Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Overheating, bluescreen when gaming, general struggling.


  • Please log in to reply

#1
boosra123

boosra123

    Member

  • Member
  • PipPip
  • 17 posts

Hi!

 

Recently my computer has been struggling. Overheating, crashing from games, and high memory usage.

 

My first thought was to update everything that could be updated, and it did help a little. But not much.

Avira scans found nothing wrong.

 

*EDIT* The high RAM usage seems to be mostly caused by an "svchost.exe" process. Click on it, and then "services" shows me the following highlighted: wudfsvc, wpdbusenum, wlansvc, uxsms, trkwks, sysmain, pasvc, netman, HomeGroupListener, AudioEndpointBuilder. On other occasions simply wudfsvc.

 

It feels like processing are running that shouldn't be, at the very least. Here is the Farbar scan:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
Ran by Aodh (administrator) on VANDENNIS (18-12-2015 22:43:25)
Running from C:\Users\Aodh\Desktop
Loaded Profiles: Aodh (Available Profiles: Aodh & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files\Rainmeter\Rainmeter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-25] (CyberLink)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FontExpertType1Loader] => C:\Program Files (x86)\FontExpert\Type1Loader.exe [176472 2013-12-07] (Proxima Software)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM\...\RunOnce: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-25] (CyberLink)
HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-11-15] (Google Inc.)
HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Run: [RocketDock] => "C:\Program Files (x86)\RocketDock\RocketDock.exe"
HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-18\...\RunOnce: [Adobe Speed Launcher] => 1421233140
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
Startup: C:\Users\Aodh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2012-10-11]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 89.101.160.4 89.101.160.5
Tcpip\..\Interfaces\{1200D11D-FA00-44F9-BE95-1BF725753475}: [DhcpNameServer] 89.101.160.4 89.101.160.5
Tcpip\..\Interfaces\{77FC1C4C-FFBD-4CD5-A278-8E060C677A59}: [NameServer] 89.101.160.4,89.101.160.5
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-418917625-158424403-2452974618-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
HKU\S-1-5-21-418917625-158424403-2452974618-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-418917625-158424403-2452974618-1001 -> DefaultScope {020A5F22-EF90-498D-8150-0AF0CAB38710} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-16] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Search Results Toolbar -> {94366e2c-9923-431c-b0d6-747447dd0f2b} -> C:\Program Files (x86)\searchresults1\searchresultsDx.dll [2012-03-22] (Ask.com)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-16] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - Search Results Toolbar - {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files (x86)\searchresults1\searchresultsDx.dll [2012-03-22] (Ask.com)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-418917625-158424403-2452974618-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
 
FireFox:
========
FF ProfilePath: C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-04-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-10-24] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-04-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-418917625-158424403-2452974618-1001: @acestream.net/acestreamplugin,version=3.1.1 -> C:\Users\Aodh\AppData\Roaming\ACEStream\player\npace_plugin.dll [2015-08-06] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-418917625-158424403-2452974618-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Aodh\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-05-19] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\user.js [2014-07-02]
FF Extension: Firefogg - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\extensions\[email protected] [2015-12-02] [not signed]
FF Extension: Flashblock - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-12-02]
FF Extension: NoScript - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-12-02]
FF Extension: BetterPrivacy - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-12-13]
FF Extension: Avira Browser Safety - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\[email protected] [2015-12-01] [not signed]
FF Extension: Ant Video Downloader - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\[email protected] [2015-12-01]
FF Extension: Ghostery - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\[email protected] [2015-12-01]
FF Extension: TinEye Reverse Image Search - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\[email protected] [2015-09-13]
FF Extension: Lightshot (screenshot tool) - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2015-06-12]
FF Extension: Table2Clipboard - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{9ab67d74-ec41-4cb2-b417-df5d93ba1beb}.xpi [2015-06-12]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-12-01]
FF Extension: Video DownloadHelper - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-12-01]
FF Extension: Flash and Video Download - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-12-01] [not signed]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-12-01] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]rsky.ru => not found
FF HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\Aodh\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension.xpi
FF Extension: Ace Stream Web Extension - C:\Users\Aodh\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension.xpi [2015-11-10] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
CHR StartupUrls: Default -> "hxxps://www.google.ie/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Aodh\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll => No File
CHR Profile: C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-04]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-12-17]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-12-30]
CHR Extension: (Skype) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-18]
CHR Extension: (Ace Stream Web Extension) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2015-12-06]
CHR Extension: (Ghostery) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-11-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-418917625-158424403-2452974618-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-06-25] (Adobe Systems) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-02-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2012-09-24] (Broadcom Corporation.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-11-24] (NVIDIA Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-18 22:43 - 2015-12-18 22:43 - 00028519 _____ C:\Users\Aodh\Desktop\FRST.txt
2015-12-18 22:43 - 2015-12-18 22:43 - 00000000 ____D C:\FRST
2015-12-18 22:42 - 2015-12-18 22:42 - 02370048 _____ (Farbar) C:\Users\Aodh\Desktop\FRST64.exe
2015-12-18 22:02 - 2015-12-18 22:02 - 00007601 _____ C:\Users\Aodh\AppData\Local\Resmon.ResmonCfg
2015-12-18 20:37 - 2015-12-18 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-18 20:37 - 2015-12-09 01:51 - 01846016 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-12-18 20:37 - 2015-12-09 01:51 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-12-18 20:37 - 2015-12-09 01:51 - 01530240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-12-18 20:37 - 2015-12-09 01:51 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-12-18 20:37 - 2015-12-09 01:51 - 00111520 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2015-12-18 20:36 - 2015-11-24 18:29 - 00102704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-12-18 20:34 - 2015-11-24 23:10 - 42913912 _____ C:\Windows\system32\nvcompiler.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 22310008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 18363696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 16553568 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 15717672 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 14835872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 13527248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 12034248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 11131184 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-12-18 20:34 - 2015-11-24 23:10 - 03579696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 03159248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 02870392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 02490488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435906.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435906.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00877360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00689272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-12-18 20:34 - 2015-11-24 23:10 - 00177600 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00151184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00072504 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-12-18 20:34 - 2015-11-24 23:10 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-12-18 20:25 - 2015-12-18 20:35 - 00000000 ____D C:\Windows\LastGood
2015-12-18 20:25 - 2015-12-18 20:28 - 316046904 _____ (NVIDIA Corporation) C:\Users\Aodh\Downloads\359.06-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-12-18 20:09 - 2015-12-18 20:09 - 00012388 _____ C:\Users\Aodh\Documents\Bluescreen info.odt
2015-12-18 20:05 - 2015-12-18 20:05 - 00803416 _____ C:\Windows\Minidump\121815-16161-01.dmp
2015-12-18 19:21 - 2015-12-18 20:05 - 736600666 _____ C:\Windows\MEMORY.DMP
2015-12-18 19:21 - 2015-12-18 19:22 - 01006344 _____ C:\Windows\Minidump\121815-21902-01.dmp
2015-12-18 16:13 - 2015-12-18 16:13 - 00000000 ____D C:\Users\Aodh\Downloads\Bolivian Baroque Vol 3 - Ensemble Florilegium
2015-12-18 16:04 - 2015-12-18 16:05 - 146040880 _____ C:\Users\Aodh\Downloads\Bolivian Baroque Vol 3 - Ensemble Florilegium.rar
2015-12-18 16:03 - 2015-12-18 16:03 - 00000000 ____D C:\Users\Aodh\Downloads\Bolivian Baroque Vol 2 - Ensemble Florilegium
2015-12-18 15:58 - 2015-12-18 16:00 - 166368351 _____ C:\Users\Aodh\Downloads\Bolivian Baroque Vol 2 - Ensemble Florilegium.rar
2015-12-18 15:58 - 2015-12-18 15:58 - 00000000 ____D C:\Users\Aodh\Downloads\Bolivian Baroque Vol 1 - Ensemble Florilegium
2015-12-18 15:55 - 2015-12-18 15:57 - 208335153 _____ C:\Users\Aodh\Downloads\Bolivian Baroque Vol 1 - Ensemble Florilegium.rar
2015-12-18 15:40 - 2015-12-18 15:40 - 00042690 _____ C:\Users\Aodh\Downloads\p.txt
2015-12-18 15:40 - 2015-12-18 15:40 - 00042690 _____ C:\Users\Aodh\Downloads\p (3).txt
2015-12-18 15:40 - 2015-12-18 15:40 - 00042690 _____ C:\Users\Aodh\Downloads\p (2).txt
2015-12-18 15:40 - 2015-12-18 15:40 - 00042690 _____ C:\Users\Aodh\Downloads\p (1).txt
2015-12-17 16:58 - 2015-12-17 16:58 - 00157652 _____ C:\Users\Aodh\Downloads\2015_FIA_Appendix_J_-_Art_255_A_WRC.pdf
2015-12-17 16:54 - 2015-12-17 16:54 - 01984707 _____ C:\Users\Aodh\Downloads\2016_wrc_sporting_regulations_all.pdf
2015-12-16 21:29 - 2015-12-16 21:29 - 00007476 _____ C:\Users\Aodh\Downloads\hitoutput.txt
2015-12-16 20:15 - 2015-12-16 20:15 - 00018143 _____ C:\Users\Aodh\Downloads\[kat.cr]up.2009.1080p.brrip.x264.yify.torrent
2015-12-16 19:59 - 2015-12-16 19:59 - 00584288 _____ (Oracle Corporation) C:\Users\Aodh\Downloads\jxpiinstall(4).exe
2015-12-16 19:57 - 2015-12-16 19:57 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-12-16 19:57 - 2015-12-16 19:57 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-16 19:56 - 2015-11-23 12:37 - 00110176 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2015-12-16 19:55 - 2015-12-16 19:55 - 00584288 _____ (Oracle Corporation) C:\Users\Aodh\Downloads\chromeinstall-8u66.exe
2015-12-16 14:14 - 2015-12-16 14:14 - 00528665 _____ C:\Users\Aodh\Downloads\A_Busy_Copyist_and_a_Shy_Composer_Two_Si.pdf
2015-12-16 13:59 - 2015-12-16 13:59 - 00000000 ____D C:\Users\Aodh\Downloads\Francesco Barsanti - 6 Concerti Grossi Opera Sesta·(Il Piacere)
2015-12-16 13:57 - 2015-12-16 13:59 - 179431265 _____ C:\Users\Aodh\Downloads\Francesco Barsanti - 6 Concerti Grossi Opera Sesta·(Il Piacere).rar
2015-12-16 00:36 - 2015-12-16 00:36 - 00020785 _____ C:\Users\Aodh\Downloads\[kat.cr]dangerous.liaisons.1988.720p.x264.jalucian.torrent
2015-12-14 21:21 - 2015-12-14 21:22 - 76941789 _____ C:\Users\Aodh\Downloads\Follow_the_Darkness.zip
2015-12-14 20:43 - 2015-12-14 20:43 - 00094881 _____ C:\Users\Aodh\Downloads\[kat.cr]fargo.s02e08.1080p.web.dl.dd5.1.h264.rarbg.torrent
2015-12-14 20:42 - 2015-12-14 20:42 - 00150280 _____ C:\Users\Aodh\Downloads\[kat.cr]fargo.s02e09.1080p.web.dl.dd5.1.h264.rarbg.torrent
2015-12-13 19:55 - 2015-12-13 19:55 - 00058719 _____ C:\Users\Aodh\Downloads\[kat.cr]inside.out.2015.1080p.bluray.x264.dts.hd.ma.7.1.rarbg.torrent
2015-12-13 19:52 - 2015-12-13 19:52 - 00056003 _____ C:\Users\Aodh\Downloads\[kat.cr]toy.story.that.time.forgot.2014.1080p.bluray.remux.avc.dts.hd.ma.7.1.rarbg.torrent
2015-12-13 19:52 - 2015-12-13 19:52 - 00056003 _____ C:\Users\Aodh\Downloads\[kat.cr]toy.story.that.time.forgot.2014.1080p.bluray.remux.avc.dts.hd.ma.7.1.rarbg (1).torrent
2015-12-11 15:26 - 2015-12-11 15:26 - 00002054 _____ C:\Users\Aodh\Downloads\lit3591 (1)
2015-12-11 15:25 - 2015-12-11 15:25 - 00002054 _____ C:\Users\Aodh\Downloads\lit3591
2015-12-11 01:02 - 2015-12-11 01:02 - 00002019 _____ C:\Users\Aodh\Downloads\190007007
2015-12-10 17:44 - 2015-12-10 17:44 - 00014607 _____ C:\Users\Aodh\Documents\Jacchini Period Instruments.odt
2015-12-10 01:25 - 2015-12-10 01:57 - 00010267 _____ C:\Users\Aodh\Documents\George Maniakes Sources.odt
2015-12-09 19:13 - 2015-12-09 19:13 - 00000000 ____D C:\Users\Aodh\Downloads\Albinoni - Homage to a Spanish Grandee
2015-12-09 19:00 - 2015-12-09 19:00 - 07152429 _____ C:\Users\Aodh\Downloads\Albinoni - Homage to a Spanish Grandee.pdf
2015-12-09 18:59 - 2015-12-09 19:12 - 1401568551 _____ C:\Users\Aodh\Downloads\Albinoni - Homage to a Spanish Grandee.zip
2015-12-09 18:50 - 2015-12-09 18:50 - 00000000 ____D C:\Users\Aodh\Downloads\Albinoni - Concerti a Cinque, Op. 10
2015-12-09 18:44 - 2015-12-09 18:50 - 474380540 _____ C:\Users\Aodh\Downloads\Albinoni - Concerti a Cinque, Op. 10.zip
2015-12-09 16:21 - 2015-12-09 16:21 - 00019719 _____ C:\Users\Aodh\Downloads\[kat.cr]albinoni.galuppi.platti.vivaldi.settecento.veneziano.ottavio.dantone.accademia.bizantina.1999.flac.torrent
2015-12-09 16:19 - 2015-12-09 16:19 - 00109372 _____ C:\Users\Aodh\Downloads\[kat.cr]albinoni.tomaso.1671.1751.italy (1).torrent
2015-12-09 16:18 - 2015-12-09 16:18 - 00109372 _____ C:\Users\Aodh\Downloads\[kat.cr]albinoni.tomaso.1671.1751.italy.torrent
2015-12-09 12:30 - 2015-11-05 19:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 12:30 - 2015-11-05 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 12:29 - 2015-11-20 18:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 12:29 - 2015-11-20 18:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 12:29 - 2015-11-20 18:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 12:29 - 2015-11-20 18:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 12:29 - 2015-11-20 18:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 12:29 - 2015-11-20 18:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 12:29 - 2015-11-20 18:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 12:29 - 2015-11-11 21:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 12:29 - 2015-11-11 20:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 12:29 - 2015-11-11 18:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 12:29 - 2015-11-11 18:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 12:29 - 2015-11-11 18:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 12:29 - 2015-11-11 18:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 12:29 - 2015-11-11 16:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 12:29 - 2015-11-11 16:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 12:29 - 2015-11-11 15:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 12:29 - 2015-11-11 15:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 12:29 - 2015-11-11 15:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 12:29 - 2015-11-11 15:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 12:29 - 2015-11-11 14:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 12:29 - 2015-11-10 18:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 12:29 - 2015-11-10 18:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 12:29 - 2015-11-10 18:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 12:29 - 2015-11-10 18:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 12:29 - 2015-11-10 18:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 12:29 - 2015-11-10 17:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 12:29 - 2015-11-10 00:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 12:29 - 2015-11-10 00:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 12:29 - 2015-11-10 00:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 12:29 - 2015-11-10 00:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 12:29 - 2015-11-10 00:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 12:29 - 2015-11-10 00:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 12:29 - 2015-11-10 00:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 12:29 - 2015-11-10 00:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 12:29 - 2015-11-10 00:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 12:29 - 2015-11-10 00:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 12:29 - 2015-11-10 00:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 12:29 - 2015-11-10 00:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 12:29 - 2015-11-10 00:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 12:29 - 2015-11-09 23:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 12:29 - 2015-11-09 23:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 12:29 - 2015-11-09 23:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 12:29 - 2015-11-09 23:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 12:29 - 2015-11-09 23:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 12:29 - 2015-11-09 23:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 12:29 - 2015-11-09 23:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 12:29 - 2015-11-09 23:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 12:29 - 2015-11-09 23:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 12:29 - 2015-11-09 23:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 12:29 - 2015-11-09 23:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 12:29 - 2015-11-08 22:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 12:29 - 2015-11-08 22:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 12:29 - 2015-11-08 22:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 12:29 - 2015-11-08 22:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 12:29 - 2015-11-08 22:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 12:29 - 2015-11-08 22:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 12:29 - 2015-11-08 22:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 12:29 - 2015-11-08 22:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 12:29 - 2015-11-08 22:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 12:29 - 2015-11-08 22:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 12:29 - 2015-11-08 22:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 12:29 - 2015-11-08 22:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 12:29 - 2015-11-08 22:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 12:29 - 2015-11-08 22:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 12:29 - 2015-11-08 22:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 12:29 - 2015-11-08 22:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 12:29 - 2015-11-08 21:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 12:29 - 2015-11-08 21:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 12:29 - 2015-11-08 21:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 12:29 - 2015-11-08 21:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 12:29 - 2015-11-08 21:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 12:29 - 2015-11-08 21:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 12:29 - 2015-11-08 21:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 12:29 - 2015-11-08 21:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 12:29 - 2015-11-08 21:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 12:29 - 2015-11-08 21:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 12:29 - 2015-11-08 21:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 12:29 - 2015-11-08 21:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 12:29 - 2015-11-08 20:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 12:29 - 2015-11-08 20:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 12:29 - 2015-11-08 20:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 12:29 - 2015-11-05 19:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 12:29 - 2015-11-05 19:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 12:29 - 2015-11-05 09:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 12:29 - 2015-11-03 19:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 12:29 - 2015-11-03 19:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 12:29 - 2015-11-03 18:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 12:29 - 2015-11-03 18:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-09 12:29 - 2015-10-08 23:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-09 12:29 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 12:29 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 12:29 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 12:29 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 12:29 - 2015-10-08 23:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 12:29 - 2015-10-08 23:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 12:29 - 2015-10-08 23:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 12:29 - 2015-10-08 19:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 12:29 - 2015-10-08 18:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-09 11:26 - 2015-12-12 12:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-09 11:26 - 2015-12-09 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-09 11:26 - 2015-12-09 11:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-09 11:26 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-09 11:26 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-09 11:26 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-09 11:25 - 2015-12-09 11:25 - 22908888 _____ (Malwarebytes ) C:\Users\Aodh\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-08 18:20 - 2015-12-08 18:20 - 01437557 _____ C:\Users\Aodh\Downloads\Nella_fucina_di_Polifemo_Nicola_Porpora.pdf
2015-12-08 18:20 - 2015-12-08 18:20 - 01437557 _____ C:\Users\Aodh\Downloads\Nella_fucina_di_Polifemo_Nicola_Porpora (1).pdf
2015-12-07 18:59 - 2015-12-07 18:59 - 00001248 _____ C:\Windows\system32\13 Julia Lezhneva, Dmitry Sinkovsky, Marco Bianchi, Thomas Meraner, Il Giardino Armonico, Giovanni Antonini - Handel Il Trionfo del Tiempo e del Disinganno, HWV 46a - Oratorio - Come nembo che fugge c.lnk
2015-12-07 18:48 - 2015-12-07 18:48 - 00000000 ____D C:\Users\Aodh\Downloads\mkjp9.FLAC
2015-12-07 16:44 - 2015-12-07 18:39 - 352219788 _____ C:\Users\Aodh\Downloads\mkjp9.FLAC.rar
2015-12-05 15:16 - 2015-12-05 16:53 - 00000000 ___HD C:\_acestream_cache_
2015-12-05 15:13 - 2015-12-14 20:44 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\.ACEStream
2015-12-05 15:12 - 2015-12-05 15:12 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
2015-12-05 15:12 - 2015-12-05 15:12 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\ACEStream
2015-12-05 15:12 - 2015-12-05 15:12 - 00000000 ____D C:\Users\Aodh\AppData\LocalLow\.ACEStream
2015-12-05 15:09 - 2015-12-05 15:11 - 79479872 _____ C:\Users\Aodh\Downloads\Ace_Stream_Media_3.1.1.exe
2015-12-04 21:44 - 2015-12-04 21:46 - 00000000 ____D C:\Users\Aodh\Downloads\009Locatelli4
2015-12-04 14:08 - 2015-12-04 21:43 - 559312829 _____ C:\Users\Aodh\Downloads\009Locatelli4.rar
2015-12-04 13:50 - 2015-12-04 13:51 - 00016169 _____ C:\Users\Aodh\Downloads\[torrentlee.com]VA+-+Capella+Edition+-+Italian+Masters+-+_Capriccio,+1992_.torrent
2015-12-03 02:10 - 2015-12-03 02:22 - 00000015 _____ C:\Users\Aodh\Downloads\Headset Microphone (Bluetooth H_a.xml
2015-12-03 02:01 - 2015-12-03 02:02 - 00006298 _____ C:\Users\Aodh\Documents\Vatanencomparison video.wlmp
2015-12-03 01:23 - 2015-12-03 01:23 - 00000000 ____D C:\Users\Aodh\AppData\Local\Wondershare
2015-12-03 01:23 - 2015-12-03 01:23 - 00000000 ____D C:\ProgramData\Wondershare
2015-12-03 01:22 - 2015-12-03 02:23 - 00000000 ____D C:\Users\Aodh\Documents\Wondershare Video Editor
2015-12-03 01:22 - 2015-12-03 01:22 - 00001199 _____ C:\Users\Public\Desktop\Wondershare Video Editor.lnk
2015-12-03 01:22 - 2015-12-03 01:22 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2015-12-03 01:22 - 2015-12-03 01:22 - 00000000 ____D C:\ProgramData\Wondershare Video Editor
2015-12-03 01:22 - 2015-12-03 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2015-12-03 01:22 - 2015-12-03 01:22 - 00000000 ____D C:\Program Files (x86)\Wondershare
2015-12-03 01:22 - 2015-02-27 11:33 - 02140712 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpgvout.004
2015-12-03 01:22 - 2015-02-27 11:33 - 00531496 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpeg2mux.ax
2015-12-03 01:22 - 2015-02-27 11:33 - 00375848 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcm2ve.ax
2015-12-03 01:22 - 2015-02-27 11:33 - 00257064 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcl2ae.ax
2015-12-03 01:22 - 2015-02-27 11:33 - 00244776 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpgaout.dll
2015-12-03 01:22 - 2015-02-27 11:33 - 00020520 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpgvout.dll
2015-12-03 01:21 - 2015-12-03 01:21 - 00938568 _____ C:\Users\Aodh\Downloads\video-editor_setup_full1107.exe
2015-12-03 01:03 - 2015-12-03 01:03 - 00000000 ____D C:\Users\Aodh\AppData\Local\womble
2015-12-03 01:03 - 2015-12-03 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPEG Video Wizard DVD 5.0
2015-12-03 01:03 - 2015-12-03 01:03 - 00000000 ____D C:\Program Files (x86)\Womble Multimedia
2015-12-03 01:02 - 2015-12-03 01:03 - 14556135 _____ (Womble Multimedia, Inc. ) C:\Users\Aodh\Downloads\womble_dvd5.exe
2015-12-02 13:47 - 2015-12-02 13:47 - 00021674 _____ C:\Users\Aodh\Downloads\[kat.cr]evaristo.felice.dall.abaco.op.2.5.6.torrent
2015-12-02 01:27 - 2015-12-02 01:27 - 04944187 _____ C:\Users\Aodh\Downloads\Nicolas Matteis 2.pdf
2015-12-02 01:26 - 2015-12-02 01:26 - 06134447 _____ C:\Users\Aodh\Downloads\Nicolas Matteis 3.pdf
2015-12-02 01:22 - 2015-12-02 01:22 - 43733384 _____ C:\Users\Aodh\Downloads\Nicola Matteis works.pdf
2015-12-01 13:14 - 2015-12-02 19:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-01 12:52 - 2015-12-01 12:52 - 00000000 ____D C:\Windows\en
2015-12-01 12:51 - 2015-12-01 12:51 - 00001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-12-01 12:46 - 2015-12-01 12:46 - 03446362 _____ ( ) C:\Users\Aodh\Downloads\ShaderTFX64beta.exe
2015-12-01 12:46 - 2015-12-01 12:46 - 00000000 ____D C:\Program Files\RehanFX
2015-12-01 12:30 - 2015-12-01 12:30 - 00039777 _____ C:\Users\Aodh\Downloads\rehansplit (1).exe
2015-12-01 12:29 - 2015-12-01 12:34 - 00000000 ____D C:\Users\Aodh\Downloads\Split
2015-12-01 12:29 - 2015-12-01 12:29 - 00039777 _____ C:\Users\Aodh\Downloads\rehansplit.exe
2015-12-01 12:29 - 2015-12-01 12:29 - 00000000 ____D C:\Program Files\Movie Maker
2015-12-01 12:06 - 2015-12-01 12:06 - 125080180 _____ C:\Users\Aodh\Downloads\Manx National Rally 2013-Steve Simpson_Patrick Walsh-Subaru Impreza WRC S12-SS11-Tholt Y Will.mp4
2015-12-01 12:04 - 2015-12-01 12:04 - 27458981 _____ C:\Users\Aodh\Downloads\Ari Vatanen - In Car Manx 1983 - SS4.mp4
2015-11-30 18:22 - 2015-11-30 18:22 - 00019990 _____ C:\Users\Aodh\Downloads\Albertini_Ignazio_(Albertino)_(c_1644_22_September_1685)_Sonates_pour_violon_flac(not_my_rip)-((demonoid.pw)).TORRENT
2015-11-30 01:14 - 2015-11-30 01:14 - 00001761 _____ C:\Users\Aodh\.recently-used.xbel
2015-11-29 23:19 - 2015-11-29 23:19 - 00445543 _____ C:\Users\Aodh\Downloads\Philip_Gavitt_Gender_Honor_and_Charity_i.pdf
2015-11-29 20:01 - 2015-11-29 20:01 - 11027152 _____ C:\Users\Aodh\Downloads\r_baroque_ii_e19_by_rpil-d8b7qru.zip
2015-11-29 19:54 - 2015-11-29 19:54 - 16445565 _____ C:\Users\Aodh\Downloads\antique_theme_by_andrewtheshort-d2y60fc.zip
2015-11-29 19:54 - 2015-11-29 19:54 - 00000000 ____D C:\Users\Aodh\Downloads\antique_theme_by_andrewtheshort-d2y60fc
2015-11-29 15:05 - 2015-11-29 15:05 - 00015056 _____ C:\Users\Aodh\Downloads\btkitty.so_Henrico-Albicastro-12-concerti-a-quattro-op-7-Collegium-Marianum,-Collegium-1704-2000-.torrent
2015-11-29 13:46 - 2015-11-29 17:06 - 00000000 ____D C:\Program Files (x86)\Monkey's Audio
2015-11-29 13:46 - 2015-11-29 13:46 - 01123144 _____ ( ) C:\Users\Aodh\Downloads\MAC_416.exe
2015-11-29 13:46 - 2015-11-29 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monkey's Audio
2015-11-29 13:46 - 2015-03-24 20:55 - 00445952 _____ (Matthew T. Ashland) C:\Windows\SysWOW64\MACDll.dll
2015-11-28 23:08 - 2015-11-28 23:08 - 00057861 _____ C:\Users\Aodh\Downloads\(demonoid.pw)-Capella_Istropolitana_Christmas_Concerti_(EAC_FLAC)_[istabraq].TORRENT
2015-11-28 22:24 - 2015-11-28 22:24 - 00000000 ____D C:\Users\Aodh\Downloads\kid3-3.3.0-win32
2015-11-28 22:22 - 2015-11-28 22:23 - 16150727 _____ C:\Users\Aodh\Downloads\kid3-3.3.0-win32.zip
2015-11-28 22:17 - 2015-11-28 22:17 - 00020468 _____ C:\Users\Aodh\Downloads\[kat.cr]the.deluge.1974.2014.part.2.hdrip.1080p.x264.ac3.subtitles.eng.pl.torrent
2015-11-28 19:31 - 2015-11-28 19:31 - 00016672 _____ C:\Users\Aodh\Downloads\[kat.cr]house.of.cards.1990.seasons.1.3.e.rev.complete.480p.mkv.x264.torrent
2015-11-28 14:03 - 2015-11-28 14:03 - 79217934 _____ C:\Users\Aodh\Downloads\Pontano de principe.pdf
2015-11-23 23:54 - 2015-11-23 23:54 - 00022733 _____ C:\Users\Aodh\AppData\Local\recently-used.xbel
2015-11-23 21:59 - 2015-12-06 13:06 - 00000000 ____D C:\Users\Aodh\AppData\Local\ElevatedDiagnostics
2015-11-22 15:26 - 2015-11-22 15:26 - 00036649 _____ C:\Users\Aodh\Downloads\[kat.cr]dangerous.crossing.1953.film.noir.torrent
2015-11-22 15:24 - 2015-11-22 15:24 - 00040871 _____ C:\Users\Aodh\Downloads\[kat.cr]the.scarlet.hour.1956.crime.film.noir.torrent
2015-11-19 22:12 - 2015-11-19 22:12 - 00012343 _____ C:\Users\Aodh\Downloads\[kat.cr]house.of.cards.s02.complete.season.2.bluray.720p.x265.hevc.nate.666.torrent
2015-11-19 01:00 - 2015-11-19 01:00 - 11753257 _____ C:\Users\Aodh\Downloads\How_to_Study_Music_1000015128.pdf
2015-11-19 01:00 - 2015-11-19 01:00 - 11689356 _____ C:\Users\Aodh\Downloads\How_to_Study_Music_1000015128 (1).pdf
2015-11-19 01:00 - 2015-11-19 01:00 - 00021938 _____ C:\Users\Aodh\Documents\Jews France rant.odt
2015-11-18 13:41 - 2015-11-18 13:41 - 08923674 _____ C:\Users\Aodh\Downloads\Historia_de_Vitis_Pontificum.pdf
2015-11-18 13:30 - 2015-11-18 13:30 - 74103431 _____ C:\Users\Aodh\Downloads\Die Vitis Ponitificum.pdf
2015-11-18 11:24 - 2015-11-18 11:24 - 00021720 _____ C:\Users\Aodh\Downloads\[kat.cr]the.name.of.the.rose.1986.1080p.brrip.x264.yify.torrent
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-18 22:43 - 2009-07-14 03:20 - 00000000 ____D C:\Windows
2015-12-18 22:34 - 2011-11-15 16:06 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-18 22:28 - 2012-09-04 17:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-18 22:03 - 2009-07-14 04:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-18 22:03 - 2009-07-14 04:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-18 22:02 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2015-12-18 22:00 - 2011-06-15 00:34 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-18 21:57 - 2011-11-15 15:32 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-18 21:15 - 2013-10-18 12:22 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\vlc
2015-12-18 20:57 - 2011-11-15 15:32 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-18 20:37 - 2014-06-03 15:50 - 00000000 ____D C:\Users\Aodh\AppData\Local\NVIDIA Corporation
2015-12-18 20:37 - 2011-06-15 00:34 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-12-18 20:37 - 2011-06-15 00:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-18 20:36 - 2011-06-15 00:34 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-18 20:23 - 2014-06-03 15:50 - 00000000 ____D C:\Users\Aodh\AppData\Local\NVIDIA
2015-12-18 20:23 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-18 20:05 - 2011-11-26 21:50 - 00000000 ____D C:\Windows\Minidump
2015-12-18 15:43 - 2015-03-12 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-18 15:43 - 2014-07-22 20:58 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-18 15:42 - 2014-08-19 16:27 - 00000000 ____D C:\Users\Aodh\AppData\Local\Adobe
2015-12-18 13:36 - 2015-04-05 02:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 13:36 - 2015-04-05 02:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-17 11:01 - 2012-09-26 15:21 - 00000000 ____D C:\Users\Aodh\Desktop\Torrents
2015-12-17 02:39 - 2014-06-29 19:01 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\tixati
2015-12-16 19:57 - 2013-10-17 23:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-16 18:43 - 2015-10-08 17:49 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\foobar2000
2015-12-10 14:25 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 11:11 - 2009-07-14 04:45 - 04891704 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-10 02:22 - 2012-09-12 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 02:21 - 2012-09-12 20:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 02:21 - 2012-09-12 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 02:20 - 2013-08-14 18:07 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 02:13 - 2011-02-10 20:56 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 12:06 - 2011-12-16 14:32 - 00000000 ____D C:\Program Files (x86)\Magic Workstation
2015-12-09 11:28 - 2012-09-04 17:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 11:28 - 2012-04-01 23:45 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 11:28 - 2011-06-14 21:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 11:26 - 2012-03-04 17:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-09 11:09 - 2009-07-14 05:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-05 20:19 - 2009-07-14 05:13 - 00783464 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-04 20:52 - 2011-11-15 15:32 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 20:52 - 2011-11-15 15:32 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 11:31 - 2014-06-03 16:47 - 00074792 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2015-12-03 11:29 - 2012-04-25 22:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-03 01:23 - 2014-06-03 22:55 - 00074792 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2015-12-02 17:45 - 2015-11-12 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD Wave
2015-12-02 17:44 - 2013-03-13 16:22 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\Audacity
2015-12-01 12:51 - 2013-06-25 18:16 - 00001378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-12-01 12:50 - 2011-02-10 20:32 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-12-01 12:15 - 2012-02-19 17:44 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2015-12-01 12:13 - 2012-11-18 15:15 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2015-12-01 11:35 - 2015-03-12 17:44 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-01 11:35 - 2015-03-12 17:44 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-01 11:35 - 2015-03-12 17:44 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-11-30 01:18 - 2012-01-07 14:37 - 00000000 ____D C:\Users\Aodh\.gimp-2.6
2015-11-30 01:17 - 2012-01-17 02:14 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\gtk-2.0
2015-11-30 01:14 - 2011-11-15 15:34 - 00000000 ____D C:\Users\Aodh
2015-11-30 01:00 - 2011-11-21 16:40 - 00000000 ____D C:\Users\Aodh\Desktop\Projects
2015-11-28 14:52 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-27 22:08 - 2015-08-04 14:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-24 23:10 - 2015-11-06 01:56 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-11-24 23:10 - 2015-08-13 16:48 - 15122296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-24 23:10 - 2014-06-03 15:47 - 12770752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-24 23:10 - 2013-02-25 23:32 - 17516040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-24 23:10 - 2011-06-15 00:34 - 00033607 _____ C:\Windows\system32\nvinfo.pb
2015-11-24 18:40 - 2011-06-15 00:34 - 06358648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-11-24 18:40 - 2011-06-15 00:34 - 02983032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-11-24 18:40 - 2011-06-15 00:34 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-11-24 18:40 - 2011-06-15 00:34 - 00938616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-11-24 18:40 - 2011-06-15 00:34 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-11-24 18:40 - 2011-06-15 00:34 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-11-23 12:39 - 2013-10-17 23:16 - 00000000 ____D C:\ProgramData\Oracle
2015-11-23 12:38 - 2013-10-17 23:16 - 00000000 ____D C:\Program Files\Java
2015-11-23 12:37 - 2015-08-27 13:08 - 00000000 ____D C:\Users\Aodh\.oracle_jre_usage
2015-11-23 12:37 - 2015-08-04 14:06 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-11-23 10:38 - 2011-06-15 00:34 - 06049858 _____ C:\Windows\system32\nvcoproc.bin
2015-11-20 19:11 - 2015-07-06 15:42 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-20 19:11 - 2014-12-07 13:31 - 00000000 ____D C:\Users\Default\AppData\Local\NVIDIA Corporation
2015-11-20 19:11 - 2014-12-07 13:31 - 00000000 ____D C:\Users\Default User\AppData\Local\NVIDIA Corporation
2015-11-19 02:06 - 2014-02-02 04:05 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\Media Player Classic
 
