _____ C:\Users\MothMatt\Desktop\091015.txt
2015-10-12 19:43 - 2013-11-19 03:06 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs

==================== Files in the root of some directories =======

2013-11-23 18:59 - 2013-12-02 14:47 - 0000132 _____ () C:\Users\MothMatt\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-09-11 21:29 - 2014-09-11 21:51 - 1065984 _____ () C:\Users\MothMatt\AppData\Local\file__0.localstorage
2015-10-30 07:21 - 2015-10-30 07:21 - 0002084 _____ () C:\Users\MothMatt\AppData\Local\recently-used.xbel
2014-09-07 17:21 - 2015-11-11 11:55 - 0007622 _____ () C:\Users\MothMatt\AppData\Local\Resmon.ResmonCfg
2015-09-11 01:19 - 2015-09-11 01:19 - 0000028 _____ () C:\Users\MothMatt\AppData\Local\X-Plane Installer.prf
2015-09-11 01:19 - 2015-09-11 01:23 - 0000015 _____ () C:\Users\MothMatt\AppData\Local\X-Plane_drm.prf
2015-09-11 00:58 - 2015-09-11 00:58 - 0000074 _____ () C:\Users\MothMatt\AppData\Local\x-plane_install_10.txt
2013-11-01 00:59 - 2013-11-01 01:07 - 0000819 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\MothMatt\AppData\Local\Temp\Checkupdate.exe
C:\Users\MothMatt\AppData\Local\Temp\dllnt_dump.dll
C:\Users\MothMatt\AppData\Local\Temp\dxwebsetup.exe
C:\Users\MothMatt\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\MothMatt\AppData\Local\Temp\Foxit Updater.exe
C:\Users\MothMatt\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\MothMatt\AppData\Local\Temp\gcapi_dll.dll
C:\Users\MothMatt\AppData\Local\Temp\gtapi_signed.dll
C:\Users\MothMatt\AppData\Local\Temp\Gw2.exe
C:\Users\MothMatt\AppData\Local\Temp\i4jdel0.exe
C:\Users\MothMatt\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\MothMatt\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\MothMatt\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\MothMatt\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\MothMatt\AppData\Local\Temp\namebench.exe
C:\Users\MothMatt\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\MothMatt\AppData\Local\Temp\nvStInst.exe
C:\Users\MothMatt\AppData\Local\Temp\procexp64.exe
C:\Users\MothMatt\AppData\Local\Temp\python27.dll
C:\Users\MothMatt\AppData\Local\Temp\raptrpatch.exe
C:\Users\MothMatt\AppData\Local\Temp\raptr_stub.exe
C:\Users\MothMatt\AppData\Local\Temp\SkypeSetup.exe
C:\Users\MothMatt\AppData\Local\Temp\tcl85.dll
C:\Users\MothMatt\AppData\Local\Temp\tk85.dll
C:\Users\MothMatt\AppData\Local\Temp\vcredist_x64.exe
C:\Users\MothMatt\AppData\Local\Temp\vcredist_x86.exe
C:\Users\MothMatt\AppData\Local\Temp\vlc-2.1.4-win64.exe
C:\Users\MothMatt\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-10 02:28

==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by MothMatt (2015-11-11 12:46:08)
Running from C:\Users\MothMatt\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-11-01 05:03:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1913142570-876064918-947292865-500 - Administrator - Disabled)
Guest (S-1-5-21-1913142570-876064918-947292865-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1913142570-876064918-947292865-1006 - Limited - Enabled)
MothMatt (S-1-5-21-1913142570-876064918-947292865-1001 - Administrator - Enabled) => C:\Users\MothMatt

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Fistful of Gun (HKLM-x32\...\Steam App 229810) (Version: - FarmerGnome)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version: - Trion Worlds, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AxCrypt 1.7.2976.0 (HKLM\...\{F28219BA-0FBA-4515-AA4D-DF55EA186C6A}) (Version: 1.7.2976.0 - Axantum Software AB)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Barony (HKLM-x32\...\Steam App 371970) (Version: - Turning Wheel LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlegrounds of Eldhelm (HKLM-x32\...\Steam App 329020) (Version: - Essence Ltd.)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version: - Gaijin Games)
BitTorrent (HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blackguards (HKLM-x32\...\Steam App 249650) (Version: - Daedalic Entertainment)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.)
Boris FX 10 (64 Bit) (HKLM\...\{BAF3FFCF-4BFC-42C9-A5F3-EF5F55615C29}) (Version: 10.0.1 - Boris FX, Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Cloudbuilt (HKLM-x32\...\Steam App 262390) (Version: - Coilworks)
Comic Seer (HKLM-x32\...\{164ECE87-899D-4170-BBD3-3091E24A42BF}) (Version: 2.51.2 - Xylasoft)
Cook, Serve, Delicious! (HKLM-x32\...\Steam App 247020) (Version: - Vertigo Gaming Inc.)
Cosmic DJ (HKLM-x32\...\Steam App 297110) (Version: - Gl33k)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Craft The World (HKLM-x32\...\Steam App 248390) (Version: - Dekovir Entertainment)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.02 - Creative Technology Limited)
Crypt of the NecroDancer (HKLM-x32\...\Steam App 247080) (Version: - Brace Yourself Games)
CRYPTARK (HKLM-x32\...\Steam App 344740) (Version: - Alientrap)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2726.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2726.0 - CyberLink Corp.) Hidden
CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.4203 - CyberLink Corp.)
Defiance (HKLM-x32\...\Steam App 224600) (Version: - Trion Worlds, Inc.)
Deponia: The Complete Journey (HKLM-x32\...\Steam App 292910) (Version: - Daedalic Entertainment)
Destination Sol (HKLM-x32\...\Steam App 342980) (Version: - MovingBlocks)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dual Monitor 1.22 (HKLM-x32\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu)
Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version: - AMPLITUDE Studios)
Epic Games Launcher (HKLM\...\{8727C279-A122-40B8-8ACA-271E1809DAA5}) (Version: 1.1.23.0 - Epic Games, Inc.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evoland 2 (HKLM-x32\...\Steam App 359310) (Version: - Shiro Games)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
FlashDevelop 4.5.2 (HKLM-x32\...\FlashDevelop) (Version: 4.5.2 - FlashDevelop.org)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.139.918 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.0.722 - Foxit Software Inc.)
Fraps (HKLM-x32\...\Fraps) (Version: - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Full Mojo Rampage (HKLM-x32\...\Steam App 225280) (Version: - Over the Top Games)
GameMaker-Studio 1.3 (HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\GameMaker-Studio13) (Version: - YoYo Games Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GemCraft - Chasing Shadows (HKLM-x32\...\Steam App 296490) (Version: - Game in a Bottle)
GenArts Sapphire Plug-ins 6.13 for After Effects and Compatible (HKLM\...\GenArts Sapphire AE_is1) (Version: - )
Geometry Wars 3: Dimensions (HKLM-x32\...\Steam App 310790) (Version: - Lucid Games)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.67.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.67.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Gloria Victis version 1.0.0 (HKLM-x32\...\{D9E0CF6F-C911-416C-BB8C-7B2AD776B9E5}_is1) (Version: 1.0.0 - Black Eye Games)
GoldWave v5.70 (HKLM-x32\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hack 'n' Slash (HKLM-x32\...\Steam App 246070) (Version: - Double Fine Productions)
Hacknet (HKLM-x32\...\Steam App 365450) (Version: - Team Fractal Alligator)
Half Minute Hero: Super Mega Neo Climax Ultimate Boy (HKLM-x32\...\Steam App 214830) (Version: - Opus)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Happy Cloud Client (HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)
HE Auto Launcher (HKLM-x32\...\HE Auto Launcher) (Version: - )
honestech VHS to DVD 7.0 Deluxe (HKLM-x32\...\{AC242562-1F9E-42C9-B461-E8B839093FEB}) (Version: 7.0 - honestech)
honestech VHS to DVD 7.0 Deluxe (x32 Version: 7.0 - honestech) Hidden
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - Dennaton Games)
HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
Human Resource Machine (HKLM-x32\...\Steam App 375820) (Version: - Tomorrow Corporation)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 7 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170650}) (Version: 1.7.0.650 - Oracle)
Jazzpunk (HKLM-x32\...\Steam App 250260) (Version: - Necrophone Games)
KickBeat Steam Edition (HKLM-x32\...\Steam App 255370) (Version: - Zen Studios)
King’s Bounty: Legions (HKLM-x32\...\Steam App 235400) (Version: - Nival)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LG Verizon United Driver (HKLM-x32\...\{A17B9856-40CF-4BEA-BB65-ADB8154A83DC}) (Version: 2.14.1 - LG Electronics)
LibreOffice 4.1.2.3 (HKLM-x32\...\{DD3CB916-F91A-41B9-B276-CAC090E91021}) (Version: 4.1.2.3 - The Document Foundation)
Logitech Gaming Software 8.46 (HKLM\...\Logitech Gaming Software) (Version: 8.46.27 - Logitech Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LUFTRAUSERS (HKLM-x32\...\Steam App 233150) (Version: - Vlambeer)
Magic The Gathering Online (HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\35c9d60442fbb010) (Version: 3.4.87.519 - Wizards of the Coast)
Magic Workstation 0.94f (HKLM-x32\...\Magic Workstation_is1) (Version: - Magic Technology)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{F0DB2786-18C8-4B0D-9DC2-BA58856A2821}) (Version: 2.1.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTG Card Images for Magic Workstation (HKLM-x32\...\MTG Card Images for Magic Workstation_is1) (Version: - )
MTG GamePack for Magic Workstation (HKLM-x32\...\MTG GamePack for Magic Workstation_is1) (Version: - Magic Technology)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
My Game Long Name (HKLM\...\UDK-18ac34f0-6bcf-4690-a1bd-417421d3f940) (Version: - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-746e7876-3830-4ffc-b63f-299c2d121322) (Version: - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-a908026c-3541-42fb-b0dc-8303314b076f) (Version: - Epic Games, Inc.)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
NeatMouse (HKLM-x32\...\NeatMouse) (Version: 1.02 - Neat Decisions)
Network Addon Mod (HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\Network Addon Mod) (Version: 32 - The NAM Team)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.98 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.98 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version: - Silver Dollar Games)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
osu! (HKLM-x32\...\{cd6acbe2-03a4-4ab0-b848-f45d668a1355}) (Version: latest - ppy Pty Ltd)
Papo & Yo (HKLM-x32\...\Steam App 227080) (Version: 2.0 - Minority Media Inc.)
Paranautical Activity (HKLM-x32\...\Steam App 250580) (Version: - Code Avarice)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PowerDirector (Version: 12.0 - CyberLink Corp.) Hidden
Pox Nora (HKLM-x32\...\Steam App 201210) (Version: - Desert Owl Games LLC)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.13004.105 - raidcall.com)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27748 - Razer Inc.)
ReignMaker (HKLM-x32\...\Steam App 286200) (Version: - Frogdice, Inc)
Reus (HKLM-x32\...\Steam App 222730) (Version: - Abbey Games)
Reverse Crawl (HKLM-x32\...\Steam App 400660) (Version: - Nerdook Productions)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
RPG Maker VX Ace (HKLM-x32\...\Steam App 220700) (Version: - Enterbrain)
RPG MO (HKLM-x32\...\Steam App 372800) (Version: - Marxnet)
Runers (HKLM-x32\...\Steam App 306550) (Version: - LGK Games)
Runestone Keeper (HKLM-x32\...\Steam App 339400) (Version: - Blackfire Games)
SanctuaryRPG: Black Edition (HKLM-x32\...\Steam App 328760) (Version: - Black Shell Games)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Secrets of Grindea (HKLM-x32\...\Steam App 269770) (Version: - Pixel Ferrets)
Shadow Era version 2.8509 (HKLM-x32\...\{A9DA5CA9-5576-4E77-8D83-5FCA5DF9ACF1}_is1) (Version: 2.8509 - Wulven Game Studios)
Shatter (HKLM-x32\...\Steam App 20820) (Version: - Sidhe)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\Steam App 250760) (Version: - Yacht Club Games)
Sigils of Elohim (HKLM-x32\...\Steam App 321480) (Version: - Croteam)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version: - EA - Maxis)
Skullgirls (HKLM-x32\...\Steam App 245170) (Version: - Lab Zero Games)
Skullgirls ∞Endless Beta∞ (HKLM-x32\...\Steam App 208610) (Version: - )
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
SmartFoxServer 2X 2.9.0 (HKLM\...\0876-9884-4843-9474) (Version: 2.9.0 - GOTOANDPLAY snc)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
SolForge (HKLM-x32\...\Steam App 232450) (Version: - Stone Blade Entertainment)
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Stacking (HKLM-x32\...\Steam App 115110) (Version: - Double Fine Productions)
StarCraft II - Legacy of the Void Beta (HKLM-x32\...\StarCraft II - Legacy of the Void Beta) (Version: - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stealth Bastard Deluxe (HKLM-x32\...\Steam App 209190) (Version: - Curve Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sublime Text 2.0.2 (HKLM-x32\...\Sublime Text 2_is1) (Version: - )
Sublime Text Build 3059 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version: - Bossa Studios)
Sweet Lily Dreams (HKLM-x32\...\Steam App 300540) (Version: - RosePortal Games)
Sylenth1 v1.01.3 (HKLM-x32\...\Sylenth1_is1) (Version: - )
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\teraenmasse) (Version: - )
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
The Swindle (HKLM-x32\...\Steam App 369110) (Version: - Size Five Games)
Thea: The Awakening (HKLM-x32\...\Steam App 378720) (Version: - MuHa Games)
TIS-100 (HKLM-x32\...\Steam App 370360) (Version: - Zachtronics)
To the Moon (HKLM-x32\...\Steam App 206440) (Version: - Freebird Games)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
Transistor (HKLM-x32\...\Steam App 237930) (Version: - Supergiant Games)
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{5210717F-CAFD-4F21-8DF7-6ED3862725C4}) (Version: 12.1.0 - Red Giant Software)
Trapcode Suite 64-bit (Version: 12.1.0 - Red Giant Software) Hidden
Unepic (HKLM-x32\...\Steam App 233980) (Version: - Francisco Téllez de Meneses)
Unity (HKLM-x32\...\Unity) (Version: 5.2.2f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\UnityWebPlayer) (Version: 5.2.2f1 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VIDBOX Driver (HKLM-x32\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 4.0.0 - honestech)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
You Have to Win the Game (HKLM-x32\...\Steam App 286100) (Version: - Minor Key Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File

==================== Restore Points =========================

10-11-2015 23:23:26 Microsoft Visual Studio Community 2015
10-11-2015 23:24:46 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
10-11-2015 23:25:50 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
10-11-2015 23:27:07 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026
10-11-2015 23:28:20 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
10-11-2015 23:28:53 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
10-11-2015 23:38:51 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
10-11-2015 23:53:11 Installed Microsoft Visual Studio 2015 Tools for Unity
11-11-2015 01:39:14 Windows Update
11-11-2015 12:05:36 Windows Update
11-11-2015 12:29:11 Before RootKit Running

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2014-11-16 11:50 - 00000878 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {5095602C-3252-4D6F-803C-4BA3A7D68C5D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {57055CF2-4CE7-452C-A48A-8A7E3BA8ADA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {579B5E6E-5A92-424A-A594-C000F99D5A2B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated)
Task: {BC907F44-CCDA-47E0-8370-1582703F04B9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001UA => C:\Users\MothMatt\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {CB5FFFC0-E57C-4EDE-9CC4-56447C32FEF9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001Core => C:\Users\MothMatt\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001Core.job => C:\Users\MothMatt\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001UA.job => C:\Users\MothMatt\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-23 13:11 - 2015-06-23 13:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2013-11-01 07:55 - 2012-08-08 20:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-09-11 19:08 - 2015-09-13 16:09 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-18 19:25 - 2015-08-26 18:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-01 00:28 - 2015-10-01 00:28 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-07-28 17:11 - 2014-11-25 20:12 - 40622592 _____ () C:\Users\MothMatt\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2015-07-28 17:11 - 2014-11-25 20:12 - 00911360 _____ () C:\Users\MothMatt\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2015-07-28 17:11 - 2014-11-25 20:12 - 00134144 _____ () C:\Users\MothMatt\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\MothMatt\AppData\Local\fsMjKdl9U0Kd:mRETKvVCxyMXETGrQZXog5DT6uhi
AlternateDataStreams: C:\Users\MothMatt\AppData\Local\Temp:1NfDTzrWZvOJISHgQGaMV
AlternateDataStreams: C:\Users\MothMatt\AppData\Local\Temp:art2U3J1a5v5HYVBi9cIA8W

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\aeriagames.com -> hxxp://aeriagames.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1913142570-876064918-947292865-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\startupfolder: C:^Users^MothMatt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Gangsters2Setup.lnk => C:\Windows\pss\Gangsters2Setup.lnk.Startup
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXE
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B1991AC3-CB36-40D0-AE00-029175555F6A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CB7FA1A4-7C94-4ECE-B8EE-9965B01DFE96}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{33358AAE-F656-49B8-8EA9-DB75502C68C1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7559A27D-DF82-4115-8B43-666FB1879846}] => (Allow) C:\Users\MothMatt\AppData\Local\Temp\7zS6A25\setup\hpznui40.exe
FirewallRules: [{73E83E88-9E7F-4BF8-8E92-44867EF6E574}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{91758114-962F-45C2-B763-F3FA5B1B02C4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{9C9712A1-470A-4118-8F8D-125D7654027A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{AB84D7CA-932F-4677-BACA-6B34F00CA415}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{3F0F01F9-0B42-47F7-9279-E5BBE5733A10}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{024E11F0-1473-4C2C-A923-EB1160707326}] => (Allow) C:\Users\MothMatt\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2D90E816-860F-41CE-9297-04004390D99B}] => (Allow) C:\Users\MothMatt\AppData\Roaming\BitTorrent\BitTorrent.exe
 