==================== Files in the root of some directories =======
 
2015-05-04 23:39 - 2015-07-19 22:01 - 0000033 _____ () C:\Users\Aodh\AppData\Roaming\AdobeWLCMCache.dat
2012-11-17 20:17 - 2013-11-20 00:34 - 0007168 ____H () C:\Users\Aodh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-23 23:54 - 2015-11-23 23:54 - 0022733 _____ () C:\Users\Aodh\AppData\Local\recently-used.xbel
2015-12-18 22:02 - 2015-12-18 22:02 - 0007601 _____ () C:\Users\Aodh\AppData\Local\Resmon.ResmonCfg
2012-09-09 01:07 - 2012-09-09 01:07 - 0000008 ____H () C:\Users\Aodh\AppData\Local\~wmrg
2015-05-26 18:19 - 2015-05-26 18:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Aodh\AppData\Local\Temp\avgnt.exe
C:\Users\Aodh\AppData\Local\Temp\nvStInst.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-10 14:17
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-12-2015
Ran by Aodh (2015-12-18 22:44:37)
Running from C:\Users\Aodh\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-11-15 15:34:39)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-418917625-158424403-2452974618-500 - Administrator - Disabled)
Aodh (S-1-5-21-418917625-158424403-2452974618-1001 - Administrator - Enabled) => C:\Users\Aodh
Guest (S-1-5-21-418917625-158424403-2452974618-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-418917625-158424403-2452974618-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
8BitMMO (HKLM-x32\...\Steam App 250420) (Version:  - Archive Entertainment)
Ableton Live 8 (HKLM-x32\...\{4941E15C-3C68-4FB7-B5A4-5061B92E9166}) (Version: 8.0.0.0 - Ableton)
Ace Stream Media 3.1.1 (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\AceStream) (Version: 3.1.1 - Ace Stream Media) <==== ATTENTION
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe After Effects CS5.5 (HKLM-x32\...\{E82097B9-A3B8-404A-9A92-AC16A8AC9576}) (Version: 10.5 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19480 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.0.0.74 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Age of Empires Online (HKLM-x32\...\Steam App 105430) (Version:  - Microsoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applian FLV and Media Player 3.1.1.12 (HKLM-x32\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies)
ARMA 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avadon: The Black Fortress (HKLM-x32\...\Steam App 112100) (Version:  - Spiderweb Software)
Avidemux 2.5 (32-bit) (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.6.7716 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BitTorrent (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\BitTorrent) (Version: 7.8.2.30489 - BitTorrent Inc.)
Blender (HKLM\...\Blender) (Version: 2.63-release - Blender Foundation)
calibre (HKLM-x32\...\{D060E2E3-5509-4420-AA04-FA197C6678C8}) (Version: 0.9.28 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Canon MG5200 series User Registration (HKLM-x32\...\Canon MG5200 series User Registration) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Card Hunter (HKLM-x32\...\Steam App 293260) (Version:  - Blue Manchu)
CCleaner (HKLM\...\CCleaner) (Version: 3.12 - Piriform)
CD Wave Editor 1.98 (HKLM-x32\...\CD Wave Editor_is1) (Version: 1.9.8.1 - MiLo Software)
CDisplayEx 1.8 (HKLM-x32\...\CDisplayEx_is1) (Version:  - Henri Gourvest.)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Celestia 1.6.1 (HKLM-x32\...\Celestia_is1) (Version:  - Shatters Software)
Chip's Challenge 1 (HKLM-x32\...\Steam App 346850) (Version:  - Niffler Ltd.)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Comical 0.8 (HKLM-x32\...\Comical_is1) (Version:  - James Athey)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.2821 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DarthMod Napoleon (HKLM-x32\...\DarthMod Napoleon) (Version:  - )
DebugMode Wax 2.0 (HKLM-x32\...\DebugMode Wax 2.0) (Version:  - )
Desura (HKLM-x32\...\Desura) (Version:  - Desura)
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.25.3+4.9 - DjVuZone)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve )
Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version:  - )
DROD: The City Beneath 3.3.0 (HKLM-x32\...\DROD: The City Beneath_is1) (Version: 3.3.0 - Caravel Games)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
Endless Sky (HKLM-x32\...\Steam App 404410) (Version:  - Michael Zahniser)
Epic Arena (HKLM-x32\...\Steam App 334030) (Version:  - Shadow Masters)
Eraser 6.0.9.2343 (HKLM\...\{3D33F6F0-4D90-484D-A1D9-09AE791CCBD9}) (Version: 6.0.2343 - The Eraser Project)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Europa Universalis: Rome - Demo (HKLM-x32\...\Steam App 22160) (Version:  - )
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version:  - )
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
FlacSquisher 1.3.5 (HKLM-x32\...\FlacSquisher) (Version: 1.3.5 - FlacSquisher)
FontExpert 2014 Font Manager (HKLM-x32\...\FontExpert 2014) (Version: 12.0.0.2 - Proxima Software)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free APE to MP3 Converter 1.0 (HKLM-x32\...\{23CAF97E-FC9A-4043-A8B2-3C8605305D35}_is1) (Version: 1.0 - Jacek Pazera)
FS-UAE 2.4.1 (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\FS-UAE_is1) (Version: 2.4.1 - )
Geneforge 1 (HKLM-x32\...\Steam App 200960) (Version:  - Spiderweb Software)
Geneforge 2 (HKLM-x32\...\Steam App 200980) (Version:  - Spiderweb Software)
Geneforge 3 (HKLM-x32\...\Steam App 200990) (Version:  - Spiderweb Software)
Geneforge 4 (HKLM-x32\...\Steam App 201000) (Version:  - Spiderweb Software)
Geneforge 5 (HKLM-x32\...\Steam App 201010) (Version:  - Spiderweb Software)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Greenshot 1.2.6.7 (HKLM\...\Greenshot_is1) (Version: 1.2.6.7 - Greenshot)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroine's Quest: The Herald of Ragnarok (HKLM-x32\...\Steam App 283880) (Version:  - Crystal Shard)
Infinite Crisis™ (HKLM-x32\...\Steam App 345520) (Version:  - Turbine, Inc.)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
K-Lite Codec Pack 10.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lara Croft and the Guardian of Light (HKLM-x32\...\Steam App 35130) (Version:  - Crystal Dynamics)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
Livestream Procaster (HKLM-x32\...\{68E4C751-272B-44E1-94C7-4E1FDC40F7DA}) (Version: 20.3.25 - Procaster)
LMMS 1.1.3 (HKLM-x32\...\LMMS) (Version: 1.1.3 - LMMS Developers)
Magic 2015 (HKLM-x32\...\Steam App 255420) (Version:  - Stainless Games)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Magic Set Editor 2.0.0 (HKLM-x32\...\Magic Set Editor 2_is1) (Version:  - )
Magic The Gathering Online  (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\35c9d60442fbb010) (Version: 3.4.87.523 - Wizards of the Coast)
Magic Workstation 0.94f (HKLM-x32\...\Magic Workstation_is1) (Version:  - Magic Technology)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Mendeley Desktop 1.6 (HKLM-x32\...\Mendeley Desktop) (Version: 1.6 - Mendeley Ltd.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Miro Video Converter (HKLM-x32\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
Missing Translation (HKLM-x32\...\Steam App 395520) (Version:  - AlPixel Games)
MKVToolNix 6.4.0 (HKLM-x32\...\MKVToolNix) (Version: 6.4.0 - Moritz Bunkus)
Monkey's Audio (HKLM-x32\...\Monkey's Audio_is1) (Version:  - )
Mount & Blade - Unoffical Troop Editor (C:\Program Files (x86)\Mount & Blade - Unoffical Troop Editor\) (HKLM-x32\...\ST6UNST #2) (Version:  - )
Mount & Blade - Unoffical Troop Editor (HKLM-x32\...\ST6UNST #1) (Version:  - )
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Taleworlds Entertainment)
MountMusket Battalion (HKLM-x32\...\{8AF7479C-B28D-4BFF-867B-4755DE019259}_is1) (Version: 0.4.2 - MountMusket Battalion Team)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MPEG Video Wizard DVD 5.0.1.111 (02/2014) (HKLM-x32\...\{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1) (Version: 5.0.1.111 - Womble Multimedia, Inc.)
MPEG Video Wizard DVD 5.0.1.111 (02/2014) (HKLM-x32\...\Mpeg Video Wizard DVD 5.0) (Version: 5.0.1.111 (02/2014) - Womble Multimedia, Inc.)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTG Card Images for Magic Workstation (HKLM-x32\...\MTG Card Images for Magic Workstation_is1) (Version:  - )
MTG GamePack for Magic Workstation (HKLM-x32\...\MTG GamePack for Magic Workstation_is1) (Version:  - Magic Technology)
Nero 12 (HKLM-x32\...\{95E152CF-0EB5-4BFA-B6EE-8FC7F9601BA5}) (Version: 12.0.02900 - Nero AG)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
OU Flashcards (HKLM-x32\...\OU Flashcards) (Version:  - )
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Pianissimo (HKLM-x32\...\Pianissimo) (Version:  - Acoustica)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
PlanetSide 2 (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerAgent 7.7.5 (HKLM\...\PowerAgent_is1) (Version:  - Saris Cycling Group, Inc.)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
printFIT Business Card Printing Kit (HKLM-x32\...\{3FD83A7E-4D16-48C3-B26C-15F4548ACEF5}) (Version: 10.00.000 - )
Pro Cycling Manager 2013 (HKLM-x32\...\Steam App 219800) (Version:  - Cyanide)
Python 2.7.2 (HKLM-x32\...\{2E295B5B-1AD4-4d36-97C2-A316084722CF}) (Version: 2.7.2150 - Python Software Foundation)
qBittorrent 3.2.4 (HKLM-x32\...\qBittorrent) (Version: 3.2.4 - The qBittorrent project)
QGIS Valmiera 2.2.0 Valmiera (HKLM\...\QGIS Valmiera) (Version:  - QGIS Development Team)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.3.3 r1522 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Replay Media Catcher 5 (5.0.0.97) (HKLM-x32\...\Replay Media Catcher 5) (Version: 5.0.0.97 - Applian Technologies)
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
Search Results Toolbar (HKLM-x32\...\searchresults1) (Version: 1.0.0.12 - ) <==== ATTENTION
ShaderTFX version 1.1 (HKLM\...\ShaderTFX_is1) (Version:  - )
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V: Gods & Kings Demo (HKLM-x32\...\Steam App 213910) (Version:  - )
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
SpaceEngine version 0.9.7.2 (HKLM-x32\...\{E65FD500-9218-44EC-9586-D39FAB4DFDAF}_is1) (Version: 0.9.7.2 - SpaceEngine)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Subspace Continuum (HKLM-x32\...\Steam App 352700) (Version:  - Virgin Interactive Entertainment)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tactical Genius (HKLM-x32\...\Steam App 377150) (Version:  - Pixeltales.ru)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\TeamSpeak 3 Client) (Version: 3.0.8 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Unofficial Team Fortress 2 Statistics Parser (HKLM-x32\...\{355B814F-38EF-4C9D-BCF9-3D0EE77C6C38}_is1) (Version:  - Erlend Dahl)
Tixati (HKLM-x32\...\tixati) (Version:  - )
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Tomb Raider (VI): The Angel of Darkness (HKLM-x32\...\Steam App 225020) (Version:  - Core Design)
Tomb Raider I (HKLM-x32\...\Steam App 224960) (Version:  - Core Design)
Tomb Raider II (HKLM-x32\...\Steam App 225300) (Version:  - Core Design)
Tomb Raider III: Adventures of Lara Croft (HKLM-x32\...\Steam App 225320) (Version:  - Core Design)
Tomb Raider: Anniversary (HKLM-x32\...\Steam App 8000) (Version:  - Crystal Dynamics)
Tomb Raider: Chronicles (HKLM-x32\...\Steam App 225000) (Version:  - Core Design)
Tomb Raider: Legend (HKLM-x32\...\Steam App 7000) (Version:  - Crystal Dynamics)
Tomb Raider: The Last Revelation (HKLM-x32\...\Steam App 224980) (Version:  - Core Design)
Tomb Raider: Underworld (HKLM-x32\...\Steam App 8140) (Version:  - Crystal Dynamics)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: Shogun 2 - Assembly Kit (HKLM-x32\...\Steam App 202930) (Version:  - The Creative Assembly)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
TrainingPeaks Device Agent (HKLM-x32\...\{BF436CD1-67D6-4849-8C09-AE87197A0A64}) (Version: 3.0.90 - TrainingPeaks)
Tux Paint 0.9.21c (HKLM-x32\...\Tux Paint_is1) (Version:  - New Breed Software)
Unity Web Player (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 2.3.0 - Universal Media Server)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Vega 7 (HKLM-x32\...\Vega) (Version: 7 - Vegachess)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version:  - NCH Software)
VideoReDo TVSuite Version 4.20.7.638 (HKLM-x32\...\VideoReDo4_is1) (Version:  - DRD Systems, Inc.)
VirtualTraining Desktop version (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\VirtualTraining Desktop version) (Version: 3.1.0.0 - SportSoft)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.1.2 - Azureus Software, Inc.)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic Entertainment)
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3400 - Broadcom Corporation)
WinDjView 1.0.3 (HKLM-x32\...\WinDjView) (Version: 1.0.3 - Andrew Zhezherun)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - Saris Cycling Group, Inc. libusb Drivers (05/11/2011 1.2.4.0) (HKLM\...\D471913AF25804C37195D83AD80A8B9F7F3FF5CC) (Version: 05/11/2011 1.2.4.0 - Saris Cycling Group, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.10 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.5 - win.rar GmbH)
WM Recorder (HKLM-x32\...\WM Recorder14.12) (Version: 14.12 - AllAlex, Inc)
Wondershare Video Editor(Build 5.1.3) (HKLM-x32\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)
WSE Rocket (HKLM-x32\...\WSE Rocket) (Version:  - WSE Rocket) <==== ATTENTION
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-418917625-158424403-2452974618-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-418917625-158424403-2452974618-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Restore Points =========================
 