FirewallRules: [{E15F0CA1-FACA-4612-8ECA-BFF61846A346}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CS6\Adobe Premiere Pro.exe
FirewallRules: [{22949254-A975-4FF3-8152-8AE8D80F394C}] => (Block) %ProgramFiles%\Adobe\Adobe Encore CS6\Adobe Encore.exe
FirewallRules: [{4C07E94B-79FF-4410-8CFD-91B81A0E02FF}] => (Block) %ProgramFiles%\Adobe\Adobe Media Encoder CS6\Adobe Media Encoder.exe
FirewallRules: [{BDF0A638-62D9-45C1-8F12-A7E2BA9DA189}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe
FirewallRules: [{A84C790C-7447-4910-95B2-D1FBBC805BEA}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 Bit)\bridgeproxy.exe
FirewallRules: [{E8A8123A-0476-420B-81F6-D8C1D0803D23}] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe
FirewallRules: [{47E3DDFF-4426-44D8-A116-30839BA81459}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
FirewallRules: [{0589CF00-5FA1-4528-8502-5ADB8F9755B2}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe
FirewallRules: [{3E37951C-3D3F-441E-BAC5-98DDE48112F5}] => (Block) %ProgramFiles%\Adobe\Adobe Media Encoder CS6\Adobe Media Encoder.exe
FirewallRules: [{FD179545-6081-4FB8-B809-7BC5C4C84C13}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{21A8B1FE-B8B0-4404-80FA-51D35A75D152}] => (Block) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{711FEF6B-2179-4E47-AE29-058446007477}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{DB8910BB-F96F-4BCD-9FFC-970204B8CCB0}] => (Block) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{5FA84A39-7B3B-4038-8E17-D9316B0CB794}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{A53B573F-5F60-449E-B669-9E315FF27B75}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{0ABE8A2D-F22C-40B2-AFF9-45A30933127E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2417\Agent.exe
FirewallRules: [{F50C3619-57C9-490E-BDD2-7FBAED3525D0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2417\Agent.exe
FirewallRules: [{33B1D075-24D1-4B31-97EC-4FCF3C01215D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C73B08FB-6519-4EA2-9B10-88B97A9245C2}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{158948E5-D5A5-4E36-844B-C1E072FD0187}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{0B2A3D65-3045-43EC-AEE2-ACE29859E7E9}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{63A5DEE2-F08C-4B5A-AAEA-5363D99A7284}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{394A2BBA-5F68-441F-AE0D-5684852F6576}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{D1C19958-DA44-498C-89B9-8CACCD3172F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2B1688C3-BDC3-48C9-A794-7A9C809B65B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{21B8CC42-6016-41A1-9079-2F406067B8FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{71391A84-8CE9-4D62-8BC9-5DE31AC0406F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4636BD94-D74C-4E5C-BBE5-EC91C8F85493}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{59DA3FCF-2867-4586-99A0-F61D64CC54DC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{3BB50B26-3A90-49AD-A08A-3785927941CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{33D38BF3-B111-463C-86EB-FB7A0A7BE1A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{74CBEE15-58BA-4D6F-8E3D-E26F8141B857}] => (Allow) %ProgramFiles% (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{E8FE1AD8-BBBE-4165-AE83-50B89785358D}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [UDP Query User{A448DDF4-A676-4F3D-807D-120FFE43B481}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [{A78D9B00-9ACA-477E-A925-48CF9C771F09}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Flash CS6\Flash.exe
FirewallRules: [TCP Query User{0DBD7E07-68B7-4F7C-AE0B-29C5637757A8}C:\wamp\bin\apache\apache2.4.4\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
FirewallRules: [UDP Query User{3A7B394A-92B8-40C2-9C99-C581D523977A}C:\wamp\bin\apache\apache2.4.4\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
FirewallRules: [TCP Query User{D615BC63-6815-4A4C-AE95-14F01B9CA9B0}C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{831D62B2-59F9-4538-A0B3-73A21FB03053}C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [{714869D2-E631-4572-BA79-D03325007223}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{97FE2A36-C0A0-4F37-8597-7290D80F6E1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{ACEEC1F2-C03A-4807-97DD-4FC8C8F9B32F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BEEAFE54-0FB6-4CEF-ACF6-411BE32F6EF0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{32EC137B-3564-4C52-BD0D-B967846F92A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reus\Reus.exe
FirewallRules: [{F0E0D0D3-4C1C-4EAD-9FC1-0E1084D1182B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reus\Reus.exe
FirewallRules: [{9B0BEEDF-7D07-4571-850B-67FC55849ADF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapoYo\Binaries\Win32\PYGame-Win32-Shipping.exe
FirewallRules: [{E9F2E9D2-8E64-44B5-960C-E6CA86277E57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapoYo\Binaries\Win32\PYGame-Win32-Shipping.exe
FirewallRules: [{8F347FB8-5488-4061-BA58-EA1615C90EB6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{46129B3C-37C5-42DF-B802-1D589F677F17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{CFD6D4F7-9880-44C3-AC39-23B330826969}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{508CB067-CBB6-4523-979D-DEFFFF13207A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{56127A79-788B-4CB4-9F9B-35E72D90A524}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\bittriprunner2\runner2.exe
FirewallRules: [{CC1A1416-96B0-4D83-8F28-9E5EEB7A38FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\bittriprunner2\runner2.exe
FirewallRules: [{94C9A6A1-ABDC-46A0-9E65-1DB43C55CEF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{29B89BD1-237C-461F-94F7-ED1DBA77EE2F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{2AF415C8-CF5D-4F14-8E4A-E49C57293048}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\StealthBastardDeluxe\StealthBastard[Steam].exe
FirewallRules: [{F8285D22-3EF2-4436-8A31-4B993175E356}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\StealthBastardDeluxe\StealthBastard[Steam].exe
FirewallRules: [{E756D15C-A01B-4B6E-BCB3-3592E92BBA90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Joe Danger 2 The Movie\Bin\JD2Launcher.exe
FirewallRules: [{5A217FD9-27AF-452A-A04A-7C68F5883F43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Joe Danger 2 The Movie\Bin\JD2Launcher.exe
FirewallRules: [{311A44F7-BD4A-45A2-95BA-4212A8E2A78F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kings Bounty Legions\KingsBounty.exe
FirewallRules: [{E8437DF2-E914-408C-B3A0-D69E58777911}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kings Bounty Legions\KingsBounty.exe
FirewallRules: [{4C38D2FD-95E7-4541-8D33-1F46DFCD3C2A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{4BFC0341-628B-426A-BB28-9EE914D9465E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{5FBF77B4-1758-4387-B00B-247B4A8FBB5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{F5D13B1D-612D-4308-BA5F-9AD9E6287D41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{4A9A5B30-8602-4D50-AB87-F0FEF2B04F59}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{6067F143-D0D6-43BD-8B15-6EDBF9A27100}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{3A646D34-77BA-4FA5-AB4D-CC2B6442D407}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{DED0D8FB-ABE1-4E15-A46D-B495031F0E12}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{1413087E-30CF-4473-B205-5BEF72A00917}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{DCF6EC67-B493-4A78-82C1-7480915BD9C8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{3DF9382A-3A2F-493C-94D4-C4350B3ACBDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{41CEEA3F-B468-4DF4-ADB2-216DDB56745E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{5CC33876-6513-4754-9966-D62E2B8142C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shatter\Shatter.exe
FirewallRules: [{6690E46F-1F6D-4215-811D-543D7A007C26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shatter\Shatter.exe
FirewallRules: [{6311F8A1-FB64-4F44-97CA-7CB5AF5F18AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shatter\ShatterSettingsEditor.exe
FirewallRules: [{78A9C528-359F-4CCA-A60D-1568693DAEC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shatter\ShatterSettingsEditor.exe
FirewallRules: [{37AA00FF-EB23-4A54-B613-8330DB9815C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{968662E8-F647-4B15-8260-8FD49653F0E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{5A4D2E7E-BCC6-4BBD-AD43-149B942F6B84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{91601E56-E4F2-48ED-929F-A15D70D5505D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{F07C283E-E439-4717-8905-62F21AF4B112}] => (Allow) LPort=11100
FirewallRules: [{DA175294-25C1-455C-B990-3A7C2A83706E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{997C012B-E05A-438C-898E-E86D1CA70681}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [TCP Query User{2FC5378D-6F60-4C90-A5F8-52039037264F}C:\users\mothmatt\appdata\roaming\gamemaker-studio\runner.exe] => (Allow) C:\users\mothmatt\appdata\roaming\gamemaker-studio\runner.exe
FirewallRules: [UDP Query User{2520C895-D9EF-471B-98A3-CF9F681B15EE}C:\users\mothmatt\appdata\roaming\gamemaker-studio\runner.exe] => (Allow) C:\users\mothmatt\appdata\roaming\gamemaker-studio\runner.exe
FirewallRules: [TCP Query User{829C4D22-885E-4E49-81EB-A3A39A7E63F9}C:\program files (x86)\flashdevelop\flashdevelop.exe] => (Allow) C:\program files (x86)\flashdevelop\flashdevelop.exe
FirewallRules: [UDP Query User{6DC944C9-294F-40F4-9778-3FEAD060C4DB}C:\program files (x86)\flashdevelop\flashdevelop.exe] => (Allow) C:\program files (x86)\flashdevelop\flashdevelop.exe
FirewallRules: [{3166BA6B-4437-437D-95CB-D59A34F99E3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{33B4FAC1-693E-4960-9C30-9C587FCF8DEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{BA50A5CC-5AD0-4EE9-A529-2C50CD848CAB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{1C92AE7E-DF8D-4E93-9123-A37FD0AD9A28}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{41630615-B97C-4A81-A9CC-E77DE1304ACC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{9E9A94DF-F1F9-46FE-99EE-3255BA01344E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{C2CE7F8D-0B26-428C-95A3-1FB3A8934A41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{16CBD2B8-6E5D-4510-973A-90470D93C6DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E738E653-B7F0-4F64-8B4D-67EEFAB628C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{62F05199-C8EF-4A34-83DB-1AEFE5D1FC6A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{C1FE673B-0091-4FFE-A3D0-80A3D1EB4648}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{6FFA9D47-9673-4E26-A79C-BA28719E5F9D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{6D6DD0C4-C13C-4EA5-A364-4B96F8BDC207}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{AB53EC2B-9FF4-421E-9984-56AE586A798B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{7F7A1F78-029E-41BF-A49A-E4C0AFAB7D2A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cloudbuilt\CloudBuilt.exe
FirewallRules: [{E9422011-7F52-4EDC-BA77-00779B0E0E9A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cloudbuilt\CloudBuilt.exe
FirewallRules: [{1594F155-67F6-4C14-B806-6F699ABDB0BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{F3373D39-52E5-4BFF-B22F-F062D60C50CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{76C3423B-82D9-432C-ABE6-E38FFCDDF95A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{1D33D246-86FA-431C-BA2A-C59471AE230A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{7C1BC9FB-B336-4ECB-B8AF-38031AEB6181}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{D7C5556B-AA7B-4725-A198-83BC4CB74FB6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{84922A31-B2F6-49CF-B3CF-8BEC86A6070F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Luftrausers\bin\Luftrausers.exe
FirewallRules: [{5EE34FDC-2A75-4D6D-AAF8-CCDAC1D9D192}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Luftrausers\bin\Luftrausers.exe
FirewallRules: [TCP Query User{0FA77C3A-FC21-4214-BC34-A8AFD63350BF}C:\program files (x86)\steam\steamapps\common\ether one\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ether one\binaries\win32\udk.exe
FirewallRules: [UDP Query User{EA438697-4F49-41BB-BAED-F99BE710698B}C:\program files (x86)\steam\steamapps\common\ether one\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ether one\binaries\win32\udk.exe
FirewallRules: [{8D195583-54D8-494B-A7AB-24E3478763E8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{DF97B177-119C-4CFD-8726-121D6D6E638D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{51CCABCD-C2A6-49F4-A109-5268535C6CAF}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{DE05A1B0-2194-4EDE-844D-A925173C96BF}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{25F910DE-1355-4502-913E-0D556A0C97A8}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{F78A5800-4620-4714-8FAF-1A3AB970D773}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{A589FC6D-E9F6-40CB-A73A-5404AFA81419}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{8C737BD0-0965-4186-86CF-E085E41E3734}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{2E75A3F4-1F2E-401E-8235-2F096D2A28D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{6985246C-2C98-4FA7-85AF-3D7583C3086A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{A2C27E92-789D-42E4-9ACB-1DE2A465561D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{FD922CDE-8198-475C-ABF1-55FA4DC6CDD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{9953C189-1547-4C1B-AF0B-9DC1370DD367}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{864C4B08-41A1-491A-BCFB-40D421B9A8FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [TCP Query User{EB3B2FC3-9E41-4563-8234-A4394047CA38}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{0943C9FB-2F21-4377-8157-F483A9F25F85}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{BA181C25-3406-4BA0-BA18-788016D57C2B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{5170EBDB-4626-42F4-BAC2-0D26E6070F1B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{8845AB39-3DFA-43F5-8408-7B6059B3A5DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{E89AADCE-6A41-42F3-BDE3-45F161CF4A3F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{C3EDABFB-A0BD-4CF6-A97A-DAF90DAD4346}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGVXAce\RPGVXAce.exe
FirewallRules: [{290B0F26-F1B4-45E6-936D-63921BE1CDAD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGVXAce\RPGVXAce.exe
FirewallRules: [{B2687B07-1A47-4A39-8F9B-E6E6956CF799}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sweet Lily Dreams\Game.exe
FirewallRules: [{A8067640-98F6-4B0D-92DE-98B3B01549B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sweet Lily Dreams\Game.exe
FirewallRules: [{E781B32D-A911-491A-AEBE-D181A9B29A81}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{DA26FA9F-52C2-4E0D-A53B-02076E446E29}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{62653D40-80C7-49A4-831D-700A7AC2E271}] => (Allow) C:\Program Files (x86)\Diablo III Public Test\Diablo III.exe
FirewallRules: [{96594A52-CC05-40FF-AC7D-8F1A70D143EB}] => (Allow) C:\Program Files (x86)\Diablo III Public Test\Diablo III.exe
FirewallRules: [{59CE5A30-8C80-4B7B-B3D6-C9FC6E815B33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ReignMaker\ReignMaker.exe
FirewallRules: [{9FEBBC90-6222-4ED6-A216-FE5E3FB1116A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ReignMaker\ReignMaker.exe
FirewallRules: [{DA56B2B2-FA51-4AC7-847F-2CDC90F1AE12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ParanauticalActivity\Paranautical Activity.exe
FirewallRules: [{9C42C76E-9656-4C6F-A828-C813F8FB17F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ParanauticalActivity\Paranautical Activity.exe
FirewallRules: [{B64B7BAD-685D-4375-A921-76D97D71C968}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stacking\Stack.exe
FirewallRules: [{94D38647-15F1-443D-A544-C75FE03278CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stacking\Stack.exe
FirewallRules: [{A4DBFC87-7626-488B-A614-BB3387D40763}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SolForge\SolForge.exe
FirewallRules: [{55B59663-76EE-4280-8DBF-3BFBB836F0B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SolForge\SolForge.exe
FirewallRules: [TCP Query User{E57F75DC-4E4E-4014-AE17-D7109922E75B}C:\users\mothmatt\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mothmatt\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{6F7D0926-4FED-4463-9615-66E9D8ED0F85}C:\users\mothmatt\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mothmatt\appdata\local\akamai\netsession_win.exe
FirewallRules: [{DF945359-026A-4F01-8B64-232F88C695A5}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
FirewallRules: [{2B287ECE-8346-4D17-8691-9E1DBEE3AA8B}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
FirewallRules: [{4852472F-4DCD-484B-896C-D9A00E14B119}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{5A9AE9B8-36B9-4D1D-AA6D-C3A640B9FF46}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A25D41A9-57D9-408C-B97D-EF1E55E80795}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3025CFF5-5590-475D-A92F-1CAA0C1FCF2A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{26046120-FD6C-4153-979A-AF486CD3B6BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{E67EC120-0FD4-4451-871E-853FB53DC0D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{EE80FE26-F63E-4473-9DB7-B51C12BC26D1}] => (Allow) %USERPROFILE%\Desktop\Wildstar.exe
FirewallRules: [{BC3DF632-3723-4D4B-BDC1-01067244C196}] => (Allow) %ProgramFiles% (x86)\NCSOFT\WildStar\Wildstar.exe
FirewallRules: [{6230F9B5-0C1D-4C8F-B95D-A90F06D61074}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{7E43A883-2743-4248-86BE-9E06918B1446}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [TCP Query User{12EA9668-292B-4665-9D50-9CE1771B68D5}C:\users\mothmatt\appdata\local\temp\gw2.exe] => (Allow) C:\users\mothmatt\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{F1133B7A-DDE1-48F4-B22E-54A0AB76FBC0}C:\users\mothmatt\appdata\local\temp\gw2.exe] => (Allow) C:\users\mothmatt\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{2F355DC0-A47A-4091-864C-4BBACAD8591E}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{E47C004C-3F17-4669-AA74-FE035B6E2673}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{F64C165C-2E78-4FF9-A137-094F909BCAAA}] => (Allow) %ProgramFiles% (x86)\Guild Wars 2\Gw2.exe
FirewallRules: [TCP Query User{B9E022CB-FFDD-496A-A939-2DAEA0DBFA1F}C:\users\mothmatt\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\mothmatt\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0511C995-5DB9-4DF0-BC19-AA36A240603A}C:\users\mothmatt\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\mothmatt\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4E88F652-39F7-4429-8EA1-F3336AF68328}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{52929D39-5302-4047-A1D1-CAFE9CF4BEB4}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{BA5A1B8F-4C33-47B1-9FBF-ECB396D53217}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5487C558-7021-435B-AADA-4C2D5301B1A0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EA0E91F3-3989-4795-AB48-E621F761A29C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{CD057A98-4F74-4493-ACEF-06DDE0A1CC11}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{C4472E19-ADF2-43D1-BA17-36B383CA5899}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Runers\Runers.exe
FirewallRules: [{6558092D-BBF4-4053-9400-47D5C83A2D31}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Runers\Runers.exe
FirewallRules: [{DAD33AF9-7E97-4EDB-BE1C-7BEFB37F9622}] => (Allow) %ProgramFiles% (x86)\Glyph\Games\ArcheAge\Beta\bin32\archeage.exe
FirewallRules: [{1CD9928D-1018-46DE-A505-FC1D1C6E9D60}] => (Allow) %ProgramFiles% (x86)\Glyph\GlyphClient.exe
FirewallRules: [TCP Query User{F9B3BC0B-5742-4072-BD0D-8966F3F18FF3}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{4580E7A2-D760-4B8E-B9E2-93645AE7B19E}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [{2FDD72EE-CE4A-4BBA-842A-2265E88CC638}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{0AE35A29-F347-4B52-8090-D03B262B6B94}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{25AC01CC-6E8D-4D90-BE59-A3471EFC5996}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{E1292886-E0E1-40C4-9CFA-165B260CB7B3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [TCP Query User{C9CA6AD9-3F79-4F86-8EB0-A697DEF329E0}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{F6CD2C17-2D4D-42A0-A2F2-6020D11156DB}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{9EE0D880-372B-4D8E-AD4F-7005E4AA9425}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{A9909FAB-E7E8-4BD1-B876-C56DA52C2D7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{1C18BA7C-13C2-43D3-9DD2-BD0BD4E3FA0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pox Nora\jre\bin\javaw.exe
FirewallRules: [{C401DD0F-D269-4197-9C2C-3021134905D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pox Nora\jre\bin\javaw.exe
FirewallRules: [{743F0202-094F-4122-A422-4ABB046B8E7B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{3C1E309B-1D0D-49A1-8AE4-EA98DA6AC349}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{93AE0833-2EF9-4D97-B2DB-E9016CA1CB29}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{03AC84CA-FDDC-4F3D-9C94-B95398D3EA65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{270B7E91-CE51-440C-A8E3-9C2D97527332}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sigils of Elohim\Sigils.exe
FirewallRules: [{D13EC611-316B-47D1-B768-0C1FE57826A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sigils of Elohim\Sigils.exe
FirewallRules: [{31AA9F3C-002F-4AA3-85A5-CC32529A8B3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HacknSlash\Hack.exe
FirewallRules: [{33EC5524-FC1A-4863-9A6F-351D806632A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HacknSlash\Hack.exe
FirewallRules: [{69DE8E8A-9F99-4F72-A9A0-652888859DF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Battlegrounds of Eldhelm\Eldhelm.exe
FirewallRules: [{58B696F1-17A9-4371-AA86-0E3EAA107A57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Battlegrounds of Eldhelm\Eldhelm.exe
FirewallRules: [{A8B522BB-B3B9-4CAF-9137-769EDD674DDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{3ABA7993-08EA-4E9B-BC87-A3BEDDCE836E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [TCP Query User{7F2ADEE5-903D-434F-84BD-EC1B0418AF1F}C:\monkeyx77a\bin\mserver_winnt.exe] => (Allow) C:\monkeyx77a\bin\mserver_winnt.exe
FirewallRules: [UDP Query User{FAB2948C-92B5-4E06-98F5-3C543B55247F}C:\monkeyx77a\bin\mserver_winnt.exe] => (Allow) C:\monkeyx77a\bin\mserver_winnt.exe
FirewallRules: [TCP Query User{AEE4C546-7E2B-4A78-8046-E37873FE3546}C:\program files (x86)\unity_4_3_3\editor\unity.exe] => (Allow) C:\program files (x86)\unity_4_3_3\editor\unity.exe
FirewallRules: [UDP Query User{48981018-88F8-440E-92A5-7F6E8FE0856B}C:\program files (x86)\unity_4_3_3\editor\unity.exe] => (Allow) C:\program files (x86)\unity_4_3_3\editor\unity.exe
FirewallRules: [TCP Query User{9E62C1B1-39FC-4825-89F7-7082DA58D2C8}C:\program files (x86)\unity_4_6_20\unity.exe] => (Allow) C:\program files (x86)\unity_4_6_20\unity.exe
FirewallRules: [UDP Query User{49C5FB97-908E-42E6-BF10-6E8EC3435D28}C:\program files (x86)\unity_4_6_20\unity.exe] => (Allow) C:\program files (x86)\unity_4_6_20\unity.exe
FirewallRules: [TCP Query User{00513A52-88EA-466A-B7A5-014C5124793F}C:\program files (x86)\unity_4_6_20\editor\unity.exe] => (Allow) C:\program files (x86)\unity_4_6_20\editor\unity.exe
FirewallRules: [UDP Query User{CA68DD9B-9F21-432A-A932-42963A1B4A31}C:\program files (x86)\unity_4_6_20\editor\unity.exe] => (Allow) C:\program files (x86)\unity_4_6_20\editor\unity.exe
FirewallRules: [{7E8EBF8D-E641-4FB0-B8B0-575365F8E505}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{9CD774A0-CF15-4652-9B8E-3E7E572201BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{84305455-C71A-4891-AE31-C1838711B0B3}C:\program files (x86)\unity_4_5_5\unity.exe] => (Allow) C:\program files (x86)\unity_4_5_5\unity.exe
FirewallRules: [UDP Query User{219427E3-1C76-4637-B96C-EB513DC8DB21}C:\program files (x86)\unity_4_5_5\unity.exe] => (Allow) C:\program files (x86)\unity_4_5_5\unity.exe
FirewallRules: [TCP Query User{F27B4111-6F87-4978-A39F-112F652906F3}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{6FDE8F26-71F9-4BA1-9A69-FB2E779DF678}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{6D8BE67F-7889-4EFF-B886-20C5B79AA4D5}C:\users\mothmatt\desktop\cubewarz.exe] => (Allow) C:\users\mothmatt\desktop\cubewarz.exe
FirewallRules: [UDP Query User{54AC5327-65B6-4256-A13A-A5FA9B663856}C:\users\mothmatt\desktop\cubewarz.exe] => (Allow) C:\users\mothmatt\desktop\cubewarz.exe
FirewallRules: [{07A1CFEA-196F-48B5-A08E-6662F0D694D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Blackguards\Blackguards.exe
FirewallRules: [{8035A996-0D20-4142-AD89-7294DE9EF41D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Blackguards\Blackguards.exe
FirewallRules: [TCP Query User{162D79AF-FB80-49A6-8847-BF67DAC851A9}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{C204C77B-601C-48A8-8446-2F441310AB3A}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [TCP Query User{79A53FAD-2C69-406C-8F6F-393601C11839}C:\program files\smartfoxserver_2x\sfs2x\sfs2x-standalone.exe] => (Allow) C:\program files\smartfoxserver_2x\sfs2x\sfs2x-standalone.exe
FirewallRules: [UDP Query User{F82F7016-0BC2-470A-8345-39F58DDBEB31}C:\program files\smartfoxserver_2x\sfs2x\sfs2x-standalone.exe] => (Allow) C:\program files\smartfoxserver_2x\sfs2x\sfs2x-standalone.exe
FirewallRules: [{8BDE3A2E-57DA-4B4E-9E42-E9A2BC7559E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FullMojoRampage\FullMojo.exe
FirewallRules: [{4F22A47F-BA10-4B30-8F87-163ED3E6DF90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FullMojoRampage\FullMojo.exe
FirewallRules: [{14EB04EC-7C1C-4228-BD15-239896AFC56F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KickBeat\KickBeat.exe
FirewallRules: [{F5B9C4D9-D2B1-467E-9085-2FAB1A550212}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KickBeat\KickBeat.exe
FirewallRules: [{44695FCC-0514-4B83-93F5-AA39AF05DB9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half Minute Hero\HMH.exe
FirewallRules: [{8A6093ED-B994-4B01-AA87-42712C0182DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half Minute Hero\HMH.exe
 
FirewallRules: [{14183A11-64B4-4F81-B775-A3F59CC2836F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CraftTheWorld\CraftWorld.exe
FirewallRules: [{0F7AD8EF-6834-448E-A1F8-C0AC7334096C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CraftTheWorld\CraftWorld.exe
FirewallRules: [{54F78B42-A98C-4CC4-A54D-64FAE94B3D42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Geometry Wars 3 - Dimensions\GW3.exe
FirewallRules: [{EC66BFF4-9730-4CE1-9BE8-3FA8205E6FBC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Geometry Wars 3 - Dimensions\GW3.exe
FirewallRules: [{5173CADA-D84B-4A80-A55C-1FE622B101E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{567C16BD-FD69-43CE-B535-89ACA5BC9110}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{BC27F590-8135-40EA-9420-7675B75E8AC9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{F145C70F-42AE-4341-8E71-49BD5AA50C27}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E536F23E-8739-453B-8EA3-09110AEDFB00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{34C65BBE-26A6-4828-B5BB-8C8B7E6D764B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{DBE403E2-849C-404F-B4E5-94757F991224}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{138A64AB-8646-4D3F-BE83-153C0F2E36E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{5E3F9186-7E2D-4479-8332-7E3B06C49301}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{65F86D15-25F2-4498-AA01-45F503C5E48F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{BA7F24BA-AC1B-4E84-B35E-E9F3F1D56958}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{F7BE6DCA-1D42-46DE-B94F-1CEC1DF2B8E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{59F1872D-15A3-4382-B75B-1ACD8BAA4284}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{8C6CC0AA-6D23-4734-9AF3-C130475CEC52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{84308FD5-7305-42F9-9C60-3CD1414A6093}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D8157F61-09EF-44F8-B16A-5A7851C78A93}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [TCP Query User{452C842E-F611-4978-980B-AAE0FE263B05}C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{29AF5515-70DE-4E97-B8C2-5393ACE7D321}C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{D8CC2A06-810F-4AB2-BCA8-01AD9CA44C08}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{3DB6E755-4ED6-4DF7-9E12-B6C097D7B020}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{3D703526-B5DF-4013-A3DA-8D2B2AEABFA5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{EE8E01E4-8B85-4F23-A42B-6E7545017584}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{A79ADC66-82E9-4F8F-B88F-8B082EB7564D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{84B82F3B-70A3-47EB-A15C-5268915433B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{D6420BA9-002B-4D18-AB2F-B5C64A4DD3F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{ABF37959-3305-4BD3-B7D1-B6F8DFF535E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{745C7ED2-5130-4196-A483-207EEFEAB750}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{298B84B7-1E34-4B04-85A7-1D66D8F693B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{2CC52960-42C9-4F27-9FF0-40FD81B73025}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AFCD49E8-57CA-4DD6-91F4-899302D76D28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{42171DAC-D6DA-4DFA-9528-D4B7D5F7793A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B74C058B-821A-47C2-B11E-2DB744702EFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C8704C5B-10A8-4D2A-952A-5C5DE2830D42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{24D75E0E-E7AB-4A3A-8D3C-091AF165E0A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{FDB2CDBD-A473-4D26-A0E5-96BBE0A15817}C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4B6349DF-C116-4FB3-8DCD-4892EB8BBC4F}C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [{F74646ED-AECB-437D-9235-3D320AD5FD58}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
FirewallRules: [{E7FA685B-3E3E-480B-AB43-FC49202F7E79}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
FirewallRules: [{312F3122-B29A-4A77-A81A-3AD2FDFE7F50}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
FirewallRules: [{FCA303C8-13AE-4C08-B008-85B595B98896}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
FirewallRules: [TCP Query User{193611A5-1892-4922-9535-7DB6C1C35141}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{D6C09A81-4C35-45D3-A81D-B3E00DFC7800}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{67A94A3B-058E-46A2-A922-C1BF1B2EA3FF}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{739D61EB-B411-4C01-8E62-37B8F2302CFD}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{70FE0EAB-107E-4BB7-8608-2D2287B2B34F}C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{11914916-395B-4EB8-8EF9-CD4A626C7185}C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe
FirewallRules: [{76FB5E40-1CED-466D-8199-AD17C990AC90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Defiance\Patcher.exe
FirewallRules: [{903CB0F3-F442-463C-814C-FA0520370764}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Defiance\Patcher.exe
FirewallRules: [TCP Query User{D0C6F9CD-6ED7-44E7-B618-44F3CA9C7EEC}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{C7BD9ECA-2DA3-49FB-BAF2-FA2B0457C81E}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [{AB612EE6-5183-47A7-AF1A-4FADBDAA087E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls Beta\SkullGirls.exe
FirewallRules: [{CEDF7DA0-4457-4BAA-B3B3-A7B969AABADE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls Beta\SkullGirls.exe
FirewallRules: [{A8DBBB93-CC6A-4908-8D5C-91679809D40F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{2C031141-6C01-40F3-9C55-717EDFBB167A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{44B6D045-04DE-4296-A445-AF60E6A66ECF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{3CA3A411-8D2A-4ECA-AAA1-ED0F9CD83A17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{F6695D52-A65B-4F81-A267-155BCC5ECC24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cloudbuilt\CommunityLevelEditor.exe
FirewallRules: [{6CC06FB9-443A-4D1B-91CA-39E6571EEDEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cloudbuilt\CommunityLevelEditor.exe
FirewallRules: [TCP Query User{417C0680-A16B-4C70-917A-2C124484C374}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{9FFF8EF7-E3A5-49AC-B8ED-3C04E2BCEE53}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A2A2FBA2-1B25-4741-8C51-160D2C4B33D4}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F0AAD94D-FB44-409E-96FC-A49B5068C5D0}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{E5E2D7C9-23E7-45E7-83CC-300D80189FE5}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{8BB6F948-BBDF-4BFC-99BE-1414FAE6EB09}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{FB751B95-84D8-4388-8CE4-AE67FAE6FBDE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4BF3B755-280F-4899-BBE9-7DE0F38577E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{935C3949-860A-4550-A88E-0BFE3EFB077A}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
FirewallRules: [{BD4C2EF5-CF90-495E-823C-73344309DF29}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
FirewallRules: [{68F84DEF-2654-492A-A926-AD74EC17D9EE}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
FirewallRules: [{A13F2F34-691F-45BD-B154-60CCC26C7E48}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
FirewallRules: [{AB12C1BE-2DE8-4C99-A03B-2C499B71ED32}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
FirewallRules: [{5D8B5A81-04E5-475F-9742-031C38473316}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
FirewallRules: [{5496E907-0DF8-4782-8CD3-30E8A4813BCE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{E5AC3417-53BC-488B-BABD-B7F8067B6FAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [TCP Query User{D306EB95-D538-43B1-8D3F-91259C4BC0F4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{AF62DA97-77EB-4ED8-8FB7-8798567EB5C8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{106F3ACE-86D3-4DE6-A8D2-18890D73D74F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{94F57A1D-359B-4115-A349-C1DADE73D3D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4BA31018-7D0B-4931-AC96-A082E7A4B96C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{12C7F19E-5D8B-4BB4-8366-04508BC99A05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{C7DAF526-DA38-441E-9DB2-14CE2073937C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Destination Sol\sol.exe
FirewallRules: [{87EA23FD-6828-4EAA-957C-BAF0C8F7A7F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Destination Sol\sol.exe
FirewallRules: [{9490197F-A34C-40DC-A758-B5F0E344BA4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TIS-100\tis100.exe
FirewallRules: [{E5A81309-200E-4DC7-BB4F-D46A83534686}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TIS-100\tis100.exe
FirewallRules: [{919B671F-8FEA-4581-8907-E3C9676E391D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\You Have to Win the Game\TheGame.exe
FirewallRules: [{F229110A-6826-4316-A2AB-4F48130D2375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\You Have to Win the Game\TheGame.exe
FirewallRules: [{6AC1E538-0FFF-483D-93D1-579AD2A3EB4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Swindle\TheSwindle.exe
FirewallRules: [{BE79A616-6C55-4541-9318-E6CA46051212}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Swindle\TheSwindle.exe
FirewallRules: [{3D57B33F-EA29-4A88-963F-469E92484C45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe
FirewallRules: [{6DF4CED1-B48F-4C48-A566-51DD52FCAB70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe
FirewallRules: [{86181252-CF4B-4683-828E-5DAD8FBE6741}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Runestone Keeper\RuneStoneKeeper.exe
FirewallRules: [{D2441216-CEA8-451E-8FF6-527554E83793}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Runestone Keeper\RuneStoneKeeper.exe
FirewallRules: [{B0D4B73C-FD0E-4929-AA7F-1232FE86A98B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8EB8D567-428C-4099-9155-C927060E815A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{278E0180-1F35-4A19-BF10-D69FE227B338}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{A7B5A59C-7EC7-4E79-9893-295A22252475}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A156671E-0F6B-4BC5-9E38-AD793301366B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DFDCFC33-FBC2-4A0F-81A6-97FAEC24C6B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Barony\barony.exe
FirewallRules: [{1BC0BD5C-69C9-49C8-B7BA-8A37F052990C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Barony\barony.exe
FirewallRules: [{46020157-4756-4C3D-A0B1-05410B82EF34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Barony\editor.exe
FirewallRules: [{3CD552D4-DEB2-4387-9BFE-7291AD7D6EF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Barony\editor.exe
FirewallRules: [{A522698D-BBB0-47DB-9F4D-3252E9C1D163}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SanctuaryRPG - Black Edition\SanctuaryRPG.exe
FirewallRules: [{72D2B65F-CFDE-43C8-B433-577DE7FBBFAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SanctuaryRPG - Black Edition\SanctuaryRPG.exe
FirewallRules: [{E150C465-D0C2-44ED-BED8-1EE78E526EB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unepic\unepic.exe
FirewallRules: [{574DFA4E-0461-4F75-8186-9737C49A7396}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unepic\unepic.exe
FirewallRules: [{A8F4F1CF-0EDD-430B-A652-60DC984B1367}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPG MO\nw.exe
FirewallRules: [{509D5888-842E-4CB7-AF8F-E3D07B135982}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPG MO\nw.exe
FirewallRules: [{79A096E5-F613-4FB3-B7F0-B1A3398158B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evoland 2\Evoland2.exe
FirewallRules: [{54CD1B64-B9A7-4E6E-9CDB-9A416A84C5A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evoland 2\Evoland2.exe
FirewallRules: [{725D65FD-F17B-409D-8BF0-29049429347C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{3A632FCC-28A0-4476-989E-0C0127CBCEC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{D3BA4FDC-73BA-4415-A2AC-B5A000B8DCA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{56E8C5A4-1FB0-4D31-B761-6709D1099B19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [TCP Query User{4AF27D24-8799-403A-8EE6-220AFB141AFB}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CB0CD166-E126-493C-AEE7-9FC04E4D4DDC}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [{8889F19F-ABD0-4C2A-A377-E0A5C089D970}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6D0BEDED-C53F-472F-8464-091F399F8384}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2624E4CC-D33D-4F4A-8750-69F61368186F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{CB4752F6-CFD1-4F77-95D2-93E4915A560A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [TCP Query User{4EAEBBA3-516D-4CF5-AC5F-3CA22FE891EE}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{15C39A36-3D7E-48CF-98CC-A70CD429602A}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{499E5DA1-2B4D-4427-BC52-1C7AC8B94E04}C:\users\mothmatt\desktop\x-plane10demoinstallerwindows\x-plane 10 demo\x-plane.exe] => (Allow) C:\users\mothmatt\desktop\x-plane10demoinstallerwindows\x-plane 10 demo\x-plane.exe
FirewallRules: [UDP Query User{598D9758-23F9-4E24-9D4D-C9B6C5790A00}C:\users\mothmatt\desktop\x-plane10demoinstallerwindows\x-plane 10 demo\x-plane.exe] => (Allow) C:\users\mothmatt\desktop\x-plane10demoinstallerwindows\x-plane 10 demo\x-plane.exe
FirewallRules: [{31EDD570-71C9-4DE7-BCFB-71E272D1248B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CookServeDelicious\CSDSteamBuild.exe
FirewallRules: [{5101B79D-897D-47F2-B866-483E731021C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CookServeDelicious\CSDSteamBuild.exe
FirewallRules: [{BD4FEAB6-6774-496D-BC17-530066C75D83}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{50201DF8-ECF2-4281-8105-39CF2C5A7023}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{3DE5E6F2-DCA3-45C1-A4E6-F68415040F3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [{F7034741-97FF-46AF-93BE-D6862CCFECA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [TCP Query User{5ED3693B-5180-402D-A987-EC9C019101B6}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C334C051-6272-4585-ACD9-EA2A12D9192B}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [{49791438-E6B4-4638-BD48-EE7765893425}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reverse Crawl\Reverse Crawl.exe
FirewallRules: [{587F4BE4-50FA-48F4-9875-02606A0DF9C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reverse Crawl\Reverse Crawl.exe
FirewallRules: [{3A9A972D-F83C-4D33-BE6D-78549820BDCE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Gun\FistfulofGun.exe
FirewallRules: [{557BC36C-0F7C-43EA-B9A5-FE6C4C417B7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Gun\FistfulofGun.exe
FirewallRules: [TCP Query User{0EA243CD-59A6-4133-AEE3-D96233B51E3D}C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe
FirewallRules: [UDP Query User{F9B599DC-19F2-4121-85AA-0369A57F03E5}C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe
FirewallRules: [{1389D94E-2AC7-4B8E-A241-8A87816C10C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thea The Awakening\Thea.exe
FirewallRules: [{420BDC09-B239-4B98-93B1-7A796E5C0581}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thea The Awakening\Thea.exe
FirewallRules: [{67DE18EA-FE4F-4599-912D-55FAD6F60F78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{A2AF4EE0-86B5-4FAD-B6AB-6383135A95BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{861BE458-A877-453A-A530-DEA25C659CBF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cryptark\Cryptark.exe
FirewallRules: [{75F8AC2A-ACE3-4213-8333-1BAFBE3A71C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cryptark\Cryptark.exe
FirewallRules: [{FEACF533-A553-433C-BBF6-232162660A94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe
FirewallRules: [{D6567A8E-9727-4080-8518-74B9136BFA39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe
FirewallRules: [{0D9C5871-68A4-40E8-AEA2-7CE02129ACBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hacknet\Hacknet.exe
FirewallRules: [{05C4BDD3-E9D6-440E-B6B1-1189FB0BFA47}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hacknet\Hacknet.exe
FirewallRules: [{D449D2EB-F5F1-417D-BD91-2E3311BAA448}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{D7A5FBE7-ED04-4B11-95B8-762139E66743}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B53988C6-3974-463F-BE96-AE0DE4F846D5}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{5F081BA8-7B99-4538-BFD9-F0C005557171}C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [UDP Query User{20F931FF-376D-4BD7-9859-025F7036D52C}C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [TCP Query User{E0DF7669-5311-4B40-B33F-B66A4B19E9BB}C:\program files (x86)\unity_4_6_20\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity_4_6_20\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{72DA161A-149F-4D4B-93F0-69E32FDDBA43}C:\program files (x86)\unity_4_6_20\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity_4_6_20\monodevelop\bin\monodevelop.exe
FirewallRules: [TCP Query User{A8474340-EC17-418A-A954-E5F7FA1FEAD0}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{0A4C4E96-6088-4095-B123-EB5FDC2C9F34}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{B437F668-BB43-432B-BEDB-51B11A82B6E4}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{4FFC5AA2-9986-4A53-A4CF-FE5463B2EF37}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{BEBDAADB-0FD2-4157-A3BE-C5F095D7A950}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{1A01FF3F-32C2-4D86-8401-4EBC772C34E5}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe
FirewallRules: [{71F396ED-F667-4E38-B741-E7838D0955FC}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{DB679119-553A-4C10-9E9D-FD39E771916E}] => (Allow) C:\PROGRA~1\Unity\Editor\Unity.exe
FirewallRules: [TCP Query User{C3A768F5-08B2-4E0B-A901-94789592D38C}C:\program files\unity 5.2.2\editor\unity.exe] => (Allow) C:\program files\unity 5.2.2\editor\unity.exe
FirewallRules: [UDP Query User{C321DE88-0AC3-40ED-AEE0-3C19238D6756}C:\program files\unity 5.2.2\editor\unity.exe] => (Allow) C:\program files\unity 5.2.2\editor\unity.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/11/2015 12:22:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56259295
Exception code: 0xc0000005
Fault offset: 0x000000000005afe2
Faulting process id: 0x578
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3

Error: (11/11/2015 12:16:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/11/2015 11:10:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/11/2015 12:32:21 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile Microsoft.VisualStudio.QualityTools.UnitTestFramework, Version=10.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a because of the following error: The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040).

Error: (11/11/2015 12:29:53 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe . Error code = 0x80131f07

Error: (11/11/2015 12:29:53 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe . Error code = 0x80131f07

Error: (11/11/2015 12:29:53 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe . Error code = 0x80131f07

Error: (11/11/2015 12:29:53 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe . Error code = 0x80131f07

Error: (11/11/2015 12:28:55 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\bin\x64\aspnet_merge.exe . Error code = 0x800700d8

Error: (11/11/2015 12:25:37 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile Microsoft.VisualStudio.QualityTools.UnitTestFramework, Version=10.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a because of the following error: The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040).


System errors:
=============
Error: (11/11/2015 12:27:07 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

Error: (11/11/2015 12:25:54 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (11/11/2015 12:25:03 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Modules Installer service, but this action failed with the following error:
%%1056

Error: (11/11/2015 12:23:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (11/11/2015 12:16:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RzFilter

Error: (11/11/2015 12:15:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.2.0 service failed to start due to the following error:
%%3

Error: (11/11/2015 12:03:53 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

Error: (11/11/2015 12:03:51 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (11/11/2015 11:53:50 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (11/11/2015 11:53:50 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X6 1075T Processor
Percentage of memory in use: 25%
Total physical RAM: 8183.89 MB
Available physical RAM: 6060.23 MB
Total Virtual: 16366 MB
Available Virtual: 14109.16 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:167 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BED7349C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

======================================

Start with reinstalling MSE.

Then...

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
redtarget.gif
Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.
  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
If you already have MBAM 2.0 installed:
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
How to get logs:
(Export log to save as txt)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.
(Copy to clipboard for pasting into forum replies or tickets)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.
redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Some stuff that happened while completing the steps:

Ran RogueKiller
MSE disabled about 1 min in (I re-enabled)
Ran MBAM
5 mins into scan it took a while on a file, MSE disabled, and scan continued (I re-enabled)
Ran Adw
MSE disabled on the restart (left disabled for JRT)
Started Chrome for next set of instructions
Received notification that Bing Search Bar was added (chose option to remove)
Ran JRT
When the log popped up after, a few of my taskbar icons were gone


RogueKiller V10.11.5.0 [Nov 9 2015] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : MothMatt [Administrator]
Started from : C:\Users\MothMatt\Desktop\RogueKiller.exe
Mode : Delete -- Date : 11/12/2015 00:14:12

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 1 ¤¤¤
[PUP][Folder] C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD} -> Deleted
[PUP][File] C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}\Massive Setup PC.exe -> Deleted
[PUP][File] C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}\Massive Setup PC.msi -> Deleted
[PUP][File] C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}\Massive Setup PC.res -> Deleted
[PUP][File] C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}\mia.lib -> Deleted

¤¤¤ Hosts File : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 9f24a5c01b40e954fdd371cfa790a3c5
[BSP] 39fb6dce454e26194845e6fe0f6ffcf5 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Incorrect function. )

+++++ PhysicalDrive1: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive2: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )




Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/12/2015
Scan Time: 12:21 AM
Logfile: mb.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.11.11.08
Rootkit Database: v2015.11.04.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: MothMatt

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 397001
Time Elapsed: 34 min, 9 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Spyware.PasswordStealer.XGen, C:\Program Files (x86)\Magic Workstation\Autoupdater.exe, Quarantined, [269e2854bfcc52e446131c61a65b9868],

Physical Sectors: 0
(No malicious items detected)


(end)




# AdwCleaner v5.019 - Logfile created 12/11/2015 at 07:03:27
# Updated 08/11/2015 by Xplode
# Database : 2015-11-09.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : MothMatt - FRANCES
# Running from : C:\Users\MothMatt\Desktop\adwcleaner_5.019.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage
[-] File Deleted : C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage-journal
[-] File Deleted : C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File Deleted : C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
[-] File Deleted : C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
[-] File Deleted : C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage
[-] File Deleted : C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage-journal
[-] File Deleted : C:\Users\MothMatt\AppData\Roaming\Mozilla\Firefox\Profiles\s36ftqyu.default\searchplugins\bingp.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[-] [C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : netflix.com
[-] [C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : bmkckgpgekmanipelfidlhmkfcjicion

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2404 bytes] ##########




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by MothMatt on Thu 11/12/2015 at 7:18:47.36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Users\MothMatt\Appdata\Local\google\chrome\user data\default\local storage\hxxp_services.hearstmags.com_0.localstorage
Successfully deleted: [File] C:\Users\MothMatt\Appdata\Local\google\chrome\user data\default\local storage\hxxp_services.hearstmags.com_0.localstorage-journal



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\esellerate
Successfully deleted: [Folder] C:\Users\MothMatt\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin



~~~ FireFox

Emptied folder: C:\Users\MothMatt\AppData\Roaming\mozilla\firefox\profiles\s36ftqyu.default\minidumps [2 files]



~~~ Chrome


[C:\Users\MothMatt\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\MothMatt\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\MothMatt\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\MothMatt\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/12/2015 at 7:23:17.03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Did you?
Start with reinstalling MSE.
Click to expand...

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If the connection is not there use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
I did. Sorry, should have started my reply with that. I'll check back in after these next steps.
 