18-12-2015 13:13:34 Scheduled Checkpoint
18-12-2015 13:35:52 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {086A2A9B-302C-418A-A022-54576AF97CEA} - System32\Tasks\NCH Software\videopadShakeIcon => C:\Program Files (x86)\NCH Software\VideoPad\VideoPad.exe [2012-11-18] (NCH Software)
Task: {12CCDED1-6EE3-4CDA-B3C1-A41E6EBE2714} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {306FBFCB-9DF2-4BC3-AE32-04BA6DA8304F} - System32\Tasks\{10F68DF3-DFF9-45E4-B70D-D8399BC4B05B} => pcalua.exe -a "C:\Users\Aodh\Desktop\100 Mod\TroopEditor v1.9 Install Package\setup.exe" -d "C:\Users\Aodh\Desktop\100 Mod\TroopEditor v1.9 Install Package"
Task: {3D3A12D7-DC7B-4654-B4C4-52C534252AE4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {463E481C-B933-4B41-AE07-2C9643A58DE6} - System32\Tasks\AdobeAAMUpdater-1.0-Vandennis-Aodh => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30] (Adobe Systems Incorporated)
Task: {5708C1CE-E6FD-45DA-8B8E-CCDE118C9D00} - System32\Tasks\{D514B5CF-DBD9-49F0-A86B-B94F3144EADC} => pcalua.exe -a C:\Users\Aodh\Downloads\shortcircuit-1_1_2.exe -d C:\Users\Aodh\Downloads
Task: {7A232736-5E68-4239-A97E-14FEB14E6614} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {83BE68F1-98AE-486D-A583-65DDD21B964B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {8A75DF63-C861-4503-9800-431A40E2BDEE} - System32\Tasks\1114avUpdateInfo => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe [2014-10-08] ()
Task: {A4D9CB9D-CB7E-4362-9047-E0731361ADA3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {D3E3A262-7CF2-4085-8032-B75F54F9F8BD} - System32\Tasks\NCH Software\videopadDowngrade => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [2012-11-18] (NCH Software)
Task: {D9F69B30-E3A0-4C6E-B78C-CF81D65E09B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E7347B7A-C47D-496C-8DAA-9CAADE553610} - System32\Tasks\{7DF2AD79-3E9B-4B5D-B0D7-A2E340CB4B94} => pcalua.exe -a C:\Users\Aodh\Downloads\MouseTest.exe -d C:\Users\Aodh\Downloads
Task: {F282C6A9-4CFB-41F2-AD11-3DF8AB9E8F58} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Aodh\Desktop\Projects\Golf MapStuff\GRASS GIS 6.4.3.lnk -> C:\Program Files\QGIS Valmiera\bin\nircmd.exe (NirSoft) -> exec hide C:\PROGRA~1\QGISVA~1\bin\grass64.bat -wx
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-04-16 16:42 - 2015-04-16 16:42 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2010-01-02 14:42 - 2010-01-02 14:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-01-12 23:21 - 2012-01-06 18:01 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2012-07-03 12:21 - 2012-07-03 12:21 - 00041160 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2012-07-03 12:21 - 2012-07-03 12:21 - 00754376 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2012-04-12 19:07 - 2015-11-24 18:40 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-18 21:59 - 2015-12-09 01:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2010-08-03 22:39 - 2010-08-03 22:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-03 22:39 - 2010-08-03 22:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-10-16 17:37 - 2014-10-16 17:37 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2011-06-14 21:06 - 2011-04-30 07:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-12-18 20:37 - 2015-12-09 01:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2012-01-08 13:41 - 2012-01-08 13:41 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-12-16 21:03 - 2015-12-11 03:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 21:03 - 2015-12-11 03:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-16 21:03 - 2015-12-11 03:54 - 16573256 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:0888F409
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51
AlternateDataStreams: C:\ProgramData\Temp:3440EB47
AlternateDataStreams: C:\ProgramData\Temp:66633281
AlternateDataStreams: C:\Users\Aodh\Cookies:Qgd1w97RKadbi38e14SDju
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\sony.com -> sony.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-418917625-158424403-2452974618-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Aodh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 89.101.160.4 - 89.101.160.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Aodh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BitTorrent => "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Aodh\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Aodh\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{7A6CA036-349A-4886-945C-77B570449D80}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{E0D87026-383F-4540-9547-92DF0B2CDF2A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{51B377CA-B25F-4D58-98AE-E6C464967231}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{245DED63-1A5C-4610-B90F-4EE993C3E84A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{473D7F50-B331-4CF4-8A2B-7E139518398A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{C42A916C-6CC2-416E-96AB-402BB158FA78}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{3EEC425E-6CB1-4DFF-9B88-614CB3EEFEFB}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{BEF2226B-52CE-46A1-BAD9-75313FB6DFAA}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{FA28E5B4-2785-4CF1-8C9F-098EB5E46913}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{BCD9CB82-C069-497F-8A2E-9A11505A1E64}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{C09F6A5F-AF23-466D-A555-27E6DFF4BD52}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [TCP Query User{60C80F5D-78CE-4DAE-A072-97EFB5833A75}C:\program files (x86)\steam\steamapps\batchuba\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\batchuba\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{DEA4D68C-ED1A-49C9-9E76-2F4A6A9AC0C8}C:\program files (x86)\steam\steamapps\batchuba\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\batchuba\team fortress 2\hl2.exe
FirewallRules: [{ADAA991B-F584-41A9-AD0E-643F689298D1}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{2ADA3615-3D15-4833-A186-F5E54B28B2BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{276A2A68-C38E-40DF-B265-440802A38DDD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5926EE03-AFA2-42BB-85D4-D54344D5E6AF}] => (Allow) C:\Program Files (x86)\searchresults1\dtUser.exe
FirewallRules: [{0AF86C24-51EF-4862-82DA-45C45CEABB44}] => (Allow) C:\Program Files (x86)\searchresults1\dtUser.exe
FirewallRules: [TCP Query User{F3314A36-919C-4E30-A2E5-72848EA7F1CB}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe
FirewallRules: [UDP Query User{058EF4CA-6BAC-4791-9549-A8BE406B9096}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe
FirewallRules: [TCP Query User{353A9AD0-64AB-4AD9-9C1F-0978453383AD}C:\users\aodh\downloads\downloader_starcraft_combo_engb.exe] => (Allow) C:\users\aodh\downloads\downloader_starcraft_combo_engb.exe
FirewallRules: [UDP Query User{5904CE08-8F50-4A0F-8520-295F2A354180}C:\users\aodh\downloads\downloader_starcraft_combo_engb.exe] => (Allow) C:\users\aodh\downloads\downloader_starcraft_combo_engb.exe
FirewallRules: [{ABFC3DAA-A5F3-4C12-85D3-AAB68A31BACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{4EADEC82-08BC-4488-8002-6ED93DFB98D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{1CA1D8DD-E637-4F4A-981C-F69644176708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [{B51B3B8E-5F9D-4503-8020-78D6514D2F88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [{A9DAB5BC-D323-4113-9090-4F3254BFF607}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\_runA2CO.cmd
FirewallRules: [{12702A26-FBC8-4809-8C92-05F917A07B79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\_runA2CO.cmd
FirewallRules: [TCP Query User{1D3A2BB3-0C06-47AD-8638-09E579A40478}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [UDP Query User{986570A6-81AF-4864-A19D-917847115666}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [{3A4DD47F-58F6-4965-A076-CB4FECA133E4}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{8F232053-54E0-42C6-8843-39C702AE552B}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{441D5142-CA50-4602-83CD-47DBFDE2BA5A}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{861175DC-3A31-4959-9478-A57AD66353AF}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [TCP Query User{2990496E-BEE2-4689-B5FC-A120075B9A66}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A0F07C25-24D1-473A-83FB-BC9BC6F2A20A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{41601E5D-65B5-485B-9AF7-8EF94B5B7B04}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{FE80A169-8342-49BC-B838-BBE4B8545A9F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{E3752451-BC10-442A-B264-D07C275C5650}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{24C978DD-9903-4DBD-BF47-042E03F1CEA5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{4A233C59-5614-4248-92B3-0B4C6903516D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{85EF9ACB-F72B-4833-B661-E3ADFC0DAED6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{ABBD1C58-DAC5-4897-BAC1-153CF23668C8}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{38D92D74-3C60-489C-8F16-786C41B1650E}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{E3FDC81F-4813-4912-9B0D-D5FD29CF9B48}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{42A5A2D7-17F9-4140-853A-D972C2C3B544}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{ABE36A46-CC7F-403E-B578-D079D72B24FB}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{F1E6A90B-8A6A-46EB-B9FD-65F85BD36311}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [{F65C4DC7-5BC2-49DB-81CC-ACB29575CF6B}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\aria2c.exe
FirewallRules: [{1F06A023-1A70-48B3-B78F-08F0995B8B93}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\aria2c.exe
FirewallRules: [{CA6A4A4D-FC34-4609-83ED-2BD1572CCFEA}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\qtCopy.exe
FirewallRules: [{08B1D8CF-A3DC-4350-AA3A-F2239BC4FE2A}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\qtCopy.exe
FirewallRules: [TCP Query User{285F11FF-C58F-4D94-8EF9-BC50FE03D535}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{AA010432-8A08-494E-ACC7-7BA7855F634F}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{EBB329C2-37A9-479A-A8D7-0A3BF65617BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\launcher\launcher.exe
FirewallRules: [{AC0AFDE6-A531-4CA9-95E9-FB0B875D8D7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\launcher\launcher.exe
FirewallRules: [{66AE21DC-2D8D-4876-B2AE-6FFD7D5267C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis Rome - Demo\Rome.exe
FirewallRules: [{8E283E82-4C48-4BE8-9AF3-D61C353879CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis Rome - Demo\Rome.exe
FirewallRules: [{F5897764-12F8-4463-BD64-053AD84BC4D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mountblade warband\mb_warband.exe
FirewallRules: [{5A36AA42-81DE-43C2-A4C6-EA0C53F74814}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mountblade warband\mb_warband.exe
FirewallRules: [{52B9C649-EEA8-44D8-B871-8C237FB94030}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\age of empires online\AOEOnline.exe
FirewallRules: [{7E73B0E2-DD23-45AD-A5B9-EA66BA95EECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\age of empires online\AOEOnline.exe
FirewallRules: [{4797C421-0202-4D0F-BD2F-6463E2A6AF67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\modding\show.bat
FirewallRules: [{C1725FAC-2880-4305-A181-B360E6C97A3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\modding\show.bat
FirewallRules: [{CF475EC3-8482-4415-8087-0EB5FED682DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\civ_v_xp_demo\Launcher.exe
FirewallRules: [{7B1A5D0F-18FF-4570-A4CF-13388AD15E29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\civ_v_xp_demo\Launcher.exe
FirewallRules: [{3ACC1B11-FC75-401F-8724-829848C82B9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\batchuba\sourcesdk\bin\SDKLauncher.exe
FirewallRules: [{6E9B25C6-7903-4191-8811-7DBCED05EF79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\batchuba\sourcesdk\bin\SDKLauncher.exe
FirewallRules: [{F3B35EE9-9367-4314-BB2E-91B9F37C6DB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{67332CC6-78BA-4E7B-A09D-D52BE4D7D176}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{BBCCCDB3-D5A1-479B-BCF3-BA0CF856AD5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{24C35478-E0CE-4620-9874-21C426BE31BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{EF657C9D-817A-449B-9B8E-256D6B8D0A8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{296AECCB-A561-4A81-9CC4-DD6DBE6D75D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{5615E55D-CF13-4D15-B8B1-63C1308EED80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{AD013FE1-A3F3-436E-B095-2D43DAB8C6AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{3571150F-1220-485D-9D84-7A622FD21EDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{063212A2-FEEE-4DB1-A73E-8A12A49AD865}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{88D06885-E78B-48B0-82F3-FF80D144B40B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{0117525F-B540-4396-9C53-6DFFEE4CF953}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{821298B6-C53A-4FD3-93D5-2B609629BFCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{CB95FE07-1335-4AA6-87AD-5EF4084CAE6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{6795141A-113B-4585-AAFE-98572514449D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F9CF7ED3-6232-4C86-8CA2-9328F763564F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2575C3BB-BA9C-4F8C-9318-CAFAEB7E5D08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E7D5B8D0-E74F-443E-AD50-25BB083AA98C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DFD592EC-0019-4E83-8093-2D8D8BB84E91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{B5B3C17B-6C54-4C42-8646-7FF13B65FA2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F4D1AA03-B841-4FED-82C7-70B27552CF7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BD92555F-80C8-4887-8CDF-BFA959729C6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5B54A1A5-CE25-4F65-8CE1-AB7405681966}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{799124CA-BBBA-4295-B1B6-3E37210A47B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F5B9AD5D-7777-4CAD-9D33-59B121D289EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2DB1F2D6-4505-48EA-9B31-3C31D6B36BC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{B2C141CC-6A04-4198-8451-53B4BF4CCBAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{BA2CA187-2F7A-4E91-85CC-2735506EFC14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{9064158E-11A7-45AB-BDEE-AB70AF226B0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{57DF841B-8A8A-4528-BEEA-6D704120942B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{4D2C2D3D-3933-402C-947E-4468B9804ED2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{D3DC5A34-4454-4FD3-943D-4A6DEB08EF1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{99864764-4D82-48AA-A0B2-D5427898B743}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{5DD260B6-E69B-4779-94A6-EB4339CE7BF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{1CBA9E41-6795-4DCD-BC6D-7C1C8352191D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{EE074EA0-874A-47F0-8175-7EFF2923C003}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{004869AB-5483-4537-9BAE-683812136C2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{9848A4CC-E11C-4E12-A85D-30F8E7770C98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{7AE5EF55-FBBA-43B3-A4E4-5B113F04E9B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{8116FB5F-DA20-4456-97F2-A85B1B692D9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{93BDCCB8-D6DA-4FF1-81AA-B7F60A04DA55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{04A4DACE-9504-4A39-B471-53426E992F34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{870914FC-4C45-4E44-8079-5413C104B4D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{7311CA5B-CAB0-4DFE-8D97-F511C2F06776}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{918A67AB-72B9-48C3-965E-C593E61AA000}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{70ECB0D5-3E82-435D-A992-B85F407D244E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{3CEED1B3-2C8C-4A89-B3DB-2396831ABC70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{8C81AF58-4686-49FC-89A6-441A6B8DEC6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{FE1E220F-9BB4-41DA-87BC-290F6F926F28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{128694AD-E332-4F3B-8D6E-4F74362A5E19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{59BF0578-009E-4CC6-BC78-7D661F996582}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{32E92D8D-B160-410C-9FE2-F770484A3E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{563C8A6A-FDD2-44B0-B95F-E1FE86E8D9BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{F2D64123-87A5-44D1-BB6A-5CACFCEB7E69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{0989BDDE-F3BC-4CE3-899D-E4FAF128D330}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{DB940E5A-D1F0-452E-A586-8F17B0A1862B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{E7CA3F12-ACA7-4EF7-B254-C4642850026D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{F51BEEF3-0D5D-416A-95D1-68F8BA600677}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{69984396-1BF2-4BE3-9D02-6ADA6C591CFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{B53D4077-4720-440A-BCBD-317EE554985E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{DC1926B5-EE6E-4A23-9597-2853831CC78D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{50DECCA8-0F45-4FD7-B6B9-C586D4163C49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{CE31D8A1-4185-4595-B076-CA8664BF2044}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{74AB6C8B-80C7-46A9-98BE-C90166BFF995}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{14E9458F-1B08-492F-A385-55E57739A68E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3E660A34-9E37-4092-84D0-ABFADE765EB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F623017E-0C01-4A73-9AFB-2594689D57AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{5FDE2CBD-561E-49C8-8AB8-A1C527BFFDC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{559579F1-C4EA-43E5-B6C5-2AC12B369B46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{3847C8AA-264C-471B-B1DE-71C5E5FFDECF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{9D5B244E-6B8F-4EB2-93C0-503B7BA6AC9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{A74D2F89-8115-405C-8112-D663838048EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{1B38B339-3CCE-4C0A-B0FD-9F315B9E2B84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{2F79C961-BA94-4E06-8D7B-ECA752E34D84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{189406D2-9DA0-4459-8ADA-CE2D2AD31C98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{C9763F43-8658-4F96-98B7-C83B7F6AA9D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{362217CC-B8DD-4B7D-88BB-EE64B51FFAC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{1CC12869-C36E-42F3-A140-98D95E1F9EE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{987C7486-B43E-4B00-907C-27B7F6C96F46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{6F9DA841-1B78-4611-A42D-B6EBF9CA6C5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{9E10C3E7-895C-43D2-83EA-024E949C4D33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0CC4E302-1772-4452-B8DB-1478F657361C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{7B582038-EFDE-4B51-B838-CB83352CD040}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B52D80C0-36B3-4D42-A21B-9B692439700A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{224007A2-D6B4-4FEA-B975-2E8B9E1365AF}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{EABA2DA5-66D2-4852-801D-D483E6162E19}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{56B9828F-ECA5-4F51-9963-0FBEE0710BFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{E62EB5A5-B8B1-4286-9963-2C5C381830B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{4502E0D7-34D3-4676-8EDC-EB4945479B54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{28EA3372-7C48-4D33-80BD-D06B96DB52E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{E388C042-1A4A-4C64-AB0E-CC67ED875BB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{E6E8EACB-E328-4B94-AEE0-9C553001BD75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{EBA52BDD-2B2C-4174-AA9F-C89F98F6FE28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4B7791FB-A36F-4971-A3D5-C4779EA05F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{D7A68AB6-91E8-4291-8E9F-BE3D21DC51EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{F3836EF1-30C5-48ED-9B41-0BD62D400ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{AC601597-CE1B-47DA-8FF6-35257FE5DB15}] => (Allow) C:\Users\Aodh\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{6AACF68A-3B53-4621-A3FD-5C55663054C6}] => (Allow) C:\Users\Aodh\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{396DBA7C-DD00-4EA0-BBAA-61961F78F278}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{1EF9F12B-26FD-4550-8FEA-72639E6BE512}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [TCP Query User{2CEFD7FF-8DB6-4BD3-A24A-DBB3FE42A486}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{696E9AC9-FBEC-4944-A2FD-CB3A6D022FB1}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [TCP Query User{53EB17E3-39E3-463C-9D72-0E00450455B4}C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe] => (Block) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
FirewallRules: [UDP Query User{513A486F-71D3-4BC2-BFE9-38C4A9CE7351}C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe] => (Block) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
FirewallRules: [{F38423A4-483C-4D0D-BEBE-1C85E9EABDC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{6BF3EE96-6BAF-49B9-9FB8-60EDF6931BB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{56609604-829A-4850-8226-B293250EFF67}C:\programdata\battle.net\agent\agent.2787\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2787\agent.exe
FirewallRules: [UDP Query User{162DED32-609E-4F45-B883-655AA9AFE6CC}C:\programdata\battle.net\agent\agent.2787\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2787\agent.exe
FirewallRules: [TCP Query User{499939C8-86E8-438B-8BF6-CFE84B34D924}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{5DB05C52-18E9-429C-A281-8BD0B0FC7AD3}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [TCP Query User{64EEBCD9-94F4-4265-BE0A-371EFE4FDA27}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{513017DF-1A4F-49C7-B746-7178DA12D528}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{87606FF8-C59F-4633-9721-AF504CBCF6A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2013\PCM.exe
FirewallRules: [{36A76FB7-473A-481C-992C-8BCA8436B124}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2013\PCM.exe
FirewallRules: [{77920A40-B5AB-4A6B-B879-698C41A3ADDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2013\CTStageEditor.exe
FirewallRules: [{FD48F295-0372-4B27-A51B-FFFAC6614E03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2013\CTStageEditor.exe
FirewallRules: [{BD7728AE-BE94-42F3-B776-785C0D6030E3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{0A841409-AE98-44F6-A052-0558BF92AAF3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1C0DA450-9891-4673-AFC4-DE6E9F0AE6C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{4C0885A0-E30E-402C-B96D-5D1DE574AB53}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{2ABBF05C-C058-459F-958C-07BA369D969A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{970786DB-C3AD-43C6-AC8F-F9E3328FEAF7}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D677392E-38BE-4CC0-AB08-2C6049255F53}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{052A5106-3E4E-4DC7-8637-B291A3F5BF7F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{4AA60D2C-B975-44D4-9790-F3B2B811D927}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{359D8DFF-65F1-4B0E-B3B8-648993AF14B0}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7046E729-9BB4-4C73-84E5-F4D46D47A152}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{8D840556-1DD2-4FF2-B49B-94602CF90895}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{0DD0243D-D5B7-4F64-B591-6BB6721241E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{8BDD1EC0-E627-4F2C-98F9-246E5DE7C650}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [TCP Query User{FEE00DC9-512E-45DA-B462-26AF8D692EE7}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{75EA0923-B310-4CC7-854A-25BF40E88B6F}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [{6CB3B435-D4DD-469F-9D28-BCCCD60C2830}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{CCC8B8F5-A050-4212-8299-292E75158AF0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{4C94CBF1-95DE-40E8-B598-EF01EB15F096}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{2D5674AC-4C8C-4AF3-A2F6-955D47B9E7F3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{3D5DD9BE-7FF0-4701-BF9D-2750AEFD753A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{B4207231-DC67-4D23-928A-32C8FA9927A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{0B839344-B44D-415C-A26C-534475AE628B}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{0545D16E-B3B9-44AA-BCBC-BA9D775D1AC2}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{126F1897-D063-49AB-8E84-153E13976057}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{2DA1515D-5E39-48F9-978B-CB4322516125}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{DF3C8BB7-4739-414F-BC92-596FFC08D54F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{7939D185-9975-4F3D-A174-BBB2581E0588}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{585F4475-8087-4585-8CA7-7920E1915399}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{5919CD22-1139-4D04-98B0-504C401C4A06}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{E6E0AE70-9B6B-4CBB-A6E9-E9DA3653183A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B96540C2-A063-4CFA-9C88-6E1D01F20569}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{304D44FF-C79E-499B-8062-104DF7C9D48D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{97CF8D1A-1EF1-440F-9F71-22700D88A39B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{423AB798-5CD3-4F2D-B0DC-E8B9779FA0C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{3D062619-D71F-4EDC-98A3-52753522F398}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{CD41C372-03A5-4A23-84E0-59FC438AA974}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{D2E68CCE-A1E5-4501-92DE-BED54751ECD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{14615B41-5C35-41EE-B11F-C39FBCD99B49}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{8952F8F2-9F42-45FD-9C46-516A6F5EC4AC}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{CFD7183B-4A77-4B42-8CBC-6141F7B2322E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{C99CC118-0E51-4887-B923-4F252E4F4AEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{0BAE18CD-337D-491C-BBD5-369214ABCEC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Underworld\tru.exe
FirewallRules: [{125AFA31-3FF5-49A7-B668-170B969F2FF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Underworld\tru.exe
FirewallRules: [{F6B416CE-2AF9-4D42-AA91-83A186A8FC77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [{EA835DB9-68F3-484F-941B-070A11597A01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [{9B422626-24DA-4BFA-98D4-7E4D5FFCEC82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Anniversary\tra.exe
FirewallRules: [{E0FF431B-DCC7-48EF-85A8-0BEA7FF36638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Anniversary\tra.exe
FirewallRules: [{2748104E-E518-434E-9D62-2FB54D65F1F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (VI) The Angel of Darkness\Launcher.exe
FirewallRules: [{A2EB62FF-FF94-4DEE-8E27-9E88968E9C13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (VI) The Angel of Darkness\Launcher.exe
FirewallRules: [{80980080-9B8C-4DBD-9729-D6FA1DE1DC7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (V) Chronicles\PCTomb5.exe
FirewallRules: [{68796B7F-8ABC-4008-9437-C0C0C3362BF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (V) Chronicles\PCTomb5.exe
FirewallRules: [{39D939D8-228A-4A84-9E9D-C59502320311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (IV) The Last Revelation\tomb4.exe
FirewallRules: [{DE807827-2B6E-4FC8-A671-3FC46E8D7B51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (IV) The Last Revelation\tomb4.exe
FirewallRules: [{ED4E290B-933C-4DA7-AA9E-CCA2B188B337}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TombRaider (III)\tomb3.exe
FirewallRules: [{488A0D72-E470-47AB-9FC1-3719CF8DC4EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TombRaider (III)\tomb3.exe
FirewallRules: [{C999A111-8590-4BA9-83A9-DEE30D5B4B6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (II)\Tomb2.exe
FirewallRules: [{87829589-3221-456C-841D-CD687A5D3344}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (II)\Tomb2.exe
FirewallRules: [{B28FBF65-4932-4898-AB5B-2EF3CA249791}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (I)\dosbox.exe
FirewallRules: [{01DBB16F-E231-4EC4-B7AC-830736853142}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (I)\dosbox.exe
FirewallRules: [{23514F83-17C6-4F65-860D-91F5652D1EB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{2D8EEC11-8373-47CF-987C-7704DEBC753D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E1D010A9-CE9D-4665-99D1-8BEC73F009B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lara Croft and the Guardian of Light\lcgol.exe
FirewallRules: [{7F443F60-18C4-44BF-8FEB-45115F0BC765}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lara Croft and the Guardian of Light\lcgol.exe
FirewallRules: [{493DCE06-B33C-4FDF-8095-13DD536F9A87}] => (Allow) C:\Users\Aodh\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{D4E017E8-B72E-45F1-B8C5-1E9F41D87C6D}] => (Allow) C:\Users\Aodh\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{F37948FD-FEE8-4B44-B596-45CFD0FC8D70}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{67B95249-9C76-45EF-9C85-B3A2B0BA8E18}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{8BC2BEC5-E565-49AD-8B43-9B4E98E63DF6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{1B91C438-3FD2-44B8-9321-693378539D13}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{34CD644B-F722-4E29-97EC-7B38615F6C6F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F29F0A4-922B-4828-9C28-33B16C36F65D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{228F6A61-EAAD-42B0-8B47-FAB15D1362BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avadon The Black Fortress\Avadon.exe
FirewallRules: [{5E7DDF11-C21B-47EB-A614-F3DBBAAA7CA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avadon The Black Fortress\Avadon.exe
FirewallRules: [TCP Query User{5B68BDEE-2BB0-4078-9903-0C2DD312BFC4}C:\program files (x86)\fms\fms.exe] => (Allow) C:\program files (x86)\fms\fms.exe
FirewallRules: [UDP Query User{58A2E76B-4E1F-49A0-829F-6F05638C059C}C:\program files (x86)\fms\fms.exe] => (Allow) C:\program files (x86)\fms\fms.exe
FirewallRules: [{2E296E62-21A6-4CB3-85F8-F7FAD9BF9185}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroine's Quest\Heroine's Quest.exe
FirewallRules: [{5B7D95F6-CDCC-425B-A637-3FFB5255000A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroine's Quest\Heroine's Quest.exe
FirewallRules: [{4682AAD3-ED78-4759-8F1F-B171719DE9EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Infinite Crisis Steam\TurbineLauncher.exe
FirewallRules: [{EE27EF50-98D2-4F6C-B845-C205D427DBFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Infinite Crisis Steam\TurbineLauncher.exe
FirewallRules: [{1B36747E-7F83-48C4-ACC2-5788CA62ABD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{8ECDC837-CEB8-4A9C-B01B-FDE1F7FC8107}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{2A0D8B64-29ED-4625-B9A8-32F7CDB19C45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{78E3036C-5216-4A17-9C98-536CDC69EAFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{EAAE8B9B-9113-4CEB-8ED1-67F197981311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 5\Geneforge 5.exe
FirewallRules: [{458BD448-A1E7-437E-B020-EA04A7693F41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 5\Geneforge 5.exe
FirewallRules: [{3A775842-6F0E-4010-ACA0-B96179BC4A89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 4\Geneforge 4.exe
FirewallRules: [{ABCD88F3-2B04-4AF8-A74F-9483815F2BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 4\Geneforge 4.exe
FirewallRules: [{734BE1DA-E4EA-4712-A44C-88FBE2557FC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 3\Geneforge 3.exe
FirewallRules: [{70670280-6924-4E15-803E-5AA59916C290}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 3\Geneforge 3.exe
FirewallRules: [{E5802A4D-EFE0-4091-9FA0-812BC5E16022}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 2\Geneforge 2.exe
FirewallRules: [{7FC15D4D-DC7F-41A8-90D2-F6B0650A3A23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 2\Geneforge 2.exe
FirewallRules: [{24A2CE35-DC92-4AE7-AEF9-F74400927B37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge\Geneforge.exe
FirewallRules: [{FBC95371-98BD-4E11-94B2-AA5491555269}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge\Geneforge.exe
FirewallRules: [{27081020-55BA-4647-8B05-15D09E10B88E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Chip's Challenge 1\chips1.exe
FirewallRules: [{011C997E-C92E-45A2-8E6C-5BA8E3320C64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Chip's Challenge 1\chips1.exe
FirewallRules: [TCP Query User{C199C2AC-F3A5-48B1-B6B0-8C9CC96E621C}C:\program files (x86)\applian technologies\applian flv and media player\amp.exe] => (Block) C:\program files (x86)\applian technologies\applian flv and media player\amp.exe
FirewallRules: [UDP Query User{52FE907A-EDEE-4AF4-BCF3-67115A1D6D92}C:\program files (x86)\applian technologies\applian flv and media player\amp.exe] => (Block) C:\program files (x86)\applian technologies\applian flv and media player\amp.exe
FirewallRules: [{255847C9-3A8F-42F1-95B8-760756435E39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{26EB114F-2031-4D60-9C48-1403D90CBF5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{B0CE9DA1-40C7-4D04-BC9B-E43FF3707F33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{45030FCA-3BD9-452C-97A1-A4FB5C65CF51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{140D172F-CCFF-4602-9FB2-56BC2AFF6D1C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{64975CCE-C471-413B-828D-44811B50D507}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{06C7604B-ACF1-4643-BAE0-10E3383198C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Continuum\Continuum.exe
FirewallRules: [{F5A3D1BB-C698-4F74-BFBE-A9887ADE1FE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Continuum\Continuum.exe
FirewallRules: [{784A0822-806D-41A0-AC9D-27C04DDAADE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{689A604F-E8D3-4D12-94F3-BC4909190B94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{70BEC15E-3DF4-4E47-B4D9-26ACB17A81EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{EF0E8592-08FA-4CA9-BEE9-47E1BC242809}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{1A396D15-3F24-465B-8195-BC8BB63B11A2}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{0A0FBDCC-7633-4E81-A7D2-E936E2DFFC96}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{E361F9AB-A94F-4008-9A31-DA9F9403EDD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{61A5EFEB-FF1B-4E98-8760-60C141FCEA4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{95951A8C-1BF6-419A-B3A9-8ED1DE6D39F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{564B8038-3650-4FE3-B125-41C249617DE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{66D988F5-113B-476B-BCCB-F4AF144B9613}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7912E4E2-2B56-4FEC-8F8E-8AF9D460AE25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{44B58F08-3894-48FC-9B8B-152DB6C1E095}C:\program files (x86)\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [UDP Query User{C41FA4CB-5E90-4DAE-98C4-5060CBF532C5}C:\program files (x86)\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [{449B01AD-7185-4E79-8FFD-C126E74746CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{BBDC9928-DC89-488A-9A08-3DAE53F3F5F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{DFA94688-A1D3-4F41-BD8A-8FE800E49384}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Epic Arena\EpicArena.exe
FirewallRules: [{5E488E81-71F2-4B93-8B0E-213427358950}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Epic Arena\EpicArena.exe
FirewallRules: [{4D21E8B5-374F-4CFF-B470-EA0FF054B7C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tactical Genius\TacticalGenius.exe
FirewallRules: [{E5332311-920E-4308-BF88-2CEB88D8F1F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tactical Genius\TacticalGenius.exe
FirewallRules: [TCP Query User{D19944A5-6163-44AD-8189-E8EB145F04AC}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{7F598544-4FEB-4463-AB9C-09171AE02DC3}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{407F114B-B90D-4067-8D0B-DDB22997362F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Missing Translation\nw.exe
FirewallRules: [{75431BD0-2A3C-4941-B649-1DFE823E6DBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Missing Translation\nw.exe
FirewallRules: [{02967C1B-53FA-4A86-82F1-B898DBCD5257}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{1C4D4564-84CB-440E-A311-FA397319AB14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{C383B4AC-3C59-4B3D-8AE4-9C810ABBDAAC}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{550EEADB-1C48-4988-AC74-5A4CC9A0BB7D}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{C6D8E8D3-85D3-473E-A1D7-6B19270E15C8}C:\users\aodh\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\aodh\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{93A6C88F-49E9-4B45-AAEA-6667459BA5EF}C:\users\aodh\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\aodh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E3D9B46C-5A7F-410A-9AE0-D73F4605FDBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Sky\EndlessSky.exe
FirewallRules: [{E76B54BA-1FAF-4082-8F99-9809047015B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Sky\EndlessSky.exe
FirewallRules: [{55310C9C-04F9-4FFA-8BB9-5C091203D17F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{F915AA07-E79E-4C90-996D-BA07B895088D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{575A37DC-161E-4279-A28F-51BFCD770D50}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6DE91EE2-2FDE-401C-B286-B6E7FA829D30}] => (Allow) LPort=2869
FirewallRules: [{CD71DAED-D397-4FD9-A49E-89A7B89D2396}] => (Allow) LPort=1900
FirewallRules: [{1FCD7AA5-EEAF-4CD7-8FFB-0E8A89B40698}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39D511C4-69C0-4646-9F79-48C6094191AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE3A03E5-E35E-4E5A-B390-D8977A5E6566}] => (Allow) C:\Users\Aodh\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{FAEAC1E4-7471-4731-8E3A-421308A77D03}] => (Allow) C:\Users\Aodh\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{E1FA06C3-75FF-42B1-8A2B-37417D2D2FE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{E2DC6E91-431A-40D8-BE96-B996CE01D780}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{5A0A6A7F-AA99-4207-BE61-B838A8E1300A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{67C76C9F-AC9C-453E-9FCD-F7C73D4BF124}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6EC32FBA-41B0-4F5A-904F-F4159179E343}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B5836641-83B6-4FD0-9EB9-DACD6A55A6E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{28FFF8CB-792A-432A-BE84-6274424E150D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{311CA449-325F-4803-8EA8-5FCF197BAAAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{99312CBC-1FAD-4E80-95E9-6690469C721F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4972A216-74AA-4013-A4C5-A9F06EAA45D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/18/2015 08:15:08 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 2564.  Message ID: [0x2509].
 
Error: (12/18/2015 07:30:13 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 700.  Message ID: [0x2509].
 
Error: (12/18/2015 04:24:33 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 3448.  Message ID: [0x2509].
 
Error: (12/18/2015 01:19:22 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 3516.  Message ID: [0x2509].
 
Error: (12/18/2015 12:17:32 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 3992.  Message ID: [0x2509].
 
Error: (12/18/2015 12:16:02 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 4804.  Message ID: [0x2509].
 
Error: (12/18/2015 12:09:45 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 2876.  Message ID: [0x2509].
 
Error: (12/18/2015 12:02:59 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5320.  Message ID: [0x2509].
 
Error: (12/18/2015 11:59:05 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5912.  Message ID: [0x2509].
 
Error: (12/18/2015 11:57:07 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 2248.  Message ID: [0x2509].
 
 
System errors:
=============
Error: (12/18/2015 08:05:47 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000116 (0xfffffa8011ceb4e0, 0xfffff88006124e60, 0xffffffffc000009a, 0x0000000000000004)C:\Windows\MEMORY.DMP121815-16161-01
 
Error: (12/18/2015 08:05:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:58:37 on ‎18/‎12/‎2015 was unexpected.
 
Error: (12/18/2015 07:23:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}
 
Error: (12/18/2015 07:22:06 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000116 (0xfffffa80117e2010, 0xfffff8800607be60, 0xffffffffc000009a, 0x0000000000000004)C:\Windows\MEMORY.DMP121815-21902-01
 
Error: (12/18/2015 07:21:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:19:48 on ‎18/‎12/‎2015 was unexpected.
 
Error: (12/18/2015 06:38:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (12/18/2015 06:38:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (12/18/2015 10:47:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (12/18/2015 10:47:33 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (12/16/2015 07:51:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Avira Service Host service to connect.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2310 CPU @ 2.90GHz
Percentage of memory in use: 31%
Total physical RAM: 8173.64 MB
Available physical RAM: 5625.91 MB
Total Virtual: 16345.49 MB
Available Virtual: 13436.73 MB
 
==================== Drives ================================
 
Drive c: (Boot) (Fixed) (Total:1356.17 GB) (Free:288.24 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:20.23 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
 
==================== End of Addition.txt ============================

 

Cheers!


Edited by boosra123, 21 December 2015 - 12:11 PM.

  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello boosra123,

Welcome to Geekstogo,

Sorry about the delay, for me it was Christmas that got in the way lol.

Now

Firstly, please uninstall the following programs that are reported to bring adware.

Ace Stream Media
Search Results Toolbar
WSE Rocket


After that

Note: When downloading the next two tools choose the @Bleepingcompter green button you see. If you are unable to run JRT.txt just move on to AdwCleaner.

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Next

Please download : ADWCleaner to your desktop  (use the Download Now @ BleepingComputer button)..

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon. AdwCleaner will update itself and then open.

AdwCleaner.jpg

Click on Scan  and follow the prompts. It may appear not to be doing anything, please be patient and let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

When you return please post

  • JRT txt.
  • AdwCleaner log

  • 0

#3
boosra123

boosra123

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Hi emeraldnzl!

 

No worries, lucky I decided to check back just in case lol.

 

I'll follow the instructions and post back soon. Just wanted to quickly let you know I am still here. :)


  • 0

#4
boosra123

boosra123

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Hello emeraldnzl,

 

Here are the scan logs:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64 
Ran by Aodh (Administrator) on 05/01/2016 at 23:01:28.04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 23 
 
Successfully deleted: C:\ProgramData\avg security toolbar (Folder) 
Successfully deleted: C:\ProgramData\Avg_Update_0814av (Folder) 
Successfully deleted: C:\ProgramData\Avg_Update_1114av (Folder) 
Successfully deleted: C:\ProgramData\drivergenius (Folder) 
Successfully deleted: C:\ProgramData\partner (Folder) 
Successfully deleted: C:\Users\Aodh\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) 
Successfully deleted: C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage (File) 
Successfully deleted: C:\Users\Aodh\AppData\Local\rocket (Folder) 
Successfully deleted: C:\Users\Aodh\Appdata\LocalLow\.acestream (Folder) 
Successfully deleted: C:\Users\Aodh\Appdata\LocalLow\searchresultstb (Folder) 
Successfully deleted: C:\Users\Aodh\AppData\Roaming\.acestream (Folder) 
Successfully deleted: C:\Users\Aodh\AppData\Roaming\acestream (Folder) 
Successfully deleted: C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\extensions\[email protected] (Folder) 
Successfully deleted: C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\user.js (File) 
Successfully deleted: C:\Windows\system32\Tasks\1114avUpdateInfo (Task)
Successfully deleted: C:\Windows\SysWOW64\registryhelperlm.ocx (File) 
Successfully deleted: C:\Windows\Tasks\1114avUpdateInfo.job (Task) 
Successfully deleted: C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-7AE0A20E.pf (File) 
Successfully deleted: C:\Windows\SysWOW64\REN2EE0.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\RENE54F.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoD90.tmp (File) 
 
 
 
Registry: 1 
 
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/01/2016 at 23:04:32.84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
# AdwCleaner v5.028 - Logfile created 05/01/2016 at 23:14:42
# Updated 04/01/2016 by Xplode
# Database : 2016-01-04.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Aodh - VANDENNIS
# Running from : C:\Users\Aodh\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\_acestream_cache_
[-] Folder Deleted : C:\Program Files (x86)\Applian Technologies
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
[-] Folder Deleted : C:\Users\Aodh\AppData\Local\apn
[-] Folder Deleted : C:\Users\Aodh\Documents\Updater
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\registry helper service
[-] Key Deleted : HKCU\SOFTWARE\Classes\acestream
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94366E2C-9923-431C-B0D6-747447DD0F2B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{94366E2C-9923-431C-B0D6-747447DD0F2B}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{94366E2C-9923-431C-B0D6-747447DD0F2B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94366E2C-9923-431C-B0D6-747447DD0F2B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Rocket Browser
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKLM\SOFTWARE\Driver-Soft
[-] Key Deleted : HKLM\SOFTWARE\W3I
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Applian FLV and Media Player
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[-] [C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : isearch.avg.com
[-] [C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ibnjmihbbanannlbobkbmnmckjnmdnom
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3617 bytes] ##########
 
 
Cheers! :)

Edited by boosra123, 05 January 2016 - 05:20 PM.

  • 0

#5
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello again  boosra123,

Thanks for those. :)

Moving along now

Open notepad.

Please copy the contents of the code box below.

To do this highlight (click in the box and press Ctrl + A) the contents of the box and right click on it. Paste this into the open notepad. Save it to the Desktop as fixlist.txt.

Alternatively type the contents of the box into notepad and save it to your desktop as fixlist.txt.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
 

Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
EmptyTemp:

This script is specifically written for the infection on this person's computer. It should NOT to be used on another machine. It may cause serious damage even to the point of rendering the computer unusable.

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After that

Please run another FRST scan with the Addition.txt box ticked and post back the two logs generated - FRST.txt and Addition.txt.

So when you return please post

  • Fixlog.txt
  • FRST.txt
  • Addtion.txt

 


  • 0

#6
boosra123

boosra123

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Hi emeraldnzl,

 

Here we go:

 

Fix result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by Aodh (2016-01-06 10:47:24) Run:2
Running from C:\Users\Aodh\Desktop
Loaded Profiles: Aodh (Available Profiles: Aodh & Guest)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
 
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
EmptyTemp:
*****************
 
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-418917625-158424403-2452974618-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-418917625-158424403-2452974618-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
EmptyTemp: => 20.9 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 10:47:29 ====
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
Ran by Aodh (administrator) on VANDENNIS (18-12-2015 22:43:25)
Running from C:\Users\Aodh\Desktop
Loaded Profiles: Aodh (Available Profiles: Aodh & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files\Rainmeter\Rainmeter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-25] (CyberLink)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FontExpertType1Loader] => C:\Program Files (x86)\FontExpert\Type1Loader.exe [176472 2013-12-07] (Proxima Software)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM\...\RunOnce: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-25] (CyberLink)
HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-11-15] (Google Inc.)
HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Run: [RocketDock] => "C:\Program Files (x86)\RocketDock\RocketDock.exe"
HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-18\...\RunOnce: [Adobe Speed Launcher] => 1421233140
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
Startup: C:\Users\Aodh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2012-10-11]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 89.101.160.4 89.101.160.5
Tcpip\..\Interfaces\{1200D11D-FA00-44F9-BE95-1BF725753475}: [DhcpNameServer] 89.101.160.4 89.101.160.5
Tcpip\..\Interfaces\{77FC1C4C-FFBD-4CD5-A278-8E060C677A59}: [NameServer] 89.101.160.4,89.101.160.5
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-418917625-158424403-2452974618-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
HKU\S-1-5-21-418917625-158424403-2452974618-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-418917625-158424403-2452974618-1001 -> DefaultScope {020A5F22-EF90-498D-8150-0AF0CAB38710} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-16] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Search Results Toolbar -> {94366e2c-9923-431c-b0d6-747447dd0f2b} -> C:\Program Files (x86)\searchresults1\searchresultsDx.dll [2012-03-22] (Ask.com)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-16] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - Search Results Toolbar - {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files (x86)\searchresults1\searchresultsDx.dll [2012-03-22] (Ask.com)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-418917625-158424403-2452974618-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
 