ComboFix 15-11-09.01 - MothMatt 11/12/2015 21:08:30.1.6 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8184.5920 [GMT -6:00]
Running from: c:\users\MothMatt\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Files Created from 2015-10-13 to 2015-11-13 )))))))))))))))))))))))))))))))
.
.
2015-11-13 03:20 . 2015-11-13 03:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-11-12 13:32 . 2015-11-03 17:55 3211264 ----a-w- c:\windows\system32\win32k.sys
2015-11-12 13:24 . 2015-10-13 08:47 11140960 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F0A496D0-DF09-416E-8BFB-9BBB7B4A95AC}\mpengine.dll
2015-11-12 05:36 . 2015-11-12 05:36 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7C022EEF-146F-46A5-8BBC-B91C8BD395A5}\gapaengine.dll
2015-11-12 05:34 . 2015-11-12 05:34 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2015-11-12 05:34 . 2015-11-12 05:34 -------- d-----w- c:\program files\Microsoft Security Client
2015-11-11 18:33 . 2015-11-11 18:43 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-11-11 18:26 . 2015-11-11 18:46 -------- d-----w- C:\FRST
2015-11-11 18:05 . 2015-10-29 17:50 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-11-11 18:05 . 2015-10-29 17:50 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-11-11 18:05 . 2015-10-29 17:50 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-11-11 18:05 . 2015-10-29 17:50 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-11-11 18:05 . 2015-10-29 17:50 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-11-11 18:05 . 2015-10-29 17:49 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-11-11 18:05 . 2015-10-29 17:49 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-11-11 07:40 . 2015-11-11 07:40 -------- d-----w- c:\program files (x86)\Microsoft ASP.NET
2015-11-11 05:53 . 2015-11-11 05:53 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio Tools for Unity
2015-11-11 05:52 . 2015-11-11 05:52 638688 ----a-w- c:\programdata\Microsoft\Blend\14.0\1033\ResourceCache.dll
2015-11-11 05:52 . 2015-11-11 05:52 1580736 ----a-w- c:\programdata\Microsoft\VisualStudio\14.0\1033\ResourceCache.dll
2015-11-11 05:49 . 2015-11-11 05:49 -------- d-----w- c:\programdata\PreEmptive Solutions
2015-11-11 05:49 . 2015-11-11 05:49 -------- d-----w- c:\program files (x86)\ShellDir
2015-11-11 05:47 . 2015-11-11 05:47 -------- d-----w- c:\program files (x86)\AppInsights
2015-11-11 05:47 . 2015-11-11 05:47 -------- d-----w- c:\program files (x86)\Microsoft Office365 Tools
2015-11-11 05:45 . 2015-11-11 05:45 -------- d-----w- c:\programdata\NuGet
2015-11-11 05:45 . 2015-11-11 05:45 -------- d-----w- c:\program files (x86)\NuGet
2015-11-11 05:45 . 2015-11-11 05:45 -------- d-----w- c:\program files (x86)\Microsoft WCF Data Services
2015-11-11 05:44 . 2015-11-11 05:44 -------- d-----w- c:\program files\Microsoft Visual Studio 12.0
2015-11-11 05:41 . 2015-11-11 05:41 -------- d-----w- c:\windows\symbols
2015-11-11 05:40 . 2015-11-11 05:40 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2015-11-11 05:38 . 2015-11-11 05:49 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 14.0
2015-11-11 05:24 . 2015-11-11 05:24 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2015-11-11 05:22 . 2015-11-11 19:43 -------- d-----w- c:\programdata\VsTelemetry
2015-11-11 05:05 . 2015-11-11 05:17 -------- d-----w- c:\program files\Unity 5.2.2
2015-11-11 01:46 . 2015-11-12 05:40 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-11-11 01:46 . 2015-11-11 02:18 -------- d-----w- c:\programdata\RogueKiller
2015-11-10 20:46 . 2015-10-20 01:09 1730496 ----a-w- c:\windows\system32\ntdll.dll
2015-11-10 20:45 . 2015-10-13 16:41 497664 ----a-w- c:\windows\system32\drivers\afd.sys
2015-11-10 20:45 . 2015-10-13 16:40 118272 ----a-w- c:\windows\system32\drivers\tdx.sys
2015-11-10 20:45 . 2015-10-13 04:57 950720 ----a-w- c:\windows\system32\drivers\ndis.sys
2015-11-10 20:45 . 2015-10-01 18:00 2103296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2015-11-10 20:45 . 2015-10-01 17:50 1415168 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\InkObj.dll
2015-11-10 20:45 . 2015-10-01 18:00 1372160 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-11-10 20:45 . 2015-10-01 18:00 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-11-10 20:45 . 2015-10-01 17:50 939520 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2015-11-10 20:45 . 2015-10-01 17:50 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2015-11-10 20:45 . 2015-10-01 18:00 169984 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\rtscom.dll
2015-11-10 20:45 . 2015-10-01 18:00 353280 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkDiv.dll
2015-11-10 20:45 . 2015-10-01 17:50 126464 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\rtscom.dll
2015-11-10 20:45 . 2015-10-01 17:50 274944 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll
2015-11-09 15:21 . 2015-11-09 15:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-11-07 04:18 . 2015-11-07 04:19 -------- d-----w- c:\programdata\BlueStacks
2015-11-07 04:18 . 2015-11-07 04:18 -------- d-----w- c:\program files (x86)\BlueStacks
2015-11-07 04:15 . 2015-11-07 04:15 -------- d-----w- c:\users\MothMatt\AppData\Local\Bluestacks
2015-11-02 21:19 . 2015-11-02 21:19 -------- d-----w- c:\programdata\.mono
2015-11-02 21:15 . 2015-11-02 21:15 -------- d-----w- c:\users\MothMatt\AppData\Roaming\Pokémon Trading Card Game Online
2015-10-31 02:57 . 2015-10-31 02:59 -------- d-----w- c:\users\MothMatt\AppData\Roaming\Tap_Dungeon
2015-10-20 13:49 . 2015-11-04 00:32 -------- d-----w- c:\users\MothMatt\AppData\Local\osu!
2015-10-17 00:10 . 2015-11-03 23:39 -------- d-----w- c:\users\MothMatt\AppData\Roaming\Human Resource Machine
2015-10-15 23:37 . 2015-10-15 23:38 -------- d-----w- c:\users\MothMatt\AppData\Roaming\GameLoaderSteam
2015-10-15 07:01 . 2015-10-15 07:01 -------- d-----w- c:\program files (x86)\Seagate
2015-10-15 02:52 . 2015-08-05 17:56 22528 ----a-w- c:\windows\system32\icaapi.dll
2015-10-15 02:48 . 2015-08-27 18:18 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-10-15 02:48 . 2015-08-27 18:18 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-10-15 02:48 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-10-15 02:48 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-10-15 02:48 . 2015-08-27 17:58 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-10-15 02:48 . 2015-08-27 17:58 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-10-15 02:48 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-10-15 02:48 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-10-14 10:28 . 2015-08-06 18:04 14176768 ----a-w- c:\windows\system32\shell32.dll
2015-10-14 10:28 . 2015-08-06 18:03 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2015-10-14 10:28 . 2015-08-06 17:44 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2015-10-14 10:27 . 2015-10-01 18:04 616360 ----a-w- c:\windows\system32\winresume.efi
2015-10-14 10:27 . 2015-10-01 18:06 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-14 10:27 . 2015-10-01 18:00 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-14 10:27 . 2015-10-01 18:00 59392 ----a-w- c:\windows\system32\appidapi.dll
2015-10-14 10:27 . 2015-10-01 18:00 32768 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-14 10:27 . 2015-10-01 18:00 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-14 10:27 . 2015-10-01 18:00 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-14 10:27 . 2015-10-01 17:50 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-10-14 10:27 . 2015-10-01 17:00 61440 ----a-w- c:\windows\system32\drivers\appid.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-12 12:58 . 2014-08-20 07:22 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-11-11 07:45 . 2013-11-01 07:11 145617392 ----a-w- c:\windows\system32\MRT.exe
2015-11-11 00:59 . 2015-03-05 06:07 3124960 ----a-w- c:\programdata\Microsoft\VisualStudio\12.0\1033\ResourceCache.dll
2015-11-11 00:38 . 2013-11-27 15:54 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-11-11 00:38 . 2013-11-27 15:54 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-11-09 15:20 . 2014-07-25 22:42 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-10-29 17:50 . 2015-11-11 18:05 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-11 18:05 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-11 18:05 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-11 18:05 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2015-11-11 18:05 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-11 18:05 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-11 18:05 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-11 18:05 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-11 18:05 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-20 00:45 . 2015-11-10 20:46 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-10-05 15:50 . 2014-08-20 07:21 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-05 15:50 . 2014-08-20 07:21 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-05 15:50 . 2014-01-09 10:09 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-09-22 03:55 . 2015-09-22 03:55 90112 ----a-w- c:\windows\SysWow64\rzdevinfo.dll
2015-09-14 00:29 . 2015-10-01 15:06 986232 ----a-w- c:\windows\SysWow64\NvIFR.dll
2015-09-14 00:29 . 2015-10-01 15:06 944760 ----a-w- c:\windows\SysWow64\NvFBC.dll
2015-09-14 00:29 . 2015-10-01 15:06 943712 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-09-14 00:29 . 2015-10-01 15:06 512904 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2015-09-14 00:29 . 2015-10-01 15:06 42840368 ----a-w- c:\windows\system32\nvcompiler.dll
2015-09-14 00:29 . 2015-10-01 15:06 421544 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2015-09-14 00:29 . 2015-10-01 15:06 408184 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2015-09-14 00:29 . 2015-10-01 15:06 37819000 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2015-09-14 00:29 . 2015-10-01 15:06 364152 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2015-09-14 00:29 . 2015-10-01 15:06 2940024 ----a-w- c:\windows\system32\nvcuvid.dll
2015-09-14 00:29 . 2015-10-01 15:06 2627192 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2015-09-14 00:29 . 2015-10-01 15:06 1898288 ----a-w- c:\windows\system32\nvdispco6435598.dll
2015-09-14 00:29 . 2015-10-01 15:06 18543736 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-09-14 00:29 . 2015-10-01 15:06 176904 ----a-w- c:\windows\system32\nvinitx.dll
2015-09-14 00:29 . 2015-10-01 15:06 16637528 ----a-w- c:\windows\system32\nvopencl.dll
2015-09-14 00:29 . 2015-10-01 15:06 1558832 ----a-w- c:\windows\system32\nvdispgenco6435598.dll
2015-09-14 00:29 . 2015-10-01 15:06 155792 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-09-14 00:29 . 2015-10-01 15:06 15513208 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-09-14 00:29 . 2015-10-01 15:06 150832 ----a-w- c:\windows\system32\nvoglshim64.dll
2015-09-14 00:29 . 2015-10-01 15:06 14936264 ----a-w- c:\windows\system32\nvcuda.dll
2015-09-14 00:29 . 2015-10-01 15:06 13660648 ----a-w- c:\windows\SysWow64\nvopencl.dll
2015-09-14 00:29 . 2015-10-01 15:06 128512 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2015-09-14 00:29 . 2015-10-01 15:06 12185344 ----a-w- c:\windows\SysWow64\nvcuda.dll
2015-09-14 00:29 . 2015-10-01 15:06 11096696 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-09-14 00:29 . 2015-10-01 15:06 1105976 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-09-14 00:29 . 2015-10-01 15:06 1074808 ----a-w- c:\windows\system32\NvFBC64.dll
2015-09-14 00:29 . 2015-10-01 15:06 1064056 ----a-w- c:\windows\system32\NvIFR64.dll
2015-09-14 00:29 . 2015-09-05 20:59 22525560 ----a-w- c:\windows\system32\nvoglv64.dll
2015-09-14 00:29 . 2015-06-30 21:54 14635600 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-09-14 00:29 . 2015-04-19 01:21 3530608 ----a-w- c:\windows\system32\nvapi64.dll
2015-09-14 00:29 . 2014-10-22 21:16 3116160 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-09-14 00:29 . 2014-09-12 01:07 17082928 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-09-14 00:29 . 2014-09-12 01:07 12514824 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-09-13 22:09 . 2014-10-22 21:17 2558584 ----a-w- c:\windows\system32\nvsvcr.dll
2015-09-13 22:09 . 2014-09-12 01:08 937776 ----a-w- c:\windows\system32\nvvsvc.exe
2015-09-13 22:09 . 2014-09-12 01:08 62584 ----a-w- c:\windows\system32\nvshext.dll
2015-09-13 22:09 . 2014-09-12 01:08 385144 ----a-w- c:\windows\system32\nvmctray.dll
2015-09-13 22:09 . 2014-09-12 01:08 6884984 ----a-w- c:\windows\system32\nvcpl.dll
2015-09-13 22:09 . 2014-09-12 01:08 3496056 ----a-w- c:\windows\system32\nvsvc64.dll
2015-09-13 21:50 . 2015-10-01 15:09 574072 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-09-11 12:17 . 2014-09-12 01:08 5231082 ----a-w- c:\windows\system32\nvcoproc.bin
2015-09-04 01:09 . 2015-09-04 01:09 1731840 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2015-09-04 00:12 . 2015-09-04 00:12 201424 ----a-w- c:\windows\system32\drivers\rzudd.sys
2015-09-02 03:04 . 2015-09-09 06:11 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 06:11 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 06:11 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 06:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 06:11 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 06:11 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 06:11 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 06:11 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:47 . 2015-09-09 06:11 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 06:11 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 00:37 . 2015-04-19 01:25 1423120 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-08-27 00:37 . 2015-04-19 01:25 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-08-27 00:36 . 2015-04-19 01:25 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-08-27 00:36 . 2015-04-19 01:25 1710568 ----a-w- c:\windows\system32\nvspcap64.dll
2015-08-25 18:46 . 2015-09-05 20:59 1898288 ----a-w- c:\windows\system32\nvdispco6435582.dll
2015-08-25 18:46 . 2015-09-05 20:59 1558648 ----a-w- c:\windows\system32\nvdispgenco6435582.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2015-09-29 592704]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2015-10-08 917112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-10-07 597040]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GIGABYTE OC_GURU.lnk - c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [2014-6-5 23322624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 RzFilter;RzFilter;c:\windows\system32\drivers\RzFilter.sys;c:\windows\SYSNATIVE\drivers\RzFilter.sys [x]
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 GPCIDrv;GPCIDrv;c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys;c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech Webcam 905(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ptun0901;TAP Adapter V9 for Private Tunnel;c:\windows\system32\DRIVERS\ptun0901.sys;c:\windows\SYSNATIVE\DRIVERS\ptun0901.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RzDxgk;RzDxgk;c:\windows\system32\drivers\RzDxgk.sys;c:\windows\SYSNATIVE\drivers\RzDxgk.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 UsbGps;LGE Mobile USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgx64gps.sys;c:\windows\SYSNATIVE\DRIVERS\lgx64gps.sys [x]
R3 VSStandardCollectorService140;Visual Studio Standard Collector Service;c:\program files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe;c:\program files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [x]
R3 vzandnetadb;ADB Interface DriverNet for VZW;c:\windows\system32\Drivers\lgvzandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgvzandnetadb.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R4 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys;c:\windows\SYSNATIVE\DRIVERS\ahcix64s.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 RzOvlMon;Razer Overlay Subsystem Emergency Service;c:\program files (x86)\Razer\Core\64bit\rzovlmon.exe;c:\program files (x86)\Razer\Core\64bit\rzovlmon.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys;c:\windows\SYSNATIVE\drivers\ha20x22k.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-11-12 05:27 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-11-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-27 00:38]
.
2015-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-01 20:47]
.
2015-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-01 20:47]
.
2015-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001Core.job
- c:\users\MothMatt\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-04 22:41]
.
2015-11-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001UA.job
- c:\users\MothMatt\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-04 22:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-08-27 2634872]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-08-27 1710568]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-30 1337000]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = <local>
Trusted Zone: aeriagames.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\MothMatt\AppData\Roaming\Mozilla\Firefox\Profiles\s36ftqyu.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\MothMatt\AppData\Local\Akamai\netsession_win.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-Android SDK Tools - c:\users\MothMatt\Desktop\android sdk\uninstall.exe
AddRemove-Glyph Archeage Beta - c:\program files (x86)\Glyph\GlyphClient.exe
AddRemove-Native Instruments Massive - c:\programdata\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}\Massive Setup PC.exe
AddRemove-Native Instruments Service Center - c:\programdata\{C78336EC-F2EB-4640-99A4-DFE96581B90B}\Service Center Setup PC.exe
AddRemove-Unity - c:\program files\Unity\Editor\Uninstall.exe
AddRemove-{0B8565BA-BAD5-4732-B122-5FD78EFC50A9} - c:\programdata\{C78336EC-F2EB-4640-99A4-DFE96581B90B}\Service Center Setup PC.exe
AddRemove-{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9} - c:\programdata\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}\Massive Setup PC.exe
AddRemove-UnityWebPlayer - c:\users\MothMatt\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
"ImagePath"="\"c:\program files\CyberLink\Shared files\RichVideo64.exe\"\00Z
[\]^_Ï\00\00Ï\00\00\00\00HIJKLMNO\00\00\00\00\00\00\00\00\03\00\00\00|}~Ï\00\00Ï\00\00\00\00a\00\00\00\00\00\00\00\00‘’“"
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-11-12 21:23:32
ComboFix-quarantined-files.txt 2015-11-13 03:23
.
Pre-Run: 175,476,359,168 bytes free
Post-Run: 187,950,317,568 bytes free
.
- - End Of File - - 6E128AE4B93A3A9F87E9AB036305577F
 
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by MothMatt (administrator) on FRANCES (13-11-2015 00:16:46)
Running from C:\Users\MothMatt\Desktop
Loaded Profiles: MothMatt (Available Profiles: MothMatt)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-24] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-26] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [592704 2015-09-29] (Razer Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [917112 2015-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2014-09-11]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{43A4EBCC-9722-4500-A5F4-301509F67541}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1913142570-876064918-947292865-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1913142570-876064918-947292865-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1913142570-876064918-947292865-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/UP97_FRPage
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-09] (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-04-22] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\MothMatt\AppData\Roaming\Mozilla\Firefox\Profiles\s36ftqyu.default
FF DefaultSearchEngine: Bing
FF DefaultSearchEngine.US: Google
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxps://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\MothMatt\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1913142570-876064918-947292865-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\MothMatt\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1913142570-876064918-947292865-1001: @talk.google.com/O1DPlugin -> C:\Users\MothMatt\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1913142570-876064918-947292865-1001: @tools.google.com/Google Update;version=3 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1913142570-876064918-947292865-1001: @tools.google.com/Google Update;version=9 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1913142570-876064918-947292865-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MothMatt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-10-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1913142570-876064918-947292865-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Users\MothMatt\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\MothMatt\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\MothMatt\AppData\Roaming\Mozilla\Firefox\Profiles\s36ftqyu.default\searchplugins\firefox-add-ons.xml [2015-08-18]
FF Extension: Firebug - C:\Users\MothMatt\AppData\Roaming\Mozilla\Firefox\Profiles\s36ftqyu.default\Extensions\firebug@software.joehewitt.com.xpi [2015-11-12]
FF Extension: Adblock Plus - C:\Users\MothMatt\AppData\Roaming\Mozilla\Firefox\Profiles\s36ftqyu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: DownThemAll! - C:\Users\MothMatt\AppData\Roaming\Mozilla\Firefox\Profiles\s36ftqyu.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-06-26]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.650.20) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 7 U65) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Unity Player) - C:\Users\MothMatt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\MothMatt\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => No File
CHR Plugin: (Google Talk Plugin) - C:\Users\MothMatt\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\MothMatt\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File
CHR Profile: C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Duolingo on the Web) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-01-14]
CHR Extension: (Google Docs) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Google Drive) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Adblock Plus) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-28]
CHR Extension: (Google Search) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (ARC Welder) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2015-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (ARC Welder) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2015-11-06]
CHR Extension: (MailTrack for Gmail) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2015-11-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Gmail) - C:\Users\MothMatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR HKU\S-1-5-21-1913142570-876064918-947292865-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-10-31] (Creative Labs) [File not signed]
S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-26] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-26] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-26] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [15376384 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [638976 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2013-12-19] (Advanced Micro Devices) [File not signed]
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-01-08] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-01-26] (The OpenVPN Project)
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-10] (Razer, Inc.)
S1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-10] (Razer, Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-11-11] ()
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2013-04-24] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2013-04-24] (LG Electronics Inc.)
S3 UsbGps; C:\Windows\System32\DRIVERS\lgx64gps.sys [27136 2013-04-24] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2013-04-24] (LG Electronics Inc.)
S3 vzandnetadb; C:\Windows\System32\Drivers\lgvzandnetadb.sys [31744 2013-05-08] (Google Inc)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
U3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-13 00:16 - 2015-11-13 00:17 - 00023241 _____ C:\Users\MothMatt\Desktop\FRST.txt
2015-11-12 21:23 - 2015-11-12 21:23 - 00029927 _____ C:\ComboFix.txt
2015-11-12 21:06 - 2015-11-12 21:23 - 00000000 ____D C:\Qoobox
2015-11-12 21:06 - 2015-11-12 21:22 - 00000000 ____D C:\Windows\erdnt
2015-11-12 21:06 - 2011-06-26 00:45 - 00256000 _____ C:\Windows\PEV.exe
2015-11-12 21:06 - 2010-11-07 11:20 - 00208896 _____ C:\Windows\MBR.exe
2015-11-12 21:06 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-11-12 21:06 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-11-12 21:06 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-11-12 21:06 - 2000-08-30 18:00 - 00098816 _____ C:\Windows\sed.exe
2015-11-12 21:06 - 2000-08-30 18:00 - 00080412 _____ C:\Windows\grep.exe
2015-11-12 21:06 - 2000-08-30 18:00 - 00068096 _____ C:\Windows\zip.exe
2015-11-12 21:00 - 2015-11-12 21:01 - 05638248 ____R (Swearware) C:\Users\MothMatt\Desktop\ComboFix.exe
2015-11-12 07:32 - 2015-11-03 11:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 07:23 - 2015-11-12 07:23 - 00001733 _____ C:\Users\MothMatt\Desktop\JRT.txt
2015-11-12 07:16 - 2015-11-12 07:41 - 00000260 _____ C:\Users\MothMatt\Desktop\scan_notes.txt
2015-11-12 07:13 - 2015-11-12 07:13 - 00002483 _____ C:\Users\MothMatt\Desktop\AdwCleaner[C1].txt
2015-11-12 07:00 - 2015-11-12 07:00 - 00001160 _____ C:\Users\MothMatt\Desktop\mb.txt
2015-11-12 00:20 - 2015-11-12 00:20 - 01801288 _____ (Malwarebytes) C:\Users\MothMatt\Desktop\JRT.exe
2015-11-12 00:20 - 2015-11-12 00:20 - 01712128 _____ C:\Users\MothMatt\Desktop\adwcleaner_5.019.exe
2015-11-12 00:14 - 2015-11-12 00:14 - 00005100 _____ C:\Users\MothMatt\Desktop\ppppppo.txt
2015-11-11 23:34 - 2015-11-11 23:34 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-11-11 23:34 - 2015-11-11 23:34 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-11-11 23:34 - 2015-11-11 23:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-11-11 12:46 - 2015-11-11 12:46 - 00112783 _____ C:\Users\MothMatt\Desktop\Addition_firsttime.txt
2015-11-11 12:45 - 2015-11-11 12:46 - 00074575 _____ C:\Users\MothMatt\Desktop\FRST_firsttime.txt
2015-11-11 12:33 - 2015-11-11 12:43 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-11 12:32 - 2015-11-11 12:43 - 00000000 ____D C:\Users\MothMatt\Desktop\mbar
2015-11-11 12:26 - 2015-11-13 00:16 - 00000000 ____D C:\FRST
2015-11-11 12:05 - 2015-10-29 11:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 12:05 - 2015-10-29 11:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 12:05 - 2015-10-29 11:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 12:05 - 2015-10-29 11:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 12:05 - 2015-10-29 11:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 12:05 - 2015-10-29 11:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 12:05 - 2015-10-29 11:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 11:18 - 2015-11-11 11:18 - 00001511 _____ C:\Users\MothMatt\Desktop\Unity 5.2.2.lnk
2015-11-11 01:40 - 2015-11-11 01:40 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-11-10 23:53 - 2015-11-10 23:53 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2015 Tools for Unity
2015-11-10 23:53 - 2015-11-10 23:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2015-11-10 23:51 - 2015-11-11 13:54 - 00000000 ____D C:\Users\MothMatt\Documents\Visual Studio 2015
2015-11-10 23:49 - 2015-11-10 23:49 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2015-11-10 23:49 - 2015-11-10 23:49 - 00000000 ____D C:\Program Files (x86)\ShellDir
2015-11-10 23:47 - 2015-11-10 23:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
2015-11-10 23:47 - 2015-11-10 23:47 - 00000000 ____D C:\Program Files (x86)\AppInsights
2015-11-10 23:45 - 2015-11-10 23:45 - 00000000 ____D C:\ProgramData\NuGet
2015-11-10 23:45 - 2015-11-10 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-11-10 23:45 - 2015-11-10 23:45 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-11-10 23:45 - 2015-11-10 23:45 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2015-11-10 23:44 - 2015-11-10 23:44 - 00001534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2015-11-10 23:44 - 2015-11-10 23:44 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2015-11-10 23:42 - 2015-11-10 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2015-11-10 23:41 - 2015-11-10 23:41 - 00000000 ____D C:\Windows\symbols
2015-11-10 23:40 - 2015-11-10 23:40 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2015-11-10 23:38 - 2015-11-10 23:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-11-10 23:29 - 2015-11-10 23:29 - 02198528 _____ (Farbar) C:\Users\MothMatt\Desktop\FRST64.exe
2015-11-10 23:22 - 2015-11-11 13:43 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-11-10 23:16 - 2015-11-10 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.2.2f1 (64-bit)
2015-11-10 23:05 - 2015-11-10 23:17 - 00000000 ____D C:\Program Files\Unity 5.2.2
2015-11-10 20:38 - 2015-11-10 20:39 - 00000000 ____D C:\Users\MothMatt\Desktop\pics of me
2015-11-10 19:46 - 2015-11-11 23:40 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-11-10 19:46 - 2015-11-10 20:18 - 00000000 ____D C:\ProgramData\RogueKiller
2015-11-10 19:33 - 2015-11-10 19:34 - 18979400 _____ C:\Users\MothMatt\Desktop\RogueKiller.exe
2015-11-10 19:26 - 2015-11-10 19:26 - 00000003 _____ C:\Windows\system32\HRUPPROG.TXT
2015-11-10 19:26 - 2015-11-10 19:26 - 00000003 _____ C:\Windows\system32\HRUPPROG.EXIT
2015-11-10 16:20 - 2015-11-10 16:20 - 00226714 _____ C:\Users\MothMatt\Desktop\Desktop.unity3d
2015-11-10 16:20 - 2015-11-10 16:20 - 00003990 _____ C:\Users\MothMatt\Desktop\Desktop.html
2015-11-10 14:47 - 2015-10-20 12:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-10 14:47 - 2015-10-20 12:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-10 14:47 - 2015-10-20 12:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-10 14:47 - 2015-10-20 12:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-10 14:47 - 2015-10-20 12:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-10 14:47 - 2015-10-20 12:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-10 14:47 - 2015-10-20 12:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-10 14:47 - 2015-10-20 12:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-10 14:47 - 2015-10-20 12:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-10 14:47 - 2015-10-20 12:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-10 14:47 - 2015-10-20 12:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-10 14:47 - 2015-10-20 11:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-10 14:47 - 2015-10-20 11:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-10 14:47 - 2015-10-20 11:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-10 14:47 - 2015-10-20 11:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-10 14:47 - 2015-10-20 11:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-10 14:47 - 2015-10-19 19:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-10 14:47 - 2015-10-19 19:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-10 14:47 - 2015-10-19 19:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-10 14:47 - 2015-10-19 19:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-10 14:47 - 2015-10-19 19:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-10 14:47 - 2015-10-19 19:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-10 14:47 - 2015-10-19 18:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-10 14:47 - 2015-10-19 18:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-10 14:47 - 2015-10-19 18:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-10 14:47 - 2015-10-19 18:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-10 14:47 - 2015-10-19 18:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-10 14:47 - 2015-09-23 07:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-10 14:47 - 2015-09-23 07:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-10 14:47 - 2015-09-23 07:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-10 14:46 - 2015-10-19 19:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-10 14:46 - 2015-10-19 19:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-10 14:46 - 2015-10-19 19:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-10 14:46 - 2015-10-19 19:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-10 14:46 - 2015-10-19 19:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-10 14:46 - 2015-10-19 19:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-10 14:46 - 2015-10-19 19:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-10 14:46 - 2015-10-19 19:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-10 14:46 - 2015-10-19 19:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-10 14:46 - 2015-10-19 19:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-10 14:46 - 2015-10-19 19:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-10 14:46 - 2015-10-19 19:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-10 14:46 - 2015-10-19 19:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-10 14:46 - 2015-10-19 18:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
 
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-10 14:46 - 2015-10-19 18:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-10 14:46 - 2015-10-19 18:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-10 14:46 - 2015-10-19 18:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-10 14:46 - 2015-10-19 18:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-10 14:46 - 2015-10-19 18:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-10 14:46 - 2015-10-19 18:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-10 14:46 - 2015-10-19 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-10 14:46 - 2015-10-19 18:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-10 14:46 - 2015-10-19 18:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-10 14:46 - 2015-10-19 18:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 18:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 17:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-10 14:46 - 2015-10-19 17:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-10 14:46 - 2015-10-19 17:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-10 14:46 - 2015-10-19 17:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-10 14:46 - 2015-10-19 17:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-10 14:46 - 2015-10-19 17:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 17:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 17:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 14:46 - 2015-10-19 17:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-10 14:45 - 2015-10-13 10:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-10 14:45 - 2015-10-13 10:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-10 14:45 - 2015-10-12 22:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-10 14:45 - 2015-10-01 12:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-10 14:45 - 2015-10-01 11:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 13:39 - 2015-11-10 13:39 - 00305048 _____ C:\Users\MothMatt\Desktop\prison.wav
2015-11-10 13:36 - 2015-11-10 13:36 - 00054369 _____ C:\Users\MothMatt\Desktop\prison.wma
2015-11-10 09:52 - 2015-11-10 09:52 - 00001590 _____ C:\Users\MothMatt\Desktop\Unity 4.6.20.lnk
2015-11-10 00:23 - 2015-11-10 00:23 - 00000000 ____D C:\Users\MothMatt\Desktop\BadAss_-_Boss_Themes_(MP3_+_Art)
2015-11-10 00:19 - 2015-11-10 00:19 - 00000000 ____D C:\Users\MothMatt\Desktop\BadAss_-_Boss_Themes_-_Volume_II_(MP3_+_Art)
2015-11-09 22:35 - 2015-11-11 11:19 - 00000000 ____D C:\Users\MothMatt\Documents\repos
2015-11-09 22:11 - 2015-11-09 22:11 - 00000000 ____D C:\Users\MothMatt\Desktop\UnityCourse
2015-11-09 21:43 - 2015-11-10 19:46 - 00001076 _____ C:\Users\MothMatt\Desktop\110915.txt
2015-11-06 22:20 - 2015-11-06 22:20 - 00001807 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-11-06 22:18 - 2015-11-06 22:19 - 00000000 ____D C:\ProgramData\BlueStacks
2015-11-06 22:18 - 2015-11-06 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-11-06 22:18 - 2015-11-06 22:18 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-11-06 22:15 - 2015-11-06 22:26 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-11-06 22:15 - 2015-11-06 22:15 - 00000000 ____D C:\Users\MothMatt\AppData\Local\Bluestacks
2015-11-05 19:48 - 2015-11-05 20:31 - 00000000 ____D C:\Users\MothMatt\Downloads\Pokemon (1998) Seasons 1-14 -E.Rev 480p x264 MKV
2015-11-02 15:19 - 2015-11-02 15:19 - 00000000 ____D C:\ProgramData\.mono
2015-11-02 15:15 - 2015-11-02 15:15 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\Pokémon Trading Card Game Online
2015-10-30 20:57 - 2015-10-30 20:59 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\Tap_Dungeon
2015-10-30 07:21 - 2015-10-30 07:21 - 00002084 _____ C:\Users\MothMatt\AppData\Local\recently-used.xbel
2015-10-28 20:28 - 2015-11-09 09:14 - 00000997 _____ C:\Users\MothMatt\Desktop\102815.txt
2015-10-22 23:05 - 2015-10-22 23:05 - 00376520 _____ C:\Windows\Minidump\102315-46909-01.dmp
2015-10-21 00:24 - 2015-10-21 00:43 - 00000000 ____D C:\Users\MothMatt\Downloads\Back to the Future Part 2 (1989) [1080p]
2015-10-20 07:49 - 2015-11-03 18:32 - 00000000 ____D C:\Users\MothMatt\AppData\Local\osu!
2015-10-20 07:49 - 2015-10-20 07:49 - 00000948 _____ C:\Users\MothMatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2015-10-20 07:49 - 2015-10-20 07:49 - 00000940 _____ C:\Users\MothMatt\Desktop\osu!.lnk
2015-10-16 18:10 - 2015-11-03 17:39 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\Human Resource Machine
2015-10-15 17:37 - 2015-10-15 17:38 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\GameLoaderSteam
2015-10-15 01:01 - 2015-10-15 01:01 - 00001401 _____ C:\Users\Public\Desktop\SeaTools for Windows.lnk
2015-10-15 01:01 - 2015-10-15 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2015-10-15 01:01 - 2015-10-15 01:01 - 00000000 ____D C:\Program Files (x86)\Seagate
2015-10-14 20:53 - 2015-07-22 18:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-10-14 20:53 - 2015-07-22 18:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-10-14 20:53 - 2015-07-22 18:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-14 20:53 - 2015-07-22 11:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-14 20:53 - 2015-07-22 11:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-10-14 20:53 - 2015-07-22 10:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-10-14 20:53 - 2015-05-25 12:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-10-14 20:53 - 2015-05-25 12:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-10-14 20:53 - 2015-05-25 12:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-10-14 20:53 - 2015-05-25 12:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-10-14 20:53 - 2015-05-25 12:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-10-14 20:53 - 2015-05-25 12:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-10-14 20:53 - 2015-05-25 12:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-10-14 20:53 - 2015-05-25 12:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-10-14 20:53 - 2015-05-25 12:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-10-14 20:53 - 2015-05-25 12:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-10-14 20:53 - 2015-05-25 12:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-10-14 20:53 - 2015-05-25 12:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-10-14 20:52 - 2015-09-18 13:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-14 20:52 - 2015-09-18 13:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-14 20:52 - 2015-09-18 13:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-14 20:52 - 2015-09-18 13:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-14 20:52 - 2015-09-18 13:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-14 20:52 - 2015-09-18 13:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-14 20:52 - 2015-09-18 13:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 20:52 - 2015-08-05 11:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2015-10-14 20:52 - 2015-08-05 11:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-10-14 20:52 - 2015-07-18 07:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 20:52 - 2015-07-18 07:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-14 20:52 - 2015-07-09 11:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-10-14 20:52 - 2015-07-09 11:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-10-14 20:52 - 2015-07-09 11:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-10-14 20:52 - 2015-07-09 11:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-10-14 20:52 - 2015-06-25 04:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-14 20:52 - 2015-06-25 04:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-14 20:52 - 2015-06-25 04:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-14 20:52 - 2015-06-25 03:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-10-14 20:52 - 2015-06-03 14:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-10-14 20:52 - 2015-04-27 13:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-10-14 20:52 - 2015-04-27 13:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-10-14 20:52 - 2015-04-27 13:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-10-14 20:52 - 2015-04-27 13:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-10-14 20:52 - 2015-04-27 13:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-10-14 20:52 - 2015-04-27 13:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-10-14 20:52 - 2015-04-27 13:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-10-14 20:52 - 2015-04-27 13:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-10-14 20:52 - 2015-04-10 21:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-10-14 20:52 - 2015-01-28 21:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-10-14 20:52 - 2015-01-28 21:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-10-14 20:48 - 2015-08-27 12:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-14 20:48 - 2015-08-27 12:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-14 20:48 - 2015-08-27 12:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-10-14 20:48 - 2015-08-27 12:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-14 20:48 - 2015-08-27 11:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-10-14 20:48 - 2015-08-27 11:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-10-14 20:48 - 2015-08-27 11:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-10-14 20:48 - 2015-08-27 11:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-10-14 04:28 - 2015-08-06 12:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 04:28 - 2015-08-06 12:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 04:28 - 2015-08-06 11:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 04:28 - 2015-08-06 11:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 04:27 - 2015-10-01 12:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 04:27 - 2015-10-01 12:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 04:27 - 2015-10-01 12:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 04:27 - 2015-10-01 12:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 04:27 - 2015-10-01 12:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 04:27 - 2015-10-01 12:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 04:27 - 2015-10-01 12:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 04:27 - 2015-10-01 11:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 04:27 - 2015-10-01 11:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-13 00:13 - 2013-12-09 20:34 - 00000000 ____D C:\Users\MothMatt\AppData\Local\Battle.net
2015-11-13 00:13 - 2013-11-01 00:45 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\Skype
2015-11-12 23:58 - 2013-10-31 23:15 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-12 23:54 - 2013-11-04 01:49 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001UA.job
2015-11-12 23:40 - 2013-10-31 23:03 - 01141220 _____ C:\Windows\WindowsUpdate.log
2015-11-12 23:38 - 2013-11-27 09:54 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-12 23:01 - 2014-02-01 22:32 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2015-11-12 21:34 - 2015-01-20 16:28 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-11-12 21:30 - 2013-12-09 20:34 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-12 21:23 - 2009-07-13 21:20 - 00000000 __RHD C:\Users\Default
2015-11-12 21:21 - 2009-07-13 20:34 - 00000215 _____ C:\Windows\system.ini
2015-11-12 17:13 - 2013-12-22 23:49 - 00000000 ____D C:\ProgramData\Unity
2015-11-12 16:49 - 2013-11-01 02:27 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\vlc
2015-11-12 15:36 - 2009-07-13 22:45 - 00022560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-12 15:36 - 2009-07-13 22:45 - 00022560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-12 15:27 - 2009-07-13 23:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-12 15:21 - 2013-10-31 23:15 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-12 15:21 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-12 15:21 - 2009-07-13 22:51 - 00079885 _____ C:\Windows\setupact.log
2015-11-12 15:21 - 2009-07-13 22:45 - 05025472 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 15:20 - 2014-09-11 19:09 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-12 07:05 - 2010-11-20 21:47 - 00323942 _____ C:\Windows\PFRO.log
2015-11-12 07:03 - 2014-01-09 13:50 - 00000000 ____D C:\AdwCleaner
2015-11-12 06:58 - 2014-08-20 01:22 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-12 02:03 - 2014-08-20 01:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-12 02:01 - 2014-07-26 15:56 - 00000000 ____D C:\Program Files (x86)\Magic Workstation
2015-11-12 01:54 - 2013-11-04 01:49 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001Core.job
2015-11-11 23:38 - 2014-08-20 01:22 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-11 23:38 - 2014-08-20 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-11 23:34 - 2013-10-31 23:07 - 00001945 _____ C:\Windows\epplauncher.mif
2015-11-11 16:06 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 12:10 - 2013-10-31 23:38 - 00774592 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 11:55 - 2014-09-07 17:21 - 00007622 _____ C:\Users\MothMatt\AppData\Local\Resmon.ResmonCfg
2015-11-11 01:53 - 2013-11-01 01:11 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 01:45 - 2013-11-01 01:11 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 00:01 - 2013-12-22 19:37 - 00000000 ____D C:\Users\MothMatt\AppData\Local\Unity
2015-11-10 23:53 - 2009-07-13 23:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-11-10 23:50 - 2015-03-04 23:43 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-11-10 23:49 - 2015-03-04 23:33 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-11-10 23:43 - 2015-03-04 23:40 - 00000000 ____D C:\Windows\SysWOW64\1033
2015-11-10 23:41 - 2015-03-04 23:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-11-10 23:41 - 2015-03-04 23:33 - 00000000 ____D C:\Windows\system32\1033
2015-11-10 23:39 - 2013-11-02 13:47 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-10 23:38 - 2009-07-13 21:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-11-10 23:21 - 2013-12-22 23:20 - 00000000 ____D C:\Users\Public\Documents\Unity Projects
2015-11-10 20:39 - 2013-11-01 06:26 - 00000000 ____D C:\Users\MothMatt\Desktop\images
2015-11-10 19:30 - 2014-04-04 17:53 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-11-10 19:27 - 2014-03-20 19:58 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2015-11-10 19:27 - 2014-03-20 19:57 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2015-11-10 19:27 - 2013-10-31 23:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-10 19:22 - 2014-09-11 21:30 - 00000000 ____D C:\Users\MothMatt\Heaven
2015-11-10 19:22 - 2014-03-07 11:25 - 00000000 ____D C:\Program Files (x86)\Rogue Legacy Demo
2015-11-10 19:21 - 2014-11-16 11:49 - 00000000 ____D C:\wamp
2015-11-10 19:16 - 2015-03-04 23:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-11-10 18:51 - 2013-10-31 23:07 - 00079048 _____ C:\Users\MothMatt\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-10 18:38 - 2013-11-27 09:54 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-10 18:38 - 2013-11-27 09:54 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-10 18:38 - 2013-11-27 09:54 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-10 18:37 - 2013-11-01 00:32 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-09 18:36 - 2013-11-01 06:33 - 00000000 ____D C:\Users\MothMatt\.gimp-2.8
2015-11-09 09:23 - 2013-10-31 23:40 - 00000000 ____D C:\ProgramData\Oracle
2015-11-09 09:22 - 2014-07-25 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-09 09:22 - 2013-10-31 23:39 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-09 09:21 - 2015-09-16 21:19 - 00000000 ____D C:\Users\MothMatt\.oracle_jre_usage
2015-11-09 09:21 - 2014-07-25 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-11-09 09:20 - 2014-07-25 16:42 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-09 00:07 - 2014-02-02 10:33 - 00000000 ____D C:\Users\MothMatt\Documents\StarCraft II
2015-11-06 22:20 - 2009-07-13 21:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-05 22:57 - 2013-11-17 05:14 - 00000000 ____D C:\Users\MothMatt\AppData\Roaming\BitTorrent
2015-11-01 22:21 - 2015-09-27 18:14 - 00000000 ____D C:\Program Files (x86)\StarCraft II - Legacy of the Void Beta
2015-11-01 22:17 - 2015-01-11 22:52 - 00000000 ____D C:\Users\MothMatt\AppData\Local\Warframe
2015-11-01 20:44 - 2013-11-01 02:46 - 00157410 _____ C:\Windows\DirectX.log
2015-11-01 20:35 - 2013-11-01 00:45 - 00000000 ____D C:\ProgramData\Skype
2015-10-30 07:20 - 2013-11-13 18:04 - 00000000 ____D C:\Users\MothMatt\AppData\Local\gtk-2.0
2015-10-23 06:49 - 2015-10-13 21:38 - 00000000 ____D C:\Users\MothMatt\Desktop\REAL LIFE
2015-10-22 23:05 - 2014-01-09 22:27 - 00000000 ____D C:\Windows\Minidump
2015-10-22 23:04 - 2014-01-09 22:27 - 678008850 _____ C:\Windows\MEMORY.DMP
2015-10-22 22:53 - 2015-10-03 03:31 - 00004022 _____ C:\Users\MothMatt\Desktop\100515.txt
2015-10-22 22:48 - 2015-09-17 22:18 - 00000000 ____D C:\Users\MothMatt\Desktop\olp
2015-10-21 10:11 - 2013-11-01 02:46 - 00000000 ____D C:\Users\MothMatt\Documents\My Games
2015-10-15 01:27 - 2015-10-13 14:11 - 00000000 ____D C:\Users\MothMatt\Downloads\The Pentagon Wars [1998 Comedy] .x264
2015-10-15 01:27 - 2014-05-26 21:37 - 00000000 ____D C:\Users\MothMatt\Downloads\TV Shows
2015-10-14 21:36 - 2015-04-14 16:22 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-14 21:36 - 2015-04-14 16:22 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-14 21:36 - 2015-04-14 16:22 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-14 21:36 - 2015-04-14 16:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-14 21:36 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-10-14 09:13 - 2015-09-10 16:28 - 00003234 _____ C:\Users\MothMatt\Desktop\091015.txt