FireFox:
========
FF ProfilePath: C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-04-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-10-24] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-04-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-418917625-158424403-2452974618-1001: @acestream.net/acestreamplugin,version=3.1.1 -> C:\Users\Aodh\AppData\Roaming\ACEStream\player\npace_plugin.dll [2015-08-06] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-418917625-158424403-2452974618-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Aodh\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-05-19] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\user.js [2014-07-02]
FF Extension: Firefogg - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\extensions\[email protected] [2015-12-02] [not signed]
FF Extension: Flashblock - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-12-02]
FF Extension: NoScript - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-12-02]
FF Extension: BetterPrivacy - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-12-13]
FF Extension: Avira Browser Safety - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\[email protected] [2015-12-01] [not signed]
FF Extension: Ant Video Downloader - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\[email protected] [2015-12-01]
FF Extension: Ghostery - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\[email protected] [2015-12-01]
FF Extension: TinEye Reverse Image Search - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\[email protected] [2015-09-13]
FF Extension: Lightshot (screenshot tool) - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2015-06-12]
FF Extension: Table2Clipboard - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{9ab67d74-ec41-4cb2-b417-df5d93ba1beb}.xpi [2015-06-12]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-12-01]
FF Extension: Video DownloadHelper - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-12-01]
FF Extension: Flash and Video Download - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-12-01] [not signed]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-12-01] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
FF HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\Aodh\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension.xpi
FF Extension: Ace Stream Web Extension - C:\Users\Aodh\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension.xpi [2015-11-10] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
CHR StartupUrls: Default -> "hxxps://www.google.ie/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Aodh\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll => No File
CHR Profile: C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-04]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-12-17]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-12-30]
CHR Extension: (Skype) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-18]
CHR Extension: (Ace Stream Web Extension) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2015-12-06]
CHR Extension: (Ghostery) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-11-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-418917625-158424403-2452974618-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-06-25] (Adobe Systems) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-02-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2012-09-24] (Broadcom Corporation.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-11-24] (NVIDIA Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-18 22:43 - 2015-12-18 22:43 - 00028519 _____ C:\Users\Aodh\Desktop\FRST.txt
2015-12-18 22:43 - 2015-12-18 22:43 - 00000000 ____D C:\FRST
2015-12-18 22:42 - 2015-12-18 22:42 - 02370048 _____ (Farbar) C:\Users\Aodh\Desktop\FRST64.exe
2015-12-18 22:02 - 2015-12-18 22:02 - 00007601 _____ C:\Users\Aodh\AppData\Local\Resmon.ResmonCfg
2015-12-18 20:37 - 2015-12-18 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-18 20:37 - 2015-12-09 01:51 - 01846016 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-12-18 20:37 - 2015-12-09 01:51 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-12-18 20:37 - 2015-12-09 01:51 - 01530240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-12-18 20:37 - 2015-12-09 01:51 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-12-18 20:37 - 2015-12-09 01:51 - 00111520 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2015-12-18 20:36 - 2015-11-24 18:29 - 00102704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-12-18 20:34 - 2015-11-24 23:10 - 42913912 _____ C:\Windows\system32\nvcompiler.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 22310008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 18363696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 16553568 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 15717672 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 14835872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 13527248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 12034248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 11131184 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-12-18 20:34 - 2015-11-24 23:10 - 03579696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 03159248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 02870392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 02490488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435906.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435906.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00877360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00689272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-12-18 20:34 - 2015-11-24 23:10 - 00177600 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00151184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00072504 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-12-18 20:34 - 2015-11-24 23:10 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-12-18 20:25 - 2015-12-18 20:35 - 00000000 ____D C:\Windows\LastGood
2015-12-18 20:25 - 2015-12-18 20:28 - 316046904 _____ (NVIDIA Corporation) C:\Users\Aodh\Downloads\359.06-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-12-18 20:09 - 2015-12-18 20:09 - 00012388 _____ C:\Users\Aodh\Documents\Bluescreen info.odt
2015-12-18 20:05 - 2015-12-18 20:05 - 00803416 _____ C:\Windows\Minidump\121815-16161-01.dmp
2015-12-18 19:21 - 2015-12-18 20:05 - 736600666 _____ C:\Windows\MEMORY.DMP
2015-12-18 19:21 - 2015-12-18 19:22 - 01006344 _____ C:\Windows\Minidump\121815-21902-01.dmp
2015-12-18 16:13 - 2015-12-18 16:13 - 00000000 ____D C:\Users\Aodh\Downloads\Bolivian Baroque Vol 3 - Ensemble Florilegium
2015-12-18 16:04 - 2015-12-18 16:05 - 146040880 _____ C:\Users\Aodh\Downloads\Bolivian Baroque Vol 3 - Ensemble Florilegium.rar
2015-12-18 16:03 - 2015-12-18 16:03 - 00000000 ____D C:\Users\Aodh\Downloads\Bolivian Baroque Vol 2 - Ensemble Florilegium
2015-12-18 15:58 - 2015-12-18 16:00 - 166368351 _____ C:\Users\Aodh\Downloads\Bolivian Baroque Vol 2 - Ensemble Florilegium.rar
2015-12-18 15:58 - 2015-12-18 15:58 - 00000000 ____D C:\Users\Aodh\Downloads\Bolivian Baroque Vol 1 - Ensemble Florilegium
2015-12-18 15:55 - 2015-12-18 15:57 - 208335153 _____ C:\Users\Aodh\Downloads\Bolivian Baroque Vol 1 - Ensemble Florilegium.rar
2015-12-18 15:40 - 2015-12-18 15:40 - 00042690 _____ C:\Users\Aodh\Downloads\p.txt
2015-12-18 15:40 - 2015-12-18 15:40 - 00042690 _____ C:\Users\Aodh\Downloads\p (3).txt
2015-12-18 15:40 - 2015-12-18 15:40 - 00042690 _____ C:\Users\Aodh\Downloads\p (2).txt
2015-12-18 15:40 - 2015-12-18 15:40 - 00042690 _____ C:\Users\Aodh\Downloads\p (1).txt
2015-12-17 16:58 - 2015-12-17 16:58 - 00157652 _____ C:\Users\Aodh\Downloads\2015_FIA_Appendix_J_-_Art_255_A_WRC.pdf
2015-12-17 16:54 - 2015-12-17 16:54 - 01984707 _____ C:\Users\Aodh\Downloads\2016_wrc_sporting_regulations_all.pdf
2015-12-16 21:29 - 2015-12-16 21:29 - 00007476 _____ C:\Users\Aodh\Downloads\hitoutput.txt
2015-12-16 20:15 - 2015-12-16 20:15 - 00018143 _____ C:\Users\Aodh\Downloads\[kat.cr]up.2009.1080p.brrip.x264.yify.torrent
2015-12-16 19:59 - 2015-12-16 19:59 - 00584288 _____ (Oracle Corporation) C:\Users\Aodh\Downloads\jxpiinstall(4).exe
2015-12-16 19:57 - 2015-12-16 19:57 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-12-16 19:57 - 2015-12-16 19:57 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-16 19:56 - 2015-11-23 12:37 - 00110176 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2015-12-16 19:55 - 2015-12-16 19:55 - 00584288 _____ (Oracle Corporation) C:\Users\Aodh\Downloads\chromeinstall-8u66.exe
2015-12-16 14:14 - 2015-12-16 14:14 - 00528665 _____ C:\Users\Aodh\Downloads\A_Busy_Copyist_and_a_Shy_Composer_Two_Si.pdf
2015-12-16 13:59 - 2015-12-16 13:59 - 00000000 ____D C:\Users\Aodh\Downloads\Francesco Barsanti - 6 Concerti Grossi Opera Sesta·(Il Piacere)
2015-12-16 13:57 - 2015-12-16 13:59 - 179431265 _____ C:\Users\Aodh\Downloads\Francesco Barsanti - 6 Concerti Grossi Opera Sesta·(Il Piacere).rar
2015-12-16 00:36 - 2015-12-16 00:36 - 00020785 _____ C:\Users\Aodh\Downloads\[kat.cr]dangerous.liaisons.1988.720p.x264.jalucian.torrent
2015-12-14 21:21 - 2015-12-14 21:22 - 76941789 _____ C:\Users\Aodh\Downloads\Follow_the_Darkness.zip
2015-12-14 20:43 - 2015-12-14 20:43 - 00094881 _____ C:\Users\Aodh\Downloads\[kat.cr]fargo.s02e08.1080p.web.dl.dd5.1.h264.rarbg.torrent
2015-12-14 20:42 - 2015-12-14 20:42 - 00150280 _____ C:\Users\Aodh\Downloads\[kat.cr]fargo.s02e09.1080p.web.dl.dd5.1.h264.rarbg.torrent
2015-12-13 19:55 - 2015-12-13 19:55 - 00058719 _____ C:\Users\Aodh\Downloads\[kat.cr]inside.out.2015.1080p.bluray.x264.dts.hd.ma.7.1.rarbg.torrent
2015-12-13 19:52 - 2015-12-13 19:52 - 00056003 _____ C:\Users\Aodh\Downloads\[kat.cr]toy.story.that.time.forgot.2014.1080p.bluray.remux.avc.dts.hd.ma.7.1.rarbg.torrent
2015-12-13 19:52 - 2015-12-13 19:52 - 00056003 _____ C:\Users\Aodh\Downloads\[kat.cr]toy.story.that.time.forgot.2014.1080p.bluray.remux.avc.dts.hd.ma.7.1.rarbg (1).torrent
2015-12-11 15:26 - 2015-12-11 15:26 - 00002054 _____ C:\Users\Aodh\Downloads\lit3591 (1)
2015-12-11 15:25 - 2015-12-11 15:25 - 00002054 _____ C:\Users\Aodh\Downloads\lit3591
2015-12-11 01:02 - 2015-12-11 01:02 - 00002019 _____ C:\Users\Aodh\Downloads\190007007
2015-12-10 17:44 - 2015-12-10 17:44 - 00014607 _____ C:\Users\Aodh\Documents\Jacchini Period Instruments.odt
2015-12-10 01:25 - 2015-12-10 01:57 - 00010267 _____ C:\Users\Aodh\Documents\George Maniakes Sources.odt
2015-12-09 19:13 - 2015-12-09 19:13 - 00000000 ____D C:\Users\Aodh\Downloads\Albinoni - Homage to a Spanish Grandee
2015-12-09 19:00 - 2015-12-09 19:00 - 07152429 _____ C:\Users\Aodh\Downloads\Albinoni - Homage to a Spanish Grandee.pdf
2015-12-09 18:59 - 2015-12-09 19:12 - 1401568551 _____ C:\Users\Aodh\Downloads\Albinoni - Homage to a Spanish Grandee.zip
2015-12-09 18:50 - 2015-12-09 18:50 - 00000000 ____D C:\Users\Aodh\Downloads\Albinoni - Concerti a Cinque, Op. 10
2015-12-09 18:44 - 2015-12-09 18:50 - 474380540 _____ C:\Users\Aodh\Downloads\Albinoni - Concerti a Cinque, Op. 10.zip
2015-12-09 16:21 - 2015-12-09 16:21 - 00019719 _____ C:\Users\Aodh\Downloads\[kat.cr]albinoni.galuppi.platti.vivaldi.settecento.veneziano.ottavio.dantone.accademia.bizantina.1999.flac.torrent
2015-12-09 16:19 - 2015-12-09 16:19 - 00109372 _____ C:\Users\Aodh\Downloads\[kat.cr]albinoni.tomaso.1671.1751.italy (1).torrent
2015-12-09 16:18 - 2015-12-09 16:18 - 00109372 _____ C:\Users\Aodh\Downloads\[kat.cr]albinoni.tomaso.1671.1751.italy.torrent
2015-12-09 12:30 - 2015-11-05 19:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 12:30 - 2015-11-05 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 12:29 - 2015-11-20 18:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 12:29 - 2015-11-20 18:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 12:29 - 2015-11-20 18:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 12:29 - 2015-11-20 18:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 12:29 - 2015-11-20 18:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 12:29 - 2015-11-20 18:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 12:29 - 2015-11-20 18:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 12:29 - 2015-11-11 21:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 12:29 - 2015-11-11 20:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 12:29 - 2015-11-11 18:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 12:29 - 2015-11-11 18:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 12:29 - 2015-11-11 18:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 12:29 - 2015-11-11 18:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 12:29 - 2015-11-11 16:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 12:29 - 2015-11-11 16:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 12:29 - 2015-11-11 15:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 12:29 - 2015-11-11 15:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 12:29 - 2015-11-11 15:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 12:29 - 2015-11-11 15:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 12:29 - 2015-11-11 14:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 12:29 - 2015-11-10 18:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 12:29 - 2015-11-10 18:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 12:29 - 2015-11-10 18:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 12:29 - 2015-11-10 18:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 12:29 - 2015-11-10 18:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 12:29 - 2015-11-10 17:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 12:29 - 2015-11-10 00:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 12:29 - 2015-11-10 00:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 12:29 - 2015-11-10 00:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 12:29 - 2015-11-10 00:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 12:29 - 2015-11-10 00:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 12:29 - 2015-11-10 00:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 12:29 - 2015-11-10 00:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 12:29 - 2015-11-10 00:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 12:29 - 2015-11-10 00:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 12:29 - 2015-11-10 00:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 12:29 - 2015-11-10 00:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 12:29 - 2015-11-10 00:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 12:29 - 2015-11-10 00:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 12:29 - 2015-11-09 23:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 12:29 - 2015-11-09 23:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 12:29 - 2015-11-09 23:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 12:29 - 2015-11-09 23:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 12:29 - 2015-11-09 23:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 12:29 - 2015-11-09 23:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 12:29 - 2015-11-09 23:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 12:29 - 2015-11-09 23:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 12:29 - 2015-11-09 23:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 12:29 - 2015-11-09 23:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 12:29 - 2015-11-09 23:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 12:29 - 2015-11-08 22:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 12:29 - 2015-11-08 22:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 12:29 - 2015-11-08 22:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 12:29 - 2015-11-08 22:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 12:29 - 2015-11-08 22:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 12:29 - 2015-11-08 22:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 12:29 - 2015-11-08 22:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 12:29 - 2015-11-08 22:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 12:29 - 2015-11-08 22:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 12:29 - 2015-11-08 22:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 12:29 - 2015-11-08 22:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 12:29 - 2015-11-08 22:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 12:29 - 2015-11-08 22:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 12:29 - 2015-11-08 22:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 12:29 - 2015-11-08 22:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 12:29 - 2015-11-08 22:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 12:29 - 2015-11-08 21:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 12:29 - 2015-11-08 21:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 12:29 - 2015-11-08 21:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 12:29 - 2015-11-08 21:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 12:29 - 2015-11-08 21:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 12:29 - 2015-11-08 21:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 12:29 - 2015-11-08 21:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 12:29 - 2015-11-08 21:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 12:29 - 2015-11-08 21:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 12:29 - 2015-11-08 21:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 12:29 - 2015-11-08 21:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 12:29 - 2015-11-08 21:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 12:29 - 2015-11-08 20:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 12:29 - 2015-11-08 20:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 12:29 - 2015-11-08 20:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 12:29 - 2015-11-05 19:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 12:29 - 2015-11-05 19:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 12:29 - 2015-11-05 09:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 12:29 - 2015-11-03 19:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 12:29 - 2015-11-03 19:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 12:29 - 2015-11-03 18:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 12:29 - 2015-11-03 18:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-09 12:29 - 2015-10-08 23:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-09 12:29 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 12:29 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 12:29 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 12:29 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 12:29 - 2015-10-08 23:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 12:29 - 2015-10-08 23:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 12:29 - 2015-10-08 23:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 12:29 - 2015-10-08 19:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 12:29 - 2015-10-08 18:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-09 11:26 - 2015-12-12 12:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-09 11:26 - 2015-12-09 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-09 11:26 - 2015-12-09 11:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-09 11:26 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-09 11:26 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-09 11:26 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-09 11:25 - 2015-12-09 11:25 - 22908888 _____ (Malwarebytes ) C:\Users\Aodh\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-08 18:20 - 2015-12-08 18:20 - 01437557 _____ C:\Users\Aodh\Downloads\Nella_fucina_di_Polifemo_Nicola_Porpora.pdf
2015-12-08 18:20 - 2015-12-08 18:20 - 01437557 _____ C:\Users\Aodh\Downloads\Nella_fucina_di_Polifemo_Nicola_Porpora (1).pdf
2015-12-07 18:59 - 2015-12-07 18:59 - 00001248 _____ C:\Windows\system32\13 Julia Lezhneva, Dmitry Sinkovsky, Marco Bianchi, Thomas Meraner, Il Giardino Armonico, Giovanni Antonini - Handel Il Trionfo del Tiempo e del Disinganno, HWV 46a - Oratorio - Come nembo che fugge c.lnk
2015-12-07 18:48 - 2015-12-07 18:48 - 00000000 ____D C:\Users\Aodh\Downloads\mkjp9.FLAC
2015-12-07 16:44 - 2015-12-07 18:39 - 352219788 _____ C:\Users\Aodh\Downloads\mkjp9.FLAC.rar
2015-12-05 15:16 - 2015-12-05 16:53 - 00000000 ___HD C:\_acestream_cache_
2015-12-05 15:13 - 2015-12-14 20:44 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\.ACEStream
2015-12-05 15:12 - 2015-12-05 15:12 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
2015-12-05 15:12 - 2015-12-05 15:12 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\ACEStream
2015-12-05 15:12 - 2015-12-05 15:12 - 00000000 ____D C:\Users\Aodh\AppData\LocalLow\.ACEStream
2015-12-05 15:09 - 2015-12-05 15:11 - 79479872 _____ C:\Users\Aodh\Downloads\Ace_Stream_Media_3.1.1.exe
2015-12-04 21:44 - 2015-12-04 21:46 - 00000000 ____D C:\Users\Aodh\Downloads\009Locatelli4
2015-12-04 14:08 - 2015-12-04 21:43 - 559312829 _____ C:\Users\Aodh\Downloads\009Locatelli4.rar
2015-12-04 13:50 - 2015-12-04 13:51 - 00016169 _____ C:\Users\Aodh\Downloads\[torrentlee.com]VA+-+Capella+Edition+-+Italian+Masters+-+_Capriccio,+1992_.torrent
2015-12-03 02:10 - 2015-12-03 02:22 - 00000015 _____ C:\Users\Aodh\Downloads\Headset Microphone (Bluetooth H_a.xml
2015-12-03 02:01 - 2015-12-03 02:02 - 00006298 _____ C:\Users\Aodh\Documents\Vatanencomparison video.wlmp
2015-12-03 01:23 - 2015-12-03 01:23 - 00000000 ____D C:\Users\Aodh\AppData\Local\Wondershare
2015-12-03 01:23 - 2015-12-03 01:23 - 00000000 ____D C:\ProgramData\Wondershare
2015-12-03 01:22 - 2015-12-03 02:23 - 00000000 ____D C:\Users\Aodh\Documents\Wondershare Video Editor
2015-12-03 01:22 - 2015-12-03 01:22 - 00001199 _____ C:\Users\Public\Desktop\Wondershare Video Editor.lnk
2015-12-03 01:22 - 2015-12-03 01:22 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2015-12-03 01:22 - 2015-12-03 01:22 - 00000000 ____D C:\ProgramData\Wondershare Video Editor
2015-12-03 01:22 - 2015-12-03 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2015-12-03 01:22 - 2015-12-03 01:22 - 00000000 ____D C:\Program Files (x86)\Wondershare
2015-12-03 01:22 - 2015-02-27 11:33 - 02140712 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpgvout.004
2015-12-03 01:22 - 2015-02-27 11:33 - 00531496 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpeg2mux.ax
2015-12-03 01:22 - 2015-02-27 11:33 - 00375848 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcm2ve.ax
2015-12-03 01:22 - 2015-02-27 11:33 - 00257064 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcl2ae.ax
2015-12-03 01:22 - 2015-02-27 11:33 - 00244776 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpgaout.dll
2015-12-03 01:22 - 2015-02-27 11:33 - 00020520 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpgvout.dll
2015-12-03 01:21 - 2015-12-03 01:21 - 00938568 _____ C:\Users\Aodh\Downloads\video-editor_setup_full1107.exe
2015-12-03 01:03 - 2015-12-03 01:03 - 00000000 ____D C:\Users\Aodh\AppData\Local\womble
2015-12-03 01:03 - 2015-12-03 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPEG Video Wizard DVD 5.0
2015-12-03 01:03 - 2015-12-03 01:03 - 00000000 ____D C:\Program Files (x86)\Womble Multimedia
2015-12-03 01:02 - 2015-12-03 01:03 - 14556135 _____ (Womble Multimedia, Inc. ) C:\Users\Aodh\Downloads\womble_dvd5.exe
2015-12-02 13:47 - 2015-12-02 13:47 - 00021674 _____ C:\Users\Aodh\Downloads\[kat.cr]evaristo.felice.dall.abaco.op.2.5.6.torrent
2015-12-02 01:27 - 2015-12-02 01:27 - 04944187 _____ C:\Users\Aodh\Downloads\Nicolas Matteis 2.pdf
2015-12-02 01:26 - 2015-12-02 01:26 - 06134447 _____ C:\Users\Aodh\Downloads\Nicolas Matteis 3.pdf
2015-12-02 01:22 - 2015-12-02 01:22 - 43733384 _____ C:\Users\Aodh\Downloads\Nicola Matteis works.pdf
2015-12-01 13:14 - 2015-12-02 19:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-01 12:52 - 2015-12-01 12:52 - 00000000 ____D C:\Windows\en
2015-12-01 12:51 - 2015-12-01 12:51 - 00001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-12-01 12:46 - 2015-12-01 12:46 - 03446362 _____ ( ) C:\Users\Aodh\Downloads\ShaderTFX64beta.exe
2015-12-01 12:46 - 2015-12-01 12:46 - 00000000 ____D C:\Program Files\RehanFX
2015-12-01 12:30 - 2015-12-01 12:30 - 00039777 _____ C:\Users\Aodh\Downloads\rehansplit (1).exe
2015-12-01 12:29 - 2015-12-01 12:34 - 00000000 ____D C:\Users\Aodh\Downloads\Split
2015-12-01 12:29 - 2015-12-01 12:29 - 00039777 _____ C:\Users\Aodh\Downloads\rehansplit.exe
2015-12-01 12:29 - 2015-12-01 12:29 - 00000000 ____D C:\Program Files\Movie Maker
2015-12-01 12:06 - 2015-12-01 12:06 - 125080180 _____ C:\Users\Aodh\Downloads\Manx National Rally 2013-Steve Simpson_Patrick Walsh-Subaru Impreza WRC S12-SS11-Tholt Y Will.mp4
2015-12-01 12:04 - 2015-12-01 12:04 - 27458981 _____ C:\Users\Aodh\Downloads\Ari Vatanen - In Car Manx 1983 - SS4.mp4
2015-11-30 18:22 - 2015-11-30 18:22 - 00019990 _____ C:\Users\Aodh\Downloads\Albertini_Ignazio_(Albertino)_(c_1644_22_September_1685)_Sonates_pour_violon_flac(not_my_rip)-((demonoid.pw)).TORRENT
2015-11-30 01:14 - 2015-11-30 01:14 - 00001761 _____ C:\Users\Aodh\.recently-used.xbel
2015-11-29 23:19 - 2015-11-29 23:19 - 00445543 _____ C:\Users\Aodh\Downloads\Philip_Gavitt_Gender_Honor_and_Charity_i.pdf
2015-11-29 20:01 - 2015-11-29 20:01 - 11027152 _____ C:\Users\Aodh\Downloads\r_baroque_ii_e19_by_rpil-d8b7qru.zip
2015-11-29 19:54 - 2015-11-29 19:54 - 16445565 _____ C:\Users\Aodh\Downloads\antique_theme_by_andrewtheshort-d2y60fc.zip
2015-11-29 19:54 - 2015-11-29 19:54 - 00000000 ____D C:\Users\Aodh\Downloads\antique_theme_by_andrewtheshort-d2y60fc
2015-11-29 15:05 - 2015-11-29 15:05 - 00015056 _____ C:\Users\Aodh\Downloads\btkitty.so_Henrico-Albicastro-12-concerti-a-quattro-op-7-Collegium-Marianum,-Collegium-1704-2000-.torrent
2015-11-29 13:46 - 2015-11-29 17:06 - 00000000 ____D C:\Program Files (x86)\Monkey's Audio
2015-11-29 13:46 - 2015-11-29 13:46 - 01123144 _____ ( ) C:\Users\Aodh\Downloads\MAC_416.exe
2015-11-29 13:46 - 2015-11-29 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monkey's Audio
2015-11-29 13:46 - 2015-03-24 20:55 - 00445952 _____ (Matthew T. Ashland) C:\Windows\SysWOW64\MACDll.dll
2015-11-28 23:08 - 2015-11-28 23:08 - 00057861 _____ C:\Users\Aodh\Downloads\(demonoid.pw)-Capella_Istropolitana_Christmas_Concerti_(EAC_FLAC)_[istabraq].TORRENT
2015-11-28 22:24 - 2015-11-28 22:24 - 00000000 ____D C:\Users\Aodh\Downloads\kid3-3.3.0-win32
2015-11-28 22:22 - 2015-11-28 22:23 - 16150727 _____ C:\Users\Aodh\Downloads\kid3-3.3.0-win32.zip
2015-11-28 22:17 - 2015-11-28 22:17 - 00020468 _____ C:\Users\Aodh\Downloads\[kat.cr]the.deluge.1974.2014.part.2.hdrip.1080p.x264.ac3.subtitles.eng.pl.torrent
2015-11-28 19:31 - 2015-11-28 19:31 - 00016672 _____ C:\Users\Aodh\Downloads\[kat.cr]house.of.cards.1990.seasons.1.3.e.rev.complete.480p.mkv.x264.torrent
2015-11-28 14:03 - 2015-11-28 14:03 - 79217934 _____ C:\Users\Aodh\Downloads\Pontano de principe.pdf
2015-11-23 23:54 - 2015-11-23 23:54 - 00022733 _____ C:\Users\Aodh\AppData\Local\recently-used.xbel
2015-11-23 21:59 - 2015-12-06 13:06 - 00000000 ____D C:\Users\Aodh\AppData\Local\ElevatedDiagnostics
2015-11-22 15:26 - 2015-11-22 15:26 - 00036649 _____ C:\Users\Aodh\Downloads\[kat.cr]dangerous.crossing.1953.film.noir.torrent
2015-11-22 15:24 - 2015-11-22 15:24 - 00040871 _____ C:\Users\Aodh\Downloads\[kat.cr]the.scarlet.hour.1956.crime.film.noir.torrent
2015-11-19 22:12 - 2015-11-19 22:12 - 00012343 _____ C:\Users\Aodh\Downloads\[kat.cr]house.of.cards.s02.complete.season.2.bluray.720p.x265.hevc.nate.666.torrent
2015-11-19 01:00 - 2015-11-19 01:00 - 11753257 _____ C:\Users\Aodh\Downloads\How_to_Study_Music_1000015128.pdf
2015-11-19 01:00 - 2015-11-19 01:00 - 11689356 _____ C:\Users\Aodh\Downloads\How_to_Study_Music_1000015128 (1).pdf
2015-11-19 01:00 - 2015-11-19 01:00 - 00021938 _____ C:\Users\Aodh\Documents\Jews France rant.odt
2015-11-18 13:41 - 2015-11-18 13:41 - 08923674 _____ C:\Users\Aodh\Downloads\Historia_de_Vitis_Pontificum.pdf
2015-11-18 13:30 - 2015-11-18 13:30 - 74103431 _____ C:\Users\Aodh\Downloads\Die Vitis Ponitificum.pdf
2015-11-18 11:24 - 2015-11-18 11:24 - 00021720 _____ C:\Users\Aodh\Downloads\[kat.cr]the.name.of.the.rose.1986.1080p.brrip.x264.yify.torrent
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-18 22:43 - 2009-07-14 03:20 - 00000000 ____D C:\Windows
2015-12-18 22:34 - 2011-11-15 16:06 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-18 22:28 - 2012-09-04 17:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-18 22:03 - 2009-07-14 04:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-18 22:03 - 2009-07-14 04:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-18 22:02 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2015-12-18 22:00 - 2011-06-15 00:34 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-18 21:57 - 2011-11-15 15:32 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-18 21:15 - 2013-10-18 12:22 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\vlc
2015-12-18 20:57 - 2011-11-15 15:32 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-18 20:37 - 2014-06-03 15:50 - 00000000 ____D C:\Users\Aodh\AppData\Local\NVIDIA Corporation
2015-12-18 20:37 - 2011-06-15 00:34 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-12-18 20:37 - 2011-06-15 00:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-18 20:36 - 2011-06-15 00:34 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-18 20:23 - 2014-06-03 15:50 - 00000000 ____D C:\Users\Aodh\AppData\Local\NVIDIA
2015-12-18 20:23 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-18 20:05 - 2011-11-26 21:50 - 00000000 ____D C:\Windows\Minidump
2015-12-18 15:43 - 2015-03-12 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-18 15:43 - 2014-07-22 20:58 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-18 15:42 - 2014-08-19 16:27 - 00000000 ____D C:\Users\Aodh\AppData\Local\Adobe
2015-12-18 13:36 - 2015-04-05 02:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 13:36 - 2015-04-05 02:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-17 11:01 - 2012-09-26 15:21 - 00000000 ____D C:\Users\Aodh\Desktop\Torrents
2015-12-17 02:39 - 2014-06-29 19:01 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\tixati
2015-12-16 19:57 - 2013-10-17 23:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-16 18:43 - 2015-10-08 17:49 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\foobar2000
2015-12-10 14:25 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 11:11 - 2009-07-14 04:45 - 04891704 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-10 02:22 - 2012-09-12 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 02:21 - 2012-09-12 20:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 02:21 - 2012-09-12 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 02:20 - 2013-08-14 18:07 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 02:13 - 2011-02-10 20:56 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 12:06 - 2011-12-16 14:32 - 00000000 ____D C:\Program Files (x86)\Magic Workstation
2015-12-09 11:28 - 2012-09-04 17:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 11:28 - 2012-04-01 23:45 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 11:28 - 2011-06-14 21:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 11:26 - 2012-03-04 17:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-09 11:09 - 2009-07-14 05:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-05 20:19 - 2009-07-14 05:13 - 00783464 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-04 20:52 - 2011-11-15 15:32 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 20:52 - 2011-11-15 15:32 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 11:31 - 2014-06-03 16:47 - 00074792 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2015-12-03 11:29 - 2012-04-25 22:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-03 01:23 - 2014-06-03 22:55 - 00074792 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2015-12-02 17:45 - 2015-11-12 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD Wave
2015-12-02 17:44 - 2013-03-13 16:22 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\Audacity
2015-12-01 12:51 - 2013-06-25 18:16 - 00001378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-12-01 12:50 - 2011-02-10 20:32 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-12-01 12:15 - 2012-02-19 17:44 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2015-12-01 12:13 - 2012-11-18 15:15 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2015-12-01 11:35 - 2015-03-12 17:44 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-01 11:35 - 2015-03-12 17:44 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-01 11:35 - 2015-03-12 17:44 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-11-30 01:18 - 2012-01-07 14:37 - 00000000 ____D C:\Users\Aodh\.gimp-2.6
2015-11-30 01:17 - 2012-01-17 02:14 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\gtk-2.0
2015-11-30 01:14 - 2011-11-15 15:34 - 00000000 ____D C:\Users\Aodh
2015-11-30 01:00 - 2011-11-21 16:40 - 00000000 ____D C:\Users\Aodh\Desktop\Projects
2015-11-28 14:52 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-27 22:08 - 2015-08-04 14:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-24 23:10 - 2015-11-06 01:56 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-11-24 23:10 - 2015-08-13 16:48 - 15122296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-24 23:10 - 2014-06-03 15:47 - 12770752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-24 23:10 - 2013-02-25 23:32 - 17516040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-24 23:10 - 2011-06-15 00:34 - 00033607 _____ C:\Windows\system32\nvinfo.pb
2015-11-24 18:40 - 2011-06-15 00:34 - 06358648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-11-24 18:40 - 2011-06-15 00:34 - 02983032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-11-24 18:40 - 2011-06-15 00:34 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-11-24 18:40 - 2011-06-15 00:34 - 00938616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-11-24 18:40 - 2011-06-15 00:34 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-11-24 18:40 - 2011-06-15 00:34 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-11-23 12:39 - 2013-10-17 23:16 - 00000000 ____D C:\ProgramData\Oracle
2015-11-23 12:38 - 2013-10-17 23:16 - 00000000 ____D C:\Program Files\Java
2015-11-23 12:37 - 2015-08-27 13:08 - 00000000 ____D C:\Users\Aodh\.oracle_jre_usage
2015-11-23 12:37 - 2015-08-04 14:06 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-11-23 10:38 - 2011-06-15 00:34 - 06049858 _____ C:\Windows\system32\nvcoproc.bin
2015-11-20 19:11 - 2015-07-06 15:42 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-20 19:11 - 2014-12-07 13:31 - 00000000 ____D C:\Users\Default\AppData\Local\NVIDIA Corporation
2015-11-20 19:11 - 2014-12-07 13:31 - 00000000 ____D C:\Users\Default User\AppData\Local\NVIDIA Corporation
2015-11-19 02:06 - 2014-02-02 04:05 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\Media Player Classic
 
==================== Files in the root of some directories =======
 
2015-05-04 23:39 - 2015-07-19 22:01 - 0000033 _____ () C:\Users\Aodh\AppData\Roaming\AdobeWLCMCache.dat
2012-11-17 20:17 - 2013-11-20 00:34 - 0007168 ____H () C:\Users\Aodh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-23 23:54 - 2015-11-23 23:54 - 0022733 _____ () C:\Users\Aodh\AppData\Local\recently-used.xbel
2015-12-18 22:02 - 2015-12-18 22:02 - 0007601 _____ () C:\Users\Aodh\AppData\Local\Resmon.ResmonCfg
2012-09-09 01:07 - 2012-09-09 01:07 - 0000008 ____H () C:\Users\Aodh\AppData\Local\~wmrg
2015-05-26 18:19 - 2015-05-26 18:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Aodh\AppData\Local\Temp\avgnt.exe
C:\Users\Aodh\AppData\Local\Temp\nvStInst.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-10 14:17
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-12-2015
Ran by Aodh (2015-12-18 22:44:37)
Running from C:\Users\Aodh\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-11-15 15:34:39)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-418917625-158424403-2452974618-500 - Administrator - Disabled)
Aodh (S-1-5-21-418917625-158424403-2452974618-1001 - Administrator - Enabled) => C:\Users\Aodh
Guest (S-1-5-21-418917625-158424403-2452974618-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-418917625-158424403-2452974618-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
8BitMMO (HKLM-x32\...\Steam App 250420) (Version:  - Archive Entertainment)
Ableton Live 8 (HKLM-x32\...\{4941E15C-3C68-4FB7-B5A4-5061B92E9166}) (Version: 8.0.0.0 - Ableton)
Ace Stream Media 3.1.1 (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\AceStream) (Version: 3.1.1 - Ace Stream Media) <==== ATTENTION
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe After Effects CS5.5 (HKLM-x32\...\{E82097B9-A3B8-404A-9A92-AC16A8AC9576}) (Version: 10.5 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19480 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.0.0.74 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Age of Empires Online (HKLM-x32\...\Steam App 105430) (Version:  - Microsoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applian FLV and Media Player 3.1.1.12 (HKLM-x32\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies)
ARMA 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avadon: The Black Fortress (HKLM-x32\...\Steam App 112100) (Version:  - Spiderweb Software)
Avidemux 2.5 (32-bit) (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.6.7716 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BitTorrent (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\BitTorrent) (Version: 7.8.2.30489 - BitTorrent Inc.)
Blender (HKLM\...\Blender) (Version: 2.63-release - Blender Foundation)
calibre (HKLM-x32\...\{D060E2E3-5509-4420-AA04-FA197C6678C8}) (Version: 0.9.28 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Canon MG5200 series User Registration (HKLM-x32\...\Canon MG5200 series User Registration) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Card Hunter (HKLM-x32\...\Steam App 293260) (Version:  - Blue Manchu)
CCleaner (HKLM\...\CCleaner) (Version: 3.12 - Piriform)
CD Wave Editor 1.98 (HKLM-x32\...\CD Wave Editor_is1) (Version: 1.9.8.1 - MiLo Software)
CDisplayEx 1.8 (HKLM-x32\...\CDisplayEx_is1) (Version:  - Henri Gourvest.)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Celestia 1.6.1 (HKLM-x32\...\Celestia_is1) (Version:  - Shatters Software)
Chip's Challenge 1 (HKLM-x32\...\Steam App 346850) (Version:  - Niffler Ltd.)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Comical 0.8 (HKLM-x32\...\Comical_is1) (Version:  - James Athey)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.2821 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DarthMod Napoleon (HKLM-x32\...\DarthMod Napoleon) (Version:  - )
DebugMode Wax 2.0 (HKLM-x32\...\DebugMode Wax 2.0) (Version:  - )
Desura (HKLM-x32\...\Desura) (Version:  - Desura)
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.25.3+4.9 - DjVuZone)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve )
Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version:  - )
DROD: The City Beneath 3.3.0 (HKLM-x32\...\DROD: The City Beneath_is1) (Version: 3.3.0 - Caravel Games)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
Endless Sky (HKLM-x32\...\Steam App 404410) (Version:  - Michael Zahniser)
Epic Arena (HKLM-x32\...\Steam App 334030) (Version:  - Shadow Masters)
Eraser 6.0.9.2343 (HKLM\...\{3D33F6F0-4D90-484D-A1D9-09AE791CCBD9}) (Version: 6.0.2343 - The Eraser Project)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Europa Universalis: Rome - Demo (HKLM-x32\...\Steam App 22160) (Version:  - )
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version:  - )
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
FlacSquisher 1.3.5 (HKLM-x32\...\FlacSquisher) (Version: 1.3.5 - FlacSquisher)
FontExpert 2014 Font Manager (HKLM-x32\...\FontExpert 2014) (Version: 12.0.0.2 - Proxima Software)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free APE to MP3 Converter 1.0 (HKLM-x32\...\{23CAF97E-FC9A-4043-A8B2-3C8605305D35}_is1) (Version: 1.0 - Jacek Pazera)
FS-UAE 2.4.1 (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\FS-UAE_is1) (Version: 2.4.1 - )
Geneforge 1 (HKLM-x32\...\Steam App 200960) (Version:  - Spiderweb Software)
Geneforge 2 (HKLM-x32\...\Steam App 200980) (Version:  - Spiderweb Software)
Geneforge 3 (HKLM-x32\...\Steam App 200990) (Version:  - Spiderweb Software)
Geneforge 4 (HKLM-x32\...\Steam App 201000) (Version:  - Spiderweb Software)
Geneforge 5 (HKLM-x32\...\Steam App 201010) (Version:  - Spiderweb Software)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Greenshot 1.2.6.7 (HKLM\...\Greenshot_is1) (Version: 1.2.6.7 - Greenshot)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroine's Quest: The Herald of Ragnarok (HKLM-x32\...\Steam App 283880) (Version:  - Crystal Shard)
Infinite Crisis™ (HKLM-x32\...\Steam App 345520) (Version:  - Turbine, Inc.)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
K-Lite Codec Pack 10.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lara Croft and the Guardian of Light (HKLM-x32\...\Steam App 35130) (Version:  - Crystal Dynamics)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
Livestream Procaster (HKLM-x32\...\{68E4C751-272B-44E1-94C7-4E1FDC40F7DA}) (Version: 20.3.25 - Procaster)
LMMS 1.1.3 (HKLM-x32\...\LMMS) (Version: 1.1.3 - LMMS Developers)
Magic 2015 (HKLM-x32\...\Steam App 255420) (Version:  - Stainless Games)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Magic Set Editor 2.0.0 (HKLM-x32\...\Magic Set Editor 2_is1) (Version:  - )
Magic The Gathering Online  (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\35c9d60442fbb010) (Version: 3.4.87.523 - Wizards of the Coast)
Magic Workstation 0.94f (HKLM-x32\...\Magic Workstation_is1) (Version:  - Magic Technology)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Mendeley Desktop 1.6 (HKLM-x32\...\Mendeley Desktop) (Version: 1.6 - Mendeley Ltd.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Miro Video Converter (HKLM-x32\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
Missing Translation (HKLM-x32\...\Steam App 395520) (Version:  - AlPixel Games)
MKVToolNix 6.4.0 (HKLM-x32\...\MKVToolNix) (Version: 6.4.0 - Moritz Bunkus)
Monkey's Audio (HKLM-x32\...\Monkey's Audio_is1) (Version:  - )
Mount & Blade - Unoffical Troop Editor (C:\Program Files (x86)\Mount & Blade - Unoffical Troop Editor\) (HKLM-x32\...\ST6UNST #2) (Version:  - )
Mount & Blade - Unoffical Troop Editor (HKLM-x32\...\ST6UNST #1) (Version:  - )
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Taleworlds Entertainment)
MountMusket Battalion (HKLM-x32\...\{8AF7479C-B28D-4BFF-867B-4755DE019259}_is1) (Version: 0.4.2 - MountMusket Battalion Team)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MPEG Video Wizard DVD 5.0.1.111 (02/2014) (HKLM-x32\...\{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1) (Version: 5.0.1.111 - Womble Multimedia, Inc.)
MPEG Video Wizard DVD 5.0.1.111 (02/2014) (HKLM-x32\...\Mpeg Video Wizard DVD 5.0) (Version: 5.0.1.111 (02/2014) - Womble Multimedia, Inc.)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTG Card Images for Magic Workstation (HKLM-x32\...\MTG Card Images for Magic Workstation_is1) (Version:  - )
MTG GamePack for Magic Workstation (HKLM-x32\...\MTG GamePack for Magic Workstation_is1) (Version:  - Magic Technology)
Nero 12 (HKLM-x32\...\{95E152CF-0EB5-4BFA-B6EE-8FC7F9601BA5}) (Version: 12.0.02900 - Nero AG)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
OU Flashcards (HKLM-x32\...\OU Flashcards) (Version:  - )
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Pianissimo (HKLM-x32\...\Pianissimo) (Version:  - Acoustica)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
PlanetSide 2 (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerAgent 7.7.5 (HKLM\...\PowerAgent_is1) (Version:  - Saris Cycling Group, Inc.)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
printFIT Business Card Printing Kit (HKLM-x32\...\{3FD83A7E-4D16-48C3-B26C-15F4548ACEF5}) (Version: 10.00.000 - )
Pro Cycling Manager 2013 (HKLM-x32\...\Steam App 219800) (Version:  - Cyanide)
Python 2.7.2 (HKLM-x32\...\{2E295B5B-1AD4-4d36-97C2-A316084722CF}) (Version: 2.7.2150 - Python Software Foundation)
qBittorrent 3.2.4 (HKLM-x32\...\qBittorrent) (Version: 3.2.4 - The qBittorrent project)
QGIS Valmiera 2.2.0 Valmiera (HKLM\...\QGIS Valmiera) (Version:  - QGIS Development Team)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.3.3 r1522 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Replay Media Catcher 5 (5.0.0.97) (HKLM-x32\...\Replay Media Catcher 5) (Version: 5.0.0.97 - Applian Technologies)
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
Search Results Toolbar (HKLM-x32\...\searchresults1) (Version: 1.0.0.12 - ) <==== ATTENTION
ShaderTFX version 1.1 (HKLM\...\ShaderTFX_is1) (Version:  - )
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V: Gods & Kings Demo (HKLM-x32\...\Steam App 213910) (Version:  - )
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
SpaceEngine version 0.9.7.2 (HKLM-x32\...\{E65FD500-9218-44EC-9586-D39FAB4DFDAF}_is1) (Version: 0.9.7.2 - SpaceEngine)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Subspace Continuum (HKLM-x32\...\Steam App 352700) (Version:  - Virgin Interactive Entertainment)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tactical Genius (HKLM-x32\...\Steam App 377150) (Version:  - Pixeltales.ru)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\TeamSpeak 3 Client) (Version: 3.0.8 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Unofficial Team Fortress 2 Statistics Parser (HKLM-x32\...\{355B814F-38EF-4C9D-BCF9-3D0EE77C6C38}_is1) (Version:  - Erlend Dahl)
Tixati (HKLM-x32\...\tixati) (Version:  - )
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Tomb Raider (VI): The Angel of Darkness (HKLM-x32\...\Steam App 225020) (Version:  - Core Design)
Tomb Raider I (HKLM-x32\...\Steam App 224960) (Version:  - Core Design)
Tomb Raider II (HKLM-x32\...\Steam App 225300) (Version:  - Core Design)
Tomb Raider III: Adventures of Lara Croft (HKLM-x32\...\Steam App 225320) (Version:  - Core Design)
Tomb Raider: Anniversary (HKLM-x32\...\Steam App 8000) (Version:  - Crystal Dynamics)
Tomb Raider: Chronicles (HKLM-x32\...\Steam App 225000) (Version:  - Core Design)
Tomb Raider: Legend (HKLM-x32\...\Steam App 7000) (Version:  - Crystal Dynamics)
Tomb Raider: The Last Revelation (HKLM-x32\...\Steam App 224980) (Version:  - Core Design)
Tomb Raider: Underworld (HKLM-x32\...\Steam App 8140) (Version:  - Crystal Dynamics)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: Shogun 2 - Assembly Kit (HKLM-x32\...\Steam App 202930) (Version:  - The Creative Assembly)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
TrainingPeaks Device Agent (HKLM-x32\...\{BF436CD1-67D6-4849-8C09-AE87197A0A64}) (Version: 3.0.90 - TrainingPeaks)
Tux Paint 0.9.21c (HKLM-x32\...\Tux Paint_is1) (Version:  - New Breed Software)
Unity Web Player (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 2.3.0 - Universal Media Server)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Vega 7 (HKLM-x32\...\Vega) (Version: 7 - Vegachess)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version:  - NCH Software)
VideoReDo TVSuite Version 4.20.7.638 (HKLM-x32\...\VideoReDo4_is1) (Version:  - DRD Systems, Inc.)
VirtualTraining Desktop version (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\VirtualTraining Desktop version) (Version: 3.1.0.0 - SportSoft)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.1.2 - Azureus Software, Inc.)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic Entertainment)
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3400 - Broadcom Corporation)
WinDjView 1.0.3 (HKLM-x32\...\WinDjView) (Version: 1.0.3 - Andrew Zhezherun)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - Saris Cycling Group, Inc. libusb Drivers (05/11/2011 1.2.4.0) (HKLM\...\D471913AF25804C37195D83AD80A8B9F7F3FF5CC) (Version: 05/11/2011 1.2.4.0 - Saris Cycling Group, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.10 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.5 - win.rar GmbH)
WM Recorder (HKLM-x32\...\WM Recorder14.12) (Version: 14.12 - AllAlex, Inc)
Wondershare Video Editor(Build 5.1.3) (HKLM-x32\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)
WSE Rocket (HKLM-x32\...\WSE Rocket) (Version:  - WSE Rocket) <==== ATTENTION
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-418917625-158424403-2452974618-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-418917625-158424403-2452974618-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Restore Points =========================
 
18-12-2015 13:13:34 Scheduled Checkpoint
18-12-2015 13:35:52 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {086A2A9B-302C-418A-A022-54576AF97CEA} - System32\Tasks\NCH Software\videopadShakeIcon => C:\Program Files (x86)\NCH Software\VideoPad\VideoPad.exe [2012-11-18] (NCH Software)
Task: {12CCDED1-6EE3-4CDA-B3C1-A41E6EBE2714} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {306FBFCB-9DF2-4BC3-AE32-04BA6DA8304F} - System32\Tasks\{10F68DF3-DFF9-45E4-B70D-D8399BC4B05B} => pcalua.exe -a "C:\Users\Aodh\Desktop\100 Mod\TroopEditor v1.9 Install Package\setup.exe" -d "C:\Users\Aodh\Desktop\100 Mod\TroopEditor v1.9 Install Package"
Task: {3D3A12D7-DC7B-4654-B4C4-52C534252AE4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {463E481C-B933-4B41-AE07-2C9643A58DE6} - System32\Tasks\AdobeAAMUpdater-1.0-Vandennis-Aodh => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30] (Adobe Systems Incorporated)
Task: {5708C1CE-E6FD-45DA-8B8E-CCDE118C9D00} - System32\Tasks\{D514B5CF-DBD9-49F0-A86B-B94F3144EADC} => pcalua.exe -a C:\Users\Aodh\Downloads\shortcircuit-1_1_2.exe -d C:\Users\Aodh\Downloads
Task: {7A232736-5E68-4239-A97E-14FEB14E6614} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {83BE68F1-98AE-486D-A583-65DDD21B964B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {8A75DF63-C861-4503-9800-431A40E2BDEE} - System32\Tasks\1114avUpdateInfo => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe [2014-10-08] ()
Task: {A4D9CB9D-CB7E-4362-9047-E0731361ADA3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {D3E3A262-7CF2-4085-8032-B75F54F9F8BD} - System32\Tasks\NCH Software\videopadDowngrade => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [2012-11-18] (NCH Software)
Task: {D9F69B30-E3A0-4C6E-B78C-CF81D65E09B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E7347B7A-C47D-496C-8DAA-9CAADE553610} - System32\Tasks\{7DF2AD79-3E9B-4B5D-B0D7-A2E340CB4B94} => pcalua.exe -a C:\Users\Aodh\Downloads\MouseTest.exe -d C:\Users\Aodh\Downloads
Task: {F282C6A9-4CFB-41F2-AD11-3DF8AB9E8F58} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Aodh\Desktop\Projects\Golf MapStuff\GRASS GIS 6.4.3.lnk -> C:\Program Files\QGIS Valmiera\bin\nircmd.exe (NirSoft) -> exec hide C:\PROGRA~1\QGISVA~1\bin\grass64.bat -wx
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-04-16 16:42 - 2015-04-16 16:42 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2010-01-02 14:42 - 2010-01-02 14:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-01-12 23:21 - 2012-01-06 18:01 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2012-07-03 12:21 - 2012-07-03 12:21 - 00041160 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2012-07-03 12:21 - 2012-07-03 12:21 - 00754376 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2012-04-12 19:07 - 2015-11-24 18:40 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-18 21:59 - 2015-12-09 01:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2010-08-03 22:39 - 2010-08-03 22:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-03 22:39 - 2010-08-03 22:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-10-16 17:37 - 2014-10-16 17:37 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2011-06-14 21:06 - 2011-04-30 07:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-12-18 20:37 - 2015-12-09 01:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2012-01-08 13:41 - 2012-01-08 13:41 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-12-16 21:03 - 2015-12-11 03:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 21:03 - 2015-12-11 03:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-16 21:03 - 2015-12-11 03:54 - 16573256 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:0888F409
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51
AlternateDataStreams: C:\ProgramData\Temp:3440EB47
AlternateDataStreams: C:\ProgramData\Temp:66633281
AlternateDataStreams: C:\Users\Aodh\Cookies:Qgd1w97RKadbi38e14SDju
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\sony.com -> sony.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-418917625-158424403-2452974618-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Aodh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 89.101.160.4 - 89.101.160.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Aodh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BitTorrent => "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Aodh\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Aodh\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{7A6CA036-349A-4886-945C-77B570449D80}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{E0D87026-383F-4540-9547-92DF0B2CDF2A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{51B377CA-B25F-4D58-98AE-E6C464967231}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{245DED63-1A5C-4610-B90F-4EE993C3E84A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{473D7F50-B331-4CF4-8A2B-7E139518398A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{C42A916C-6CC2-416E-96AB-402BB158FA78}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{3EEC425E-6CB1-4DFF-9B88-614CB3EEFEFB}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{BEF2226B-52CE-46A1-BAD9-75313FB6DFAA}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{FA28E5B4-2785-4CF1-8C9F-098EB5E46913}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{BCD9CB82-C069-497F-8A2E-9A11505A1E64}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{C09F6A5F-AF23-466D-A555-27E6DFF4BD52}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [TCP Query User{60C80F5D-78CE-4DAE-A072-97EFB5833A75}C:\program files (x86)\steam\steamapps\batchuba\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\batchuba\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{DEA4D68C-ED1A-49C9-9E76-2F4A6A9AC0C8}C:\program files (x86)\steam\steamapps\batchuba\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\batchuba\team fortress 2\hl2.exe
FirewallRules: [{ADAA991B-F584-41A9-AD0E-643F689298D1}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{2ADA3615-3D15-4833-A186-F5E54B28B2BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{276A2A68-C38E-40DF-B265-440802A38DDD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5926EE03-AFA2-42BB-85D4-D54344D5E6AF}] => (Allow) C:\Program Files (x86)\searchresults1\dtUser.exe
FirewallRules: [{0AF86C24-51EF-4862-82DA-45C45CEABB44}] => (Allow) C:\Program Files (x86)\searchresults1\dtUser.exe
FirewallRules: [TCP Query User{F3314A36-919C-4E30-A2E5-72848EA7F1CB}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe
FirewallRules: [UDP Query User{058EF4CA-6BAC-4791-9549-A8BE406B9096}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe
FirewallRules: [TCP Query User{353A9AD0-64AB-4AD9-9C1F-0978453383AD}C:\users\aodh\downloads\downloader_starcraft_combo_engb.exe] => (Allow) C:\users\aodh\downloads\downloader_starcraft_combo_engb.exe
FirewallRules: [UDP Query User{5904CE08-8F50-4A0F-8520-295F2A354180}C:\users\aodh\downloads\downloader_starcraft_combo_engb.exe] => (Allow) C:\users\aodh\downloads\downloader_starcraft_combo_engb.exe
FirewallRules: [{ABFC3DAA-A5F3-4C12-85D3-AAB68A31BACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{4EADEC82-08BC-4488-8002-6ED93DFB98D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{1CA1D8DD-E637-4F4A-981C-F69644176708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [{B51B3B8E-5F9D-4503-8020-78D6514D2F88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [{A9DAB5BC-D323-4113-9090-4F3254BFF607}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\_runA2CO.cmd
FirewallRules: [{12702A26-FBC8-4809-8C92-05F917A07B79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\_runA2CO.cmd
FirewallRules: [TCP Query User{1D3A2BB3-0C06-47AD-8638-09E579A40478}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [UDP Query User{986570A6-81AF-4864-A19D-917847115666}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [{3A4DD47F-58F6-4965-A076-CB4FECA133E4}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{8F232053-54E0-42C6-8843-39C702AE552B}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{441D5142-CA50-4602-83CD-47DBFDE2BA5A}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{861175DC-3A31-4959-9478-A57AD66353AF}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [TCP Query User{2990496E-BEE2-4689-B5FC-A120075B9A66}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A0F07C25-24D1-473A-83FB-BC9BC6F2A20A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{41601E5D-65B5-485B-9AF7-8EF94B5B7B04}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{FE80A169-8342-49BC-B838-BBE4B8545A9F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{E3752451-BC10-442A-B264-D07C275C5650}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{24C978DD-9903-4DBD-BF47-042E03F1CEA5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{4A233C59-5614-4248-92B3-0B4C6903516D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{85EF9ACB-F72B-4833-B661-E3ADFC0DAED6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{ABBD1C58-DAC5-4897-BAC1-153CF23668C8}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{38D92D74-3C60-489C-8F16-786C41B1650E}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{E3FDC81F-4813-4912-9B0D-D5FD29CF9B48}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{42A5A2D7-17F9-4140-853A-D972C2C3B544}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{ABE36A46-CC7F-403E-B578-D079D72B24FB}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{F1E6A90B-8A6A-46EB-B9FD-65F85BD36311}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [{F65C4DC7-5BC2-49DB-81CC-ACB29575CF6B}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\aria2c.exe
FirewallRules: [{1F06A023-1A70-48B3-B78F-08F0995B8B93}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\aria2c.exe
FirewallRules: [{CA6A4A4D-FC34-4609-83ED-2BD1572CCFEA}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\qtCopy.exe
FirewallRules: [{08B1D8CF-A3DC-4350-AA3A-F2239BC4FE2A}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\qtCopy.exe
FirewallRules: [TCP Query User{285F11FF-C58F-4D94-8EF9-BC50FE03D535}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{AA010432-8A08-494E-ACC7-7BA7855F634F}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{EBB329C2-37A9-479A-A8D7-0A3BF65617BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\launcher\launcher.exe
FirewallRules: [{AC0AFDE6-A531-4CA9-95E9-FB0B875D8D7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\launcher\launcher.exe
FirewallRules: [{66AE21DC-2D8D-4876-B2AE-6FFD7D5267C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis Rome - Demo\Rome.exe
FirewallRules: [{8E283E82-4C48-4BE8-9AF3-D61C353879CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis Rome - Demo\Rome.exe
FirewallRules: [{F5897764-12F8-4463-BD64-053AD84BC4D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mountblade warband\mb_warband.exe
FirewallRules: [{5A36AA42-81DE-43C2-A4C6-EA0C53F74814}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mountblade warband\mb_warband.exe
FirewallRules: [{52B9C649-EEA8-44D8-B871-8C237FB94030}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\age of empires online\AOEOnline.exe
FirewallRules: [{7E73B0E2-DD23-45AD-A5B9-EA66BA95EECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\age of empires online\AOEOnline.exe
FirewallRules: [{4797C421-0202-4D0F-BD2F-6463E2A6AF67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\modding\show.bat
FirewallRules: [{C1725FAC-2880-4305-A181-B360E6C97A3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\modding\show.bat
FirewallRules: [{CF475EC3-8482-4415-8087-0EB5FED682DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\civ_v_xp_demo\Launcher.exe
FirewallRules: [{7B1A5D0F-18FF-4570-A4CF-13388AD15E29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\civ_v_xp_demo\Launcher.exe
FirewallRules: [{3ACC1B11-FC75-401F-8724-829848C82B9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\batchuba\sourcesdk\bin\SDKLauncher.exe
FirewallRules: [{6E9B25C6-7903-4191-8811-7DBCED05EF79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\batchuba\sourcesdk\bin\SDKLauncher.exe
FirewallRules: [{F3B35EE9-9367-4314-BB2E-91B9F37C6DB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{67332CC6-78BA-4E7B-A09D-D52BE4D7D176}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{BBCCCDB3-D5A1-479B-BCF3-BA0CF856AD5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{24C35478-E0CE-4620-9874-21C426BE31BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{EF657C9D-817A-449B-9B8E-256D6B8D0A8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{296AECCB-A561-4A81-9CC4-DD6DBE6D75D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{5615E55D-CF13-4D15-B8B1-63C1308EED80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{AD013FE1-A3F3-436E-B095-2D43DAB8C6AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{3571150F-1220-485D-9D84-7A622FD21EDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{063212A2-FEEE-4DB1-A73E-8A12A49AD865}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{88D06885-E78B-48B0-82F3-FF80D144B40B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{0117525F-B540-4396-9C53-6DFFEE4CF953}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{821298B6-C53A-4FD3-93D5-2B609629BFCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{CB95FE07-1335-4AA6-87AD-5EF4084CAE6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{6795141A-113B-4585-AAFE-98572514449D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F9CF7ED3-6232-4C86-8CA2-9328F763564F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2575C3BB-BA9C-4F8C-9318-CAFAEB7E5D08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E7D5B8D0-E74F-443E-AD50-25BB083AA98C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DFD592EC-0019-4E83-8093-2D8D8BB84E91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{B5B3C17B-6C54-4C42-8646-7FF13B65FA2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F4D1AA03-B841-4FED-82C7-70B27552CF7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BD92555F-80C8-4887-8CDF-BFA959729C6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5B54A1A5-CE25-4F65-8CE1-AB7405681966}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{799124CA-BBBA-4295-B1B6-3E37210A47B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F5B9AD5D-7777-4CAD-9D33-59B121D289EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2DB1F2D6-4505-48EA-9B31-3C31D6B36BC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{B2C141CC-6A04-4198-8451-53B4BF4CCBAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{BA2CA187-2F7A-4E91-85CC-2735506EFC14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{9064158E-11A7-45AB-BDEE-AB70AF226B0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{57DF841B-8A8A-4528-BEEA-6D704120942B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{4D2C2D3D-3933-402C-947E-4468B9804ED2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{D3DC5A34-4454-4FD3-943D-4A6DEB08EF1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{99864764-4D82-48AA-A0B2-D5427898B743}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{5DD260B6-E69B-4779-94A6-EB4339CE7BF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{1CBA9E41-6795-4DCD-BC6D-7C1C8352191D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{EE074EA0-874A-47F0-8175-7EFF2923C003}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{004869AB-5483-4537-9BAE-683812136C2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{9848A4CC-E11C-4E12-A85D-30F8E7770C98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{7AE5EF55-FBBA-43B3-A4E4-5B113F04E9B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{8116FB5F-DA20-4456-97F2-A85B1B692D9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{93BDCCB8-D6DA-4FF1-81AA-B7F60A04DA55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{04A4DACE-9504-4A39-B471-53426E992F34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{870914FC-4C45-4E44-8079-5413C104B4D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{7311CA5B-CAB0-4DFE-8D97-F511C2F06776}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{918A67AB-72B9-48C3-965E-C593E61AA000}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{70ECB0D5-3E82-435D-A992-B85F407D244E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{3CEED1B3-2C8C-4A89-B3DB-2396831ABC70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{8C81AF58-4686-49FC-89A6-441A6B8DEC6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{FE1E220F-9BB4-41DA-87BC-290F6F926F28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{128694AD-E332-4F3B-8D6E-4F74362A5E19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{59BF0578-009E-4CC6-BC78-7D661F996582}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{32E92D8D-B160-410C-9FE2-F770484A3E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{563C8A6A-FDD2-44B0-B95F-E1FE86E8D9BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{F2D64123-87A5-44D1-BB6A-5CACFCEB7E69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{0989BDDE-F3BC-4CE3-899D-E4FAF128D330}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{DB940E5A-D1F0-452E-A586-8F17B0A1862B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{E7CA3F12-ACA7-4EF7-B254-C4642850026D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{F51BEEF3-0D5D-416A-95D1-68F8BA600677}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{69984396-1BF2-4BE3-9D02-6ADA6C591CFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{B53D4077-4720-440A-BCBD-317EE554985E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{DC1926B5-EE6E-4A23-9597-2853831CC78D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{50DECCA8-0F45-4FD7-B6B9-C586D4163C49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{CE31D8A1-4185-4595-B076-CA8664BF2044}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{74AB6C8B-80C7-46A9-98BE-C90166BFF995}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{14E9458F-1B08-492F-A385-55E57739A68E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3E660A34-9E37-4092-84D0-ABFADE765EB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F623017E-0C01-4A73-9AFB-2594689D57AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{5FDE2CBD-561E-49C8-8AB8-A1C527BFFDC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{559579F1-C4EA-43E5-B6C5-2AC12B369B46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{3847C8AA-264C-471B-B1DE-71C5E5FFDECF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{9D5B244E-6B8F-4EB2-93C0-503B7BA6AC9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{A74D2F89-8115-405C-8112-D663838048EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{1B38B339-3CCE-4C0A-B0FD-9F315B9E2B84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{2F79C961-BA94-4E06-8D7B-ECA752E34D84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{189406D2-9DA0-4459-8ADA-CE2D2AD31C98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{C9763F43-8658-4F96-98B7-C83B7F6AA9D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{362217CC-B8DD-4B7D-88BB-EE64B51FFAC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{1CC12869-C36E-42F3-A140-98D95E1F9EE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{987C7486-B43E-4B00-907C-27B7F6C96F46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{6F9DA841-1B78-4611-A42D-B6EBF9CA6C5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{9E10C3E7-895C-43D2-83EA-024E949C4D33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0CC4E302-1772-4452-B8DB-1478F657361C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{7B582038-EFDE-4B51-B838-CB83352CD040}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B52D80C0-36B3-4D42-A21B-9B692439700A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{224007A2-D6B4-4FEA-B975-2E8B9E1365AF}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{EABA2DA5-66D2-4852-801D-D483E6162E19}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{56B9828F-ECA5-4F51-9963-0FBEE0710BFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{E62EB5A5-B8B1-4286-9963-2C5C381830B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{4502E0D7-34D3-4676-8EDC-EB4945479B54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{28EA3372-7C48-4D33-80BD-D06B96DB52E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{E388C042-1A4A-4C64-AB0E-CC67ED875BB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{E6E8EACB-E328-4B94-AEE0-9C553001BD75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{EBA52BDD-2B2C-4174-AA9F-C89F98F6FE28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4B7791FB-A36F-4971-A3D5-C4779EA05F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{D7A68AB6-91E8-4291-8E9F-BE3D21DC51EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{F3836EF1-30C5-48ED-9B41-0BD62D400ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{AC601597-CE1B-47DA-8FF6-35257FE5DB15}] => (Allow) C:\Users\Aodh\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{6AACF68A-3B53-4621-A3FD-5C55663054C6}] => (Allow) C:\Users\Aodh\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{396DBA7C-DD00-4EA0-BBAA-61961F78F278}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{1EF9F12B-26FD-4550-8FEA-72639E6BE512}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [TCP Query User{2CEFD7FF-8DB6-4BD3-A24A-DBB3FE42A486}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{696E9AC9-FBEC-4944-A2FD-CB3A6D022FB1}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [TCP Query User{53EB17E3-39E3-463C-9D72-0E00450455B4}C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe] => (Block) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
FirewallRules: [UDP Query User{513A486F-71D3-4BC2-BFE9-38C4A9CE7351}C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe] => (Block) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
FirewallRules: [{F38423A4-483C-4D0D-BEBE-1C85E9EABDC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{6BF3EE96-6BAF-49B9-9FB8-60EDF6931BB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{56609604-829A-4850-8226-B293250EFF67}C:\programdata\battle.net\agent\agent.2787\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2787\agent.exe
FirewallRules: [UDP Query User{162DED32-609E-4F45-B883-655AA9AFE6CC}C:\programdata\battle.net\agent\agent.2787\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2787\agent.exe
FirewallRules: [TCP Query User{499939C8-86E8-438B-8BF6-CFE84B34D924}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{5DB05C52-18E9-429C-A281-8BD0B0FC7AD3}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [TCP Query User{64EEBCD9-94F4-4265-BE0A-371EFE4FDA27}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{513017DF-1A4F-49C7-B746-7178DA12D528}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{87606FF8-C59F-4633-9721-AF504CBCF6A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2013\PCM.exe
FirewallRules: [{36A76FB7-473A-481C-992C-8BCA8436B124}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2013\PCM.exe
FirewallRules: [{77920A40-B5AB-4A6B-B879-698C41A3ADDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2013\CTStageEditor.exe
FirewallRules: [{FD48F295-0372-4B27-A51B-FFFAC6614E03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2013\CTStageEditor.exe
FirewallRules: [{BD7728AE-BE94-42F3-B776-785C0D6030E3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{0A841409-AE98-44F6-A052-0558BF92AAF3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1C0DA450-9891-4673-AFC4-DE6E9F0AE6C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{4C0885A0-E30E-402C-B96D-5D1DE574AB53}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{2ABBF05C-C058-459F-958C-07BA369D969A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{970786DB-C3AD-43C6-AC8F-F9E3328FEAF7}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D677392E-38BE-4CC0-AB08-2C6049255F53}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{052A5106-3E4E-4DC7-8637-B291A3F5BF7F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{4AA60D2C-B975-44D4-9790-F3B2B811D927}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{359D8DFF-65F1-4B0E-B3B8-648993AF14B0}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7046E729-9BB4-4C73-84E5-F4D46D47A152}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{8D840556-1DD2-4FF2-B49B-94602CF90895}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{0DD0243D-D5B7-4F64-B591-6BB6721241E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{8BDD1EC0-E627-4F2C-98F9-246E5DE7C650}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [TCP Query User{FEE00DC9-512E-45DA-B462-26AF8D692EE7}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{75EA0923-B310-4CC7-854A-25BF40E88B6F}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [{6CB3B435-D4DD-469F-9D28-BCCCD60C2830}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{CCC8B8F5-A050-4212-8299-292E75158AF0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{4C94CBF1-95DE-40E8-B598-EF01EB15F096}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{2D5674AC-4C8C-4AF3-A2F6-955D47B9E7F3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{3D5DD9BE-7FF0-4701-BF9D-2750AEFD753A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{B4207231-DC67-4D23-928A-32C8FA9927A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{0B839344-B44D-415C-A26C-534475AE628B}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{0545D16E-B3B9-44AA-BCBC-BA9D775D1AC2}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{126F1897-D063-49AB-8E84-153E13976057}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{2DA1515D-5E39-48F9-978B-CB4322516125}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{DF3C8BB7-4739-414F-BC92-596FFC08D54F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{7939D185-9975-4F3D-A174-BBB2581E0588}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{585F4475-8087-4585-8CA7-7920E1915399}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{5919CD22-1139-4D04-98B0-504C401C4A06}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{E6E0AE70-9B6B-4CBB-A6E9-E9DA3653183A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B96540C2-A063-4CFA-9C88-6E1D01F20569}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{304D44FF-C79E-499B-8062-104DF7C9D48D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{97CF8D1A-1EF1-440F-9F71-22700D88A39B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{423AB798-5CD3-4F2D-B0DC-E8B9779FA0C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{3D062619-D71F-4EDC-98A3-52753522F398}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{CD41C372-03A5-4A23-84E0-59FC438AA974}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{D2E68CCE-A1E5-4501-92DE-BED54751ECD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{14615B41-5C35-41EE-B11F-C39FBCD99B49}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{8952F8F2-9F42-45FD-9C46-516A6F5EC4AC}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{CFD7183B-4A77-4B42-8CBC-6141F7B2322E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{C99CC118-0E51-4887-B923-4F252E4F4AEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{0BAE18CD-337D-491C-BBD5-369214ABCEC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Underworld\tru.exe
FirewallRules: [{125AFA31-3FF5-49A7-B668-170B969F2FF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Underworld\tru.exe
FirewallRules: [{F6B416CE-2AF9-4D42-AA91-83A186A8FC77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [{EA835DB9-68F3-484F-941B-070A11597A01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [{9B422626-24DA-4BFA-98D4-7E4D5FFCEC82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Anniversary\tra.exe
FirewallRules: [{E0FF431B-DCC7-48EF-85A8-0BEA7FF36638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Anniversary\tra.exe
FirewallRules: [{2748104E-E518-434E-9D62-2FB54D65F1F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (VI) The Angel of Darkness\Launcher.exe
FirewallRules: [{A2EB62FF-FF94-4DEE-8E27-9E88968E9C13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (VI) The Angel of Darkness\Launcher.exe
FirewallRules: [{80980080-9B8C-4DBD-9729-D6FA1DE1DC7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (V) Chronicles\PCTomb5.exe
FirewallRules: [{68796B7F-8ABC-4008-9437-C0C0C3362BF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (V) Chronicles\PCTomb5.exe
FirewallRules: [{39D939D8-228A-4A84-9E9D-C59502320311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (IV) The Last Revelation\tomb4.exe
FirewallRules: [{DE807827-2B6E-4FC8-A671-3FC46E8D7B51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (IV) The Last Revelation\tomb4.exe
FirewallRules: [{ED4E290B-933C-4DA7-AA9E-CCA2B188B337}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TombRaider (III)\tomb3.exe
FirewallRules: [{488A0D72-E470-47AB-9FC1-3719CF8DC4EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TombRaider (III)\tomb3.exe
FirewallRules: [{C999A111-8590-4BA9-83A9-DEE30D5B4B6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (II)\Tomb2.exe
FirewallRules: [{87829589-3221-456C-841D-CD687A5D3344}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (II)\Tomb2.exe
FirewallRules: [{B28FBF65-4932-4898-AB5B-2EF3CA249791}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (I)\dosbox.exe
FirewallRules: [{01DBB16F-E231-4EC4-B7AC-830736853142}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (I)\dosbox.exe
FirewallRules: [{23514F83-17C6-4F65-860D-91F5652D1EB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{2D8EEC11-8373-47CF-987C-7704DEBC753D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E1D010A9-CE9D-4665-99D1-8BEC73F009B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lara Croft and the Guardian of Light\lcgol.exe
FirewallRules: [{7F443F60-18C4-44BF-8FEB-45115F0BC765}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lara Croft and the Guardian of Light\lcgol.exe
FirewallRules: [{493DCE06-B33C-4FDF-8095-13DD536F9A87}] => (Allow) C:\Users\Aodh\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{D4E017E8-B72E-45F1-B8C5-1E9F41D87C6D}] => (Allow) C:\Users\Aodh\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{F37948FD-FEE8-4B44-B596-45CFD0FC8D70}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{67B95249-9C76-45EF-9C85-B3A2B0BA8E18}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{8BC2BEC5-E565-49AD-8B43-9B4E98E63DF6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{1B91C438-3FD2-44B8-9321-693378539D13}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{34CD644B-F722-4E29-97EC-7B38615F6C6F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F29F0A4-922B-4828-9C28-33B16C36F65D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{228F6A61-EAAD-42B0-8B47-FAB15D1362BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avadon The Black Fortress\Avadon.exe
FirewallRules: [{5E7DDF11-C21B-47EB-A614-F3DBBAAA7CA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avadon The Black Fortress\Avadon.exe
FirewallRules: [TCP Query User{5B68BDEE-2BB0-4078-9903-0C2DD312BFC4}C:\program files (x86)\fms\fms.exe] => (Allow) C:\program files (x86)\fms\fms.exe
FirewallRules: [UDP Query User{58A2E76B-4E1F-49A0-829F-6F05638C059C}C:\program files (x86)\fms\fms.exe] => (Allow) C:\program files (x86)\fms\fms.exe
FirewallRules: [{2E296E62-21A6-4CB3-85F8-F7FAD9BF9185}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroine's Quest\Heroine's Quest.exe
FirewallRules: [{5B7D95F6-CDCC-425B-A637-3FFB5255000A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroine's Quest\Heroine's Quest.exe
FirewallRules: [{4682AAD3-ED78-4759-8F1F-B171719DE9EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Infinite Crisis Steam\TurbineLauncher.exe
FirewallRules: [{EE27EF50-98D2-4F6C-B845-C205D427DBFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Infinite Crisis Steam\TurbineLauncher.exe
FirewallRules: [{1B36747E-7F83-48C4-ACC2-5788CA62ABD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{8ECDC837-CEB8-4A9C-B01B-FDE1F7FC8107}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{2A0D8B64-29ED-4625-B9A8-32F7CDB19C45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{78E3036C-5216-4A17-9C98-536CDC69EAFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{EAAE8B9B-9113-4CEB-8ED1-67F197981311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 5\Geneforge 5.exe
FirewallRules: [{458BD448-A1E7-437E-B020-EA04A7693F41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 5\Geneforge 5.exe
FirewallRules: [{3A775842-6F0E-4010-ACA0-B96179BC4A89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 4\Geneforge 4.exe
FirewallRules: [{ABCD88F3-2B04-4AF8-A74F-9483815F2BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 4\Geneforge 4.exe
FirewallRules: [{734BE1DA-E4EA-4712-A44C-88FBE2557FC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 3\Geneforge 3.exe
FirewallRules: [{70670280-6924-4E15-803E-5AA59916C290}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 3\Geneforge 3.exe
FirewallRules: [{E5802A4D-EFE0-4091-9FA0-812BC5E16022}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 2\Geneforge 2.exe
FirewallRules: [{7FC15D4D-DC7F-41A8-90D2-F6B0650A3A23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 2\Geneforge 2.exe
FirewallRules: [{24A2CE35-DC92-4AE7-AEF9-F74400927B37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge\Geneforge.exe
FirewallRules: [{FBC95371-98BD-4E11-94B2-AA5491555269}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge\Geneforge.exe
FirewallRules: [{27081020-55BA-4647-8B05-15D09E10B88E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Chip's Challenge 1\chips1.exe
FirewallRules: [{011C997E-C92E-45A2-8E6C-5BA8E3320C64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Chip's Challenge 1\chips1.exe
FirewallRules: [TCP Query User{C199C2AC-F3A5-48B1-B6B0-8C9CC96E621C}C:\program files (x86)\applian technologies\applian flv and media player\amp.exe] => (Block) C:\program files (x86)\applian technologies\applian flv and media player\amp.exe
FirewallRules: [UDP Query User{52FE907A-EDEE-4AF4-BCF3-67115A1D6D92}C:\program files (x86)\applian technologies\applian flv and media player\amp.exe] => (Block) C:\program files (x86)\applian technologies\applian flv and media player\amp.exe
FirewallRules: [{255847C9-3A8F-42F1-95B8-760756435E39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{26EB114F-2031-4D60-9C48-1403D90CBF5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{B0CE9DA1-40C7-4D04-BC9B-E43FF3707F33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{45030FCA-3BD9-452C-97A1-A4FB5C65CF51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{140D172F-CCFF-4602-9FB2-56BC2AFF6D1C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{64975CCE-C471-413B-828D-44811B50D507}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{06C7604B-ACF1-4643-BAE0-10E3383198C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Continuum\Continuum.exe
FirewallRules: [{F5A3D1BB-C698-4F74-BFBE-A9887ADE1FE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Continuum\Continuum.exe
FirewallRules: [{784A0822-806D-41A0-AC9D-27C04DDAADE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{689A604F-E8D3-4D12-94F3-BC4909190B94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{70BEC15E-3DF4-4E47-B4D9-26ACB17A81EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{EF0E8592-08FA-4CA9-BEE9-47E1BC242809}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{1A396D15-3F24-465B-8195-BC8BB63B11A2}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{0A0FBDCC-7633-4E81-A7D2-E936E2DFFC96}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{E361F9AB-A94F-4008-9A31-DA9F9403EDD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{61A5EFEB-FF1B-4E98-8760-60C141FCEA4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{95951A8C-1BF6-419A-B3A9-8ED1DE6D39F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{564B8038-3650-4FE3-B125-41C249617DE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{66D988F5-113B-476B-BCCB-F4AF144B9613}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7912E4E2-2B56-4FEC-8F8E-8AF9D460AE25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{44B58F08-3894-48FC-9B8B-152DB6C1E095}C:\program files (x86)\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [UDP Query User{C41FA4CB-5E90-4DAE-98C4-5060CBF532C5}C:\program files (x86)\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [{449B01AD-7185-4E79-8FFD-C126E74746CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{BBDC9928-DC89-488A-9A08-3DAE53F3F5F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{DFA94688-A1D3-4F41-BD8A-8FE800E49384}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Epic Arena\EpicArena.exe
FirewallRules: [{5E488E81-71F2-4B93-8B0E-213427358950}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Epic Arena\EpicArena.exe
FirewallRules: [{4D21E8B5-374F-4CFF-B470-EA0FF054B7C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tactical Genius\TacticalGenius.exe
FirewallRules: [{E5332311-920E-4308-BF88-2CEB88D8F1F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tactical Genius\TacticalGenius.exe
FirewallRules: [TCP Query User{D19944A5-6163-44AD-8189-E8EB145F04AC}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{7F598544-4FEB-4463-AB9C-09171AE02DC3}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{407F114B-B90D-4067-8D0B-DDB22997362F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Missing Translation\nw.exe
FirewallRules: [{75431BD0-2A3C-4941-B649-1DFE823E6DBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Missing Translation\nw.exe
FirewallRules: [{02967C1B-53FA-4A86-82F1-B898DBCD5257}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{1C4D4564-84CB-440E-A311-FA397319AB14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{C383B4AC-3C59-4B3D-8AE4-9C810ABBDAAC}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{550EEADB-1C48-4988-AC74-5A4CC9A0BB7D}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{C6D8E8D3-85D3-473E-A1D7-6B19270E15C8}C:\users\aodh\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\aodh\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{93A6C88F-49E9-4B45-AAEA-6667459BA5EF}C:\users\aodh\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\aodh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E3D9B46C-5A7F-410A-9AE0-D73F4605FDBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Sky\EndlessSky.exe
FirewallRules: [{E76B54BA-1FAF-4082-8F99-9809047015B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Sky\EndlessSky.exe
FirewallRules: [{55310C9C-04F9-4FFA-8BB9-5C091203D17F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{F915AA07-E79E-4C90-996D-BA07B895088D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{575A37DC-161E-4279-A28F-51BFCD770D50}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6DE91EE2-2FDE-401C-B286-B6E7FA829D30}] => (Allow) LPort=2869
FirewallRules: [{CD71DAED-D397-4FD9-A49E-89A7B89D2396}] => (Allow) LPort=1900
FirewallRules: [{1FCD7AA5-EEAF-4CD7-8FFB-0E8A89B40698}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39D511C4-69C0-4646-9F79-48C6094191AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE3A03E5-E35E-4E5A-B390-D8977A5E6566}] => (Allow) C:\Users\Aodh\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{FAEAC1E4-7471-4731-8E3A-421308A77D03}] => (Allow) C:\Users\Aodh\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{E1FA06C3-75FF-42B1-8A2B-37417D2D2FE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{E2DC6E91-431A-40D8-BE96-B996CE01D780}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{5A0A6A7F-AA99-4207-BE61-B838A8E1300A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{67C76C9F-AC9C-453E-9FCD-F7C73D4BF124}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6EC32FBA-41B0-4F5A-904F-F4159179E343}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B5836641-83B6-4FD0-9EB9-DACD6A55A6E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{28FFF8CB-792A-432A-BE84-6274424E150D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{311CA449-325F-4803-8EA8-5FCF197BAAAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{99312CBC-1FAD-4E80-95E9-6690469C721F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4972A216-74AA-4013-A4C5-A9F06EAA45D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/18/2015 08:15:08 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 2564.  Message ID: [0x2509].
 