==================== Files in the root of some directories =======

2013-11-23 18:59 - 2013-12-02 14:47 - 0000132 _____ () C:\Users\MothMatt\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-09-11 21:29 - 2014-09-11 21:51 - 1065984 _____ () C:\Users\MothMatt\AppData\Local\file__0.localstorage
2015-10-30 07:21 - 2015-10-30 07:21 - 0002084 _____ () C:\Users\MothMatt\AppData\Local\recently-used.xbel
2014-09-07 17:21 - 2015-11-11 11:55 - 0007622 _____ () C:\Users\MothMatt\AppData\Local\Resmon.ResmonCfg
2015-09-11 01:19 - 2015-09-11 01:19 - 0000028 _____ () C:\Users\MothMatt\AppData\Local\X-Plane Installer.prf
2015-09-11 01:19 - 2015-09-11 01:23 - 0000015 _____ () C:\Users\MothMatt\AppData\Local\X-Plane_drm.prf
2015-09-11 00:58 - 2015-09-11 00:58 - 0000074 _____ () C:\Users\MothMatt\AppData\Local\x-plane_install_10.txt
2013-11-01 00:59 - 2013-11-01 01:07 - 0000819 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-10 02:28

==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by MothMatt (2015-11-13 00:17:54)
Running from C:\Users\MothMatt\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-11-01 05:03:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1913142570-876064918-947292865-500 - Administrator - Disabled)
Guest (S-1-5-21-1913142570-876064918-947292865-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1913142570-876064918-947292865-1006 - Limited - Enabled)
MothMatt (S-1-5-21-1913142570-876064918-947292865-1001 - Administrator - Enabled) => C:\Users\MothMatt

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Fistful of Gun (HKLM-x32\...\Steam App 229810) (Version: - FarmerGnome)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version: - Trion Worlds, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AxCrypt 1.7.2976.0 (HKLM\...\{F28219BA-0FBA-4515-AA4D-DF55EA186C6A}) (Version: 1.7.2976.0 - Axantum Software AB)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Barony (HKLM-x32\...\Steam App 371970) (Version: - Turning Wheel LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlegrounds of Eldhelm (HKLM-x32\...\Steam App 329020) (Version: - Essence Ltd.)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version: - Gaijin Games)
BitTorrent (HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blackguards (HKLM-x32\...\Steam App 249650) (Version: - Daedalic Entertainment)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.)
Boris FX 10 (64 Bit) (HKLM\...\{BAF3FFCF-4BFC-42C9-A5F3-EF5F55615C29}) (Version: 10.0.1 - Boris FX, Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Cloudbuilt (HKLM-x32\...\Steam App 262390) (Version: - Coilworks)
Comic Seer (HKLM-x32\...\{164ECE87-899D-4170-BBD3-3091E24A42BF}) (Version: 2.51.2 - Xylasoft)
Cook, Serve, Delicious! (HKLM-x32\...\Steam App 247020) (Version: - Vertigo Gaming Inc.)
Cosmic DJ (HKLM-x32\...\Steam App 297110) (Version: - Gl33k)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Craft The World (HKLM-x32\...\Steam App 248390) (Version: - Dekovir Entertainment)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.02 - Creative Technology Limited)
Crypt of the NecroDancer (HKLM-x32\...\Steam App 247080) (Version: - Brace Yourself Games)
CRYPTARK (HKLM-x32\...\Steam App 344740) (Version: - Alientrap)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2726.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2726.0 - CyberLink Corp.) Hidden
CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.4203 - CyberLink Corp.)
Defiance (HKLM-x32\...\Steam App 224600) (Version: - Trion Worlds, Inc.)
Deponia: The Complete Journey (HKLM-x32\...\Steam App 292910) (Version: - Daedalic Entertainment)
Destination Sol (HKLM-x32\...\Steam App 342980) (Version: - MovingBlocks)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dual Monitor 1.22 (HKLM-x32\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu)
Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version: - AMPLITUDE Studios)
Epic Games Launcher (HKLM\...\{8727C279-A122-40B8-8ACA-271E1809DAA5}) (Version: 1.1.23.0 - Epic Games, Inc.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evoland 2 (HKLM-x32\...\Steam App 359310) (Version: - Shiro Games)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
FlashDevelop 4.5.2 (HKLM-x32\...\FlashDevelop) (Version: 4.5.2 - FlashDevelop.org)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.139.918 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.0.722 - Foxit Software Inc.)
Fraps (HKLM-x32\...\Fraps) (Version: - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Full Mojo Rampage (HKLM-x32\...\Steam App 225280) (Version: - Over the Top Games)
GameMaker-Studio 1.3 (HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\GameMaker-Studio13) (Version: - YoYo Games Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GemCraft - Chasing Shadows (HKLM-x32\...\Steam App 296490) (Version: - Game in a Bottle)
GenArts Sapphire Plug-ins 6.13 for After Effects and Compatible (HKLM\...\GenArts Sapphire AE_is1) (Version: - )
Geometry Wars 3: Dimensions (HKLM-x32\...\Steam App 310790) (Version: - Lucid Games)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.67.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.67.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Gloria Victis version 1.0.0 (HKLM-x32\...\{D9E0CF6F-C911-416C-BB8C-7B2AD776B9E5}_is1) (Version: 1.0.0 - Black Eye Games)
GoldWave v5.70 (HKLM-x32\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hack 'n' Slash (HKLM-x32\...\Steam App 246070) (Version: - Double Fine Productions)
Hacknet (HKLM-x32\...\Steam App 365450) (Version: - Team Fractal Alligator)
Half Minute Hero: Super Mega Neo Climax Ultimate Boy (HKLM-x32\...\Steam App 214830) (Version: - Opus)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Happy Cloud Client (HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)
HE Auto Launcher (HKLM-x32\...\HE Auto Launcher) (Version: - )
honestech VHS to DVD 7.0 Deluxe (HKLM-x32\...\{AC242562-1F9E-42C9-B461-E8B839093FEB}) (Version: 7.0 - honestech)
honestech VHS to DVD 7.0 Deluxe (x32 Version: 7.0 - honestech) Hidden
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - Dennaton Games)
HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
Human Resource Machine (HKLM-x32\...\Steam App 375820) (Version: - Tomorrow Corporation)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 7 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170650}) (Version: 1.7.0.650 - Oracle)
Jazzpunk (HKLM-x32\...\Steam App 250260) (Version: - Necrophone Games)
KickBeat Steam Edition (HKLM-x32\...\Steam App 255370) (Version: - Zen Studios)
King’s Bounty: Legions (HKLM-x32\...\Steam App 235400) (Version: - Nival)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LG Verizon United Driver (HKLM-x32\...\{A17B9856-40CF-4BEA-BB65-ADB8154A83DC}) (Version: 2.14.1 - LG Electronics)
LibreOffice 4.1.2.3 (HKLM-x32\...\{DD3CB916-F91A-41B9-B276-CAC090E91021}) (Version: 4.1.2.3 - The Document Foundation)
Logitech Gaming Software 8.46 (HKLM\...\Logitech Gaming Software) (Version: 8.46.27 - Logitech Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LUFTRAUSERS (HKLM-x32\...\Steam App 233150) (Version: - Vlambeer)
Magic The Gathering Online (HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\35c9d60442fbb010) (Version: 3.4.87.519 - Wizards of the Coast)
Magic Workstation 0.94f (HKLM-x32\...\Magic Workstation_is1) (Version: - Magic Technology)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{F0DB2786-18C8-4B0D-9DC2-BA58856A2821}) (Version: 2.1.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTG Card Images for Magic Workstation (HKLM-x32\...\MTG Card Images for Magic Workstation_is1) (Version: - )
MTG GamePack for Magic Workstation (HKLM-x32\...\MTG GamePack for Magic Workstation_is1) (Version: - Magic Technology)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
My Game Long Name (HKLM\...\UDK-18ac34f0-6bcf-4690-a1bd-417421d3f940) (Version: - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-746e7876-3830-4ffc-b63f-299c2d121322) (Version: - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-a908026c-3541-42fb-b0dc-8303314b076f) (Version: - Epic Games, Inc.)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
NeatMouse (HKLM-x32\...\NeatMouse) (Version: 1.02 - Neat Decisions)
Network Addon Mod (HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\Network Addon Mod) (Version: 32 - The NAM Team)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.98 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.98 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version: - Silver Dollar Games)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
osu! (HKLM-x32\...\{cd6acbe2-03a4-4ab0-b848-f45d668a1355}) (Version: latest - ppy Pty Ltd)
Papo & Yo (HKLM-x32\...\Steam App 227080) (Version: 2.0 - Minority Media Inc.)
Paranautical Activity (HKLM-x32\...\Steam App 250580) (Version: - Code Avarice)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PowerDirector (Version: 12.0 - CyberLink Corp.) Hidden
Pox Nora (HKLM-x32\...\Steam App 201210) (Version: - Desert Owl Games LLC)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.13004.105 - raidcall.com)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27748 - Razer Inc.)
ReignMaker (HKLM-x32\...\Steam App 286200) (Version: - Frogdice, Inc)
Reus (HKLM-x32\...\Steam App 222730) (Version: - Abbey Games)
Reverse Crawl (HKLM-x32\...\Steam App 400660) (Version: - Nerdook Productions)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
RPG Maker VX Ace (HKLM-x32\...\Steam App 220700) (Version: - Enterbrain)
RPG MO (HKLM-x32\...\Steam App 372800) (Version: - Marxnet)
Runers (HKLM-x32\...\Steam App 306550) (Version: - LGK Games)
Runestone Keeper (HKLM-x32\...\Steam App 339400) (Version: - Blackfire Games)
SanctuaryRPG: Black Edition (HKLM-x32\...\Steam App 328760) (Version: - Black Shell Games)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Secrets of Grindea (HKLM-x32\...\Steam App 269770) (Version: - Pixel Ferrets)
Shadow Era version 2.8509 (HKLM-x32\...\{A9DA5CA9-5576-4E77-8D83-5FCA5DF9ACF1}_is1) (Version: 2.8509 - Wulven Game Studios)
Shatter (HKLM-x32\...\Steam App 20820) (Version: - Sidhe)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\Steam App 250760) (Version: - Yacht Club Games)
Sigils of Elohim (HKLM-x32\...\Steam App 321480) (Version: - Croteam)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version: - EA - Maxis)
Skullgirls (HKLM-x32\...\Steam App 245170) (Version: - Lab Zero Games)
Skullgirls ∞Endless Beta∞ (HKLM-x32\...\Steam App 208610) (Version: - )
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
SmartFoxServer 2X 2.9.0 (HKLM\...\0876-9884-4843-9474) (Version: 2.9.0 - GOTOANDPLAY snc)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
SolForge (HKLM-x32\...\Steam App 232450) (Version: - Stone Blade Entertainment)
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Stacking (HKLM-x32\...\Steam App 115110) (Version: - Double Fine Productions)
StarCraft II - Legacy of the Void Beta (HKLM-x32\...\StarCraft II - Legacy of the Void Beta) (Version: - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stealth Bastard Deluxe (HKLM-x32\...\Steam App 209190) (Version: - Curve Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sublime Text 2.0.2 (HKLM-x32\...\Sublime Text 2_is1) (Version: - )
Sublime Text Build 3059 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version: - Bossa Studios)
Sweet Lily Dreams (HKLM-x32\...\Steam App 300540) (Version: - RosePortal Games)
Sylenth1 v1.01.3 (HKLM-x32\...\Sylenth1_is1) (Version: - )
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\teraenmasse) (Version: - )
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
The Swindle (HKLM-x32\...\Steam App 369110) (Version: - Size Five Games)
Thea: The Awakening (HKLM-x32\...\Steam App 378720) (Version: - MuHa Games)
TIS-100 (HKLM-x32\...\Steam App 370360) (Version: - Zachtronics)
To the Moon (HKLM-x32\...\Steam App 206440) (Version: - Freebird Games)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
Transistor (HKLM-x32\...\Steam App 237930) (Version: - Supergiant Games)
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{5210717F-CAFD-4F21-8DF7-6ED3862725C4}) (Version: 12.1.0 - Red Giant Software)
Trapcode Suite 64-bit (Version: 12.1.0 - Red Giant Software) Hidden
Unepic (HKLM-x32\...\Steam App 233980) (Version: - Francisco Téllez de Meneses)
Unity (HKLM-x32\...\Unity) (Version: 5.2.2f1 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VIDBOX Driver (HKLM-x32\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 4.0.0 - honestech)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
You Have to Win the Game (HKLM-x32\...\Steam App 286100) (Version: - Minor Key Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File

==================== Restore Points =========================

10-11-2015 23:23:26 Microsoft Visual Studio Community 2015
10-11-2015 23:24:46 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
10-11-2015 23:25:50 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
10-11-2015 23:27:07 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026
10-11-2015 23:28:20 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
10-11-2015 23:28:53 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
10-11-2015 23:38:51 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
10-11-2015 23:53:11 Installed Microsoft Visual Studio 2015 Tools for Unity
11-11-2015 01:39:14 Windows Update
11-11-2015 12:05:36 Windows Update
11-11-2015 12:29:11 Before RootKit Running
12-11-2015 07:18:51 JRT Pre-Junkware Removal
12-11-2015 09:24:42 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2015-11-12 21:20 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {5095602C-3252-4D6F-803C-4BA3A7D68C5D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {57055CF2-4CE7-452C-A48A-8A7E3BA8ADA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {579B5E6E-5A92-424A-A594-C000F99D5A2B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated)
Task: {BC907F44-CCDA-47E0-8370-1582703F04B9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001UA => C:\Users\MothMatt\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {CB5FFFC0-E57C-4EDE-9CC4-56447C32FEF9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001Core => C:\Users\MothMatt\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001Core.job => C:\Users\MothMatt\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1913142570-876064918-947292865-1001UA.job => C:\Users\MothMatt\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-23 13:11 - 2015-06-23 13:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2013-11-01 07:55 - 2012-08-08 20:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-09-11 19:08 - 2015-09-13 16:09 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-18 19:25 - 2015-08-26 18:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-01 00:28 - 2015-10-01 00:28 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-07-28 17:11 - 2014-11-25 20:12 - 40622592 _____ () C:\Users\MothMatt\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\MothMatt\AppData\Local\fsMjKdl9U0Kd:mRETKvVCxyMXETGrQZXog5DT6uhi
AlternateDataStreams: C:\Users\MothMatt\AppData\Local\Temp:1NfDTzrWZvOJISHgQGaMV
AlternateDataStreams: C:\Users\MothMatt\AppData\Local\Temp:art2U3J1a5v5HYVBi9cIA8W

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1913142570-876064918-947292865-1001\...\aeriagames.com -> hxxp://aeriagames.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1913142570-876064918-947292865-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\startupfolder: C:^Users^MothMatt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Gangsters2Setup.lnk => C:\Windows\pss\Gangsters2Setup.lnk.Startup
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXE
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B1991AC3-CB36-40D0-AE00-029175555F6A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CB7FA1A4-7C94-4ECE-B8EE-9965B01DFE96}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{33358AAE-F656-49B8-8EA9-DB75502C68C1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7559A27D-DF82-4115-8B43-666FB1879846}] => (Allow) C:\Users\MothMatt\AppData\Local\Temp\7zS6A25\setup\hpznui40.exe
FirewallRules: [{73E83E88-9E7F-4BF8-8E92-44867EF6E574}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{91758114-962F-45C2-B763-F3FA5B1B02C4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{9C9712A1-470A-4118-8F8D-125D7654027A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{AB84D7CA-932F-4677-BACA-6B34F00CA415}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{3F0F01F9-0B42-47F7-9279-E5BBE5733A10}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{024E11F0-1473-4C2C-A923-EB1160707326}] => (Allow) C:\Users\MothMatt\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2D90E816-860F-41CE-9297-04004390D99B}] => (Allow) C:\Users\MothMatt\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E15F0CA1-FACA-4612-8ECA-BFF61846A346}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CS6\Adobe Premiere Pro.exe
FirewallRules: [{22949254-A975-4FF3-8152-8AE8D80F394C}] => (Block) %ProgramFiles%\Adobe\Adobe Encore CS6\Adobe Encore.exe
FirewallRules: [{4C07E94B-79FF-4410-8CFD-91B81A0E02FF}] => (Block) %ProgramFiles%\Adobe\Adobe Media Encoder CS6\Adobe Media Encoder.exe
FirewallRules: [{BDF0A638-62D9-45C1-8F12-A7E2BA9DA189}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe
FirewallRules: [{A84C790C-7447-4910-95B2-D1FBBC805BEA}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 Bit)\bridgeproxy.exe
FirewallRules: [{E8A8123A-0476-420B-81F6-D8C1D0803D23}] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe
FirewallRules: [{47E3DDFF-4426-44D8-A116-30839BA81459}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
FirewallRules: [{0589CF00-5FA1-4528-8502-5ADB8F9755B2}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe
FirewallRules: [{3E37951C-3D3F-441E-BAC5-98DDE48112F5}] => (Block) %ProgramFiles%\Adobe\Adobe Media Encoder CS6\Adobe Media Encoder.exe
FirewallRules: [{FD179545-6081-4FB8-B809-7BC5C4C84C13}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{21A8B1FE-B8B0-4404-80FA-51D35A75D152}] => (Block) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{711FEF6B-2179-4E47-AE29-058446007477}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{DB8910BB-F96F-4BCD-9FFC-970204B8CCB0}] => (Block) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{5FA84A39-7B3B-4038-8E17-D9316B0CB794}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{A53B573F-5F60-449E-B669-9E315FF27B75}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{0ABE8A2D-F22C-40B2-AFF9-45A30933127E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2417\Agent.exe
FirewallRules: [{F50C3619-57C9-490E-BDD2-7FBAED3525D0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2417\Agent.exe
FirewallRules: [{33B1D075-24D1-4B31-97EC-4FCF3C01215D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C73B08FB-6519-4EA2-9B10-88B97A9245C2}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{158948E5-D5A5-4E36-844B-C1E072FD0187}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{0B2A3D65-3045-43EC-AEE2-ACE29859E7E9}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{63A5DEE2-F08C-4B5A-AAEA-5363D99A7284}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{394A2BBA-5F68-441F-AE0D-5684852F6576}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{D1C19958-DA44-498C-89B9-8CACCD3172F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2B1688C3-BDC3-48C9-A794-7A9C809B65B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{21B8CC42-6016-41A1-9079-2F406067B8FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{71391A84-8CE9-4D62-8BC9-5DE31AC0406F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4636BD94-D74C-4E5C-BBE5-EC91C8F85493}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
 
FirewallRules: [{59DA3FCF-2867-4586-99A0-F61D64CC54DC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{3BB50B26-3A90-49AD-A08A-3785927941CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{33D38BF3-B111-463C-86EB-FB7A0A7BE1A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{74CBEE15-58BA-4D6F-8E3D-E26F8141B857}] => (Allow) %ProgramFiles% (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{E8FE1AD8-BBBE-4165-AE83-50B89785358D}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [UDP Query User{A448DDF4-A676-4F3D-807D-120FFE43B481}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [{A78D9B00-9ACA-477E-A925-48CF9C771F09}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Flash CS6\Flash.exe
FirewallRules: [TCP Query User{0DBD7E07-68B7-4F7C-AE0B-29C5637757A8}C:\wamp\bin\apache\apache2.4.4\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
FirewallRules: [UDP Query User{3A7B394A-92B8-40C2-9C99-C581D523977A}C:\wamp\bin\apache\apache2.4.4\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
FirewallRules: [TCP Query User{D615BC63-6815-4A4C-AE95-14F01B9CA9B0}C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{831D62B2-59F9-4538-A0B3-73A21FB03053}C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [{714869D2-E631-4572-BA79-D03325007223}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{97FE2A36-C0A0-4F37-8597-7290D80F6E1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{ACEEC1F2-C03A-4807-97DD-4FC8C8F9B32F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BEEAFE54-0FB6-4CEF-ACF6-411BE32F6EF0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{32EC137B-3564-4C52-BD0D-B967846F92A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reus\Reus.exe
FirewallRules: [{F0E0D0D3-4C1C-4EAD-9FC1-0E1084D1182B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reus\Reus.exe
FirewallRules: [{9B0BEEDF-7D07-4571-850B-67FC55849ADF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapoYo\Binaries\Win32\PYGame-Win32-Shipping.exe
FirewallRules: [{E9F2E9D2-8E64-44B5-960C-E6CA86277E57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapoYo\Binaries\Win32\PYGame-Win32-Shipping.exe
FirewallRules: [{8F347FB8-5488-4061-BA58-EA1615C90EB6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{46129B3C-37C5-42DF-B802-1D589F677F17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{CFD6D4F7-9880-44C3-AC39-23B330826969}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{508CB067-CBB6-4523-979D-DEFFFF13207A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{56127A79-788B-4CB4-9F9B-35E72D90A524}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\bittriprunner2\runner2.exe
FirewallRules: [{CC1A1416-96B0-4D83-8F28-9E5EEB7A38FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\bittriprunner2\runner2.exe
FirewallRules: [{94C9A6A1-ABDC-46A0-9E65-1DB43C55CEF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{29B89BD1-237C-461F-94F7-ED1DBA77EE2F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{2AF415C8-CF5D-4F14-8E4A-E49C57293048}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\StealthBastardDeluxe\StealthBastard[Steam].exe
FirewallRules: [{F8285D22-3EF2-4436-8A31-4B993175E356}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\StealthBastardDeluxe\StealthBastard[Steam].exe
FirewallRules: [{E756D15C-A01B-4B6E-BCB3-3592E92BBA90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Joe Danger 2 The Movie\Bin\JD2Launcher.exe
FirewallRules: [{5A217FD9-27AF-452A-A04A-7C68F5883F43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Joe Danger 2 The Movie\Bin\JD2Launcher.exe
FirewallRules: [{311A44F7-BD4A-45A2-95BA-4212A8E2A78F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kings Bounty Legions\KingsBounty.exe
FirewallRules: [{E8437DF2-E914-408C-B3A0-D69E58777911}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kings Bounty Legions\KingsBounty.exe
FirewallRules: [{4C38D2FD-95E7-4541-8D33-1F46DFCD3C2A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{4BFC0341-628B-426A-BB28-9EE914D9465E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{5FBF77B4-1758-4387-B00B-247B4A8FBB5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{F5D13B1D-612D-4308-BA5F-9AD9E6287D41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{4A9A5B30-8602-4D50-AB87-F0FEF2B04F59}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{6067F143-D0D6-43BD-8B15-6EDBF9A27100}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{3A646D34-77BA-4FA5-AB4D-CC2B6442D407}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{DED0D8FB-ABE1-4E15-A46D-B495031F0E12}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{1413087E-30CF-4473-B205-5BEF72A00917}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{DCF6EC67-B493-4A78-82C1-7480915BD9C8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{3DF9382A-3A2F-493C-94D4-C4350B3ACBDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{41CEEA3F-B468-4DF4-ADB2-216DDB56745E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{5CC33876-6513-4754-9966-D62E2B8142C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shatter\Shatter.exe
FirewallRules: [{6690E46F-1F6D-4215-811D-543D7A007C26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shatter\Shatter.exe
FirewallRules: [{6311F8A1-FB64-4F44-97CA-7CB5AF5F18AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shatter\ShatterSettingsEditor.exe
FirewallRules: [{78A9C528-359F-4CCA-A60D-1568693DAEC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shatter\ShatterSettingsEditor.exe
FirewallRules: [{37AA00FF-EB23-4A54-B613-8330DB9815C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{968662E8-F647-4B15-8260-8FD49653F0E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{5A4D2E7E-BCC6-4BBD-AD43-149B942F6B84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{91601E56-E4F2-48ED-929F-A15D70D5505D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{F07C283E-E439-4717-8905-62F21AF4B112}] => (Allow) LPort=11100
FirewallRules: [{DA175294-25C1-455C-B990-3A7C2A83706E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{997C012B-E05A-438C-898E-E86D1CA70681}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [TCP Query User{2FC5378D-6F60-4C90-A5F8-52039037264F}C:\users\mothmatt\appdata\roaming\gamemaker-studio\runner.exe] => (Allow) C:\users\mothmatt\appdata\roaming\gamemaker-studio\runner.exe
FirewallRules: [UDP Query User{2520C895-D9EF-471B-98A3-CF9F681B15EE}C:\users\mothmatt\appdata\roaming\gamemaker-studio\runner.exe] => (Allow) C:\users\mothmatt\appdata\roaming\gamemaker-studio\runner.exe
FirewallRules: [TCP Query User{829C4D22-885E-4E49-81EB-A3A39A7E63F9}C:\program files (x86)\flashdevelop\flashdevelop.exe] => (Allow) C:\program files (x86)\flashdevelop\flashdevelop.exe
FirewallRules: [UDP Query User{6DC944C9-294F-40F4-9778-3FEAD060C4DB}C:\program files (x86)\flashdevelop\flashdevelop.exe] => (Allow) C:\program files (x86)\flashdevelop\flashdevelop.exe
FirewallRules: [{3166BA6B-4437-437D-95CB-D59A34F99E3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{33B4FAC1-693E-4960-9C30-9C587FCF8DEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{BA50A5CC-5AD0-4EE9-A529-2C50CD848CAB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{1C92AE7E-DF8D-4E93-9123-A37FD0AD9A28}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{41630615-B97C-4A81-A9CC-E77DE1304ACC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{9E9A94DF-F1F9-46FE-99EE-3255BA01344E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{C2CE7F8D-0B26-428C-95A3-1FB3A8934A41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{16CBD2B8-6E5D-4510-973A-90470D93C6DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E738E653-B7F0-4F64-8B4D-67EEFAB628C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{62F05199-C8EF-4A34-83DB-1AEFE5D1FC6A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{C1FE673B-0091-4FFE-A3D0-80A3D1EB4648}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{6FFA9D47-9673-4E26-A79C-BA28719E5F9D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{6D6DD0C4-C13C-4EA5-A364-4B96F8BDC207}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{AB53EC2B-9FF4-421E-9984-56AE586A798B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{7F7A1F78-029E-41BF-A49A-E4C0AFAB7D2A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cloudbuilt\CloudBuilt.exe
FirewallRules: [{E9422011-7F52-4EDC-BA77-00779B0E0E9A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cloudbuilt\CloudBuilt.exe
FirewallRules: [{1594F155-67F6-4C14-B806-6F699ABDB0BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{F3373D39-52E5-4BFF-B22F-F062D60C50CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{76C3423B-82D9-432C-ABE6-E38FFCDDF95A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{1D33D246-86FA-431C-BA2A-C59471AE230A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{7C1BC9FB-B336-4ECB-B8AF-38031AEB6181}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{D7C5556B-AA7B-4725-A198-83BC4CB74FB6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{84922A31-B2F6-49CF-B3CF-8BEC86A6070F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Luftrausers\bin\Luftrausers.exe
FirewallRules: [{5EE34FDC-2A75-4D6D-AAF8-CCDAC1D9D192}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Luftrausers\bin\Luftrausers.exe
FirewallRules: [TCP Query User{0FA77C3A-FC21-4214-BC34-A8AFD63350BF}C:\program files (x86)\steam\steamapps\common\ether one\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ether one\binaries\win32\udk.exe
FirewallRules: [UDP Query User{EA438697-4F49-41BB-BAED-F99BE710698B}C:\program files (x86)\steam\steamapps\common\ether one\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ether one\binaries\win32\udk.exe
FirewallRules: [{8D195583-54D8-494B-A7AB-24E3478763E8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{DF97B177-119C-4CFD-8726-121D6D6E638D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{51CCABCD-C2A6-49F4-A109-5268535C6CAF}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{DE05A1B0-2194-4EDE-844D-A925173C96BF}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{25F910DE-1355-4502-913E-0D556A0C97A8}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{F78A5800-4620-4714-8FAF-1A3AB970D773}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{A589FC6D-E9F6-40CB-A73A-5404AFA81419}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{8C737BD0-0965-4186-86CF-E085E41E3734}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{2E75A3F4-1F2E-401E-8235-2F096D2A28D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{6985246C-2C98-4FA7-85AF-3D7583C3086A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{A2C27E92-789D-42E4-9ACB-1DE2A465561D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{FD922CDE-8198-475C-ABF1-55FA4DC6CDD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{9953C189-1547-4C1B-AF0B-9DC1370DD367}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{864C4B08-41A1-491A-BCFB-40D421B9A8FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [TCP Query User{EB3B2FC3-9E41-4563-8234-A4394047CA38}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{0943C9FB-2F21-4377-8157-F483A9F25F85}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{BA181C25-3406-4BA0-BA18-788016D57C2B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{5170EBDB-4626-42F4-BAC2-0D26E6070F1B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{8845AB39-3DFA-43F5-8408-7B6059B3A5DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{E89AADCE-6A41-42F3-BDE3-45F161CF4A3F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{C3EDABFB-A0BD-4CF6-A97A-DAF90DAD4346}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGVXAce\RPGVXAce.exe
FirewallRules: [{290B0F26-F1B4-45E6-936D-63921BE1CDAD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGVXAce\RPGVXAce.exe
FirewallRules: [{B2687B07-1A47-4A39-8F9B-E6E6956CF799}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sweet Lily Dreams\Game.exe
FirewallRules: [{A8067640-98F6-4B0D-92DE-98B3B01549B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sweet Lily Dreams\Game.exe
FirewallRules: [{E781B32D-A911-491A-AEBE-D181A9B29A81}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{DA26FA9F-52C2-4E0D-A53B-02076E446E29}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{62653D40-80C7-49A4-831D-700A7AC2E271}] => (Allow) C:\Program Files (x86)\Diablo III Public Test\Diablo III.exe
FirewallRules: [{96594A52-CC05-40FF-AC7D-8F1A70D143EB}] => (Allow) C:\Program Files (x86)\Diablo III Public Test\Diablo III.exe
FirewallRules: [{59CE5A30-8C80-4B7B-B3D6-C9FC6E815B33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ReignMaker\ReignMaker.exe
FirewallRules: [{9FEBBC90-6222-4ED6-A216-FE5E3FB1116A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ReignMaker\ReignMaker.exe
FirewallRules: [{DA56B2B2-FA51-4AC7-847F-2CDC90F1AE12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ParanauticalActivity\Paranautical Activity.exe
FirewallRules: [{9C42C76E-9656-4C6F-A828-C813F8FB17F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ParanauticalActivity\Paranautical Activity.exe
FirewallRules: [{B64B7BAD-685D-4375-A921-76D97D71C968}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stacking\Stack.exe
FirewallRules: [{94D38647-15F1-443D-A544-C75FE03278CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stacking\Stack.exe
FirewallRules: [{A4DBFC87-7626-488B-A614-BB3387D40763}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SolForge\SolForge.exe
FirewallRules: [{55B59663-76EE-4280-8DBF-3BFBB836F0B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SolForge\SolForge.exe
FirewallRules: [TCP Query User{E57F75DC-4E4E-4014-AE17-D7109922E75B}C:\users\mothmatt\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mothmatt\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{6F7D0926-4FED-4463-9615-66E9D8ED0F85}C:\users\mothmatt\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mothmatt\appdata\local\akamai\netsession_win.exe
FirewallRules: [{DF945359-026A-4F01-8B64-232F88C695A5}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
FirewallRules: [{2B287ECE-8346-4D17-8691-9E1DBEE3AA8B}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
FirewallRules: [{4852472F-4DCD-484B-896C-D9A00E14B119}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{5A9AE9B8-36B9-4D1D-AA6D-C3A640B9FF46}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A25D41A9-57D9-408C-B97D-EF1E55E80795}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3025CFF5-5590-475D-A92F-1CAA0C1FCF2A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{26046120-FD6C-4153-979A-AF486CD3B6BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{E67EC120-0FD4-4451-871E-853FB53DC0D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{EE80FE26-F63E-4473-9DB7-B51C12BC26D1}] => (Allow) %USERPROFILE%\Desktop\Wildstar.exe
FirewallRules: [{BC3DF632-3723-4D4B-BDC1-01067244C196}] => (Allow) %ProgramFiles% (x86)\NCSOFT\WildStar\Wildstar.exe
FirewallRules: [{6230F9B5-0C1D-4C8F-B95D-A90F06D61074}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{7E43A883-2743-4248-86BE-9E06918B1446}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [TCP Query User{12EA9668-292B-4665-9D50-9CE1771B68D5}C:\users\mothmatt\appdata\local\temp\gw2.exe] => (Allow) C:\users\mothmatt\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{F1133B7A-DDE1-48F4-B22E-54A0AB76FBC0}C:\users\mothmatt\appdata\local\temp\gw2.exe] => (Allow) C:\users\mothmatt\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{2F355DC0-A47A-4091-864C-4BBACAD8591E}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{E47C004C-3F17-4669-AA74-FE035B6E2673}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{F64C165C-2E78-4FF9-A137-094F909BCAAA}] => (Allow) %ProgramFiles% (x86)\Guild Wars 2\Gw2.exe
FirewallRules: [TCP Query User{B9E022CB-FFDD-496A-A939-2DAEA0DBFA1F}C:\users\mothmatt\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\mothmatt\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0511C995-5DB9-4DF0-BC19-AA36A240603A}C:\users\mothmatt\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\mothmatt\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4E88F652-39F7-4429-8EA1-F3336AF68328}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{52929D39-5302-4047-A1D1-CAFE9CF4BEB4}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{BA5A1B8F-4C33-47B1-9FBF-ECB396D53217}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5487C558-7021-435B-AADA-4C2D5301B1A0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EA0E91F3-3989-4795-AB48-E621F761A29C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{CD057A98-4F74-4493-ACEF-06DDE0A1CC11}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{C4472E19-ADF2-43D1-BA17-36B383CA5899}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Runers\Runers.exe
FirewallRules: [{6558092D-BBF4-4053-9400-47D5C83A2D31}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Runers\Runers.exe
FirewallRules: [{DAD33AF9-7E97-4EDB-BE1C-7BEFB37F9622}] => (Allow) %ProgramFiles% (x86)\Glyph\Games\ArcheAge\Beta\bin32\archeage.exe
FirewallRules: [{1CD9928D-1018-46DE-A505-FC1D1C6E9D60}] => (Allow) %ProgramFiles% (x86)\Glyph\GlyphClient.exe
FirewallRules: [TCP Query User{F9B3BC0B-5742-4072-BD0D-8966F3F18FF3}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{4580E7A2-D760-4B8E-B9E2-93645AE7B19E}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [{2FDD72EE-CE4A-4BBA-842A-2265E88CC638}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{0AE35A29-F347-4B52-8090-D03B262B6B94}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{25AC01CC-6E8D-4D90-BE59-A3471EFC5996}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{E1292886-E0E1-40C4-9CFA-165B260CB7B3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [TCP Query User{C9CA6AD9-3F79-4F86-8EB0-A697DEF329E0}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{F6CD2C17-2D4D-42A0-A2F2-6020D11156DB}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{9EE0D880-372B-4D8E-AD4F-7005E4AA9425}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{A9909FAB-E7E8-4BD1-B876-C56DA52C2D7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{1C18BA7C-13C2-43D3-9DD2-BD0BD4E3FA0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pox Nora\jre\bin\javaw.exe
FirewallRules: [{C401DD0F-D269-4197-9C2C-3021134905D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pox Nora\jre\bin\javaw.exe
FirewallRules: [{743F0202-094F-4122-A422-4ABB046B8E7B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{3C1E309B-1D0D-49A1-8AE4-EA98DA6AC349}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{93AE0833-2EF9-4D97-B2DB-E9016CA1CB29}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{03AC84CA-FDDC-4F3D-9C94-B95398D3EA65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{270B7E91-CE51-440C-A8E3-9C2D97527332}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sigils of Elohim\Sigils.exe
FirewallRules: [{D13EC611-316B-47D1-B768-0C1FE57826A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sigils of Elohim\Sigils.exe
FirewallRules: [{31AA9F3C-002F-4AA3-85A5-CC32529A8B3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HacknSlash\Hack.exe
FirewallRules: [{33EC5524-FC1A-4863-9A6F-351D806632A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HacknSlash\Hack.exe
FirewallRules: [{69DE8E8A-9F99-4F72-A9A0-652888859DF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Battlegrounds of Eldhelm\Eldhelm.exe
FirewallRules: [{58B696F1-17A9-4371-AA86-0E3EAA107A57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Battlegrounds of Eldhelm\Eldhelm.exe
FirewallRules: [{A8B522BB-B3B9-4CAF-9137-769EDD674DDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{3ABA7993-08EA-4E9B-BC87-A3BEDDCE836E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [TCP Query User{7F2ADEE5-903D-434F-84BD-EC1B0418AF1F}C:\monkeyx77a\bin\mserver_winnt.exe] => (Allow) C:\monkeyx77a\bin\mserver_winnt.exe
FirewallRules: [UDP Query User{FAB2948C-92B5-4E06-98F5-3C543B55247F}C:\monkeyx77a\bin\mserver_winnt.exe] => (Allow) C:\monkeyx77a\bin\mserver_winnt.exe
FirewallRules: [TCP Query User{AEE4C546-7E2B-4A78-8046-E37873FE3546}C:\program files (x86)\unity_4_3_3\editor\unity.exe] => (Allow) C:\program files (x86)\unity_4_3_3\editor\unity.exe
FirewallRules: [UDP Query User{48981018-88F8-440E-92A5-7F6E8FE0856B}C:\program files (x86)\unity_4_3_3\editor\unity.exe] => (Allow) C:\program files (x86)\unity_4_3_3\editor\unity.exe
FirewallRules: [TCP Query User{9E62C1B1-39FC-4825-89F7-7082DA58D2C8}C:\program files (x86)\unity_4_6_20\unity.exe] => (Allow) C:\program files (x86)\unity_4_6_20\unity.exe
FirewallRules: [UDP Query User{49C5FB97-908E-42E6-BF10-6E8EC3435D28}C:\program files (x86)\unity_4_6_20\unity.exe] => (Allow) C:\program files (x86)\unity_4_6_20\unity.exe
FirewallRules: [TCP Query User{00513A52-88EA-466A-B7A5-014C5124793F}C:\program files (x86)\unity_4_6_20\editor\unity.exe] => (Allow) C:\program files (x86)\unity_4_6_20\editor\unity.exe
FirewallRules: [UDP Query User{CA68DD9B-9F21-432A-A932-42963A1B4A31}C:\program files (x86)\unity_4_6_20\editor\unity.exe] => (Allow) C:\program files (x86)\unity_4_6_20\editor\unity.exe
FirewallRules: [{7E8EBF8D-E641-4FB0-B8B0-575365F8E505}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{9CD774A0-CF15-4652-9B8E-3E7E572201BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{84305455-C71A-4891-AE31-C1838711B0B3}C:\program files (x86)\unity_4_5_5\unity.exe] => (Allow) C:\program files (x86)\unity_4_5_5\unity.exe
FirewallRules: [UDP Query User{219427E3-1C76-4637-B96C-EB513DC8DB21}C:\program files (x86)\unity_4_5_5\unity.exe] => (Allow) C:\program files (x86)\unity_4_5_5\unity.exe
FirewallRules: [TCP Query User{F27B4111-6F87-4978-A39F-112F652906F3}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{6FDE8F26-71F9-4BA1-9A69-FB2E779DF678}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{6D8BE67F-7889-4EFF-B886-20C5B79AA4D5}C:\users\mothmatt\desktop\cubewarz.exe] => (Allow) C:\users\mothmatt\desktop\cubewarz.exe
FirewallRules: [UDP Query User{54AC5327-65B6-4256-A13A-A5FA9B663856}C:\users\mothmatt\desktop\cubewarz.exe] => (Allow) C:\users\mothmatt\desktop\cubewarz.exe
FirewallRules: [{07A1CFEA-196F-48B5-A08E-6662F0D694D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Blackguards\Blackguards.exe
FirewallRules: [{8035A996-0D20-4142-AD89-7294DE9EF41D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Blackguards\Blackguards.exe
FirewallRules: [TCP Query User{162D79AF-FB80-49A6-8847-BF67DAC851A9}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{C204C77B-601C-48A8-8446-2F441310AB3A}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [TCP Query User{79A53FAD-2C69-406C-8F6F-393601C11839}C:\program files\smartfoxserver_2x\sfs2x\sfs2x-standalone.exe] => (Allow) C:\program files\smartfoxserver_2x\sfs2x\sfs2x-standalone.exe
FirewallRules: [UDP Query User{F82F7016-0BC2-470A-8345-39F58DDBEB31}C:\program files\smartfoxserver_2x\sfs2x\sfs2x-standalone.exe] => (Allow) C:\program files\smartfoxserver_2x\sfs2x\sfs2x-standalone.exe
FirewallRules: [{8BDE3A2E-57DA-4B4E-9E42-E9A2BC7559E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FullMojoRampage\FullMojo.exe
FirewallRules: [{4F22A47F-BA10-4B30-8F87-163ED3E6DF90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FullMojoRampage\FullMojo.exe
FirewallRules: [{14EB04EC-7C1C-4228-BD15-239896AFC56F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KickBeat\KickBeat.exe
FirewallRules: [{F5B9C4D9-D2B1-467E-9085-2FAB1A550212}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KickBeat\KickBeat.exe
FirewallRules: [{44695FCC-0514-4B83-93F5-AA39AF05DB9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half Minute Hero\HMH.exe
FirewallRules: [{8A6093ED-B994-4B01-AA87-42712C0182DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half Minute Hero\HMH.exe
FirewallRules: [{14183A11-64B4-4F81-B775-A3F59CC2836F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CraftTheWorld\CraftWorld.exe
FirewallRules: [{0F7AD8EF-6834-448E-A1F8-C0AC7334096C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CraftTheWorld\CraftWorld.exe
FirewallRules: [{54F78B42-A98C-4CC4-A54D-64FAE94B3D42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Geometry Wars 3 - Dimensions\GW3.exe
FirewallRules: [{EC66BFF4-9730-4CE1-9BE8-3FA8205E6FBC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Geometry Wars 3 - Dimensions\GW3.exe
FirewallRules: [{5173CADA-D84B-4A80-A55C-1FE622B101E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{567C16BD-FD69-43CE-B535-89ACA5BC9110}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{BC27F590-8135-40EA-9420-7675B75E8AC9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{F145C70F-42AE-4341-8E71-49BD5AA50C27}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E536F23E-8739-453B-8EA3-09110AEDFB00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{34C65BBE-26A6-4828-B5BB-8C8B7E6D764B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{DBE403E2-849C-404F-B4E5-94757F991224}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{138A64AB-8646-4D3F-BE83-153C0F2E36E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe
 
FirewallRules: [{5E3F9186-7E2D-4479-8332-7E3B06C49301}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{65F86D15-25F2-4498-AA01-45F503C5E48F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{BA7F24BA-AC1B-4E84-B35E-E9F3F1D56958}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{F7BE6DCA-1D42-46DE-B94F-1CEC1DF2B8E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{59F1872D-15A3-4382-B75B-1ACD8BAA4284}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{8C6CC0AA-6D23-4734-9AF3-C130475CEC52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{84308FD5-7305-42F9-9C60-3CD1414A6093}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D8157F61-09EF-44F8-B16A-5A7851C78A93}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [TCP Query User{452C842E-F611-4978-980B-AAE0FE263B05}C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{29AF5515-70DE-4E97-B8C2-5393ACE7D321}C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{D8CC2A06-810F-4AB2-BCA8-01AD9CA44C08}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{3DB6E755-4ED6-4DF7-9E12-B6C097D7B020}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{3D703526-B5DF-4013-A3DA-8D2B2AEABFA5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{EE8E01E4-8B85-4F23-A42B-6E7545017584}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{A79ADC66-82E9-4F8F-B88F-8B082EB7564D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{84B82F3B-70A3-47EB-A15C-5268915433B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{D6420BA9-002B-4D18-AB2F-B5C64A4DD3F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{ABF37959-3305-4BD3-B7D1-B6F8DFF535E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{745C7ED2-5130-4196-A483-207EEFEAB750}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{298B84B7-1E34-4B04-85A7-1D66D8F693B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{2CC52960-42C9-4F27-9FF0-40FD81B73025}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AFCD49E8-57CA-4DD6-91F4-899302D76D28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{42171DAC-D6DA-4DFA-9528-D4B7D5F7793A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B74C058B-821A-47C2-B11E-2DB744702EFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C8704C5B-10A8-4D2A-952A-5C5DE2830D42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{24D75E0E-E7AB-4A3A-8D3C-091AF165E0A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{FDB2CDBD-A473-4D26-A0E5-96BBE0A15817}C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4B6349DF-C116-4FB3-8DCD-4892EB8BBC4F}C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [{F74646ED-AECB-437D-9235-3D320AD5FD58}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
FirewallRules: [{E7FA685B-3E3E-480B-AB43-FC49202F7E79}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
FirewallRules: [{312F3122-B29A-4A77-A81A-3AD2FDFE7F50}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
FirewallRules: [{FCA303C8-13AE-4C08-B008-85B595B98896}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
FirewallRules: [TCP Query User{193611A5-1892-4922-9535-7DB6C1C35141}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{D6C09A81-4C35-45D3-A81D-B3E00DFC7800}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{67A94A3B-058E-46A2-A922-C1BF1B2EA3FF}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{739D61EB-B411-4C01-8E62-37B8F2302CFD}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{70FE0EAB-107E-4BB7-8608-2D2287B2B34F}C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{11914916-395B-4EB8-8EF9-CD4A626C7185}C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe
FirewallRules: [{76FB5E40-1CED-466D-8199-AD17C990AC90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Defiance\Patcher.exe
FirewallRules: [{903CB0F3-F442-463C-814C-FA0520370764}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Defiance\Patcher.exe
FirewallRules: [TCP Query User{D0C6F9CD-6ED7-44E7-B618-44F3CA9C7EEC}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{C7BD9ECA-2DA3-49FB-BAF2-FA2B0457C81E}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [{AB612EE6-5183-47A7-AF1A-4FADBDAA087E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls Beta\SkullGirls.exe
FirewallRules: [{CEDF7DA0-4457-4BAA-B3B3-A7B969AABADE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls Beta\SkullGirls.exe
FirewallRules: [{A8DBBB93-CC6A-4908-8D5C-91679809D40F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{2C031141-6C01-40F3-9C55-717EDFBB167A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{44B6D045-04DE-4296-A445-AF60E6A66ECF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{3CA3A411-8D2A-4ECA-AAA1-ED0F9CD83A17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{F6695D52-A65B-4F81-A267-155BCC5ECC24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cloudbuilt\CommunityLevelEditor.exe
FirewallRules: [{6CC06FB9-443A-4D1B-91CA-39E6571EEDEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cloudbuilt\CommunityLevelEditor.exe
FirewallRules: [TCP Query User{417C0680-A16B-4C70-917A-2C124484C374}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{9FFF8EF7-E3A5-49AC-B8ED-3C04E2BCEE53}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A2A2FBA2-1B25-4741-8C51-160D2C4B33D4}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F0AAD94D-FB44-409E-96FC-A49B5068C5D0}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{E5E2D7C9-23E7-45E7-83CC-300D80189FE5}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{8BB6F948-BBDF-4BFC-99BE-1414FAE6EB09}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{FB751B95-84D8-4388-8CE4-AE67FAE6FBDE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4BF3B755-280F-4899-BBE9-7DE0F38577E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{935C3949-860A-4550-A88E-0BFE3EFB077A}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
FirewallRules: [{BD4C2EF5-CF90-495E-823C-73344309DF29}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
FirewallRules: [{68F84DEF-2654-492A-A926-AD74EC17D9EE}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
FirewallRules: [{A13F2F34-691F-45BD-B154-60CCC26C7E48}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
FirewallRules: [{AB12C1BE-2DE8-4C99-A03B-2C499B71ED32}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
FirewallRules: [{5D8B5A81-04E5-475F-9742-031C38473316}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
FirewallRules: [{5496E907-0DF8-4782-8CD3-30E8A4813BCE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{E5AC3417-53BC-488B-BABD-B7F8067B6FAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [TCP Query User{D306EB95-D538-43B1-8D3F-91259C4BC0F4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{AF62DA97-77EB-4ED8-8FB7-8798567EB5C8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{106F3ACE-86D3-4DE6-A8D2-18890D73D74F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{94F57A1D-359B-4115-A349-C1DADE73D3D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4BA31018-7D0B-4931-AC96-A082E7A4B96C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{12C7F19E-5D8B-4BB4-8366-04508BC99A05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{C7DAF526-DA38-441E-9DB2-14CE2073937C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Destination Sol\sol.exe
FirewallRules: [{87EA23FD-6828-4EAA-957C-BAF0C8F7A7F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Destination Sol\sol.exe
FirewallRules: [{9490197F-A34C-40DC-A758-B5F0E344BA4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TIS-100\tis100.exe
FirewallRules: [{E5A81309-200E-4DC7-BB4F-D46A83534686}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TIS-100\tis100.exe
FirewallRules: [{919B671F-8FEA-4581-8907-E3C9676E391D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\You Have to Win the Game\TheGame.exe
FirewallRules: [{F229110A-6826-4316-A2AB-4F48130D2375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\You Have to Win the Game\TheGame.exe
FirewallRules: [{6AC1E538-0FFF-483D-93D1-579AD2A3EB4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Swindle\TheSwindle.exe
FirewallRules: [{BE79A616-6C55-4541-9318-E6CA46051212}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Swindle\TheSwindle.exe
FirewallRules: [{3D57B33F-EA29-4A88-963F-469E92484C45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe
FirewallRules: [{6DF4CED1-B48F-4C48-A566-51DD52FCAB70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe
FirewallRules: [{86181252-CF4B-4683-828E-5DAD8FBE6741}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Runestone Keeper\RuneStoneKeeper.exe
FirewallRules: [{D2441216-CEA8-451E-8FF6-527554E83793}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Runestone Keeper\RuneStoneKeeper.exe
FirewallRules: [{B0D4B73C-FD0E-4929-AA7F-1232FE86A98B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8EB8D567-428C-4099-9155-C927060E815A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{278E0180-1F35-4A19-BF10-D69FE227B338}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{A7B5A59C-7EC7-4E79-9893-295A22252475}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A156671E-0F6B-4BC5-9E38-AD793301366B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DFDCFC33-FBC2-4A0F-81A6-97FAEC24C6B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Barony\barony.exe
FirewallRules: [{1BC0BD5C-69C9-49C8-B7BA-8A37F052990C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Barony\barony.exe
FirewallRules: [{46020157-4756-4C3D-A0B1-05410B82EF34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Barony\editor.exe
FirewallRules: [{3CD552D4-DEB2-4387-9BFE-7291AD7D6EF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Barony\editor.exe
FirewallRules: [{A522698D-BBB0-47DB-9F4D-3252E9C1D163}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SanctuaryRPG - Black Edition\SanctuaryRPG.exe
FirewallRules: [{72D2B65F-CFDE-43C8-B433-577DE7FBBFAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SanctuaryRPG - Black Edition\SanctuaryRPG.exe
FirewallRules: [{E150C465-D0C2-44ED-BED8-1EE78E526EB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unepic\unepic.exe
FirewallRules: [{574DFA4E-0461-4F75-8186-9737C49A7396}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unepic\unepic.exe
FirewallRules: [{A8F4F1CF-0EDD-430B-A652-60DC984B1367}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPG MO\nw.exe
FirewallRules: [{509D5888-842E-4CB7-AF8F-E3D07B135982}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPG MO\nw.exe
FirewallRules: [{79A096E5-F613-4FB3-B7F0-B1A3398158B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evoland 2\Evoland2.exe
FirewallRules: [{54CD1B64-B9A7-4E6E-9CDB-9A416A84C5A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evoland 2\Evoland2.exe
FirewallRules: [{725D65FD-F17B-409D-8BF0-29049429347C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{3A632FCC-28A0-4476-989E-0C0127CBCEC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{D3BA4FDC-73BA-4415-A2AC-B5A000B8DCA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{56E8C5A4-1FB0-4D31-B761-6709D1099B19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [TCP Query User{4AF27D24-8799-403A-8EE6-220AFB141AFB}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CB0CD166-E126-493C-AEE7-9FC04E4D4DDC}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [{8889F19F-ABD0-4C2A-A377-E0A5C089D970}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6D0BEDED-C53F-472F-8464-091F399F8384}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2624E4CC-D33D-4F4A-8750-69F61368186F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{CB4752F6-CFD1-4F77-95D2-93E4915A560A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [TCP Query User{4EAEBBA3-516D-4CF5-AC5F-3CA22FE891EE}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{15C39A36-3D7E-48CF-98CC-A70CD429602A}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{499E5DA1-2B4D-4427-BC52-1C7AC8B94E04}C:\users\mothmatt\desktop\x-plane10demoinstallerwindows\x-plane 10 demo\x-plane.exe] => (Allow) C:\users\mothmatt\desktop\x-plane10demoinstallerwindows\x-plane 10 demo\x-plane.exe
FirewallRules: [UDP Query User{598D9758-23F9-4E24-9D4D-C9B6C5790A00}C:\users\mothmatt\desktop\x-plane10demoinstallerwindows\x-plane 10 demo\x-plane.exe] => (Allow) C:\users\mothmatt\desktop\x-plane10demoinstallerwindows\x-plane 10 demo\x-plane.exe
FirewallRules: [{31EDD570-71C9-4DE7-BCFB-71E272D1248B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CookServeDelicious\CSDSteamBuild.exe
FirewallRules: [{5101B79D-897D-47F2-B866-483E731021C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CookServeDelicious\CSDSteamBuild.exe
FirewallRules: [{BD4FEAB6-6774-496D-BC17-530066C75D83}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{50201DF8-ECF2-4281-8105-39CF2C5A7023}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{3DE5E6F2-DCA3-45C1-A4E6-F68415040F3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [{F7034741-97FF-46AF-93BE-D6862CCFECA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [TCP Query User{5ED3693B-5180-402D-A987-EC9C019101B6}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C334C051-6272-4585-ACD9-EA2A12D9192B}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [{49791438-E6B4-4638-BD48-EE7765893425}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reverse Crawl\Reverse Crawl.exe
FirewallRules: [{587F4BE4-50FA-48F4-9875-02606A0DF9C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reverse Crawl\Reverse Crawl.exe
FirewallRules: [{3A9A972D-F83C-4D33-BE6D-78549820BDCE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Gun\FistfulofGun.exe
FirewallRules: [{557BC36C-0F7C-43EA-B9A5-FE6C4C417B7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Gun\FistfulofGun.exe
FirewallRules: [TCP Query User{0EA243CD-59A6-4133-AEE3-D96233B51E3D}C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe
FirewallRules: [UDP Query User{F9B599DC-19F2-4121-85AA-0369A57F03E5}C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe
FirewallRules: [{1389D94E-2AC7-4B8E-A241-8A87816C10C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thea The Awakening\Thea.exe
FirewallRules: [{420BDC09-B239-4B98-93B1-7A796E5C0581}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thea The Awakening\Thea.exe
FirewallRules: [{67DE18EA-FE4F-4599-912D-55FAD6F60F78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{A2AF4EE0-86B5-4FAD-B6AB-6383135A95BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{861BE458-A877-453A-A530-DEA25C659CBF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cryptark\Cryptark.exe
FirewallRules: [{75F8AC2A-ACE3-4213-8333-1BAFBE3A71C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cryptark\Cryptark.exe
FirewallRules: [{FEACF533-A553-433C-BBF6-232162660A94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe
FirewallRules: [{D6567A8E-9727-4080-8518-74B9136BFA39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe
FirewallRules: [{0D9C5871-68A4-40E8-AEA2-7CE02129ACBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hacknet\Hacknet.exe
FirewallRules: [{05C4BDD3-E9D6-440E-B6B1-1189FB0BFA47}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hacknet\Hacknet.exe
FirewallRules: [TCP Query User{D7A5FBE7-ED04-4B11-95B8-762139E66743}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B53988C6-3974-463F-BE96-AE0DE4F846D5}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{5F081BA8-7B99-4538-BFD9-F0C005557171}C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [UDP Query User{20F931FF-376D-4BD7-9859-025F7036D52C}C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [TCP Query User{E0DF7669-5311-4B40-B33F-B66A4B19E9BB}C:\program files (x86)\unity_4_6_20\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity_4_6_20\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{72DA161A-149F-4D4B-93F0-69E32FDDBA43}C:\program files (x86)\unity_4_6_20\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity_4_6_20\monodevelop\bin\monodevelop.exe
FirewallRules: [TCP Query User{A8474340-EC17-418A-A954-E5F7FA1FEAD0}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{0A4C4E96-6088-4095-B123-EB5FDC2C9F34}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{B437F668-BB43-432B-BEDB-51B11A82B6E4}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{4FFC5AA2-9986-4A53-A4CF-FE5463B2EF37}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{BEBDAADB-0FD2-4157-A3BE-C5F095D7A950}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{1A01FF3F-32C2-4D86-8401-4EBC772C34E5}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe
FirewallRules: [{71F396ED-F667-4E38-B741-E7838D0955FC}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{DB679119-553A-4C10-9E9D-FD39E771916E}] => (Allow) C:\PROGRA~1\Unity\Editor\Unity.exe
FirewallRules: [TCP Query User{C3A768F5-08B2-4E0B-A901-94789592D38C}C:\program files\unity 5.2.2\editor\unity.exe] => (Allow) C:\program files\unity 5.2.2\editor\unity.exe
FirewallRules: [UDP Query User{C321DE88-0AC3-40ED-AEE0-3C19238D6756}C:\program files\unity 5.2.2\editor\unity.exe] => (Allow) C:\program files\unity 5.2.2\editor\unity.exe
FirewallRules: [{4C6D326C-02C7-4991-A472-6887D7A78F58}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2015 03:21:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2015 07:06:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2015 02:05:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/11/2015 12:22:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56259295
Exception code: 0xc0000005
Fault offset: 0x000000000005afe2
Faulting process id: 0x578
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3

Error: (11/11/2015 12:16:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/11/2015 11:10:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/11/2015 12:32:21 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile Microsoft.VisualStudio.QualityTools.UnitTestFramework, Version=10.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a because of the following error: The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040).

Error: (11/11/2015 12:29:53 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe . Error code = 0x80131f07

Error: (11/11/2015 12:29:53 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe . Error code = 0x80131f07

Error: (11/11/2015 12:29:53 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe . Error code = 0x80131f07


System errors:
=============
Error: (11/12/2015 11:26:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (11/12/2015 09:26:59 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (11/12/2015 09:27:00 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%886

Error Code: 0x80070005

Error description: Access is denied.

Reason: %%858

Error: (11/12/2015 09:20:59 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (11/12/2015 09:20:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (11/12/2015 09:15:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (11/12/2015 09:05:22 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (11/12/2015 05:45:24 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:49168

Error: (11/12/2015 05:45:24 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:49167

Error: (11/12/2015 05:45:24 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:49166


CodeIntegrity:
===================================
Date: 2015-11-12 21:20:10.475
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-12 21:20:10.426
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X6 1075T Processor
Percentage of memory in use: 29%
Total physical RAM: 8183.89 MB
Available physical RAM: 5785.23 MB
Total Virtual: 16366 MB
Available Virtual: 13276.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:174.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BED7349C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    4 KB · Views: 1
Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by MothMatt (2015-11-14 00:40:22) Run:1
Running from C:\Users\MothMatt\Desktop
Loaded Profiles: MothMatt (Available Profiles: MothMatt)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1913142570-876064918-947292865-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.650.20) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 7 U65) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Google Update) - C:\Users\MothMatt\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
U3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
2013-11-23 18:59 - 2013-12-02 14:47 - 0000132 _____ () C:\Users\MothMatt\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-09-11 21:29 - 2014-09-11 21:51 - 1065984 _____ () C:\Users\MothMatt\AppData\Local\file__0.localstorage
2015-10-30 07:21 - 2015-10-30 07:21 - 0002084 _____ () C:\Users\MothMatt\AppData\Local\recently-used.xbel
2014-09-07 17:21 - 2015-11-11 11:55 - 0007622 _____ () C:\Users\MothMatt\AppData\Local\Resmon.ResmonCfg
2015-09-11 01:19 - 2015-09-11 01:19 - 0000028 _____ () C:\Users\MothMatt\AppData\Local\X-Plane Installer.prf
2015-09-11 01:19 - 2015-09-11 01:23 - 0000015 _____ () C:\Users\MothMatt\AppData\Local\X-Plane_drm.prf
2015-09-11 00:58 - 2015-09-11 00:58 - 0000074 _____ () C:\Users\MothMatt\AppData\Local\x-plane_install_10.txt
2013-11-01 00:59 - 2013-11-01 01:07 - 0000819 _____ () C:\ProgramData\hpzinstall.log
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\MothMatt\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
AlternateDataStreams: C:\Users\MothMatt\AppData\Local\fsMjKdl9U0Kd:mRETKvVCxyMXETGrQZXog5DT6uhi
AlternateDataStreams: C:\Users\MothMatt\AppData\Local\Temp:1NfDTzrWZvOJISHgQGaMV
AlternateDataStreams: C:\Users\MothMatt\AppData\Local\Temp:art2U3J1a5v5HYVBi9cIA8W


*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-1913142570-876064918-947292865-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => not found.
C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => not found.
C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => not found.
C:\Users\MothMatt\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => not found.
c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => not found.
AODDriver4.2.0 => service removed successfully
catchme => service removed successfully
EagleX64 => service removed successfully
C:\Users\MothMatt\AppData\Roaming\Adobe PNG Format CS6 Prefs => moved successfully
C:\Users\MothMatt\AppData\Local\file__0.localstorage => moved successfully
C:\Users\MothMatt\AppData\Local\recently-used.xbel => moved successfully
C:\Users\MothMatt\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\Users\MothMatt\AppData\Local\X-Plane Installer.prf => moved successfully
C:\Users\MothMatt\AppData\Local\X-Plane_drm.prf => moved successfully
C:\Users\MothMatt\AppData\Local\x-plane_install_10.txt => moved successfully
C:\ProgramData\hpzinstall.log => moved successfully
"HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully
"HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => key removed successfully
"HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully
"HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}" => key removed successfully
"HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}" => key removed successfully
"HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully
"HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully
"HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully
"HKU\S-1-5-21-1913142570-876064918-947292865-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully
C:\Users\MothMatt\AppData\Local\fsMjKdl9U0Kd => ":mRETKvVCxyMXETGrQZXog5DT6uhi" ADS removed successfully.
C:\Users\MothMatt\AppData\Local\Temp => ":1NfDTzrWZvOJISHgQGaMV" ADS removed successfully.
C:\Users\MothMatt\AppData\Local\Temp => ":art2U3J1a5v5HYVBi9cIA8W" ADS removed successfully.

==== End of Fixlog 00:40:23 ====
 
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
MSE got disabled during Sophos scan. I re-enabled and it got turned off again some time later. It didn't find any threats.


Results of screen317's Security Check version 1.009
Windows 7 Service Pack 1 x64 (UAC is enabled)
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Microsoft VisualStudio JavaScript Project System
Java 8 Update 65
Microsoft VisualStudio JavaScript Language Service
Java version 32-bit out of Date!
Adobe Flash Player 19.0.0.245
Mozilla Firefox (40.0.3)
Google Chrome (46.0.2490.80)
Google Chrome (46.0.2490.86)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 6%
````````````````````End of Log``````````````````````





Farbar Service Scanner Version: 26-07-2015
Ran by MothMatt (administrator) on 14-11-2015 at 23:38:23
Running from "C:\Users\MothMatt\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
 
Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
51a5ce45263de-delfix.png
DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings
Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.
 
Thanks for all the help! After I installed Secunia and ran it, MSE turned off during the "Scanning for outdated programs..." step. Is this anything I should be worried about?
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
786
uber_beetle
uber_beetle
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back