Error: (12/18/2015 07:30:13 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 700.  Message ID: [0x2509].
 
Error: (12/18/2015 04:24:33 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 3448.  Message ID: [0x2509].
 
Error: (12/18/2015 01:19:22 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 3516.  Message ID: [0x2509].
 
Error: (12/18/2015 12:17:32 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 3992.  Message ID: [0x2509].
 
Error: (12/18/2015 12:16:02 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 4804.  Message ID: [0x2509].
 
Error: (12/18/2015 12:09:45 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 2876.  Message ID: [0x2509].
 
Error: (12/18/2015 12:02:59 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5320.  Message ID: [0x2509].
 
Error: (12/18/2015 11:59:05 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5912.  Message ID: [0x2509].
 
Error: (12/18/2015 11:57:07 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 2248.  Message ID: [0x2509].
 
 
System errors:
=============
Error: (12/18/2015 08:05:47 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000116 (0xfffffa8011ceb4e0, 0xfffff88006124e60, 0xffffffffc000009a, 0x0000000000000004)C:\Windows\MEMORY.DMP121815-16161-01
 
Error: (12/18/2015 08:05:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:58:37 on ‎18/‎12/‎2015 was unexpected.
 
Error: (12/18/2015 07:23:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}
 
Error: (12/18/2015 07:22:06 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000116 (0xfffffa80117e2010, 0xfffff8800607be60, 0xffffffffc000009a, 0x0000000000000004)C:\Windows\MEMORY.DMP121815-21902-01
 
Error: (12/18/2015 07:21:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:19:48 on ‎18/‎12/‎2015 was unexpected.
 
Error: (12/18/2015 06:38:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (12/18/2015 06:38:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (12/18/2015 10:47:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (12/18/2015 10:47:33 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (12/16/2015 07:51:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Avira Service Host service to connect.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2310 CPU @ 2.90GHz
Percentage of memory in use: 31%
Total physical RAM: 8173.64 MB
Available physical RAM: 5625.91 MB
Total Virtual: 16345.49 MB
Available Virtual: 13436.73 MB
 
==================== Drives ================================
 
Drive c: (Boot) (Fixed) (Total:1356.17 GB) (Free:288.24 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:20.23 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
 
==================== End of Addition.txt ============================
 
 
One note: After running the first FRST fix, it demanded a reboot, which I did. Then, on attempting to run the addition fix a prompt demanded the fixlist.txt which I saw had been deleted from desktop during reboot.
 
I made it again and ran the fix.
 
Cheers! :)
 
 
 

  • 0

#7
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

I see you decided not to uninstall those I mentioned at post #2

Up to you but be aware that those programs may be calling home, downloading and reinstalling foistware/adware that we have removed.

Now

Open notepad.

Please copy the contents of the code box below.

To do this highlight (click in the box and press Ctrl + A) the contents of the box and right click on it. Paste this into the open notepad. Save it to the Desktop as fixlist.txt.

Alternatively type the contents of the box into notepad and save it to your desktop as fixlist.txt.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
 

HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Run: [AdobeBridge] => [X]
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-418917625-158424403-2452974618-1001 -> DefaultScope {020A5F22-EF90-498D-8150-0AF0CAB38710} URL =
BHO-x32: Search Results Toolbar -> {94366e2c-9923-431c-b0d6-747447dd0f2b} ->
Toolbar: HKLM-x32 - Search Results Toolbar - {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files (x86)\searchresults1\searchresultsDx.dll [2012-03-22] (Ask.com)
C:\Program Files (x86)\searchresults1
FF SelectedSearchEngine: AVG Secure Search
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
C:\Program Files (x86)\Kaspersky Lab

This script is specifically written for the infection on this person's computer. It should NOT to be used on another machine. It may cause serious damage even to the point of rendering the computer unusable.

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Next

Download Malwarebytes Anti-Rootkit to your desktop from here.


  • Right-Click on the file that was downloaded and choose Run as administrator. Answer Yes if prompted to Allow.
  • Click OK at the installer screen that comes up.
  • The software will be extracted and will open.
  • Click Next at the first screen.
  • The Update Database screen will appear. Click the Update button.
  • Once updated, click the Next button.
  • On the Scan System screen, click the Scan button.
  • Once, the Scan is finished click on the Cleanup button to remove any threats and reboot if prompted to do so.  If no threats are found just close the programme.
  • If threats were found, then after the reboot, re-run the programme to verify no threats remain. If threats are still detected, click the Cleanup button once more.

Whether threats were found or not there will be a folder named mbar on your desktop. Open this folder and you will find in the list that presents with a file named mbar-log-...txt and another named system log.txt. Please open the files one at a time and copy and paste the contents of each back here.

So when you return please post

  • Fixlog.txt
  • mbar results

 

 


  • 0

#8
boosra123

boosra123

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

I see you decided not to uninstall those I mentioned at post #2

Up to you but be aware that those programs may be calling home, downloading and reinstalling foistware/adware that we have removed.

 

Hmnm.. I did uninstall them, except for WSE Rocket which I didn't find in the program uninstall list. I had, in the time between my initial post and your reply, uninstalled various junk which I didn't need and couldn't be helping, mostly video editors. I thought I had already uninstalled WSE rocket.  

Does that mean it was there, not on my uninstall list, and proceeded to call back its friends?

 

I'll endeavour to do so again.

Is there somewhere else I may find a program to uninstall it if not through control panel, and a more thorough way to do it? Ill do it the normal way for now.

 

*Edit* None of those programs are to be found on my uninstall program list, or on my program list. Is there a way to find and kill them?


Edited by boosra123, 06 January 2016 - 02:09 PM.

  • 0

#9
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

 

*Edit* None of those programs are to be found on my uninstall program list, or on my program list. Is there a way to find and kill them?

 

I should have noticed. It seems you have posted the same log as you did at post #1.

 

Did you run another scan as I asked at post #5?


  • 0

#10
boosra123

boosra123

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

 

 

*Edit* None of those programs are to be found on my uninstall program list, or on my program list. Is there a way to find and kill them?

 

I should have noticed. It seems you have posted the same log as you did at post #1.

 

Did you run another scan as I asked at post #5?

 

Yep. I copied and pasted the three as directed, but the "addition" file, bizarrely, has the results of my december scan, as you describe. The other two seem fine though.

 

Perhaps I will simply clear everything off the desktop and simply repeat the steps, so as to not dig myself a hole of confusion.

 

It will only take a few minutes, will I do so? I have two versions of JRT I notice, perhaps confusing things with multiples files lying around belonging to one or the other.


Edited by boosra123, 06 January 2016 - 02:42 PM.

  • 0

Advertisements


#11
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Run the fix first, then try another FRST scan and post back the results. :)

 

Edit: Make sure you have the Addition.txt box ticked. It won't give you a fresh Addition scan unless you do that. ;)


  • 0

#12
boosra123

boosra123

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Ok, this should be right!  I checked the dates on the scans before posting 'em. :P

 

Fix result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by Aodh (2016-01-06 20:54:14) Run:4
Running from C:\Users\Aodh\Desktop
Loaded Profiles: Aodh (Available Profiles: Aodh & Guest)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
EmptyTemp:
*****************
 
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-418917625-158424403-2452974618-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-418917625-158424403-2452974618-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
EmptyTemp: => 20.8 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 20:54:28 ====
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by Aodh (administrator) on VANDENNIS (06-01-2016 20:58:06)
Running from C:\Users\Aodh\Desktop
Loaded Profiles: Aodh (Available Profiles: Aodh & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files\Rainmeter\Rainmeter.exe
(NVIDIA Corporation) C:\Users\Aodh\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-25] (CyberLink)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FontExpertType1Loader] => C:\Program Files (x86)\FontExpert\Type1Loader.exe [176472 2013-12-07] (Proxima Software)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\RunOnce: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-25] (CyberLink)
HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-11-15] (Google Inc.)
HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Run: [RocketDock] => "C:\Program Files (x86)\RocketDock\RocketDock.exe"
HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-18\...\RunOnce: [Adobe Speed Launcher] => 1421233140
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
Startup: C:\Users\Aodh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2012-10-11]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 89.101.160.4 89.101.160.5
Tcpip\..\Interfaces\{1200D11D-FA00-44F9-BE95-1BF725753475}: [DhcpNameServer] 89.101.160.4 89.101.160.5
Tcpip\..\Interfaces\{77FC1C4C-FFBD-4CD5-A278-8E060C677A59}: [NameServer] 89.101.160.4,89.101.160.5
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-418917625-158424403-2452974618-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
HKU\S-1-5-21-418917625-158424403-2452974618-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-418917625-158424403-2452974618-1001 -> DefaultScope {020A5F22-EF90-498D-8150-0AF0CAB38710} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-16] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-16] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-418917625-158424403-2452974618-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
 
FireFox:
========
FF ProfilePath: C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-28] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-04-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-10-24] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-04-20] (Adobe Systems)
FF Extension: Firefogg - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\extensions\[email protected] [2015-12-02] [not signed]
FF Extension: Flashblock - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-12-02]
FF Extension: NoScript - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-12-02]
FF Extension: BetterPrivacy - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-12-13]
FF Extension: Avira Browser Safety - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\[email protected] [2015-12-01] [not signed]
FF Extension: No Name - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\[email protected] [2015-12-01] [not signed]
FF Extension: TinEye Reverse Image Search - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\[email protected] [2015-09-13]
FF Extension: Lightshot (screenshot tool) - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2015-06-12]
FF Extension: Table2Clipboard - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{9ab67d74-ec41-4cb2-b417-df5d93ba1beb}.xpi [2015-06-12]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-12-01]
FF Extension: Video DownloadHelper - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-12-01]
FF Extension: Flash and Video Download - C:\Users\Aodh\AppData\Roaming\Mozilla\Firefox\Profiles\ov9uz4mk.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-12-01] [not signed]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-12-01] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
CHR StartupUrls: Default -> "hxxps://www.google.ie/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Aodh\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll => No File
CHR Profile: C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-04]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-12-30]
CHR Extension: (Skype) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-18]
CHR Extension: (Ghostery) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-12-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Aodh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-06-25] (Adobe Systems) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-02-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2012-09-24] (Broadcom Corporation.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-11-24] (NVIDIA Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-06 20:58 - 2016-01-06 20:58 - 00025424 _____ C:\Users\Aodh\Desktop\FRST.txt
2016-01-06 20:57 - 2016-01-06 20:57 - 00000109 ____H C:\Users\Aodh\Documents\.~lock.Geeksinstructionspost5.odt#
2016-01-06 20:54 - 2016-01-06 20:54 - 00002326 _____ C:\Users\Aodh\Desktop\Fixlog.txt
2016-01-06 20:38 - 2016-01-06 20:38 - 00017569 _____ C:\Users\Aodh\Documents\Geeksinstructionspost5.odt
2016-01-06 20:14 - 2016-01-06 20:14 - 00000000 ____D C:\Users\Aodh\AppData\Local\CrashDumps
2016-01-06 16:12 - 2016-01-06 16:12 - 00087933 _____ C:\Users\Aodh\Desktop\competitionpro50001.jpeg
2016-01-06 10:38 - 2016-01-06 10:38 - 00000000 ____D C:\Users\Aodh\Desktop\FRST-OlderVersion
2016-01-05 23:10 - 2016-01-05 23:14 - 00000000 ____D C:\AdwCleaner
2016-01-05 23:08 - 2016-01-05 23:08 - 01749504 _____ C:\Users\Aodh\Desktop\AdwCleaner.exe
2016-01-05 23:00 - 2016-01-05 23:00 - 01599336 _____ (Malwarebytes) C:\Users\Aodh\Desktop\JRT.exe
2016-01-05 11:14 - 2016-01-06 20:56 - 00109568 ___SH C:\Users\Aodh\Desktop\Thumbs.db
2016-01-05 01:43 - 2016-01-05 01:43 - 00000000 ____D C:\Users\Aodh\Desktop\SwoEditorSv1.3
2016-01-05 01:42 - 2016-01-05 01:42 - 00083368 _____ C:\Users\Aodh\Desktop\SwoEditorSv1.3.7z
2016-01-04 21:56 - 2016-01-04 21:56 - 00163183 _____ C:\Users\Aodh\Desktop\swosniversity1.pdf
2016-01-02 19:16 - 2016-01-02 19:16 - 00316402 _____ C:\Users\Aodh\Desktop\swostutorial.pdf
2015-12-31 01:47 - 2015-12-31 01:47 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\MMFApplications
2015-12-31 01:46 - 2015-12-31 01:51 - 00000000 ____D C:\Users\Aodh\Documents\The Escapists
2015-12-27 20:44 - 2015-12-27 20:44 - 00000351 _____ C:\Windows\kaillera.ini
2015-12-27 20:39 - 2015-12-27 20:39 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\ChatZilla
2015-12-27 20:39 - 2015-12-27 20:39 - 00000000 ____D C:\Users\Aodh\AppData\Local\ChatZilla
2015-12-27 03:38 - 2016-01-03 20:34 - 00000000 ____D C:\Users\Aodh\Desktop\swos-database
2015-12-27 03:37 - 2015-12-27 03:37 - 01308775 _____ C:\Users\Aodh\Desktop\swos-database.zip
2015-12-27 02:52 - 2015-12-27 02:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amiga SWOS-Total Pack
2015-12-27 02:52 - 2015-12-27 02:52 - 00000000 ____D C:\Program Files\Amiga SWOS-Total Pack
2015-12-27 02:47 - 2015-12-27 02:48 - 34683519 _____ ( ) C:\Users\Aodh\Desktop\amiga_swostp_v1.5_setup.exe
2015-12-27 02:47 - 2015-12-27 02:47 - 03252103 _____ C:\Users\Aodh\Desktop\Setup_ASWOS2.zip
2015-12-26 23:55 - 2015-12-26 23:55 - 00000067 _____ C:\Users\Aodh\Desktop\Chaos Engine Passwords.txt
2015-12-26 19:37 - 2015-12-26 19:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01007.Wdf
2015-12-22 15:39 - 2015-12-16 14:39 - 00103032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-12-22 15:37 - 2015-12-16 17:34 - 42977072 _____ C:\Windows\system32\nvcompiler.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 37609080 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 31061624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 24895792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 21122456 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 20663816 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 17561432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 17156968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 16981976 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 16286888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 12334200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-12-22 15:37 - 2015-12-16 17:34 - 03168376 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 02755704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 01915696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436143.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436143.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 00938104 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 00872056 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 00734512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 00681592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 00469144 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 00388560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 00151184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-12-22 15:37 - 2015-12-16 17:34 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-12-21 16:29 - 2015-12-21 16:29 - 22908888 _____ (Malwarebytes ) C:\Users\Aodh\Desktop\mbam-setup-2.2.0.1024.exe
2015-12-19 10:25 - 2015-12-19 10:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 22:43 - 2016-01-06 20:58 - 00000000 ____D C:\FRST
2015-12-18 22:42 - 2016-01-06 10:38 - 02370560 _____ (Farbar) C:\Users\Aodh\Desktop\FRST64.exe
2015-12-18 22:02 - 2015-12-18 22:02 - 00007601 _____ C:\Users\Aodh\AppData\Local\Resmon.ResmonCfg
2015-12-18 20:37 - 2015-12-22 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-18 20:37 - 2015-12-09 01:51 - 01846016 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-12-18 20:37 - 2015-12-09 01:51 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-12-18 20:37 - 2015-12-09 01:51 - 01530240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-12-18 20:37 - 2015-12-09 01:51 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-12-18 20:37 - 2015-12-09 01:51 - 00111520 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2015-12-18 20:34 - 2015-12-16 17:34 - 03637352 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-12-18 20:34 - 2015-12-16 17:34 - 03211760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435906.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435906.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-12-18 20:34 - 2015-11-24 23:10 - 00072504 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-12-18 20:34 - 2015-11-24 23:10 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-12-18 20:34 - 2015-11-24 23:10 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-12-18 20:25 - 2015-12-18 20:28 - 316046904 _____ (NVIDIA Corporation) C:\Users\Aodh\Downloads\359.06-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-12-18 20:09 - 2015-12-18 20:09 - 00012388 _____ C:\Users\Aodh\Documents\Bluescreen info.odt
2015-12-18 16:13 - 2015-12-18 16:13 - 00000000 ____D C:\Users\Aodh\Downloads\Bolivian Baroque Vol 3 - Ensemble Florilegium
2015-12-18 16:04 - 2015-12-18 16:05 - 146040880 _____ C:\Users\Aodh\Downloads\Bolivian Baroque Vol 3 - Ensemble Florilegium.rar
2015-12-18 16:03 - 2015-12-18 16:03 - 00000000 ____D C:\Users\Aodh\Downloads\Bolivian Baroque Vol 2 - Ensemble Florilegium
2015-12-18 15:58 - 2015-12-18 16:00 - 166368351 _____ C:\Users\Aodh\Downloads\Bolivian Baroque Vol 2 - Ensemble Florilegium.rar
2015-12-18 15:58 - 2015-12-18 15:58 - 00000000 ____D C:\Users\Aodh\Downloads\Bolivian Baroque Vol 1 - Ensemble Florilegium
2015-12-18 15:55 - 2015-12-18 15:57 - 208335153 _____ C:\Users\Aodh\Downloads\Bolivian Baroque Vol 1 - Ensemble Florilegium.rar
2015-12-18 15:40 - 2015-12-18 15:40 - 00042690 _____ C:\Users\Aodh\Downloads\p.txt
2015-12-18 15:40 - 2015-12-18 15:40 - 00042690 _____ C:\Users\Aodh\Downloads\p (3).txt
2015-12-18 15:40 - 2015-12-18 15:40 - 00042690 _____ C:\Users\Aodh\Downloads\p (2).txt
2015-12-18 15:40 - 2015-12-18 15:40 - 00042690 _____ C:\Users\Aodh\Downloads\p (1).txt
2015-12-17 16:58 - 2015-12-17 16:58 - 00157652 _____ C:\Users\Aodh\Downloads\2015_FIA_Appendix_J_-_Art_255_A_WRC.pdf
2015-12-17 16:54 - 2015-12-17 16:54 - 01984707 _____ C:\Users\Aodh\Downloads\2016_wrc_sporting_regulations_all.pdf
2015-12-16 21:29 - 2015-12-16 21:29 - 00007476 _____ C:\Users\Aodh\Downloads\hitoutput.txt
2015-12-16 20:15 - 2015-12-16 20:15 - 00018143 _____ C:\Users\Aodh\Downloads\[kat.cr]up.2009.1080p.brrip.x264.yify.torrent
2015-12-16 19:59 - 2015-12-16 19:59 - 00584288 _____ (Oracle Corporation) C:\Users\Aodh\Downloads\jxpiinstall(4).exe
2015-12-16 19:57 - 2015-12-16 19:57 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-12-16 19:57 - 2015-12-16 19:57 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-16 19:56 - 2015-11-23 12:37 - 00110176 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2015-12-16 19:55 - 2015-12-16 19:55 - 00584288 _____ (Oracle Corporation) C:\Users\Aodh\Downloads\chromeinstall-8u66.exe
2015-12-16 14:14 - 2015-12-16 14:14 - 00528665 _____ C:\Users\Aodh\Downloads\A_Busy_Copyist_and_a_Shy_Composer_Two_Si.pdf
2015-12-16 13:59 - 2015-12-16 13:59 - 00000000 ____D C:\Users\Aodh\Downloads\Francesco Barsanti - 6 Concerti Grossi Opera Sesta·(Il Piacere)
2015-12-16 13:57 - 2015-12-16 13:59 - 179431265 _____ C:\Users\Aodh\Downloads\Francesco Barsanti - 6 Concerti Grossi Opera Sesta·(Il Piacere).rar
2015-12-16 00:36 - 2015-12-16 00:36 - 00020785 _____ C:\Users\Aodh\Downloads\[kat.cr]dangerous.liaisons.1988.720p.x264.jalucian.torrent
2015-12-14 21:21 - 2015-12-14 21:22 - 76941789 _____ C:\Users\Aodh\Downloads\Follow_the_Darkness.zip
2015-12-14 20:43 - 2015-12-14 20:43 - 00094881 _____ C:\Users\Aodh\Downloads\[kat.cr]fargo.s02e08.1080p.web.dl.dd5.1.h264.rarbg.torrent
2015-12-14 20:42 - 2015-12-14 20:42 - 00150280 _____ C:\Users\Aodh\Downloads\[kat.cr]fargo.s02e09.1080p.web.dl.dd5.1.h264.rarbg.torrent
2015-12-13 19:55 - 2015-12-13 19:55 - 00058719 _____ C:\Users\Aodh\Downloads\[kat.cr]inside.out.2015.1080p.bluray.x264.dts.hd.ma.7.1.rarbg.torrent
2015-12-13 19:52 - 2015-12-13 19:52 - 00056003 _____ C:\Users\Aodh\Downloads\[kat.cr]toy.story.that.time.forgot.2014.1080p.bluray.remux.avc.dts.hd.ma.7.1.rarbg.torrent
2015-12-13 19:52 - 2015-12-13 19:52 - 00056003 _____ C:\Users\Aodh\Downloads\[kat.cr]toy.story.that.time.forgot.2014.1080p.bluray.remux.avc.dts.hd.ma.7.1.rarbg (1).torrent
2015-12-11 15:26 - 2015-12-11 15:26 - 00002054 _____ C:\Users\Aodh\Downloads\lit3591 (1)
2015-12-11 15:25 - 2015-12-11 15:25 - 00002054 _____ C:\Users\Aodh\Downloads\lit3591
2015-12-11 01:02 - 2015-12-11 01:02 - 00002019 _____ C:\Users\Aodh\Downloads\190007007
2015-12-10 17:44 - 2015-12-10 17:44 - 00014607 _____ C:\Users\Aodh\Documents\Jacchini Period Instruments.odt
2015-12-10 01:25 - 2015-12-10 01:57 - 00010267 _____ C:\Users\Aodh\Documents\George Maniakes Sources.odt
2015-12-09 19:13 - 2015-12-09 19:13 - 00000000 ____D C:\Users\Aodh\Downloads\Albinoni - Homage to a Spanish Grandee
2015-12-09 19:00 - 2015-12-09 19:00 - 07152429 _____ C:\Users\Aodh\Downloads\Albinoni - Homage to a Spanish Grandee.pdf
2015-12-09 18:59 - 2015-12-09 19:12 - 1401568551 _____ C:\Users\Aodh\Downloads\Albinoni - Homage to a Spanish Grandee.zip
2015-12-09 18:50 - 2015-12-09 18:50 - 00000000 ____D C:\Users\Aodh\Downloads\Albinoni - Concerti a Cinque, Op. 10
2015-12-09 18:44 - 2015-12-09 18:50 - 474380540 _____ C:\Users\Aodh\Downloads\Albinoni - Concerti a Cinque, Op. 10.zip
2015-12-09 16:21 - 2015-12-09 16:21 - 00019719 _____ C:\Users\Aodh\Downloads\[kat.cr]albinoni.galuppi.platti.vivaldi.settecento.veneziano.ottavio.dantone.accademia.bizantina.1999.flac.torrent
2015-12-09 16:19 - 2015-12-09 16:19 - 00109372 _____ C:\Users\Aodh\Downloads\[kat.cr]albinoni.tomaso.1671.1751.italy (1).torrent
2015-12-09 16:18 - 2015-12-09 16:18 - 00109372 _____ C:\Users\Aodh\Downloads\[kat.cr]albinoni.tomaso.1671.1751.italy.torrent
2015-12-09 12:30 - 2015-11-05 19:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 12:30 - 2015-11-05 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 12:29 - 2015-11-20 18:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 12:29 - 2015-11-20 18:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 12:29 - 2015-11-20 18:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 12:29 - 2015-11-20 18:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 12:29 - 2015-11-20 18:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 12:29 - 2015-11-20 18:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 12:29 - 2015-11-20 18:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 12:29 - 2015-11-20 18:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 12:29 - 2015-11-11 21:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 12:29 - 2015-11-11 20:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 12:29 - 2015-11-11 18:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 12:29 - 2015-11-11 18:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 12:29 - 2015-11-11 18:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 12:29 - 2015-11-11 18:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 12:29 - 2015-11-11 16:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 12:29 - 2015-11-11 16:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 12:29 - 2015-11-11 15:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 12:29 - 2015-11-11 15:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 12:29 - 2015-11-11 15:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 12:29 - 2015-11-11 15:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 12:29 - 2015-11-11 14:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 12:29 - 2015-11-10 18:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 12:29 - 2015-11-10 18:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 12:29 - 2015-11-10 18:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 12:29 - 2015-11-10 18:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 12:29 - 2015-11-10 18:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 12:29 - 2015-11-10 17:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 12:29 - 2015-11-10 00:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 12:29 - 2015-11-10 00:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 12:29 - 2015-11-10 00:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 12:29 - 2015-11-10 00:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 12:29 - 2015-11-10 00:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 12:29 - 2015-11-10 00:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 12:29 - 2015-11-10 00:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 12:29 - 2015-11-10 00:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 12:29 - 2015-11-10 00:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 12:29 - 2015-11-10 00:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 12:29 - 2015-11-10 00:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 12:29 - 2015-11-10 00:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 12:29 - 2015-11-10 00:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 12:29 - 2015-11-09 23:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 12:29 - 2015-11-09 23:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 12:29 - 2015-11-09 23:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 12:29 - 2015-11-09 23:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 12:29 - 2015-11-09 23:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 12:29 - 2015-11-09 23:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 12:29 - 2015-11-09 23:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 12:29 - 2015-11-09 23:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 12:29 - 2015-11-09 23:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 12:29 - 2015-11-09 23:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 12:29 - 2015-11-09 23:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 12:29 - 2015-11-08 22:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 12:29 - 2015-11-08 22:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 12:29 - 2015-11-08 22:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 12:29 - 2015-11-08 22:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 12:29 - 2015-11-08 22:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 12:29 - 2015-11-08 22:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 12:29 - 2015-11-08 22:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 12:29 - 2015-11-08 22:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 12:29 - 2015-11-08 22:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 12:29 - 2015-11-08 22:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 12:29 - 2015-11-08 22:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 12:29 - 2015-11-08 22:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 12:29 - 2015-11-08 22:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 12:29 - 2015-11-08 22:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 12:29 - 2015-11-08 22:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 12:29 - 2015-11-08 22:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 12:29 - 2015-11-08 21:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 12:29 - 2015-11-08 21:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 12:29 - 2015-11-08 21:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 12:29 - 2015-11-08 21:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 12:29 - 2015-11-08 21:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 12:29 - 2015-11-08 21:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 12:29 - 2015-11-08 21:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 12:29 - 2015-11-08 21:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 12:29 - 2015-11-08 21:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 12:29 - 2015-11-08 21:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 12:29 - 2015-11-08 21:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 12:29 - 2015-11-08 21:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 12:29 - 2015-11-08 20:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 12:29 - 2015-11-08 20:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 12:29 - 2015-11-08 20:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 12:29 - 2015-11-05 19:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 12:29 - 2015-11-05 19:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 12:29 - 2015-11-05 09:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 12:29 - 2015-11-03 19:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 12:29 - 2015-11-03 19:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 12:29 - 2015-11-03 18:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 12:29 - 2015-11-03 18:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-09 12:29 - 2015-10-08 23:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-09 12:29 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 12:29 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 12:29 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 12:29 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 12:29 - 2015-10-08 23:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 12:29 - 2015-10-08 23:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 12:29 - 2015-10-08 23:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 12:29 - 2015-10-08 19:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 12:29 - 2015-10-08 18:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-09 11:26 - 2015-12-21 16:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-09 11:26 - 2015-12-21 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-09 11:26 - 2015-12-21 16:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-09 11:26 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-09 11:26 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-09 11:26 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-09 11:25 - 2015-12-09 11:25 - 22908888 _____ (Malwarebytes ) C:\Users\Aodh\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-08 18:20 - 2015-12-08 18:20 - 01437557 _____ C:\Users\Aodh\Downloads\Nella_fucina_di_Polifemo_Nicola_Porpora.pdf
2015-12-08 18:20 - 2015-12-08 18:20 - 01437557 _____ C:\Users\Aodh\Downloads\Nella_fucina_di_Polifemo_Nicola_Porpora (1).pdf
2015-12-07 18:59 - 2015-12-07 18:59 - 00001248 _____ C:\Windows\system32\13 Julia Lezhneva, Dmitry Sinkovsky, Marco Bianchi, Thomas Meraner, Il Giardino Armonico, Giovanni Antonini - Handel Il Trionfo del Tiempo e del Disinganno, HWV 46a - Oratorio - Come nembo che fugge c.lnk
2015-12-07 18:48 - 2015-12-07 18:48 - 00000000 ____D C:\Users\Aodh\Downloads\mkjp9.FLAC
2015-12-07 16:44 - 2015-12-07 18:39 - 352219788 _____ C:\Users\Aodh\Downloads\mkjp9.FLAC.rar
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-06 20:57 - 2011-11-15 15:32 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-06 20:57 - 2011-11-15 15:32 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-06 20:55 - 2011-06-15 00:34 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-06 20:55 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-06 20:54 - 2009-07-14 04:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-06 20:54 - 2009-07-14 04:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-06 20:49 - 2009-07-14 03:20 - 00000000 ____D C:\Windows
2016-01-06 20:28 - 2012-09-04 17:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-06 19:15 - 2011-11-15 16:06 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-06 10:38 - 2011-11-17 00:25 - 00000000 ____D C:\Users\Aodh\AppData\LocalLow\Temp
2016-01-06 10:28 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2016-01-06 02:50 - 2014-02-02 04:05 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\Media Player Classic
2016-01-05 23:25 - 2014-08-19 16:27 - 00000000 ____D C:\Users\Aodh\AppData\Local\Adobe
2016-01-05 23:25 - 2013-10-18 12:22 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\vlc
2016-01-05 22:57 - 2012-05-30 16:12 - 00023552 ___SH C:\Users\Aodh\Thumbs.db
2016-01-03 20:34 - 2011-11-21 16:40 - 00000000 ____D C:\Users\Aodh\Desktop\Projects
2016-01-02 12:39 - 2012-09-04 17:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-02 12:39 - 2012-04-01 23:45 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-02 12:39 - 2011-06-14 21:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-31 18:26 - 2013-02-23 19:52 - 00000000 ____D C:\Users\Aodh\Downloads\Amiga Games1
2015-12-30 21:15 - 2014-06-29 19:01 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\tixati
2015-12-28 16:08 - 2015-11-23 21:59 - 00000000 ____D C:\Users\Aodh\AppData\Local\ElevatedDiagnostics
2015-12-24 15:33 - 2015-10-08 17:49 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\foobar2000
2015-12-22 23:15 - 2011-11-15 15:37 - 00000000 ___HD C:\Users\Aodh\AppData\Local\Google
2015-12-22 15:40 - 2011-06-15 00:34 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-21 16:51 - 2014-03-15 19:01 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2015-12-21 16:33 - 2011-11-15 17:42 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\SoftGrid Client
2015-12-19 13:31 - 2014-06-03 16:47 - 00068912 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2015-12-19 10:28 - 2014-06-03 22:55 - 00068912 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2015-12-19 10:25 - 2015-04-05 02:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-19 10:24 - 2009-07-14 04:45 - 04880736 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-19 01:33 - 2011-06-14 22:27 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-12-19 01:33 - 2011-03-14 22:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-19 01:31 - 2011-03-14 22:27 - 00000000 ____D C:\ProgramData\Temp
2015-12-19 01:26 - 2012-10-01 21:49 - 00000000 ___HD C:\Users\Aodh\AppData\Local\Unity
2015-12-19 01:23 - 2013-02-02 22:35 - 00000000 ____D C:\Program Files (x86)\Universal Media Server
2015-12-19 01:08 - 2012-07-17 00:30 - 00000000 ____D C:\Program Files (x86)\VideoReDoTVSuite4
2015-12-19 01:07 - 2012-11-18 15:15 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2015-12-19 01:07 - 2012-11-18 15:10 - 00000000 ____D C:\Users\Aodh\AppData\Roaming\NCH Software
2015-12-19 01:07 - 2012-11-18 15:10 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-12-19 01:06 - 2012-02-19 17:45 - 00000000 ____D C:\Program Files (x86)\Pinnacle
2015-12-19 00:52 - 2012-01-13 01:05 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2015-12-18 23:47 - 2011-11-26 21:50 - 00000000 ____D C:\Windows\Minidump
2015-12-18 20:37 - 2014-06-03 15:50 - 00000000 ____D C:\Users\Aodh\AppData\Local\NVIDIA Corporation
2015-12-18 20:37 - 2011-06-15 00:34 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-12-18 20:37 - 2011-06-15 00:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-18 20:23 - 2014-06-03 15:50 - 00000000 ____D C:\Users\Aodh\AppData\Local\NVIDIA
2015-12-18 15:43 - 2015-03-12 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-18 15:43 - 2014-07-22 20:58 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-17 11:01 - 2012-09-26 15:21 - 00000000 ____D C:\Users\Aodh\Desktop\Torrents
2015-12-16 19:57 - 2013-10-17 23:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-16 17:34 - 2014-06-03 15:47 - 14005408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-12-16 17:34 - 2013-02-25 23:32 - 18716176 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-12-16 17:34 - 2012-04-12 19:06 - 00207152 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-12-16 17:34 - 2012-04-12 19:06 - 00194680 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-12-16 17:34 - 2011-06-15 00:34 - 00034848 _____ C:\Windows\system32\nvinfo.pb
2015-12-16 14:53 - 2011-06-15 00:34 - 06359672 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-12-16 14:53 - 2011-06-15 00:34 - 02985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-12-16 14:53 - 2011-06-15 00:34 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-12-16 14:53 - 2011-06-15 00:34 - 01256240 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-12-16 14:53 - 2011-06-15 00:34 - 00523384 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-12-16 14:53 - 2011-06-15 00:34 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-12-16 14:53 - 2011-06-15 00:34 - 00075056 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-12-16 14:53 - 2011-06-15 00:34 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-12-16 14:49 - 2011-06-15 00:34 - 06090019 _____ C:\Windows\system32\nvcoproc.bin
2015-12-10 14:25 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 02:22 - 2012-09-12 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 02:21 - 2012-09-12 20:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 02:21 - 2012-09-12 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 02:20 - 2013-08-14 18:07 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 02:13 - 2011-02-10 20:56 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 12:06 - 2011-12-16 14:32 - 00000000 ____D C:\Program Files (x86)\Magic Workstation
2015-12-09 11:26 - 2012-03-04 17:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-09 11:09 - 2009-07-14 05:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
 
==================== Files in the root of some directories =======
 
2015-05-04 23:39 - 2015-07-19 22:01 - 0000033 _____ () C:\Users\Aodh\AppData\Roaming\AdobeWLCMCache.dat
2012-11-17 20:17 - 2013-11-20 00:34 - 0007168 ____H () C:\Users\Aodh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-23 23:54 - 2015-11-23 23:54 - 0022733 _____ () C:\Users\Aodh\AppData\Local\recently-used.xbel
2015-12-18 22:02 - 2015-12-18 22:02 - 0007601 _____ () C:\Users\Aodh\AppData\Local\Resmon.ResmonCfg
2012-09-09 01:07 - 2012-09-09 01:07 - 0000008 ____H () C:\Users\Aodh\AppData\Local\~wmrg
2015-05-26 18:19 - 2015-05-26 18:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Aodh\AppData\Local\Temp\avgnt.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-30 03:38
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by Aodh (2016-01-06 20:59:59)
Running from C:\Users\Aodh\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-11-15 15:34:39)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-418917625-158424403-2452974618-500 - Administrator - Disabled)
Aodh (S-1-5-21-418917625-158424403-2452974618-1001 - Administrator - Enabled) => C:\Users\Aodh
Guest (S-1-5-21-418917625-158424403-2452974618-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-418917625-158424403-2452974618-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
8BitMMO (HKLM-x32\...\Steam App 250420) (Version:  - Archive Entertainment)
Ableton Live 8 (HKLM-x32\...\{4941E15C-3C68-4FB7-B5A4-5061B92E9166}) (Version: 8.0.0.0 - Ableton)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe After Effects CS5.5 (HKLM-x32\...\{E82097B9-A3B8-404A-9A92-AC16A8AC9576}) (Version: 10.5 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19480 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.0.0.74 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Age of Empires Online (HKLM-x32\...\Steam App 105430) (Version:  - Microsoft)
Amiga SWOS-Total Pack version V1.5 (HKLM-x32\...\{73AC668E-650D-42E4-9307-1A6DBD1DD5AE}_is1) (Version: V1.5 - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARMA 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avadon: The Black Fortress (HKLM-x32\...\Steam App 112100) (Version:  - Spiderweb Software)
Avidemux 2.5 (32-bit) (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.6.7716 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BitTorrent (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\BitTorrent) (Version: 7.8.2.30489 - BitTorrent Inc.)
Blender (HKLM\...\Blender) (Version: 2.63-release - Blender Foundation)
calibre (HKLM-x32\...\{D060E2E3-5509-4420-AA04-FA197C6678C8}) (Version: 0.9.28 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Canon MG5200 series User Registration (HKLM-x32\...\Canon MG5200 series User Registration) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.12 - Piriform)
CD Wave Editor 1.98 (HKLM-x32\...\CD Wave Editor_is1) (Version: 1.9.8.1 - MiLo Software)
CDisplayEx 1.8 (HKLM-x32\...\CDisplayEx_is1) (Version:  - Henri Gourvest.)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Celestia 1.6.1 (HKLM-x32\...\Celestia_is1) (Version:  - Shatters Software)
Chip's Challenge 1 (HKLM-x32\...\Steam App 346850) (Version:  - Niffler Ltd.)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Comical 0.8 (HKLM-x32\...\Comical_is1) (Version:  - James Athey)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.2821 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DarthMod Napoleon (HKLM-x32\...\DarthMod Napoleon) (Version:  - )
DebugMode Wax 2.0 (HKLM-x32\...\DebugMode Wax 2.0) (Version:  - )
Desura (HKLM-x32\...\Desura) (Version:  - Desura)
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.25.3+4.9 - DjVuZone)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve )
Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version:  - )
DROD: The City Beneath 3.3.0 (HKLM-x32\...\DROD: The City Beneath_is1) (Version: 3.3.0 - Caravel Games)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
Epic Arena (HKLM-x32\...\Steam App 334030) (Version:  - Shadow Masters)
Eraser 6.0.9.2343 (HKLM\...\{3D33F6F0-4D90-484D-A1D9-09AE791CCBD9}) (Version: 6.0.2343 - The Eraser Project)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Europa Universalis: Rome - Demo (HKLM-x32\...\Steam App 22160) (Version:  - )
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version:  - )
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
FlacSquisher 1.3.5 (HKLM-x32\...\FlacSquisher) (Version: 1.3.5 - FlacSquisher)
FontExpert 2014 Font Manager (HKLM-x32\...\FontExpert 2014) (Version: 12.0.0.2 - Proxima Software)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free APE to MP3 Converter 1.0 (HKLM-x32\...\{23CAF97E-FC9A-4043-A8B2-3C8605305D35}_is1) (Version: 1.0 - Jacek Pazera)
FS-UAE 2.4.1 (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\FS-UAE_is1) (Version: 2.4.1 - )
Geneforge 1 (HKLM-x32\...\Steam App 200960) (Version:  - Spiderweb Software)
Geneforge 2 (HKLM-x32\...\Steam App 200980) (Version:  - Spiderweb Software)
Geneforge 3 (HKLM-x32\...\Steam App 200990) (Version:  - Spiderweb Software)
Geneforge 4 (HKLM-x32\...\Steam App 201000) (Version:  - Spiderweb Software)
Geneforge 5 (HKLM-x32\...\Steam App 201010) (Version:  - Spiderweb Software)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Greenshot 1.2.6.7 (HKLM\...\Greenshot_is1) (Version: 1.2.6.7 - Greenshot)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Infinite Crisis™ (HKLM-x32\...\Steam App 345520) (Version:  - Turbine, Inc.)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
K-Lite Codec Pack 10.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lara Croft and the Guardian of Light (HKLM-x32\...\Steam App 35130) (Version:  - Crystal Dynamics)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
LMMS 1.1.3 (HKLM-x32\...\LMMS) (Version: 1.1.3 - LMMS Developers)
Magic 2015 (HKLM-x32\...\Steam App 255420) (Version:  - Stainless Games)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Magic Set Editor 2.0.0 (HKLM-x32\...\Magic Set Editor 2_is1) (Version:  - )
Magic The Gathering Online  (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\35c9d60442fbb010) (Version: 3.4.87.523 - Wizards of the Coast)
Magic Workstation 0.94f (HKLM-x32\...\Magic Workstation_is1) (Version:  - Magic Technology)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Mendeley Desktop 1.6 (HKLM-x32\...\Mendeley Desktop) (Version: 1.6 - Mendeley Ltd.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Miro Video Converter (HKLM-x32\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
Missing Translation (HKLM-x32\...\Steam App 395520) (Version:  - AlPixel Games)
Monkey's Audio (HKLM-x32\...\Monkey's Audio_is1) (Version:  - )
Mount & Blade - Unoffical Troop Editor (C:\Program Files (x86)\Mount & Blade - Unoffical Troop Editor\) (HKLM-x32\...\ST6UNST #2) (Version:  - )
Mount & Blade - Unoffical Troop Editor (HKLM-x32\...\ST6UNST #1) (Version:  - )
MountMusket Battalion (HKLM-x32\...\{8AF7479C-B28D-4BFF-867B-4755DE019259}_is1) (Version: 0.4.2 - MountMusket Battalion Team)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MPEG Video Wizard DVD 5.0.1.111 (02/2014) (HKLM-x32\...\{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1) (Version: 5.0.1.111 - Womble Multimedia, Inc.)
MPEG Video Wizard DVD 5.0.1.111 (02/2014) (HKLM-x32\...\Mpeg Video Wizard DVD 5.0) (Version: 5.0.1.111 (02/2014) - Womble Multimedia, Inc.)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTG Card Images for Magic Workstation (HKLM-x32\...\MTG Card Images for Magic Workstation_is1) (Version:  - )
MTG GamePack for Magic Workstation (HKLM-x32\...\MTG GamePack for Magic Workstation_is1) (Version:  - Magic Technology)
Nero 12 (HKLM-x32\...\{95E152CF-0EB5-4BFA-B6EE-8FC7F9601BA5}) (Version: 12.0.02900 - Nero AG)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
OU Flashcards (HKLM-x32\...\OU Flashcards) (Version:  - )
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Pianissimo (HKLM-x32\...\Pianissimo) (Version:  - Acoustica)
PlanetSide 2 (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerAgent 7.7.5 (HKLM\...\PowerAgent_is1) (Version:  - Saris Cycling Group, Inc.)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
printFIT Business Card Printing Kit (HKLM-x32\...\{3FD83A7E-4D16-48C3-B26C-15F4548ACEF5}) (Version: 10.00.000 - )
Pro Cycling Manager 2013 (HKLM-x32\...\Steam App 219800) (Version:  - Cyanide)
Python 2.7.2 (HKLM-x32\...\{2E295B5B-1AD4-4d36-97C2-A316084722CF}) (Version: 2.7.2150 - Python Software Foundation)
qBittorrent 3.2.4 (HKLM-x32\...\qBittorrent) (Version: 3.2.4 - The qBittorrent project)
QGIS Valmiera 2.2.0 Valmiera (HKLM\...\QGIS Valmiera) (Version:  - QGIS Development Team)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.3.3 r1522 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
ShaderTFX version 1.1 (HKLM\...\ShaderTFX_is1) (Version:  - )
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V: Gods & Kings Demo (HKLM-x32\...\Steam App 213910) (Version:  - )
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
SpaceEngine version 0.9.7.2 (HKLM-x32\...\{E65FD500-9218-44EC-9586-D39FAB4DFDAF}_is1) (Version: 0.9.7.2 - SpaceEngine)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\TeamSpeak 3 Client) (Version: 3.0.8 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Escapists (HKLM-x32\...\Steam App 298630) (Version:  - Mouldy Toof Studios)
Tixati (HKLM-x32\...\tixati) (Version:  - )
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Tomb Raider (VI): The Angel of Darkness (HKLM-x32\...\Steam App 225020) (Version:  - Core Design)
Tomb Raider I (HKLM-x32\...\Steam App 224960) (Version:  - Core Design)
Tomb Raider II (HKLM-x32\...\Steam App 225300) (Version:  - Core Design)
Tomb Raider III: Adventures of Lara Croft (HKLM-x32\...\Steam App 225320) (Version:  - Core Design)
Tomb Raider: Anniversary (HKLM-x32\...\Steam App 8000) (Version:  - Crystal Dynamics)
Tomb Raider: Chronicles (HKLM-x32\...\Steam App 225000) (Version:  - Core Design)
Tomb Raider: Legend (HKLM-x32\...\Steam App 7000) (Version:  - Crystal Dynamics)
Tomb Raider: The Last Revelation (HKLM-x32\...\Steam App 224980) (Version:  - Core Design)
Tomb Raider: Underworld (HKLM-x32\...\Steam App 8140) (Version:  - Crystal Dynamics)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: Shogun 2 - Assembly Kit (HKLM-x32\...\Steam App 202930) (Version:  - The Creative Assembly)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
TrainingPeaks Device Agent (HKLM-x32\...\{BF436CD1-67D6-4849-8C09-AE87197A0A64}) (Version: 3.0.90 - TrainingPeaks)
Tux Paint 0.9.21c (HKLM-x32\...\Tux Paint_is1) (Version:  - New Breed Software)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Vega 7 (HKLM-x32\...\Vega) (Version: 7 - Vegachess)
VirtualTraining Desktop version (HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\VirtualTraining Desktop version) (Version: 3.1.0.0 - SportSoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.1.2 - Azureus Software, Inc.)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic Entertainment)
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3400 - Broadcom Corporation)
WinDjView 1.0.3 (HKLM-x32\...\WinDjView) (Version: 1.0.3 - Andrew Zhezherun)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - Saris Cycling Group, Inc. libusb Drivers (05/11/2011 1.2.4.0) (HKLM\...\D471913AF25804C37195D83AD80A8B9F7F3FF5CC) (Version: 05/11/2011 1.2.4.0 - Saris Cycling Group, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.10 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.5 - win.rar GmbH)
WM Recorder (HKLM-x32\...\WM Recorder14.12) (Version: 14.12 - AllAlex, Inc)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-418917625-158424403-2452974618-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-418917625-158424403-2452974618-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {306FBFCB-9DF2-4BC3-AE32-04BA6DA8304F} - System32\Tasks\{10F68DF3-DFF9-45E4-B70D-D8399BC4B05B} => pcalua.exe -a "C:\Users\Aodh\Desktop\100 Mod\TroopEditor v1.9 Install Package\setup.exe" -d "C:\Users\Aodh\Desktop\100 Mod\TroopEditor v1.9 Install Package"
Task: {3D3A12D7-DC7B-4654-B4C4-52C534252AE4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {463E481C-B933-4B41-AE07-2C9643A58DE6} - System32\Tasks\AdobeAAMUpdater-1.0-Vandennis-Aodh => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30] (Adobe Systems Incorporated)
Task: {5708C1CE-E6FD-45DA-8B8E-CCDE118C9D00} - System32\Tasks\{D514B5CF-DBD9-49F0-A86B-B94F3144EADC} => pcalua.exe -a C:\Users\Aodh\Downloads\shortcircuit-1_1_2.exe -d C:\Users\Aodh\Downloads
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {7A232736-5E68-4239-A97E-14FEB14E6614} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {83BE68F1-98AE-486D-A583-65DDD21B964B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {A4D9CB9D-CB7E-4362-9047-E0731361ADA3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-02] (Adobe Systems Incorporated)
Task: {D5157623-28F6-4383-A14D-B584EE665C32} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {D9F69B30-E3A0-4C6E-B78C-CF81D65E09B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E190E5B2-C421-4900-9750-10BAA17D8010} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {E7347B7A-C47D-496C-8DAA-9CAADE553610} - System32\Tasks\{7DF2AD79-3E9B-4B5D-B0D7-A2E340CB4B94} => pcalua.exe -a C:\Users\Aodh\Downloads\MouseTest.exe -d C:\Users\Aodh\Downloads
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Aodh\Desktop\Projects\Golf MapStuff\GRASS GIS 6.4.3.lnk -> C:\Program Files\QGIS Valmiera\bin\nircmd.exe (NirSoft) -> exec hide C:\PROGRA~1\QGISVA~1\bin\grass64.bat -wx
 
==================== Loaded Modules (Whitelisted) ==============
 
2012-04-12 19:07 - 2015-12-16 14:53 - 00126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-18 21:59 - 2015-12-09 01:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-04-16 16:42 - 2015-04-16 16:42 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2012-07-03 12:21 - 2012-07-03 12:21 - 00041160 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2012-07-03 12:21 - 2012-07-03 12:21 - 00754376 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2015-12-18 20:37 - 2015-12-09 01:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2011-01-17 16:19 - 2012-02-27 15:43 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2010-11-19 18:45 - 2012-02-27 15:43 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2014-10-16 17:37 - 2014-10-16 17:37 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2011-06-14 21:06 - 2011-04-30 07:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:0888F409
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51
AlternateDataStreams: C:\ProgramData\Temp:3440EB47
AlternateDataStreams: C:\ProgramData\Temp:66633281
AlternateDataStreams: C:\Users\Aodh\Cookies:Qgd1w97RKadbi38e14SDju
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\sony.com -> sony.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-418917625-158424403-2452974618-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Aodh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 89.101.160.4 - 89.101.160.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Aodh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BitTorrent => "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Aodh\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Aodh\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{7A6CA036-349A-4886-945C-77B570449D80}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{E0D87026-383F-4540-9547-92DF0B2CDF2A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{51B377CA-B25F-4D58-98AE-E6C464967231}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{245DED63-1A5C-4610-B90F-4EE993C3E84A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{473D7F50-B331-4CF4-8A2B-7E139518398A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{C42A916C-6CC2-416E-96AB-402BB158FA78}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{3EEC425E-6CB1-4DFF-9B88-614CB3EEFEFB}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{BEF2226B-52CE-46A1-BAD9-75313FB6DFAA}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{FA28E5B4-2785-4CF1-8C9F-098EB5E46913}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{BCD9CB82-C069-497F-8A2E-9A11505A1E64}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{C09F6A5F-AF23-466D-A555-27E6DFF4BD52}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [TCP Query User{60C80F5D-78CE-4DAE-A072-97EFB5833A75}C:\program files (x86)\steam\steamapps\batchuba\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\batchuba\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{DEA4D68C-ED1A-49C9-9E76-2F4A6A9AC0C8}C:\program files (x86)\steam\steamapps\batchuba\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\batchuba\team fortress 2\hl2.exe
FirewallRules: [{ADAA991B-F584-41A9-AD0E-643F689298D1}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{2ADA3615-3D15-4833-A186-F5E54B28B2BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{276A2A68-C38E-40DF-B265-440802A38DDD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F3314A36-919C-4E30-A2E5-72848EA7F1CB}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe
FirewallRules: [UDP Query User{058EF4CA-6BAC-4791-9549-A8BE406B9096}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe
FirewallRules: [TCP Query User{353A9AD0-64AB-4AD9-9C1F-0978453383AD}C:\users\aodh\downloads\downloader_starcraft_combo_engb.exe] => (Allow) C:\users\aodh\downloads\downloader_starcraft_combo_engb.exe
FirewallRules: [UDP Query User{5904CE08-8F50-4A0F-8520-295F2A354180}C:\users\aodh\downloads\downloader_starcraft_combo_engb.exe] => (Allow) C:\users\aodh\downloads\downloader_starcraft_combo_engb.exe
FirewallRules: [{ABFC3DAA-A5F3-4C12-85D3-AAB68A31BACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{4EADEC82-08BC-4488-8002-6ED93DFB98D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{1CA1D8DD-E637-4F4A-981C-F69644176708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [{B51B3B8E-5F9D-4503-8020-78D6514D2F88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [{A9DAB5BC-D323-4113-9090-4F3254BFF607}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\_runA2CO.cmd
FirewallRules: [{12702A26-FBC8-4809-8C92-05F917A07B79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\_runA2CO.cmd
FirewallRules: [TCP Query User{1D3A2BB3-0C06-47AD-8638-09E579A40478}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [UDP Query User{986570A6-81AF-4864-A19D-917847115666}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [{3A4DD47F-58F6-4965-A076-CB4FECA133E4}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{8F232053-54E0-42C6-8843-39C702AE552B}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{441D5142-CA50-4602-83CD-47DBFDE2BA5A}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{861175DC-3A31-4959-9478-A57AD66353AF}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [TCP Query User{2990496E-BEE2-4689-B5FC-A120075B9A66}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A0F07C25-24D1-473A-83FB-BC9BC6F2A20A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{41601E5D-65B5-485B-9AF7-8EF94B5B7B04}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{FE80A169-8342-49BC-B838-BBE4B8545A9F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{E3752451-BC10-442A-B264-D07C275C5650}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{24C978DD-9903-4DBD-BF47-042E03F1CEA5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{4A233C59-5614-4248-92B3-0B4C6903516D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{85EF9ACB-F72B-4833-B661-E3ADFC0DAED6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{ABBD1C58-DAC5-4897-BAC1-153CF23668C8}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{38D92D74-3C60-489C-8F16-786C41B1650E}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{E3FDC81F-4813-4912-9B0D-D5FD29CF9B48}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{42A5A2D7-17F9-4140-853A-D972C2C3B544}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{ABE36A46-CC7F-403E-B578-D079D72B24FB}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{F1E6A90B-8A6A-46EB-B9FD-65F85BD36311}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{285F11FF-C58F-4D94-8EF9-BC50FE03D535}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{AA010432-8A08-494E-ACC7-7BA7855F634F}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{EBB329C2-37A9-479A-A8D7-0A3BF65617BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\launcher\launcher.exe
FirewallRules: [{AC0AFDE6-A531-4CA9-95E9-FB0B875D8D7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\launcher\launcher.exe
FirewallRules: [{66AE21DC-2D8D-4876-B2AE-6FFD7D5267C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis Rome - Demo\Rome.exe
FirewallRules: [{8E283E82-4C48-4BE8-9AF3-D61C353879CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis Rome - Demo\Rome.exe
FirewallRules: [{52B9C649-EEA8-44D8-B871-8C237FB94030}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\age of empires online\AOEOnline.exe
FirewallRules: [{7E73B0E2-DD23-45AD-A5B9-EA66BA95EECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\age of empires online\AOEOnline.exe
FirewallRules: [{4797C421-0202-4D0F-BD2F-6463E2A6AF67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\modding\show.bat
FirewallRules: [{C1725FAC-2880-4305-A181-B360E6C97A3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\modding\show.bat
FirewallRules: [{CF475EC3-8482-4415-8087-0EB5FED682DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\civ_v_xp_demo\Launcher.exe
FirewallRules: [{7B1A5D0F-18FF-4570-A4CF-13388AD15E29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\civ_v_xp_demo\Launcher.exe
FirewallRules: [{3ACC1B11-FC75-401F-8724-829848C82B9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\batchuba\sourcesdk\bin\SDKLauncher.exe
FirewallRules: [{6E9B25C6-7903-4191-8811-7DBCED05EF79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\batchuba\sourcesdk\bin\SDKLauncher.exe
FirewallRules: [{F3B35EE9-9367-4314-BB2E-91B9F37C6DB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{67332CC6-78BA-4E7B-A09D-D52BE4D7D176}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{BBCCCDB3-D5A1-479B-BCF3-BA0CF856AD5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{24C35478-E0CE-4620-9874-21C426BE31BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{EF657C9D-817A-449B-9B8E-256D6B8D0A8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{296AECCB-A561-4A81-9CC4-DD6DBE6D75D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{5615E55D-CF13-4D15-B8B1-63C1308EED80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{AD013FE1-A3F3-436E-B095-2D43DAB8C6AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{3571150F-1220-485D-9D84-7A622FD21EDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{063212A2-FEEE-4DB1-A73E-8A12A49AD865}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{88D06885-E78B-48B0-82F3-FF80D144B40B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{0117525F-B540-4396-9C53-6DFFEE4CF953}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{821298B6-C53A-4FD3-93D5-2B609629BFCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{CB95FE07-1335-4AA6-87AD-5EF4084CAE6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{6795141A-113B-4585-AAFE-98572514449D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F9CF7ED3-6232-4C86-8CA2-9328F763564F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2575C3BB-BA9C-4F8C-9318-CAFAEB7E5D08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E7D5B8D0-E74F-443E-AD50-25BB083AA98C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DFD592EC-0019-4E83-8093-2D8D8BB84E91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{B5B3C17B-6C54-4C42-8646-7FF13B65FA2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F4D1AA03-B841-4FED-82C7-70B27552CF7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BD92555F-80C8-4887-8CDF-BFA959729C6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5B54A1A5-CE25-4F65-8CE1-AB7405681966}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{799124CA-BBBA-4295-B1B6-3E37210A47B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F5B9AD5D-7777-4CAD-9D33-59B121D289EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2DB1F2D6-4505-48EA-9B31-3C31D6B36BC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{B2C141CC-6A04-4198-8451-53B4BF4CCBAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{BA2CA187-2F7A-4E91-85CC-2735506EFC14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{9064158E-11A7-45AB-BDEE-AB70AF226B0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{57DF841B-8A8A-4528-BEEA-6D704120942B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{4D2C2D3D-3933-402C-947E-4468B9804ED2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{D3DC5A34-4454-4FD3-943D-4A6DEB08EF1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{99864764-4D82-48AA-A0B2-D5427898B743}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{5DD260B6-E69B-4779-94A6-EB4339CE7BF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\dota.exe
FirewallRules: [{1CBA9E41-6795-4DCD-BC6D-7C1C8352191D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{EE074EA0-874A-47F0-8175-7EFF2923C003}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{004869AB-5483-4537-9BAE-683812136C2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{9848A4CC-E11C-4E12-A85D-30F8E7770C98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{7AE5EF55-FBBA-43B3-A4E4-5B113F04E9B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{8116FB5F-DA20-4456-97F2-A85B1B692D9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{93BDCCB8-D6DA-4FF1-81AA-B7F60A04DA55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{04A4DACE-9504-4A39-B471-53426E992F34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{870914FC-4C45-4E44-8079-5413C104B4D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{7311CA5B-CAB0-4DFE-8D97-F511C2F06776}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{918A67AB-72B9-48C3-965E-C593E61AA000}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{70ECB0D5-3E82-435D-A992-B85F407D244E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{3CEED1B3-2C8C-4A89-B3DB-2396831ABC70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{8C81AF58-4686-49FC-89A6-441A6B8DEC6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{FE1E220F-9BB4-41DA-87BC-290F6F926F28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{128694AD-E332-4F3B-8D6E-4F74362A5E19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{59BF0578-009E-4CC6-BC78-7D661F996582}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{32E92D8D-B160-410C-9FE2-F770484A3E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{563C8A6A-FDD2-44B0-B95F-E1FE86E8D9BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{F2D64123-87A5-44D1-BB6A-5CACFCEB7E69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{0989BDDE-F3BC-4CE3-899D-E4FAF128D330}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{DB940E5A-D1F0-452E-A586-8F17B0A1862B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{E7CA3F12-ACA7-4EF7-B254-C4642850026D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{F51BEEF3-0D5D-416A-95D1-68F8BA600677}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{69984396-1BF2-4BE3-9D02-6ADA6C591CFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{B53D4077-4720-440A-BCBD-317EE554985E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{DC1926B5-EE6E-4A23-9597-2853831CC78D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{50DECCA8-0F45-4FD7-B6B9-C586D4163C49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{CE31D8A1-4185-4595-B076-CA8664BF2044}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{74AB6C8B-80C7-46A9-98BE-C90166BFF995}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{14E9458F-1B08-492F-A385-55E57739A68E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3E660A34-9E37-4092-84D0-ABFADE765EB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F623017E-0C01-4A73-9AFB-2594689D57AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{5FDE2CBD-561E-49C8-8AB8-A1C527BFFDC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{559579F1-C4EA-43E5-B6C5-2AC12B369B46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{3847C8AA-264C-471B-B1DE-71C5E5FFDECF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{9D5B244E-6B8F-4EB2-93C0-503B7BA6AC9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{A74D2F89-8115-405C-8112-D663838048EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{1B38B339-3CCE-4C0A-B0FD-9F315B9E2B84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{2F79C961-BA94-4E06-8D7B-ECA752E34D84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{189406D2-9DA0-4459-8ADA-CE2D2AD31C98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{C9763F43-8658-4F96-98B7-C83B7F6AA9D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitMMO\jre\bin\javaw.exe
FirewallRules: [{362217CC-B8DD-4B7D-88BB-EE64B51FFAC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{1CC12869-C36E-42F3-A140-98D95E1F9EE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{987C7486-B43E-4B00-907C-27B7F6C96F46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{6F9DA841-1B78-4611-A42D-B6EBF9CA6C5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{9E10C3E7-895C-43D2-83EA-024E949C4D33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0CC4E302-1772-4452-B8DB-1478F657361C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{7B582038-EFDE-4B51-B838-CB83352CD040}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B52D80C0-36B3-4D42-A21B-9B692439700A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{224007A2-D6B4-4FEA-B975-2E8B9E1365AF}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{EABA2DA5-66D2-4852-801D-D483E6162E19}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{56B9828F-ECA5-4F51-9963-0FBEE0710BFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{E62EB5A5-B8B1-4286-9963-2C5C381830B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{4502E0D7-34D3-4676-8EDC-EB4945479B54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{28EA3372-7C48-4D33-80BD-D06B96DB52E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{E388C042-1A4A-4C64-AB0E-CC67ED875BB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{E6E8EACB-E328-4B94-AEE0-9C553001BD75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{EBA52BDD-2B2C-4174-AA9F-C89F98F6FE28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4B7791FB-A36F-4971-A3D5-C4779EA05F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{D7A68AB6-91E8-4291-8E9F-BE3D21DC51EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{F3836EF1-30C5-48ED-9B41-0BD62D400ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{AC601597-CE1B-47DA-8FF6-35257FE5DB15}] => (Allow) C:\Users\Aodh\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{6AACF68A-3B53-4621-A3FD-5C55663054C6}] => (Allow) C:\Users\Aodh\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{396DBA7C-DD00-4EA0-BBAA-61961F78F278}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{1EF9F12B-26FD-4550-8FEA-72639E6BE512}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [TCP Query User{2CEFD7FF-8DB6-4BD3-A24A-DBB3FE42A486}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{696E9AC9-FBEC-4944-A2FD-CB3A6D022FB1}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [TCP Query User{53EB17E3-39E3-463C-9D72-0E00450455B4}C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe] => (Block) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
FirewallRules: [UDP Query User{513A486F-71D3-4BC2-BFE9-38C4A9CE7351}C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe] => (Block) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
FirewallRules: [{F38423A4-483C-4D0D-BEBE-1C85E9EABDC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{6BF3EE96-6BAF-49B9-9FB8-60EDF6931BB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{56609604-829A-4850-8226-B293250EFF67}C:\programdata\battle.net\agent\agent.2787\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2787\agent.exe
FirewallRules: [UDP Query User{162DED32-609E-4F45-B883-655AA9AFE6CC}C:\programdata\battle.net\agent\agent.2787\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2787\agent.exe
FirewallRules: [TCP Query User{499939C8-86E8-438B-8BF6-CFE84B34D924}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{5DB05C52-18E9-429C-A281-8BD0B0FC7AD3}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [TCP Query User{64EEBCD9-94F4-4265-BE0A-371EFE4FDA27}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{513017DF-1A4F-49C7-B746-7178DA12D528}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{87606FF8-C59F-4633-9721-AF504CBCF6A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2013\PCM.exe
FirewallRules: [{36A76FB7-473A-481C-992C-8BCA8436B124}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2013\PCM.exe
FirewallRules: [{77920A40-B5AB-4A6B-B879-698C41A3ADDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2013\CTStageEditor.exe
FirewallRules: [{FD48F295-0372-4B27-A51B-FFFAC6614E03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2013\CTStageEditor.exe
FirewallRules: [{BD7728AE-BE94-42F3-B776-785C0D6030E3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{0A841409-AE98-44F6-A052-0558BF92AAF3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1C0DA450-9891-4673-AFC4-DE6E9F0AE6C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{4C0885A0-E30E-402C-B96D-5D1DE574AB53}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{2ABBF05C-C058-459F-958C-07BA369D969A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{970786DB-C3AD-43C6-AC8F-F9E3328FEAF7}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D677392E-38BE-4CC0-AB08-2C6049255F53}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{052A5106-3E4E-4DC7-8637-B291A3F5BF7F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{4AA60D2C-B975-44D4-9790-F3B2B811D927}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{359D8DFF-65F1-4B0E-B3B8-648993AF14B0}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7046E729-9BB4-4C73-84E5-F4D46D47A152}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{8D840556-1DD2-4FF2-B49B-94602CF90895}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{0DD0243D-D5B7-4F64-B591-6BB6721241E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{8BDD1EC0-E627-4F2C-98F9-246E5DE7C650}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [TCP Query User{FEE00DC9-512E-45DA-B462-26AF8D692EE7}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{75EA0923-B310-4CC7-854A-25BF40E88B6F}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [{6CB3B435-D4DD-469F-9D28-BCCCD60C2830}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{CCC8B8F5-A050-4212-8299-292E75158AF0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{4C94CBF1-95DE-40E8-B598-EF01EB15F096}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{2D5674AC-4C8C-4AF3-A2F6-955D47B9E7F3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{3D5DD9BE-7FF0-4701-BF9D-2750AEFD753A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{B4207231-DC67-4D23-928A-32C8FA9927A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{0B839344-B44D-415C-A26C-534475AE628B}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{0545D16E-B3B9-44AA-BCBC-BA9D775D1AC2}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{126F1897-D063-49AB-8E84-153E13976057}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{2DA1515D-5E39-48F9-978B-CB4322516125}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{DF3C8BB7-4739-414F-BC92-596FFC08D54F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{7939D185-9975-4F3D-A174-BBB2581E0588}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{585F4475-8087-4585-8CA7-7920E1915399}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{5919CD22-1139-4D04-98B0-504C401C4A06}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{E6E0AE70-9B6B-4CBB-A6E9-E9DA3653183A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B96540C2-A063-4CFA-9C88-6E1D01F20569}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{304D44FF-C79E-499B-8062-104DF7C9D48D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{97CF8D1A-1EF1-440F-9F71-22700D88A39B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{423AB798-5CD3-4F2D-B0DC-E8B9779FA0C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{3D062619-D71F-4EDC-98A3-52753522F398}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{CD41C372-03A5-4A23-84E0-59FC438AA974}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{D2E68CCE-A1E5-4501-92DE-BED54751ECD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{14615B41-5C35-41EE-B11F-C39FBCD99B49}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{8952F8F2-9F42-45FD-9C46-516A6F5EC4AC}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{CFD7183B-4A77-4B42-8CBC-6141F7B2322E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{C99CC118-0E51-4887-B923-4F252E4F4AEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{0BAE18CD-337D-491C-BBD5-369214ABCEC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Underworld\tru.exe
FirewallRules: [{125AFA31-3FF5-49A7-B668-170B969F2FF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Underworld\tru.exe
FirewallRules: [{F6B416CE-2AF9-4D42-AA91-83A186A8FC77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [{EA835DB9-68F3-484F-941B-070A11597A01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [{9B422626-24DA-4BFA-98D4-7E4D5FFCEC82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Anniversary\tra.exe
FirewallRules: [{E0FF431B-DCC7-48EF-85A8-0BEA7FF36638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Anniversary\tra.exe
FirewallRules: [{2748104E-E518-434E-9D62-2FB54D65F1F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (VI) The Angel of Darkness\Launcher.exe
FirewallRules: [{A2EB62FF-FF94-4DEE-8E27-9E88968E9C13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (VI) The Angel of Darkness\Launcher.exe
FirewallRules: [{80980080-9B8C-4DBD-9729-D6FA1DE1DC7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (V) Chronicles\PCTomb5.exe
FirewallRules: [{68796B7F-8ABC-4008-9437-C0C0C3362BF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (V) Chronicles\PCTomb5.exe
FirewallRules: [{39D939D8-228A-4A84-9E9D-C59502320311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (IV) The Last Revelation\tomb4.exe
FirewallRules: [{DE807827-2B6E-4FC8-A671-3FC46E8D7B51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (IV) The Last Revelation\tomb4.exe
FirewallRules: [{ED4E290B-933C-4DA7-AA9E-CCA2B188B337}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TombRaider (III)\tomb3.exe
FirewallRules: [{488A0D72-E470-47AB-9FC1-3719CF8DC4EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TombRaider (III)\tomb3.exe
FirewallRules: [{C999A111-8590-4BA9-83A9-DEE30D5B4B6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (II)\Tomb2.exe
FirewallRules: [{87829589-3221-456C-841D-CD687A5D3344}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (II)\Tomb2.exe
FirewallRules: [{B28FBF65-4932-4898-AB5B-2EF3CA249791}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (I)\dosbox.exe
FirewallRules: [{01DBB16F-E231-4EC4-B7AC-830736853142}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (I)\dosbox.exe
FirewallRules: [{23514F83-17C6-4F65-860D-91F5652D1EB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{2D8EEC11-8373-47CF-987C-7704DEBC753D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E1D010A9-CE9D-4665-99D1-8BEC73F009B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lara Croft and the Guardian of Light\lcgol.exe
FirewallRules: [{7F443F60-18C4-44BF-8FEB-45115F0BC765}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lara Croft and the Guardian of Light\lcgol.exe
FirewallRules: [{493DCE06-B33C-4FDF-8095-13DD536F9A87}] => (Allow) C:\Users\Aodh\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{D4E017E8-B72E-45F1-B8C5-1E9F41D87C6D}] => (Allow) C:\Users\Aodh\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{F37948FD-FEE8-4B44-B596-45CFD0FC8D70}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{67B95249-9C76-45EF-9C85-B3A2B0BA8E18}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{8BC2BEC5-E565-49AD-8B43-9B4E98E63DF6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{1B91C438-3FD2-44B8-9321-693378539D13}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{34CD644B-F722-4E29-97EC-7B38615F6C6F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F29F0A4-922B-4828-9C28-33B16C36F65D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{228F6A61-EAAD-42B0-8B47-FAB15D1362BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avadon The Black Fortress\Avadon.exe
FirewallRules: [{5E7DDF11-C21B-47EB-A614-F3DBBAAA7CA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avadon The Black Fortress\Avadon.exe
FirewallRules: [TCP Query User{5B68BDEE-2BB0-4078-9903-0C2DD312BFC4}C:\program files (x86)\fms\fms.exe] => (Allow) C:\program files (x86)\fms\fms.exe
FirewallRules: [UDP Query User{58A2E76B-4E1F-49A0-829F-6F05638C059C}C:\program files (x86)\fms\fms.exe] => (Allow) C:\program files (x86)\fms\fms.exe
FirewallRules: [{4682AAD3-ED78-4759-8F1F-B171719DE9EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Infinite Crisis Steam\TurbineLauncher.exe
FirewallRules: [{EE27EF50-98D2-4F6C-B845-C205D427DBFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Infinite Crisis Steam\TurbineLauncher.exe
FirewallRules: [{1B36747E-7F83-48C4-ACC2-5788CA62ABD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{8ECDC837-CEB8-4A9C-B01B-FDE1F7FC8107}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{2A0D8B64-29ED-4625-B9A8-32F7CDB19C45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{78E3036C-5216-4A17-9C98-536CDC69EAFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{EAAE8B9B-9113-4CEB-8ED1-67F197981311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 5\Geneforge 5.exe
FirewallRules: [{458BD448-A1E7-437E-B020-EA04A7693F41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 5\Geneforge 5.exe
FirewallRules: [{3A775842-6F0E-4010-ACA0-B96179BC4A89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 4\Geneforge 4.exe
FirewallRules: [{ABCD88F3-2B04-4AF8-A74F-9483815F2BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 4\Geneforge 4.exe
FirewallRules: [{734BE1DA-E4EA-4712-A44C-88FBE2557FC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 3\Geneforge 3.exe
FirewallRules: [{70670280-6924-4E15-803E-5AA59916C290}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 3\Geneforge 3.exe
FirewallRules: [{E5802A4D-EFE0-4091-9FA0-812BC5E16022}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 2\Geneforge 2.exe
FirewallRules: [{7FC15D4D-DC7F-41A8-90D2-F6B0650A3A23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge 2\Geneforge 2.exe
FirewallRules: [{24A2CE35-DC92-4AE7-AEF9-F74400927B37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge\Geneforge.exe
FirewallRules: [{FBC95371-98BD-4E11-94B2-AA5491555269}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geneforge\Geneforge.exe
FirewallRules: [{27081020-55BA-4647-8B05-15D09E10B88E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Chip's Challenge 1\chips1.exe
FirewallRules: [{011C997E-C92E-45A2-8E6C-5BA8E3320C64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Chip's Challenge 1\chips1.exe
FirewallRules: [TCP Query User{C199C2AC-F3A5-48B1-B6B0-8C9CC96E621C}C:\program files (x86)\applian technologies\applian flv and media player\amp.exe] => (Block) C:\program files (x86)\applian technologies\applian flv and media player\amp.exe
FirewallRules: [UDP Query User{52FE907A-EDEE-4AF4-BCF3-67115A1D6D92}C:\program files (x86)\applian technologies\applian flv and media player\amp.exe] => (Block) C:\program files (x86)\applian technologies\applian flv and media player\amp.exe
FirewallRules: [{255847C9-3A8F-42F1-95B8-760756435E39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{26EB114F-2031-4D60-9C48-1403D90CBF5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{B0CE9DA1-40C7-4D04-BC9B-E43FF3707F33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{45030FCA-3BD9-452C-97A1-A4FB5C65CF51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{140D172F-CCFF-4602-9FB2-56BC2AFF6D1C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{64975CCE-C471-413B-828D-44811B50D507}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{784A0822-806D-41A0-AC9D-27C04DDAADE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{689A604F-E8D3-4D12-94F3-BC4909190B94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{70BEC15E-3DF4-4E47-B4D9-26ACB17A81EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{EF0E8592-08FA-4CA9-BEE9-47E1BC242809}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{1A396D15-3F24-465B-8195-BC8BB63B11A2}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{0A0FBDCC-7633-4E81-A7D2-E936E2DFFC96}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{E361F9AB-A94F-4008-9A31-DA9F9403EDD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{61A5EFEB-FF1B-4E98-8760-60C141FCEA4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{95951A8C-1BF6-419A-B3A9-8ED1DE6D39F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{564B8038-3650-4FE3-B125-41C249617DE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{66D988F5-113B-476B-BCCB-F4AF144B9613}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7912E4E2-2B56-4FEC-8F8E-8AF9D460AE25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{44B58F08-3894-48FC-9B8B-152DB6C1E095}C:\program files (x86)\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [UDP Query User{C41FA4CB-5E90-4DAE-98C4-5060CBF532C5}C:\program files (x86)\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [{DFA94688-A1D3-4F41-BD8A-8FE800E49384}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Epic Arena\EpicArena.exe
FirewallRules: [{5E488E81-71F2-4B93-8B0E-213427358950}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Epic Arena\EpicArena.exe
FirewallRules: [TCP Query User{D19944A5-6163-44AD-8189-E8EB145F04AC}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{7F598544-4FEB-4463-AB9C-09171AE02DC3}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{407F114B-B90D-4067-8D0B-DDB22997362F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Missing Translation\nw.exe
FirewallRules: [{75431BD0-2A3C-4941-B649-1DFE823E6DBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Missing Translation\nw.exe
FirewallRules: [{02967C1B-53FA-4A86-82F1-B898DBCD5257}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{1C4D4564-84CB-440E-A311-FA397319AB14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{C383B4AC-3C59-4B3D-8AE4-9C810ABBDAAC}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{550EEADB-1C48-4988-AC74-5A4CC9A0BB7D}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{C6D8E8D3-85D3-473E-A1D7-6B19270E15C8}C:\users\aodh\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\aodh\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{93A6C88F-49E9-4B45-AAEA-6667459BA5EF}C:\users\aodh\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\aodh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{55310C9C-04F9-4FFA-8BB9-5C091203D17F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{F915AA07-E79E-4C90-996D-BA07B895088D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{575A37DC-161E-4279-A28F-51BFCD770D50}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6DE91EE2-2FDE-401C-B286-B6E7FA829D30}] => (Allow) LPort=2869
FirewallRules: [{CD71DAED-D397-4FD9-A49E-89A7B89D2396}] => (Allow) LPort=1900
FirewallRules: [{1FCD7AA5-EEAF-4CD7-8FFB-0E8A89B40698}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39D511C4-69C0-4646-9F79-48C6094191AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E1FA06C3-75FF-42B1-8A2B-37417D2D2FE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{E2DC6E91-431A-40D8-BE96-B996CE01D780}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{5A0A6A7F-AA99-4207-BE61-B838A8E1300A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{67C76C9F-AC9C-453E-9FCD-F7C73D4BF124}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6EC32FBA-41B0-4F5A-904F-F4159179E343}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B5836641-83B6-4FD0-9EB9-DACD6A55A6E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{28FFF8CB-792A-432A-BE84-6274424E150D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{311CA449-325F-4803-8EA8-5FCF197BAAAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{99312CBC-1FAD-4E80-95E9-6690469C721F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4972A216-74AA-4013-A4C5-A9F06EAA45D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{5657E57A-4EB9-475A-950B-9FEEB62DB417}C:\program files\amiga swos-total pack\ss_reporter\ss_reporter.exe] => (Allow) C:\program files\amiga swos-total pack\ss_reporter\ss_reporter.exe
FirewallRules: [UDP Query User{B3D2A5B5-E7C8-46E6-94F4-2AA87055B4BC}C:\program files\amiga swos-total pack\ss_reporter\ss_reporter.exe] => (Allow) C:\program files\amiga swos-total pack\ss_reporter\ss_reporter.exe
FirewallRules: [{BDDF31C9-5144-48C0-892E-99DA87B7BE20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Escapists\TheEscapists.exe
FirewallRules: [{FEB0AB3E-A9AA-4714-8D0D-87E88AE2A4E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Escapists\TheEscapists.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Belkin Bluetooth 4.0 USB Adapter
Description: Belkin Bluetooth 4.0 USB Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/06/2016 08:13:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: SHLWAPI.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9ab
Exception code: 0xc0000005
Fault offset: 0x0000000000011c66
Faulting process id: 0xbc8
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (01/06/2016 12:16:20 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 3444.  Message ID: [0x2509].
 
Error: (01/05/2016 11:25:47 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 1824.  Message ID: [0x2509].
 
Error: (01/05/2016 12:32:07 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5576.  Message ID: [0x2509].
 
Error: (01/04/2016 11:37:16 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 7564.  Message ID: [0x2509].
 
Error: (01/03/2016 11:46:16 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 7356.  Message ID: [0x2509].
 
Error: (01/03/2016 10:47:15 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5292.  Message ID: [0x2509].
 
Error: (01/03/2016 10:00:00 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 4596.  Message ID: [0x2509].
 
Error: (01/01/2016 02:04:44 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 6612.  Message ID: [0x2509].
 
Error: (01/01/2016 02:00:31 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 2096.  Message ID: [0x2509].
 
 
System errors:
=============
Error: (01/06/2016 02:18:50 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (01/05/2016 11:15:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error: 
%%1069
 
Error: (01/05/2016 11:15:12 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (01/05/2016 11:15:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1069
 
Error: (01/05/2016 11:15:11 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (01/05/2016 11:14:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Virtualization Client service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (01/05/2016 11:14:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (01/05/2016 11:14:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (01/05/2016 11:14:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (01/05/2016 11:14:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2310 CPU @ 2.90GHz
Percentage of memory in use: 33%
Total physical RAM: 8173.64 MB
Available physical RAM: 5405.09 MB
Total Virtual: 16345.49 MB
Available Virtual: 13816.2 MB
 
==================== Drives ================================
 
Drive c: (Boot) (Fixed) (Total:1356.17 GB) (Free:307.03 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:20.23 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
 
==================== End of Addition.txt ============================

  • 0

#13
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Let's try that fix again but this time we will do it a different way. :)

Download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Attached Files


  • 0

#14
boosra123

boosra123

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Here we go.
 
Fix result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by Aodh (2016-01-06 21:41:48) Run:5
Running from C:\Users\Aodh\Desktop
Loaded Profiles: Aodh (Available Profiles: Aodh & Guest)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKU\S-1-5-21-418917625-158424403-2452974618-1001\...\Run: [AdobeBridge] => [X]
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-418917625-158424403-2452974618-1001 -> DefaultScope {020A5F22-EF90-498D-8150-0AF0CAB38710} URL =
BHO-x32: Search Results Toolbar -> {94366e2c-9923-431c-b0d6-747447dd0f2b} ->
Toolbar: HKLM-x32 - Search Results Toolbar - {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files (x86)\searchresults1\searchresultsDx.dll [2012-03-22] (Ask.com)
C:\Program Files (x86)\searchresults1
FF SelectedSearchEngine: AVG Secure Search
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found
C:\Program Files (x86)\Kaspersky Lab
emptytemp:
*****************
 
HKU\S-1-5-21-418917625-158424403-2452974618-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
HKU\S-1-5-21-418917625-158424403-2452974618-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94366e2c-9923-431c-b0d6-747447dd0f2b} => key not found. 
HKCR\Wow6432Node\CLSID\{94366e2c-9923-431c-b0d6-747447dd0f2b} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{94366e2c-9923-431c-b0d6-747447dd0f2b} => value not found.
HKCR\Wow6432Node\CLSID\{94366e2c-9923-431c-b0d6-747447dd0f2b} => key not found. 
"C:\Program Files (x86)\searchresults1" => not found.
FF SelectedSearchEngine: AVG Secure Search => not found
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => value removed successfully
"C:\Program Files (x86)\Kaspersky Lab" => not found.
EmptyTemp: => 21.6 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 21:41:51 ====
 
Cheers :)

  • 0

#15
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Much better. :thumbsup:

 

Now

 

Download Malwarebytes Anti-Rootkit to your desktop from here.

  • Right-Click on the file that was downloaded and choose Run as administrator. Answer Yes if prompted to Allow.

  • Click OK at the installer screen that comes up.

  • The software will be extracted and will open.

  • Click Next at the first screen.

  • The Update Database screen will appear. Click the Update button.

  • Once updated, click the Next button.

  • On the Scan System screen, click the Scan button.

  • Once, the Scan is finished click on the Cleanup button to remove any threats and reboot if prompted to do so.  If no threats are found just close the programme.

  • If threats were found, then after the reboot, re-run the programme to verify no threats remain. If threats are still detected, click the Cleanup button once more.


Whether threats were found or not there will be a folder named mbar on your desktop. Open this folder and you will find in the list that presents with a file named mbar-log-...txt and another named system log.txt. Please open the files one at a time and copy and paste the contents of each back here.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP