Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need virus removal help.


  • Please log in to reply

#1
Zanarisfate

Zanarisfate

    Member

  • Member
  • PipPip
  • 19 posts

As the title says I need some help with removing a virus. The virus is a part of multiple programs that are taking up to 45% of cpu speed at times. Currently I can not kill the processes and it is blocking the download of AVG and Malwarebytes. I have restarted my PC in safe mode and removed the files but they keep coming back after exiting safe mode. Windows defender doesn't pick it up as malicious. Any help or tips would be greatly appreciated. 


Edited by Zanarisfate, 22 February 2017 - 02:31 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,017 posts
  • MVP
See if you can get and run any of these:
(Safe Mode with Networking is OK.)
 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
     
    •  
  • Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC.  If you don't know if you have a 32 or 64 bit system get them both.  Only one will work and that's the right one.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Check the Addition.txt box
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 

    • 0

    #3
    Zanarisfate

    Zanarisfate

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts

    Junkware removal tool was blocked.

     

    Here is the log for AdwCleaner:

    To note is it only picked up a few parts of the virus not the whole thing

     

    # AdwCleaner v6.043 - Logfile created 22/02/2017 at 16:57:43
    # Updated on 27/01/2017 by Malwarebytes
    # Database : 2017-02-22.1 [Local]
    # Operating System : Windows 10 Home  (X64)
    # Username : Eskew - ESKEWPC
    # Running from : C:\Users\Eskew\Downloads\AdwCleaner.exe
    # Mode: Clean
     
     
     
    ***** [ Services ] *****
     
    [-] Service deleted: Dataup
    [-] Service deleted: windowsmanagementservice
     
     
    ***** [ Folders ] *****
     
    [#] Folder deleted on reboot: C:\Users\Eskew\AppData\Local\cpx
    [#] Folder deleted on reboot: C:\Program Files (x86)\dataup
     
     
    ***** [ Files ] *****
     
    [#] File deleted: C:\WINDOWS\TEMPcoral.vbs
     
     
    ***** [ DLL ] *****
     
     
     
    ***** [ WMI ] *****
     
     
     
    ***** [ Shortcuts ] *****
     
     
     
    ***** [ Scheduled Tasks ] *****
     
    [-] Task deleted: Desk 365 RunAsStdUser
    [-] Task deleted: GoforFilesUpdate
    [-] Task deleted: Omiga Plus RunAsStdUser
    [-] Task deleted: YourFile DownloaderUpdate
    [-] Task deleted: PROPCCleaner_Popup
    [-] Task deleted: PROPCCleaner_Start
    [-] Task deleted: Online Application Guardian
    [-] Task deleted: Online Application Guard
    [-] Task deleted: Online Application
     
     
    ***** [ Registry ] *****
     
    [-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Dataup
    [-] Key deleted: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Dataup
    [-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [cpx]
     
     
    ***** [ Web browsers ] *****
     
     
     
    *************************
     
    :: "Tracing" keys deleted
    :: Winsock settings cleared
     
    *************************
     
    C:\AdwCleaner\AdwCleaner[C0].txt - [29928 Bytes] - [22/02/2017 14:28:13]
    C:\AdwCleaner\AdwCleaner[C2].txt - [1985 Bytes] - [22/02/2017 14:43:20]
    C:\AdwCleaner\AdwCleaner[C3].txt - [1755 Bytes] - [22/02/2017 16:57:43]
    C:\AdwCleaner\AdwCleaner[S0].txt - [27463 Bytes] - [22/02/2017 14:18:20]
    C:\AdwCleaner\AdwCleaner[S1].txt - [1897 Bytes] - [22/02/2017 14:39:01]
    C:\AdwCleaner\AdwCleaner[S2].txt - [2043 Bytes] - [22/02/2017 16:41:30]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2048 Bytes] ##########
     
     
     
     
     
    FRST.txt Log:
     
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-02-2017 01
    Ran by Eskew (administrator) on ESKEWPC (22-02-2017 16:22:12)
    Running from C:\Users\Eskew\Downloads
    Loaded Profiles: Eskew (Available Profiles: Eskew)
    Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    () C:\Program Files (x86)\dataup\dataup.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
    (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
    (Thermaltake) C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS VENTUS Mouse\VentusMonitor.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    () C:\Program Files (x86)\svcvmx\svcvmx.exe
    () C:\Program Files (x86)\svcvmx\vmxclient.exe
    () C:\Program Files (x86)\svcvmx\vmxclient.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
    () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (qdcomsvc Inc.) C:\Program Files (x86)\qdcomsvc\qdcomsvc.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    () C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
    (Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    () C:\Program Files (x86)\svcvmx\vmxclient.exe
    () C:\Program Files (x86)\svcvmx\vmxclient.exe
    () C:\Program Files (x86)\svcvmx\vmxclient.exe
     
    ==================== Registry (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
    HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-03] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-17] (Microsoft Corporation)
    HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
    HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-20] (AVG Technologies CZ, s.r.o.)
    HKLM\...\Run: [Malwarebytes TrayApp] => C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
    HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
    HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-07-12] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
    HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Tt eSPORTS VENTUS Gaming Mouse] => C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS VENTUS Mouse\VentusMonitor.exe [135976 2014-10-07] (Thermaltake)
    HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
    HKLM-x32\...\Run: [cpx] => "C:\Program Files (x86)\cpx\cpx.exe" -starup <===== ATTENTION
    HKLM-x32\...\Run: [svcvmx] => C:\Program Files (x86)\svcvmx\svcvmx.exe [896512 2017-01-13] ()
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Spotify Web Helper] => C:\Users\Eskew\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2017-02-02] (Spotify Ltd)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3018528 2017-02-21] (Valve Corporation)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Free Mahjong Games] => C:\Users\Eskew\AppData\Local\WebPlayer\Free Mahjong Games\WebPlayer.exe
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Google Update] => C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-16] (Google Inc.)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Discord] => C:\Users\Eskew\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334528 2016-12-24] (Echobit LLC)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Policies\Explorer: [NoLogOff] 0
    HKU\S-1-5-18\...\Run: [] => [X]
    HKLM\...\Providers\Internet Print Provider: inetpp.dll
    HKLM\...\Providers\LanMan Print Services: win32spl.dll
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-19] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-19] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-19] ()
    Startup: C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2014-05-02]
    ShortcutTarget: Curse.lnk -> C:\Users\Eskew\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    CHR HKU\S-1-5-21-105371738-2419289027-4122941235-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Tcpip\..\Interfaces\{ac6afb3d-8517-44c6-9431-c73322cdde42}: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{f773b07c-b721-4cce-a715-00099922e7cf}: [DhcpNameServer] 192.168.137.1
     
    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK13/1
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
    SearchScopes: HKLM -> {8270C55B-56AB-4326-AAFF-BA98AB9618B0} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    SearchScopes: HKLM-x32 -> {8270C55B-56AB-4326-AAFF-BA98AB9618B0} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {8270C55B-56AB-4326-AAFF-BA98AB9618B0} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-19] (Oracle Corporation)
    BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll => No File
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-19] (Oracle Corporation)
    BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
    BHO-x32: No Name -> {5BDE3F24-D7B3-40D9-BD31-D1CFF12C47B4} -> No File
    BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2015-05-04] (PasswordBox, Inc.)
    BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2016-10-21] (Perfect World Entertainment Inc)
    BHO-x32: No Name -> {aa2fac44-d24d-4fed-9e32-397d138365f1} -> No File
    Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
    Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default [2017-02-21]
    FF user.js: detected! => C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default\user.js [2015-01-26]
    FF Extension: (Cyti Web 1.0.1) - C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default\Extensions\{1f01bfa6-8fc1-4c12-a219-da77269427c2}.xpi [2015-01-26] [not signed]
    FF Extension: (No Name) - C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default\extensions\[email protected] [not found]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\PasswordBox\Firefox
    FF Extension: (PasswordBox) - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-21] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4535\ff => not found
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-16] ()
    FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-19] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-19] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-07-12] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-16] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2016-10-21] (Perfect World Entertainment Inc)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-07-12] (Adobe Systems)
    FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [2008-07-08] (BYOND)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Eskew\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-04] (Citrix Online)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @nsroblox.roblox.com/launcher -> C:\Users\Eskew\AppData\Local\Roblox\Versions\version-8756646edb404aaf\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Eskew\AppData\Local\Roblox\Versions\version-8756646edb404aaf\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Eskew\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-15] (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll [2008-07-08] (BYOND)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
     
    Chrome: 
    =======
    CHR DefaultProfile: Profile 1
    CHR HomePage: Profile 1 -> hxxps://www.google.com/webhp?hl=en&tab=ww
    CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/"
    CHR Plugin: (Shockwave Flash) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => No File
    CHR Plugin: (Native Client) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\pdf.dll => No File
    CHR Plugin: (Norton Confidential) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll => No File
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
    CHR Plugin: (Java™ Platform SE 7 U10) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
    CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => No File
    CHR Plugin: (Windows LiveÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Java Deployment Toolkit 7.0.100.18) - C:\windows\SysWOW64\npDeployJava1.dll => No File
    CHR Profile: C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default [2016-02-16]
    CHR Extension: (Video Deck for YouTube™) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpoakikepagdiphlmfaeifpojdmbnegj [2014-06-20]
    CHR Extension: (AVG SafeGuard) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-05-08]
    CHR Extension: (Google Wallet) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-18]
    CHR Profile: C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-02-22]
    CHR Extension: (AdBlock) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-16]
    CHR Extension: (TweetDeck by Twitter) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-11-15]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
    CHR Extension: (Chrome Media Router) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
    CHR Extension: (Space Planet) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppcocpoeoiajndepaaimnnglicichmbb [2016-05-04]
    CHR HKLM-x32\...\Chrome\Extension: [bocnojmkdlamkknefedafeamofpjehlk] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4535\ch\TrustMediaViewerV1alpha4535.crx <not found>
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
     
    ==================== Services (Whitelisted) ====================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
    S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88024 2016-10-21] (Perfect World Entertainment Inc)
    S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1256872 2017-02-20] (AVG Technologies CZ, s.r.o.)
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-21] ()
    R2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
    S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395024 2016-12-07] (EasyAntiCheat Ltd)
    S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2016-12-24] (Echobit LLC)
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-03] (NVIDIA Corporation)
    R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
    U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-10] (Hi-Rez Studios) [File not signed]
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
    S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
    R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-03] (NVIDIA Corporation)
    R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-03] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-03] (NVIDIA Corporation)
    R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
    R2 qdcomsvc; C:\Program Files (x86)\qdcomsvc\qdcomsvc.exe [755200 2017-02-16] (qdcomsvc Inc.) [File not signed]
    R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
    S2 windowsmanagementservice; C:\Users\Eskew\AppData\Local\Temp\20170220\ct.exe [X] <==== ATTENTION <==== ATTENTION
     
    ===================== Drivers (Whitelisted) ======================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.)
    R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.)
    S2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
    R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
    R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
    S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3778592 2015-11-26] (C-MEDIA)
    R1 drmkpro64; C:\WINDOWS\System32\drivers\drmkpro64.sys [53832 2017-02-20] () [File not signed]
    R3 EvolveVirtualAdapter; C:\WINDOWS\system32\DRIVERS\evolve.sys [21656 2013-02-13] (Echobit, LLC)
    S3 GVTDrv64; C:\WINDOWS\GVTDrv64.sys [30528 2015-07-30] ()
    R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
    S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-03] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-06-03] (NVIDIA Corporation)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
    R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
    R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
    R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
    S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
    R3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
    R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
     
    ========================== Drivers MD5 =======================
     
    C:\WINDOWS\System32\drivers\1394ohci.sys A7901875F89D011C38CF52C98ACF5B29
    C:\WINDOWS\System32\drivers\3ware.sys EE1CCC54F75C24727A218F98FC5349DA
    C:\WINDOWS\System32\drivers\ACPI.sys 73C73E1AA0D4D727A04AAAB120B7F56A
    C:\WINDOWS\System32\drivers\AcpiDev.sys 0935496EF9624B46B935CB35ECE1F205
    C:\WINDOWS\System32\Drivers\acpiex.sys D6794C31F4077B71433988787BAA926E
    C:\WINDOWS\System32\drivers\acpipagr.sys FE5F656D6B35089DA39112E74EC6A85A
    C:\WINDOWS\System32\drivers\acpipmi.sys 2F242941E4DFF69B883D77A16F039557
    C:\WINDOWS\System32\drivers\acpitime.sys C247E35A21682DA8D0DC3AF9F025FCC5
    C:\WINDOWS\System32\drivers\ADP80XX.SYS 49B9DB97AFC85DCCBDACDAB2E90085B7
    C:\WINDOWS\system32\drivers\afd.sys 323AA1953ED9C01E23F740FA891FE064
    C:\WINDOWS\System32\DRIVERS\ahcache.sys 23522E5D581F7722B1B5B86737CAE39C
    C:\WINDOWS\System32\drivers\amdk8.sys DF21E05E41E5AC3F13F304D91457649A
    C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys 575C9A4F33617D8C99077267CCEA0C30
    C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys 8B5782CA9386724048F11C1607425B31
    C:\WINDOWS\System32\drivers\amdppm.sys 45D0AA4BB90B821DF92E8F19ABED0C5E
    C:\WINDOWS\System32\drivers\amdsata.sys 74FFBC43B4B899C9A8CA06A892F2CE73
    C:\WINDOWS\System32\drivers\amdsbs.sys AAB0F1D8D7E54761ABAB13AF161F1680
    C:\WINDOWS\System32\drivers\amdxata.sys F91BAAC4237C40352A807000F3B716F9
    C:\WINDOWS\System32\drivers\appid.sys BC121C099C6C659126AD2102AFDFF8CF
    C:\WINDOWS\System32\drivers\applockerfltr.sys 68190E2BADF23BD782344970E5B5DE9E
    C:\WINDOWS\system32\DRIVERS\appexDrv.sys CF6E96336D3B247AB48F28CC570B83D8
    C:\WINDOWS\System32\drivers\arcsas.sys E6AB1F0B4C3D4E0D2A88332D76FECD03
    C:\WINDOWS\System32\drivers\asyncmac.sys 61C5A480C43E7E8E49C42869F49D0D3E
    C:\WINDOWS\System32\drivers\atapi.sys A10F989A812B57B9695F6C305907C9C6
    C:\WINDOWS\system32\drivers\AtihdWT6.sys 0966FD5BAB1F9BE200875E9EED0A0A13
    C:\WINDOWS\System32\drivers\bxvbda.sys 61BAC67048CA5C1D08C48FCC8012B613
    C:\WINDOWS\System32\drivers\BasicDisplay.sys 68F72B05EBC6D1779C0D60A147C7CA0B
    C:\WINDOWS\System32\drivers\BasicRender.sys 23156E7EDAF613D839E2839746B168D3
    C:\WINDOWS\System32\drivers\bcmfn.sys 3F5523DCEFE42B385659C5CB46A6B810
    C:\WINDOWS\System32\drivers\bcmfn2.sys 0B750A6A6D847E73CA48ADD7A0F5A393
    C:\Windows\System32\Drivers\Beep.sys 0A508274355745EEF01C6BE3198D02C4
    C:\WINDOWS\System32\DRIVERS\bowser.sys 9CD2A4821DE379305CACB2E99AD8953A
    C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 722036C26D2C4E50EC2A2EC5FD678846
    C:\WINDOWS\System32\drivers\bthhfenum.sys C2E31BE025D46D189E38DD1EDF07837A
    C:\WINDOWS\System32\drivers\BthHFHid.sys F7CD605FC0B0B22F3F6F247595E3A655
    C:\WINDOWS\System32\drivers\bthmodem.sys 535DC41A33630AE4C262406F9E981C03
    C:\WINDOWS\System32\drivers\buttonconverter.sys 23F9EF739F685E07482116425E7879AA
    C:\WINDOWS\System32\drivers\capimg.sys 60EB6A4CE3E21887D302350631C16F26
    C:\WINDOWS\System32\DRIVERS\cdfs.sys F8FB51B9EF6372610E9B31A1D86B62FC
    C:\WINDOWS\System32\drivers\cdrom.sys 613D0137C269187FA298A157E3D14A18
    C:\WINDOWS\System32\drivers\cht4sx64.sys 0AED948DA8D5F08B3D6F12E4E2089736
    C:\WINDOWS\System32\drivers\cht4vx64.sys 0002A0FDE087C1657AB31CE73077539C
    C:\WINDOWS\System32\drivers\circlass.sys 6B4F90A287D75CCD78694F6790C911B2
    C:\WINDOWS\System32\drivers\CLFS.sys B72D26074E72A757D788FB1BEF8B2F2E
    C:\WINDOWS\System32\drivers\registry.sys EEC3A4A98AE1A337E3CD1483AD6F2E15
    C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys 075CCE75090786F124573A788C8656E6
    C:\WINDOWS\System32\drivers\CmBatt.sys 429623E266EF067A44E8CF148E9DFB9B
    C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys BC52C29F562125AE078B95A7C7158909
    C:\WINDOWS\System32\Drivers\cng.sys 90C07EB909C42316982E753BDAA7860D
    C:\WINDOWS\System32\DRIVERS\cnghwassist.sys 3DB10C59405931E2C72EFB82C1AF97D1
    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys 34C935AF2A414572B412B3556586D783
    C:\WINDOWS\System32\drivers\condrv.sys 44EEEB2382F566999287E13F2067693C
    C:\WINDOWS\System32\drivers\dam.sys 039B5A8CBD5C75D1C46DF15F7C74D136
    C:\WINDOWS\System32\drivers\dc1-controller.sys 8AE2B187551B9B4BBFF9D65E5BEBA598
    C:\WINDOWS\System32\Drivers\dfsc.sys 0D1D392ED2597F295956D058D33BD7C3
    C:\WINDOWS\System32\drivers\disk.sys 35B9D46560339A5A7F0CAC6ED702C817
    C:\WINDOWS\System32\drivers\dmvsc.sys 815F45161A4571C2C44491564F3D5968
    C:\WINDOWS\system32\DRIVERS\drmkaud.sys AE6BD4C879A8C849E53947C92DF3B3A0
    C:\WINDOWS\System32\drivers\drmkpro64.sys 6D08435F0560973EAD45D2522BD48584
    C:\WINDOWS\System32\drivers\dxgkrnl.sys 19F2B54EE8861D90579BD0E3AE5182F9
    C:\WINDOWS\System32\drivers\evbda.sys 7EC6FC0266D74BD47ABB130A328B70EC
    C:\WINDOWS\System32\drivers\EhStorClass.sys 8D74B8B5D6F7C5BC4C525BAF2B083FF1
    C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys 2A9817B5A9260D8F60D52E36BEF10443
    C:\WINDOWS\System32\drivers\errdev.sys 77B60DEC7DCB4233E4A69D3F52E5DB24
    C:\WINDOWS\etdrv.sys 84486624268E078255BC7AA47F0960BC
    C:\WINDOWS\system32\DRIVERS\evolve.sys A0539478593A00AA64E600CF7E19F195
    C:\Windows\System32\Drivers\exfat.sys FCD2C63754C2E739A8EEAD9BC63F9DDC
    C:\Windows\System32\Drivers\fastfat.sys FA918EC296EB410FF02867D008D02421
    C:\WINDOWS\System32\drivers\fdc.sys 99598ECA5E41996E005D5B9D9FF1EFA2
    C:\WINDOWS\System32\drivers\filecrypt.sys F44F666B0EACC3181544FFCF8CA0FFC7
    C:\WINDOWS\System32\drivers\fileinfo.sys 78A210DDFDF2C9EC884631D2DAA573F0
    C:\WINDOWS\System32\drivers\filetrace.sys 1A97DB5E701A186989F3795223C3BE39
    C:\WINDOWS\System32\drivers\flpydisk.sys 46626665F0E5906E45619B4EFD6186B8
    C:\WINDOWS\System32\drivers\fltmgr.sys FDA72ACA14D516D18C33AFCD0FD9260F
    C:\WINDOWS\System32\drivers\FsDepends.sys D152CCBFC8251670BF0AAFE00D6BC782
    C:\Windows\System32\Drivers\Fs_Rec.sys 6D6BB5C7363CD35FA715E826F3D029EE
    C:\WINDOWS\System32\DRIVERS\fvevol.sys 8EEC4925C03E375C4EC496E45C44139A
    C:\WINDOWS\gdrv.sys 7907E14F9BCF3A4689C9A74A1A873CB6
    C:\WINDOWS\System32\drivers\vmgencounter.sys EF78034773CE506323655A868C949144
    C:\WINDOWS\System32\drivers\genericusbfn.sys B55FEBC6A00DAA1FE074F020B6907516
    C:\WINDOWS\System32\Drivers\msgpioclx.sys DDD8A8CDDC7F13EF57D1DAAE71865936
    C:\WINDOWS\System32\drivers\gpuenergydrv.sys 7ACD8F69B5D6EC97E6D2C006E19BED88
    C:\WINDOWS\GVTDrv64.sys 8126331FBD4ED29EB3B356F9C905064D
    C:\WINDOWS\System32\drivers\Hamdrv.sys 7F79205B4EFA98F0767309479C8C01C6
    C:\WINDOWS\System32\drivers\HDAudBus.sys 10E3515FE5DBA6656FA62C29342EC4A1
    C:\WINDOWS\System32\drivers\HidBatt.sys B90D284B97CD4CA9DE7430AAAD887A56
    C:\WINDOWS\System32\drivers\hidbth.sys B2FE11643CC6ACDEE6C247DD36018FDB
    C:\WINDOWS\System32\drivers\hidi2c.sys D24355488A2D4D2323518EC1AC7A6D9E
    C:\WINDOWS\System32\drivers\hidinterrupt.sys 0AF9ABBA4F3F55C6C803890D64BC3C29
    C:\WINDOWS\System32\drivers\hidir.sys CDBCF8E9AB06D88A1E1191D32F320C5D
    C:\WINDOWS\System32\drivers\hidusb.sys D8536CB438CC4CCDAE047B768EED22B2
    C:\WINDOWS\System32\drivers\HpSAMD.sys F5CA18197B4646E04DB9EB2D6642CC4D
    C:\WINDOWS\System32\drivers\HTTP.sys A10C7C1E69FC90620C7BF2E51302A01F
    C:\WINDOWS\System32\drivers\hvservice.sys 74FC79C52395B10FFD0B55CF22CF88FC
    C:\WINDOWS\System32\drivers\hwpolicy.sys 771EDDA9830A3079F996F34D681FB6E5
    C:\WINDOWS\System32\drivers\hyperkbd.sys 3B9F315E7FA72CC25228EB097DD9C694
    C:\WINDOWS\System32\drivers\i8042prt.sys B54B30992620C97230013A74461C8517
    C:\WINDOWS\System32\drivers\iagpio.sys C6B8743B213F06AA60943D8366FE968F
    C:\WINDOWS\System32\drivers\iai2c.sys 9A2A2F3C69B9A30B6E78536F6D258BAD
    C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys 5A0E850F8CD17791A3E6A3CF81D0CA28
    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 7508F1096803385D6376BFD0BD473AC4
    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16A10CCEDCF5AC4CAAE43DC9FC40392F
    C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys EB82A11613326691508D9ED9A4FE29E7
    C:\WINDOWS\System32\drivers\iaStorAV.sys 97E553D03219D3D51705C7235D9EAEBD
    C:\WINDOWS\System32\drivers\iaStorV.sys 8350FE3BCDE3428BC040877BB7E9EAEB
    C:\WINDOWS\System32\drivers\ibbus.sys 3BA03F7C7700DDF4C383DDE9252F5817
    C:\WINDOWS\System32\drivers\IndirectKmd.sys 2A01C96DF5802D3434634E55C91232D8
    C:\WINDOWS\system32\drivers\RTKVHD64.sys 622868E4BAE8FBCD22CB1A5901A2C824
    C:\WINDOWS\System32\drivers\intelide.sys 9F7E87F6595D065A8A200A291043045E
    C:\WINDOWS\System32\drivers\intelpep.sys A6BD2E20AE1BC5CB2776C87C28E4F4CA
    C:\WINDOWS\System32\drivers\intelppm.sys 2A48DA39542636DB0FA3BA915385D1B3
    C:\WINDOWS\System32\drivers\iorate.sys DB32758F3A7F6CCE81A5430080A2EA65
    C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys FE85D0A86CA7A5A99CF8CD04DE7F80AE
    C:\WINDOWS\System32\drivers\IPMIDrv.sys 450DBDD716C7911F83E05F78EE18BFA2
    C:\WINDOWS\System32\drivers\ipnat.sys F1DAECC3B3D6399875D4F10529D6A77C
    C:\WINDOWS\system32\drivers\irda.sys 7475A2903BB704B446AA6309E34D3362
    C:\WINDOWS\System32\drivers\irenum.sys 9725E7F0C64CE9916A5CDABE8D6E13C3
    C:\WINDOWS\System32\drivers\isapnp.sys 58040898883A96160D41739C80328BBF
    C:\WINDOWS\System32\drivers\msiscsi.sys C9FD02D62E09337B67B0C61EC8CA38CC
    C:\WINDOWS\System32\drivers\kbdclass.sys 210808437570BDDEE71A43535E3A2D30
    C:\WINDOWS\System32\drivers\kbdhid.sys 0B779E9FC426CA2268D28181FA6C222F
    C:\WINDOWS\System32\drivers\kdnic.sys 813BA3EB2CE038F2A5382DDD75CAD60B
    C:\WINDOWS\System32\Drivers\ksecdd.sys 705C0F8BCCEF6E7CB704CCB454192D7E
    C:\WINDOWS\System32\Drivers\ksecpkg.sys 55AD13E2BAFC5AB53A10F8C271F5D242
    C:\WINDOWS\system32\drivers\ksthunk.sys 4ED115CD1A1099705F56B5E0FFF97CC6
    C:\WINDOWS\System32\drivers\lltdio.sys 5933A6673F00D8255C52957E40C2D601
    C:\WINDOWS\System32\drivers\lsi_sas.sys 8E1B0946948CCC0BC1FA3CB70374A795
    C:\WINDOWS\System32\drivers\lsi_sas2i.sys 4F68163FC04C973500DC4DA0946917B0
    C:\WINDOWS\System32\drivers\lsi_sas3i.sys E5AC5F2815938651CDCC27F425474673
    C:\WINDOWS\System32\drivers\lsi_sss.sys CCF6EC9FB9B8F18E05B4253E81013E48
    C:\WINDOWS\system32\drivers\luafv.sys C9579D32219E5B936AC3A48D470117EC
    C:\WINDOWS\system32\DRIVERS\lvrs64.sys A0A527569856B9814E8920F52EBB67F5
    C:\WINDOWS\system32\DRIVERS\lvuvc64.sys 415E344294D1C0D04627B29146F68481
    C:\WINDOWS\System32\drivers\megasas.sys C3CDCCF07486BD2616A7B82946E07AC0
    C:\WINDOWS\System32\drivers\MegaSas2i.sys 2CF0CB2A0ED68C5455371E84C16F9627
    C:\WINDOWS\System32\drivers\megasr.sys FADB2FE017E69EECE0E1BA78661C2E8C
    C:\WINDOWS\System32\drivers\mlx4_bus.sys FD60818B66B2E8A5415EA840E99A9D8F
    C:\WINDOWS\system32\drivers\mmcss.sys 68F6977F1CFBAAC770D940A8C0326FA1
    C:\WINDOWS\System32\drivers\modem.sys 0D50B3F3AB32D416786B58D4553859CE
    C:\WINDOWS\System32\drivers\monitor.sys 9CCCB7FC3EDADEBA461D78615A6011A6
    C:\WINDOWS\System32\drivers\mouclass.sys 27A07B2FB2E3057DA8DAEA4F25D843C7
    C:\WINDOWS\System32\drivers\mouhid.sys 7BD6E7F7C9001AB21B8362CFFEE80B25
    C:\WINDOWS\System32\drivers\mountmgr.sys F5BDAEE4B7D369D4C74668DCFBA3FF10
    C:\WINDOWS\System32\drivers\mpsdrv.sys 30844BD376F9D01E62C820BEF446F1F8
    C:\WINDOWS\system32\drivers\mrxdav.sys 25D32BE04FE0A23FDF57FD5382757672
    C:\WINDOWS\System32\DRIVERS\mrxsmb.sys E671EDAB0726E05ECEF4058B4CD73C4D
    C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys D4D12BC29DE0F09280868FDCA65B3474
    C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys 93A77008A8932FC84A173C4E97E52874
    C:\WINDOWS\System32\drivers\bridge.sys 74C9D21523DAE0C18F413C196DF0058A
    C:\Windows\System32\Drivers\Msfs.sys F01B849D9D4A8CEAF32D4FDBD0B83C92
    C:\WINDOWS\System32\drivers\msgpiowin32.sys 22ECD8F5D1DFADF2011BBB1700CB871D
    C:\WINDOWS\System32\drivers\mshidkmdf.sys FD870F6968A145E4D2BA8A8842686B03
    C:\WINDOWS\System32\drivers\mshidumdf.sys 30364757963A028CE5DF0FBAAC270173
    C:\WINDOWS\System32\drivers\msisadrv.sys 6BB0FEDDAE7135FA37FFAFF4D9E0E876
    C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys 13D614E6B51ECF36746C48CE829FA7F6
    C:\WINDOWS\System32\drivers\mslldp.sys 642CDE46351D5D2D90311E77072AB46D
    C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys F2302A5CE63CA7673200FAFCEEEDB6AF
    C:\WINDOWS\system32\DRIVERS\MSPQM.sys 6114512EA26E835BA522C63635429DB5
    C:\Windows\System32\Drivers\MsRPC.sys AA538E16E644D00E3BA5349BBA9598EC
    C:\WINDOWS\System32\drivers\mssmbios.sys 0543BEFD41EC4D25C7F7CF36409CEC7D
    C:\WINDOWS\system32\DRIVERS\MSTEE.sys C1569E4DB8EFE3617847BF041A3C842F
    C:\WINDOWS\System32\drivers\MTConfig.sys 130B16970154BA9876B09E5C4BAC63BE
    C:\WINDOWS\System32\Drivers\mup.sys 15D987C8F6CCD4AC94E070C5986762CB
    C:\WINDOWS\System32\drivers\mvumis.sys 3D2C5B4995CA0751D32DEA0DE9FDFE44
    C:\WINDOWS\System32\DRIVERS\nwifi.sys DB31EBB04C871F422C36A0962DA7D38B
    C:\WINDOWS\System32\drivers\ndfltr.sys 629CB21AC49C8867E0F29DF1C16DB7B4
    C:\WINDOWS\System32\drivers\ndis.sys D5564FC81350458ED570528C4E3B1CCF
    C:\WINDOWS\System32\drivers\ndiscap.sys 6DD605338FAAF6BA17662AA874E0D162
    C:\WINDOWS\System32\drivers\NdisImPlatform.sys E34196F285F8B8879E1FF36C31F7179E
    C:\WINDOWS\System32\DRIVERS\ndistapi.sys 1FAD2398673F30CEC616B89C46B7DCBA
    C:\WINDOWS\System32\drivers\ndisuio.sys AEB8ECBE66CC46854066CB1F5623E179
    C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 7340104C2BF2F126714F7CDE85E63610
    C:\WINDOWS\System32\drivers\ndiswan.sys 07ADC1F8DCBEB8104D75129B11584B8C
    C:\WINDOWS\System32\DRIVERS\ndiswan.sys 07ADC1F8DCBEB8104D75129B11584B8C
    C:\WINDOWS\System32\DRIVERS\NDProxy.sys 78A12E3DF035B5D054986949B19BE43C
    C:\WINDOWS\System32\drivers\Ndu.sys 04C8859355C1DC9C0FA198D1894D71C2
    C:\WINDOWS\System32\drivers\NetAdapterCx.sys 6C76780A01FC2B885BD6E957B5C36B02
    C:\WINDOWS\System32\drivers\netbios.sys 5D1513BD6430307C9DB86C6E351372ED
    C:\WINDOWS\System32\DRIVERS\netbt.sys 6FEBB0A847FFD5F057B9AC8889F1B9A7
    C:\Windows\System32\Drivers\Npfs.sys 001CBD7A2CD45C4EB39C01C3C677EF73
    C:\WINDOWS\System32\drivers\npsvctrig.sys 90F5DC9802AAA00CD0B6E2AD9E7FFADC
    C:\WINDOWS\System32\drivers\nsiproxy.sys 0C6218321A09A7B51BA7FFAFBA4CCB21
    C:\Windows\System32\Drivers\NTFS.sys DB69C6DA8B3DDFDC547D455CA23A8250
    C:\Windows\System32\Drivers\Null.sys 6E6DD6F9DD2A034CF85E94047DBDB992
    C:\WINDOWS\system32\drivers\nvhda64v.sys 302A57479E9A2A95CE723521A7ED1BD0
    C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys E0854DA823FBC14F750BFD46E690F60F
    C:\WINDOWS\System32\drivers\nvraid.sys D261DF41F0840F734856A2B4F5E072C7
    C:\WINDOWS\System32\drivers\nvstor.sys 23B702B555EB0436B9DAA0BC63DA65CE
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys DEF76B479C3525952D0BD71E881E07B0
    C:\WINDOWS\system32\drivers\nvvad64v.sys F37FE6B15A987AEEC08EEF531F2FAED7
    C:\WINDOWS\System32\drivers\parport.sys 6B81BF7853D161DB8AC62CD8B9C2DE6B
    C:\WINDOWS\System32\drivers\partmgr.sys CDBD029BAEC8D09F6FBD404632D9AF28
    C:\WINDOWS\System32\drivers\pci.sys 29AF16726F4DD84376ECA85AB6AFF2C6
    C:\WINDOWS\System32\drivers\pciide.sys 214DCC87E3898F738075D1341252A552
    C:\WINDOWS\System32\drivers\pcmcia.sys AED76A3333B3A31536E430020E0226FC
    C:\WINDOWS\System32\drivers\pcw.sys E63FB38B6E75B39467492FBAD2CD512A
    C:\WINDOWS\System32\drivers\pdc.sys 9EA203A07EFA6D74F07F32EF0DAB5CA6
    C:\WINDOWS\System32\drivers\peauth.sys 1509A77F840AA9E72CF8247D0CF2FBDE
    C:\WINDOWS\System32\drivers\percsas2i.sys 540116170E2135FCD5DDE77702166B67
    C:\WINDOWS\System32\drivers\percsas3i.sys 8356F87553BF49C703CF382033815898
    C:\WINDOWS\System32\drivers\raspptp.sys 5645B9D9788CCA2C88B9534996ED2D6D
    C:\WINDOWS\System32\drivers\processr.sys 372913E12677A8CBBBABDD8311894F9D
    C:\WINDOWS\System32\drivers\pacer.sys FC98407B85A31161851FDE245517574F
    C:\WINDOWS\System32\Drivers\PxHlpa64.sys BC08F7F3C53CBEE68670ED1314E290FD
    C:\WINDOWS\system32\drivers\qwavedrv.sys 819602BBBFDB0BD46DEA3715BF0DD452
    C:\WINDOWS\System32\DRIVERS\rasacd.sys CDF47037A0939F56D11F699629C276AD
    C:\WINDOWS\System32\drivers\AgileVpn.sys 28C2EA278070EE12701D0EDF8CB0EC36
    C:\WINDOWS\System32\drivers\rasl2tp.sys 17E565710172ED71B8531D8822E1C5D1
    C:\WINDOWS\System32\DRIVERS\raspppoe.sys 9387DF155233D45D4E010F4F2FB52A57
    C:\WINDOWS\System32\drivers\rassstp.sys F0F4EEDEEBEE7A4244FAFB96A16B5712
    C:\WINDOWS\System32\DRIVERS\rdbss.sys AF6963414B820B7C45578ED3300438A7
    C:\WINDOWS\System32\drivers\rdpbus.sys 79A415E6FA915EFC00297DAB16EC2635
    C:\WINDOWS\System32\drivers\rdpdr.sys 7135785C21CA79D270D11037C43D3F19
    C:\WINDOWS\System32\drivers\rdpvideominiport.sys 97A61A3CB2B5CB4FC32B3224EF333448
    C:\WINDOWS\System32\drivers\rdyboost.sys 69BB204AE07EE84ECFAB1BF13C4BD04B
    C:\Windows\System32\Drivers\ReFSv1.sys 940D6F5A2B0A61EE4170DF84F6C95C20
    C:\WINDOWS\System32\drivers\rspndr.sys 5FF28F097C9699097B473F8FC7C1AA7D
    C:\WINDOWS\System32\drivers\rt640x64.sys F9265C902BB9146C6BFF97BDF35C04DE
    C:\WINDOWS\system32\drivers\rzpmgrk.sys 0C90E6CEA576095888E779E5BD9DD060
    C:\WINDOWS\system32\drivers\rzpnk.sys 288471F132C7249F598032D03575F083
    C:\WINDOWS\System32\drivers\vms3cap.sys B5DAEE69BACA64D2BB004568E22D8756
    C:\WINDOWS\System32\drivers\sbp2port.sys 5E73FB63E2DBC75FE0C17DEB0010CE0E
    C:\WINDOWS\System32\DRIVERS\scfilter.sys 3D9A82B03C92D1FEC42CB171D6F57778
    C:\WINDOWS\System32\drivers\scmbus.sys 9055ADDFBA4C8B914C914CE693B55C0A
    C:\WINDOWS\System32\drivers\scmdisk0101.sys B6F2363584E62960846F7C3F00124A4F
    C:\WINDOWS\System32\drivers\sdbus.sys 7C3D10BEC8B0DBA00A78C78EB10B3AE2
    C:\WINDOWS\System32\drivers\sdstor.sys 120DFCB71D6C502613A9E2D50E16850C
    C:\WINDOWS\System32\drivers\WUDFRd.sys CEFAB17FD7DFCFA515626C306262E89D
    C:\WINDOWS\System32\drivers\SerCx.sys 401D706DDC0A7AF18C3DD228ADF74551
    C:\WINDOWS\System32\drivers\SerCx2.sys 7084D11083F0CDCA8B5C76F9846ABF5D
    C:\WINDOWS\System32\drivers\serenum.sys 3FF478A8ED32A83C36581425F6282B6C
    C:\WINDOWS\System32\drivers\serial.sys 92509187AA171A80521528B36F753E1D
    C:\WINDOWS\System32\drivers\sermouse.sys 433D38FF6D08B993847EA2A10EB8CB52
    C:\WINDOWS\System32\drivers\sfloppy.sys 697D3EE0740AEAB62B66ABCA1C83D13B
    C:\WINDOWS\System32\drivers\SiSRaid2.sys A34CE1830E45DA98932295FDE4B7908A
    C:\WINDOWS\System32\drivers\sisraid4.sys A7B5C670770E908DA5FEF5BF1136E933
    C:\WINDOWS\System32\drivers\spaceport.sys C994DF90427103CCB80F893FFD2B1CE8
    C:\WINDOWS\System32\drivers\SpbCx.sys E03264C4C25B568F92ED1656AD541E64
    C:\WINDOWS\System32\DRIVERS\srv.sys E83830BB74AE8CBECEA0ECD94DE436F9
    C:\WINDOWS\System32\DRIVERS\srv2.sys 55CA5329D1ADEB8F8034045930147AE4
    C:\WINDOWS\System32\DRIVERS\srvnet.sys F13EE0DB1FB1D6946AC3228D7EFCFC8F
    C:\WINDOWS\System32\drivers\stexstor.sys 29D26E1347AE1BBD4201014E19880B2C
    C:\WINDOWS\System32\drivers\storahci.sys 53EB8CE34B55A1EE63424C8DB7388BFC
    C:\WINDOWS\System32\drivers\vmstorfl.sys C5E0ACE4771F5575D9D5B457ABF3AD03
    C:\WINDOWS\System32\drivers\stornvme.sys B66D8C75C9BC59D637177AB3B1C569A6
    C:\WINDOWS\System32\drivers\storqosflt.sys BEBF85EB4D90E6996047DA027D0ED26E
    C:\WINDOWS\System32\drivers\storufs.sys 8E73037A6F8938475692FFCC26EBF385
    C:\WINDOWS\System32\drivers\storvsc.sys 9D9DED47DA10E845EFF2DD57C94C809B
    C:\WINDOWS\System32\drivers\swenum.sys 505E0C40B5D0ADDCBB414640F59BD2E0
    C:\WINDOWS\System32\drivers\Synth3dVsc.sys 32F46FB0F290D16DAA452B289C985795
    C:\WINDOWS\System32\drivers\tcpip.sys 4F25E481124059CC593B4C68BC485640
    C:\WINDOWS\System32\drivers\tcpip.sys 4F25E481124059CC593B4C68BC485640
    C:\WINDOWS\System32\drivers\tcpipreg.sys 8DBB1BE20C36E6D19BCC89EEA00B953C
    C:\WINDOWS\system32\DRIVERS\tdx.sys 9D2DD64A0B51C56285512DC9454340F6
    C:\WINDOWS\System32\drivers\terminpt.sys 06130AFFECEB94525FC2352936576B70
    C:\WINDOWS\System32\drivers\tpm.sys 46171262D0E806779DEEDFCAB2F830CC
    C:\WINDOWS\System32\drivers\TsUsbFlt.sys A6F4025664C9D4BC2A9EDAB4092706D7
    C:\WINDOWS\System32\drivers\TsUsbGD.sys 37A96AD493E110C0BF1EE0AC0F9E7DBD
    C:\WINDOWS\System32\drivers\uaspstor.sys AA65954F512BA097DD190790876DD991
    C:\WINDOWS\System32\Drivers\UcmCx.sys AB6268022C3A5B529075A39C33904DA6
    C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys 7ED2EDA43D21C7A5F589A7960E265C52
    C:\WINDOWS\System32\drivers\UcmUcsi.sys 169351463039B45F5CDED9768879F712
    C:\WINDOWS\System32\drivers\ucx01000.sys 08A9E3AD29B215484FBB68CDC175DF3A
    C:\WINDOWS\System32\drivers\udecx.sys DA70AEE267491AA56BC63AA0C0C96CA2
    C:\WINDOWS\System32\DRIVERS\udfs.sys FBC5ECF6D5A868D0B116C2DBB02B8168
    C:\WINDOWS\System32\drivers\UEFI.sys B918E40FAA9CD118CCA4AD388B748C98
    C:\WINDOWS\System32\drivers\ufx01000.sys 0FD75222C1AD2687AB365BEBEA400DD4
    C:\WINDOWS\System32\drivers\UfxChipidea.sys C1A78C53E01C641AE41BFA65797819F5
    C:\WINDOWS\System32\drivers\ufxsynopsys.sys 767307212110EBEFB93EC9A5BE9E85B9
    C:\WINDOWS\System32\drivers\umbus.sys DC460AAA18CA2342FBBFB2DF9B044472
    C:\WINDOWS\System32\drivers\umpass.sys C3CF0377917ECE6D65D7623E1E61568F
    C:\WINDOWS\System32\drivers\urschipidea.sys 6B46FC140C9AF68E6E7697D66D59CB4D
    C:\WINDOWS\System32\drivers\urscx01000.sys B4402E7F0923F660270442CE76877ABE
    C:\WINDOWS\System32\drivers\urssynopsys.sys 9DD431F1B94789CFB527E5D19261F124
    C:\WINDOWS\System32\Drivers\usbaapl64.sys F957092C63CD71D85903CA0D8370F473
    C:\WINDOWS\system32\drivers\usbaudio.sys 93F169DE94DBAC5DAF4755AFF10193DD
    C:\WINDOWS\System32\drivers\usbccgp.sys C87E32B90F085970D9637FBAD45EF6FE
    C:\WINDOWS\System32\drivers\usbcir.sys 0B663856474AC41924D9E9112203858F
    C:\WINDOWS\System32\drivers\usbehci.sys F83D2250256203AC5DA5E8601C1AFDD7
    C:\WINDOWS\System32\drivers\usbhub.sys 7FFD26742321919590ED77FCA556D65F
    C:\WINDOWS\System32\drivers\UsbHub3.sys 7A749B2863B5561BE34B39E8E249AD8F
    C:\WINDOWS\System32\drivers\usbohci.sys D2109F1F4FEBF1DAC415CDC5DE876479
    C:\WINDOWS\System32\drivers\usbprint.sys 29C9572F2D061CFC3C0BD48A3163E343
    C:\WINDOWS\System32\drivers\usbser.sys 429477D6DEF3321FF7D3EF23CAAADA00
    C:\WINDOWS\System32\drivers\USBSTOR.SYS 0CC16F7B91C57AE9A4E44425A295FDAA
    C:\WINDOWS\System32\drivers\usbuhci.sys C917D09064CDBD18F75ADC9B2C48F847
    C:\WINDOWS\System32\drivers\USBXHCI.SYS 95BCCEFBC40D06484CF16144FE79B8A5
    C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys D7FCD8FBBF6CC93140D9C7C7959ED60C
    C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys 6B22F16BE58AEF1A57970611D7109507
    C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys 812C2E4EC41CFCACE761620E17463529
    C:\WINDOWS\System32\drivers\vdrvroot.sys 0CBDE344FB48E42D78E29469F202ADBC
    C:\WINDOWS\System32\drivers\VerifierExt.sys 723195568C8755CAD57F7933C5F2C5C2
    C:\WINDOWS\System32\drivers\vhdmp.sys 3BB8D153A9A514EC9FFCB586251A1925
    C:\WINDOWS\System32\drivers\vhf.sys 7929228F0E8B0C2FA0495A17A4FC27F6
    C:\WINDOWS\System32\drivers\vmbus.sys AEE432ED868831B1F068E373598F6D93
    C:\WINDOWS\System32\drivers\VMBusHID.sys 9444B23FC694B5F90F21B0FC7F10D8DD
    C:\WINDOWS\System32\drivers\vmgid.sys 4D0287F566B36536DD812A54C015FC4A
    C:\WINDOWS\System32\drivers\volmgr.sys 29075915F9BDC3437F8BED71C067D399
    C:\WINDOWS\System32\drivers\volmgrx.sys 6BDB6CE6D2D9E3D3F28F1C97E12B62E2
    C:\WINDOWS\System32\drivers\volsnap.sys BF2546583BB75F01DDA60A7921DFB230
    C:\WINDOWS\System32\drivers\volume.sys AC2E20A74D09D24485BE8396CE04F07B
    C:\WINDOWS\System32\drivers\vpci.sys 92F6E3E6D3F1795263EB34B37F74AEF7
    C:\WINDOWS\System32\drivers\vsmraid.sys FD9BCB8920973CEAD4D49DC7A6D8A618
    C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys F972436B5ED08069A1E7D623B77C226A
    C:\WINDOWS\System32\drivers\vstxraid.sys 0C111F220798CCE80484026E06822379
    C:\WINDOWS\System32\drivers\vwifibus.sys 607639716E9DB1CEF4E18B5B229293B4
    C:\WINDOWS\System32\drivers\vwififlt.sys B1ED64E628763148BF84FBE23F2AD711
    C:\WINDOWS\System32\drivers\wacompen.sys 55D00B785A7587F4263D125817871283
    C:\WINDOWS\System32\DRIVERS\wanarp.sys CEF3D306C09BEC1A800E9B4A06F859F6
    C:\WINDOWS\System32\DRIVERS\wanarp.sys CEF3D306C09BEC1A800E9B4A06F859F6
    C:\WINDOWS\system32\drivers\wcifs.sys E330144B97D493AA886000DCAAA8DAF5
    C:\WINDOWS\system32\drivers\wcnfs.sys AEA1093B751339267D8C8C1EF3D669CF
    C:\WINDOWS\System32\drivers\WdBoot.sys D520B1B849B6D4D707AB31722B952C2D
    C:\WINDOWS\System32\drivers\Wdf01000.sys 5030C76047D756263093A47B82970868
    C:\WINDOWS\System32\drivers\WdFilter.sys 29FF9199EDEB4F5470BB134D1A2563D2
    C:\WINDOWS\System32\DRIVERS\wdiwifi.sys 8CB606A3057355FD5A9DBDD1A0AC94EF
    C:\WINDOWS\System32\Drivers\WdNisDrv.sys 17CF416CFF408190F5A4CBD79AB12E55
    C:\WINDOWS\System32\drivers\wfplwfs.sys E1785942AC51FEE6826CDF02075C5AA9
    C:\WINDOWS\System32\drivers\wimmount.sys 0CF79A0EACFFBB75A50A469A27696D02
    C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys 0DE131733317EB4BE67028366B0CAAC6
    C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys 92EB5D38BDF10C790450F3E46BF93A0E
    C:\WINDOWS\System32\drivers\winmad.sys F95DE20312ACCA7761446DE152BD1F7C
    C:\WINDOWS\System32\drivers\WinUSB.SYS 4EFB346BFDAEEB29316AA52BBB9852B1
    C:\WINDOWS\System32\drivers\winverbs.sys 8B9AFF5F08E66A6F1F1063DEC9457FB6
    C:\WINDOWS\System32\drivers\wmiacpi.sys 6F4F4F5A007D1710BD76FB311DA97C07
    C:\Windows\System32\Drivers\Wof.sys 43C8D087B31C592163B33A4BDA540E40
    C:\WINDOWS\System32\drivers\WpdUpFltr.sys 75A9284F01FE7CB1A7D5EAE5C1EB4F33
    C:\WINDOWS\system32\drivers\ws2ifsl.sys 36D7B73ADC3E10607ED6EC874AFB5D1E
    C:\WINDOWS\System32\drivers\WudfPf.sys AED7FE551E8672B824A56324076183EB
    C:\WINDOWS\System32\drivers\WudfRd.sys CEFAB17FD7DFCFA515626C306262E89D
    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys CEFAB17FD7DFCFA515626C306262E89D
    C:\WINDOWS\System32\drivers\xboxgip.sys 9627BBAA50878F6833A6A7843EE3B1D9
    C:\WINDOWS\System32\drivers\xinputhid.sys 63088A3361D9A308F328F11E9099DD87
    C:\WINDOWS\system32\drivers\xspltspk.sys 377F3E3467A8BFA3CDC921AD6425D513
    C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys DCF1C283860C3CAB0BF0A71528A0136C
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== Three Months Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2017-02-22 16:22 - 2017-02-22 16:24 - 00054873 _____ C:\Users\Eskew\Downloads\FRST.txt
    2017-02-22 16:21 - 2017-02-22 16:22 - 00000000 ____D C:\FRST
    2017-02-22 16:20 - 2017-02-22 16:21 - 02423296 _____ (Farbar) C:\Users\Eskew\Downloads\FRST64.exe
    2017-02-22 16:20 - 2017-02-22 16:20 - 01663040 _____ (Malwarebytes) C:\Users\Eskew\Downloads\JRT.exe
    2017-02-22 14:53 - 2017-02-22 14:53 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Eskew\Downloads\rkill64.com
    2017-02-22 14:49 - 2017-02-22 14:49 - 01663040 _____ (Malwarebytes) C:\Users\Eskew\Downloads\4.exe
    2017-02-22 14:48 - 2017-02-22 14:49 - 05659775 _____ (Swearware) C:\Users\Eskew\Downloads\5.exe
    2017-02-22 14:09 - 2017-02-22 14:43 - 00000000 ____D C:\AdwCleaner
    2017-02-22 14:09 - 2017-02-22 14:09 - 04015056 _____ C:\Users\Eskew\Downloads\AdwCleaner.exe
    2017-02-22 14:07 - 2017-02-22 14:07 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Eskew\Downloads\rkill.com
    2017-02-22 14:01 - 2017-02-22 14:01 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Eskew\Downloads\spybot-2.4-1.exe
    2017-02-21 15:34 - 2017-02-21 15:34 - 55566792 _____ (Malwarebytes ) C:\Users\Eskew\Downloads\mb3-setup-consumer-3.0.6.1469 (1).exe
    2017-02-21 15:34 - 2017-02-21 15:34 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-02-21 15:34 - 2017-02-21 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-02-21 15:34 - 2017-02-21 15:34 - 00000000 ____D C:\ProgramData\Malwarebytes
    2017-02-21 15:34 - 2017-02-21 15:34 - 00000000 ____D C:\Program Files\Malwarebytes
    2017-02-21 15:34 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
    2017-02-21 15:18 - 2017-02-21 15:18 - 00000000 ____D C:\WINDOWS\Panther
    2017-02-21 12:49 - 2017-02-21 12:49 - 00003232 _____ C:\WINDOWS\System32\Tasks\{85C1A459-4CC3-41EF-8702-6EAA011491A5}
    2017-02-21 12:29 - 2017-02-21 12:31 - 00000000 ____D C:\Program Files (x86)\svcvmx
    2017-02-21 12:29 - 2017-02-21 12:29 - 00000000 ____D C:\Program Files (x86)\winscr
    2017-02-21 11:58 - 2017-02-21 12:56 - 00000000 ____D C:\ProgramData\SecTaskMan
    2017-02-21 11:58 - 2017-02-21 11:58 - 02967592 _____ C:\Users\Eskew\Downloads\SecurityTaskManager_Setup.exe
    2017-02-21 11:58 - 2017-02-21 11:58 - 00001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
    2017-02-21 11:58 - 2017-02-21 11:58 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
    2017-02-21 11:58 - 2017-02-21 11:58 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
    2017-02-21 11:50 - 2017-02-21 11:50 - 00000000 ____D C:\ProgramData\LHService
    2017-02-21 11:49 - 2017-02-21 11:49 - 00000000 ____D C:\ProgramData\LockHunter
    2017-02-21 11:47 - 2017-02-21 12:47 - 00000000 ____D C:\Program Files\LockHunter
    2017-02-21 11:47 - 2017-02-21 11:47 - 03029032 _____ (Crystal Rich Ltd ) C:\Users\Eskew\Downloads\lockhuntersetup_3-1-1.exe
    2017-02-21 11:47 - 2017-02-21 11:47 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\LockHunter
    2017-02-21 11:37 - 2017-02-21 11:37 - 04615856 _____ (Enigma Software Group USA, LLC.) C:\Users\Eskew\Downloads\SpyHunter-Installer.exe
    2017-02-21 11:29 - 2017-02-21 11:29 - 00346112 _____ C:\Users\Eskew\Downloads\Unlocker 1.9.2.msi
    2017-02-21 11:12 - 2017-02-21 15:02 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
    2017-02-21 11:11 - 2017-02-21 11:11 - 00000000 ____D C:\WINDOWS\pss
    2017-02-21 10:38 - 2017-02-21 10:39 - 55566792 _____ (Malwarebytes ) C:\Users\Eskew\Downloads\mb3-setup-consumer-3.0.6.1469.exe
    2017-02-21 10:35 - 2017-02-21 10:35 - 01920725 _____ C:\Users\Eskew\Downloads\ProcessExplorer.zip
    2017-02-21 10:26 - 2017-02-21 11:43 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
    2017-02-21 10:25 - 2017-02-21 10:25 - 03449304 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Eskew\Downloads\AVG_Protection_Free_1606.exe
    2017-02-21 10:24 - 2017-02-21 10:25 - 09261616 _____ (Piriform Ltd) C:\Users\Eskew\Downloads\ccsetup527.exe
    2017-02-20 14:55 - 2017-02-20 14:55 - 00053832 _____ C:\WINDOWS\system32\Drivers\drmkpro64.sys
    2017-02-20 14:40 - 2017-02-21 10:25 - 00000000 ____D C:\Users\Eskew\AppData\Local\cpx
    2017-02-20 13:40 - 2017-02-21 07:22 - 00000000 ____D C:\Users\Eskew\AppData\Local\llssoft
    2017-02-20 12:34 - 2017-02-20 12:36 - 00000358 _____ C:\WINDOWS\Tasks\Online Application v209.job
    2017-02-20 12:34 - 2017-02-20 12:36 - 00000358 _____ C:\WINDOWS\Tasks\Online Application v209 Guardian.job
    2017-02-20 12:34 - 2017-02-20 12:36 - 00000358 _____ C:\WINDOWS\Tasks\Online Application v209 Guard.job
    2017-02-20 12:34 - 2017-02-20 12:34 - 00006549 _____ C:\WINDOWS\TEMPcoral.vbs
    2017-02-20 12:34 - 2017-02-20 12:34 - 00003264 _____ C:\WINDOWS\System32\Tasks\Online Application v209 Guardian
    2017-02-20 12:34 - 2017-02-20 12:34 - 00003258 _____ C:\WINDOWS\System32\Tasks\Online Application v209 Guard
    2017-02-20 12:34 - 2017-02-20 12:34 - 00003246 _____ C:\WINDOWS\System32\Tasks\Online Application v209
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\c
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\ProgramData\1487612071
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\Program Files (x86)\qdcomsvc
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\Program Files (x86)\dataup
    2017-02-18 17:14 - 2017-02-18 17:14 - 00004627 _____ C:\Users\Eskew\Downloads\download.jpeg
    2017-02-17 11:58 - 2017-02-17 11:58 - 00921656 _____ C:\Users\Eskew\Downloads\PSOGL2_003.bmp
    2017-02-16 19:28 - 2017-02-16 19:28 - 20359768 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
    2017-02-16 15:29 - 2017-02-16 15:30 - 00000000 ____D C:\Users\Eskew\Desktop\New folder (4)
    2017-02-16 15:29 - 2017-02-16 15:29 - 00902799 _____ C:\Users\Eskew\Downloads\ePSXe1925.zip
    2017-02-16 15:27 - 2017-02-16 15:28 - 04198111 _____ C:\Users\Eskew\Downloads\ePSXe PACK.7z
    2017-02-16 15:18 - 2017-02-16 15:18 - 01381554 _____ C:\Users\Eskew\Downloads\ePSXe205 (1).zip
    2017-02-16 15:13 - 2017-02-16 15:13 - 00081186 _____ C:\Users\Eskew\Downloads\zlib123-dll.zip
    2017-02-16 15:11 - 2017-02-16 15:11 - 00034093 _____ C:\Users\Eskew\Downloads\spupeopsdsound109.zip
    2017-02-16 15:10 - 2017-02-16 15:10 - 00173093 _____ C:\Users\Eskew\Downloads\gpupeteogl208.zip
    2017-02-16 15:10 - 2017-02-16 15:10 - 00060490 _____ C:\Users\Eskew\Downloads\cdrpeops104.zip
    2017-02-16 15:07 - 2017-02-16 15:07 - 00241658 _____ C:\Users\Eskew\Downloads\SCPH1001 (1).zip
    2017-02-16 15:06 - 2017-02-16 15:06 - 00529265 _____ C:\Users\Eskew\Downloads\epsxe170.zip
    2017-02-16 15:01 - 2017-02-16 15:01 - 08142173 _____ C:\Users\Eskew\Downloads\ePSXe 1.7.0(Best One Yet)-776.rar
    2017-02-16 14:56 - 2017-02-16 14:56 - 00169473 _____ C:\Users\Eskew\Downloads\Pcsx-1.5-218.zip
    2017-02-16 14:47 - 2017-02-16 14:47 - 154415677 _____ C:\Users\Eskew\Downloads\Digimon World (E) [SLES-02914].7z
    2017-02-16 14:39 - 2017-02-16 14:40 - 00241658 _____ C:\Users\Eskew\Downloads\SCPH1001.zip
    2017-02-16 14:36 - 2017-02-16 14:36 - 01381554 _____ C:\Users\Eskew\Downloads\ePSXe205.zip
    2017-02-08 17:23 - 2017-02-08 17:23 - 00000000 ____D C:\Program Files (x86)\VulkanRT
    2017-02-08 17:23 - 2016-12-29 07:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
    2017-02-08 17:23 - 2016-09-09 13:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
    2017-02-08 17:23 - 2016-09-09 13:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
    2017-02-08 17:23 - 2016-09-09 13:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
    2017-02-08 17:23 - 2016-09-09 13:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
    2017-02-08 17:22 - 2016-12-29 08:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
    2017-01-31 19:37 - 2017-01-31 19:37 - 01431746 _____ C:\Users\Eskew\Downloads\SMAPI-1.7 (1).zip
    2017-01-31 19:36 - 2017-01-31 19:36 - 00165868 _____ C:\Users\Eskew\Downloads\1.11-MakeshiftMultiplyer-0.2.10.zip-501-0-2-10.zip
    2017-01-31 19:30 - 2017-01-31 19:30 - 00000000 ____D C:\Users\Eskew\Desktop\New folder (3)
    2017-01-31 19:29 - 2017-01-31 19:29 - 01431746 _____ C:\Users\Eskew\Downloads\SMAPI-1.7.zip
    2017-01-29 08:02 - 2017-01-29 08:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
    2017-01-26 09:44 - 2017-01-26 09:44 - 00262144 ____N C:\WINDOWS\Minidump\012617-34921-01.dmp
    2017-01-26 09:44 - 2017-01-26 09:44 - 00000000 ____D C:\WINDOWS\Minidump
    2017-01-25 16:25 - 2016-12-21 02:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
    2017-01-25 16:25 - 2016-12-20 23:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
    2017-01-25 01:29 - 2017-01-25 01:29 - 09405464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 02463256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00768024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00476696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00420376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
    2017-01-25 01:29 - 2017-01-25 01:29 - 00266256 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00158336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00121368 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00118800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00100888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00077848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00038416 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00488496 _____ C:\WINDOWS\system32\amdmiracast.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00166408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00162216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00130224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
    2017-01-23 14:22 - 2017-01-23 14:22 - 00000000 ____D C:\Users\Eskew\AppData\LocalLow\Pixel Federation
    2017-01-19 15:12 - 2017-01-19 15:12 - 00000000 ____D C:\Users\Eskew\AppData\Local\CrashReportClient
    2017-01-10 16:51 - 2016-12-21 03:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
    2017-01-10 16:51 - 2016-12-21 03:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
    2017-01-10 16:51 - 2016-12-21 02:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2017-01-10 16:51 - 2016-12-21 02:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2017-01-10 16:51 - 2016-12-21 02:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2017-01-10 16:51 - 2016-12-21 02:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
    2017-01-10 16:51 - 2016-12-21 02:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2017-01-10 16:51 - 2016-12-21 02:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2017-01-10 16:51 - 2016-12-21 02:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2017-01-10 16:51 - 2016-12-21 02:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2017-01-10 16:51 - 2016-12-21 02:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2017-01-10 16:51 - 2016-12-21 02:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
    2017-01-10 16:51 - 2016-12-21 02:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2017-01-10 16:51 - 2016-12-21 01:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2017-01-10 16:51 - 2016-12-21 01:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2017-01-10 16:51 - 2016-12-21 01:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
    2017-01-10 16:51 - 2016-12-21 01:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2017-01-10 16:51 - 2016-12-21 01:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
    2017-01-10 16:51 - 2016-12-21 01:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2017-01-10 16:51 - 2016-12-21 01:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
    2017-01-10 16:51 - 2016-12-21 01:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2017-01-10 16:51 - 2016-12-21 00:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
    2017-01-10 16:51 - 2016-12-21 00:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
    2017-01-10 16:51 - 2016-12-21 00:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2017-01-10 16:51 - 2016-12-20 23:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
    2017-01-10 16:51 - 2016-12-20 23:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
    2017-01-10 16:51 - 2016-12-20 23:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
    2017-01-10 16:51 - 2016-12-20 23:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
    2017-01-10 16:51 - 2016-12-20 23:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
    2017-01-10 16:51 - 2016-12-20 23:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
    2017-01-10 16:51 - 2016-12-20 23:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
    2017-01-10 16:51 - 2016-12-20 23:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2017-01-10 16:51 - 2016-12-20 23:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2017-01-10 16:51 - 2016-12-20 23:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
    2017-01-10 16:51 - 2016-12-20 23:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2017-01-10 16:51 - 2016-12-20 23:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
    2017-01-10 16:51 - 2016-12-20 23:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
    2017-01-10 16:51 - 2016-12-20 23:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2017-01-10 16:51 - 2016-12-20 23:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2017-01-10 16:51 - 2016-12-14 00:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2017-01-10 16:51 - 2016-12-14 00:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2017-01-10 16:51 - 2016-12-14 00:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
    2017-01-10 16:51 - 2016-12-14 00:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
    2017-01-10 16:51 - 2016-12-14 00:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
    2017-01-10 16:51 - 2016-12-13 23:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
    2017-01-10 16:51 - 2016-12-13 23:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
    2017-01-10 16:51 - 2016-12-13 23:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
    2017-01-10 16:51 - 2016-12-13 23:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
    2017-01-10 16:51 - 2016-12-13 23:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
    2017-01-10 16:51 - 2016-12-13 23:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
    2017-01-10 16:51 - 2016-12-13 23:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2017-01-10 16:51 - 2016-12-13 23:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2017-01-10 16:51 - 2016-12-13 23:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
    2017-01-10 16:51 - 2016-12-13 23:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2017-01-10 16:51 - 2016-12-13 23:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
    2017-01-10 16:51 - 2016-12-13 23:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2017-01-10 16:51 - 2016-12-13 23:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
    2017-01-10 16:51 - 2016-12-13 23:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
    2017-01-10 16:51 - 2016-12-13 23:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2017-01-10 16:51 - 2016-12-13 23:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2017-01-10 16:51 - 2016-12-13 23:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
    2017-01-10 16:51 - 2016-12-13 23:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2017-01-10 16:51 - 2016-12-13 23:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
    2017-01-10 16:51 - 2016-12-13 23:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2017-01-10 16:51 - 2016-12-13 23:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2017-01-10 16:51 - 2016-12-13 23:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2017-01-10 16:51 - 2016-11-02 07:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2017-01-10 16:51 - 2016-11-02 05:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
    2017-01-10 16:51 - 2016-08-01 23:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2017-01-10 16:50 - 2016-12-21 03:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2017-01-10 16:50 - 2016-12-21 02:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
    2017-01-10 16:50 - 2016-12-21 02:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2017-01-10 16:50 - 2016-12-21 02:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
    2017-01-10 16:50 - 2016-12-21 02:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
    2017-01-10 16:50 - 2016-12-21 02:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2017-01-10 16:50 - 2016-12-21 02:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
    2017-01-10 16:50 - 2016-12-21 02:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
    2017-01-10 16:50 - 2016-12-21 02:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
    2017-01-10 16:50 - 2016-12-21 02:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
    2017-01-10 16:50 - 2016-12-21 02:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
    2017-01-10 16:50 - 2016-12-21 02:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
    2017-01-10 16:50 - 2016-12-21 02:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2017-01-10 16:50 - 2016-12-21 02:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2017-01-10 16:50 - 2016-12-21 02:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
    2017-01-10 16:50 - 2016-12-21 02:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
    2017-01-10 16:50 - 2016-12-21 02:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
    2017-01-10 16:50 - 2016-12-21 02:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2017-01-10 16:50 - 2016-12-21 02:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
    2017-01-10 16:50 - 2016-12-21 02:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2017-01-10 16:50 - 2016-12-21 02:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2017-01-10 16:50 - 2016-12-21 02:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
    2017-01-10 16:50 - 2016-12-21 01:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2017-01-10 16:50 - 2016-12-21 01:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
    2017-01-10 16:50 - 2016-12-21 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
    2017-01-10 16:50 - 2016-12-21 01:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2017-01-10 16:50 - 2016-12-21 01:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
    2017-01-10 16:50 - 2016-12-21 01:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
    2017-01-10 16:50 - 2016-12-21 01:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2017-01-10 16:50 - 2016-12-21 01:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2017-01-10 16:50 - 2016-12-21 01:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2017-01-10 16:50 - 2016-12-21 01:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2017-01-10 16:50 - 2016-12-21 01:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2017-01-10 16:50 - 2016-12-21 01:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2017-01-10 16:50 - 2016-12-21 00:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2017-01-10 16:50 - 2016-12-21 00:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2017-01-10 16:50 - 2016-12-21 00:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
    2017-01-10 16:50 - 2016-12-21 00:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2017-01-10 16:50 - 2016-12-21 00:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2017-01-10 16:50 - 2016-12-21 00:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
    2017-01-10 16:50 - 2016-12-20 23:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
    2017-01-10 16:50 - 2016-12-20 23:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
    2017-01-10 16:50 - 2016-12-20 23:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
    2017-01-10 16:50 - 2016-12-20 23:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
    2017-01-10 16:50 - 2016-12-20 23:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
    2017-01-10 16:50 - 2016-12-20 23:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2017-01-10 16:50 - 2016-12-20 23:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2017-01-10 16:50 - 2016-12-20 23:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
    2017-01-10 16:50 - 2016-12-20 23:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2017-01-10 16:50 - 2016-12-20 23:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2017-01-10 16:50 - 2016-12-20 23:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
    2017-01-10 16:50 - 2016-12-20 23:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2017-01-10 16:50 - 2016-12-14 00:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2017-01-10 16:50 - 2016-12-14 00:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2017-01-10 16:50 - 2016-12-14 00:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
    2017-01-10 16:50 - 2016-12-14 00:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2017-01-10 16:50 - 2016-12-14 00:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
    2017-01-10 16:50 - 2016-12-14 00:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2017-01-10 16:50 - 2016-12-14 00:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2017-01-10 16:50 - 2016-12-14 00:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2017-01-10 16:50 - 2016-12-14 00:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
    2017-01-10 16:50 - 2016-12-14 00:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2017-01-10 16:50 - 2016-12-14 00:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
    2017-01-10 16:50 - 2016-12-14 00:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
    2017-01-10 16:50 - 2016-12-13 23:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2017-01-10 16:50 - 2016-12-13 23:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
    2017-01-10 16:50 - 2016-12-13 23:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
    2017-01-10 16:50 - 2016-12-13 23:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
    2017-01-10 16:50 - 2016-12-13 23:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2017-01-10 16:50 - 2016-12-13 23:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2017-01-10 16:50 - 2016-12-13 23:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
    2017-01-10 16:50 - 2016-12-13 23:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
    2017-01-10 16:50 - 2016-12-13 23:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
    2017-01-10 16:50 - 2016-12-13 23:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2017-01-10 16:50 - 2016-12-13 23:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
    2017-01-10 16:50 - 2016-12-13 23:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
    2017-01-10 16:50 - 2016-12-13 23:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2017-01-10 16:50 - 2016-12-13 23:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2017-01-10 16:50 - 2016-12-13 23:35 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll
    2017-01-10 16:50 - 2016-12-13 23:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2017-01-10 16:50 - 2016-12-13 23:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
    2017-01-10 16:50 - 2016-12-13 23:25 - 02795520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
    2017-01-10 16:50 - 2016-12-13 23:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
    2017-01-10 16:50 - 2016-12-13 23:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2017-01-10 16:50 - 2016-12-13 23:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2017-01-10 16:50 - 2016-12-13 23:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
    2017-01-10 16:50 - 2016-12-13 23:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2017-01-10 16:50 - 2016-12-13 23:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2017-01-10 16:50 - 2016-11-02 06:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2017-01-10 16:50 - 2016-11-02 05:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2017-01-10 16:50 - 2016-11-02 05:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2017-01-10 16:49 - 2016-12-21 02:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
    2017-01-10 16:49 - 2016-12-21 02:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
    2017-01-10 16:49 - 2016-12-21 02:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
    2017-01-10 16:49 - 2016-12-21 02:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2017-01-10 16:49 - 2016-12-20 23:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
    2017-01-10 16:49 - 2016-12-14 00:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2017-01-10 16:49 - 2016-12-13 23:42 - 00384000 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe
    2017-01-10 16:49 - 2016-12-13 23:41 - 00362496 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe
    2017-01-10 16:49 - 2016-12-13 23:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
    2017-01-10 16:49 - 2016-12-13 23:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
    2017-01-06 14:48 - 2017-01-06 14:48 - 00000000 ____D C:\Users\Eskew\AppData\LocalLow\Strange Loop Games
    2017-01-06 14:46 - 2017-01-06 14:47 - 131974511 _____ C:\Users\Eskew\Downloads\Eco.v0.5.0.rar
    2017-01-04 15:21 - 2017-01-04 15:21 - 34719288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
    2017-01-04 15:21 - 2017-01-04 15:21 - 28211768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
    2017-01-04 15:20 - 2017-01-04 15:20 - 00951224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2017-01-04 15:20 - 2017-01-04 15:20 - 00903096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2017-01-04 15:20 - 2017-01-04 15:20 - 00448560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
    2017-01-04 15:20 - 2017-01-04 15:20 - 00397240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
    2017-01-04 15:19 - 2017-01-04 15:19 - 01964600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437653.dll
    2017-01-04 15:19 - 2017-01-04 15:19 - 01600056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437653.dll
    2017-01-04 15:19 - 2017-01-04 15:19 - 01047088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2017-01-04 15:19 - 2017-01-04 15:19 - 00985136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2017-01-04 15:19 - 2017-01-04 15:19 - 00054720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
    2017-01-04 15:18 - 2017-01-04 15:18 - 40132536 _____ C:\WINDOWS\system32\nvcompiler.dll
    2017-01-04 15:18 - 2017-01-04 15:18 - 35231160 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
    2017-01-04 15:18 - 2017-01-04 15:18 - 02957240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2017-01-04 15:18 - 2017-01-04 15:18 - 02594744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2017-01-04 15:18 - 2017-01-04 15:18 - 00394800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
    2017-01-04 15:18 - 2017-01-04 15:18 - 00355768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
    2017-01-04 15:03 - 2017-01-04 15:03 - 11016832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
    2017-01-04 15:03 - 2017-01-04 15:03 - 09247528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
    2017-01-04 15:03 - 2017-01-04 15:03 - 09000152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
    2017-01-04 15:02 - 2017-01-04 15:02 - 10453336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2017-01-04 15:02 - 2017-01-04 15:02 - 08846832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2017-01-04 15:02 - 2017-01-04 15:02 - 00818496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
    2017-01-04 15:02 - 2017-01-04 15:02 - 00817472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
    2017-01-04 15:02 - 2017-01-04 15:02 - 00658400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
    2017-01-04 15:02 - 2017-01-04 15:02 - 00657048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
    2017-01-04 15:02 - 2017-01-04 15:02 - 00631992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
    2017-01-04 15:02 - 2017-01-04 15:02 - 00586968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
    2017-01-04 15:02 - 2017-01-04 15:02 - 00407240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
    2017-01-04 15:02 - 2017-01-04 15:02 - 00338960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
    2017-01-04 10:07 - 2017-01-04 10:07 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
    2017-01-04 10:07 - 2017-01-04 10:07 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
    2017-01-03 17:52 - 2017-01-03 17:52 - 00000000 ____D C:\Users\Eskew\AppData\LocalLow\Fenix Fire Entertainment
    2016-12-31 12:42 - 2016-12-31 12:43 - 475200925 _____ C:\Users\Eskew\Downloads\Stonehearth.Alpha.19.rar
    2016-12-30 15:35 - 2016-12-30 15:35 - 00287307 _____ C:\Users\Eskew\Downloads\HALO - UNSC MANTIS.pdf
    2016-12-30 09:09 - 2016-12-30 09:09 - 00145938 _____ C:\Users\Eskew\Downloads\HALO - mini Pelican.pdf
    2016-12-30 09:01 - 2016-12-30 09:01 - 00687958 _____ C:\Users\Eskew\Downloads\HALO - Pelican BIG (PARTs).pdf
    2016-12-30 09:00 - 2016-12-30 09:00 - 00425044 _____ C:\Users\Eskew\Downloads\HALO - Scorpion.pdf
    2016-12-29 12:00 - 2016-12-29 12:00 - 00002221 _____ C:\Users\Public\Desktop\LEGO Digital Designer.lnk
    2016-12-29 12:00 - 2016-12-29 12:00 - 00000000 ____D C:\Users\Eskew\Documents\LEGO Creations
    2016-12-29 12:00 - 2016-12-29 12:00 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\LEGO Company
    2016-12-29 12:00 - 2016-12-29 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company
    2016-12-29 12:00 - 2016-12-29 12:00 - 00000000 ____D C:\Program Files (x86)\LEGO Company
    2016-12-29 11:58 - 2016-12-29 11:59 - 292271952 _____ C:\Users\Eskew\Downloads\setupLDD-PC-4_3_10.exe
    2016-12-26 19:57 - 2016-12-26 19:57 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Warner Bros. Interactive Entertainment
    2016-12-26 12:15 - 2016-12-26 12:15 - 00000000 ____D C:\Users\Eskew\AppData\Local\UnrealEngine
    2016-12-26 12:15 - 2016-12-26 12:15 - 00000000 ____D C:\Users\Eskew\AppData\Local\Astro
    2016-12-24 16:19 - 2016-12-24 16:19 - 00002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolve.lnk
    2016-12-24 16:19 - 2016-12-24 16:19 - 00002082 _____ C:\Users\Public\Desktop\Evolve.lnk
    2016-12-18 10:11 - 2016-12-18 10:11 - 00000000 ____D C:\Users\Eskew\AppData\LocalLow\Fox Dawn
    2016-12-16 19:23 - 2016-12-16 19:23 - 00003706 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001UA1d257fbdc135398
    2016-12-16 19:23 - 2016-12-16 19:23 - 00003438 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001Core1d257fbdbfad668
    2016-12-16 17:57 - 2017-01-23 17:56 - 00003274 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
    2016-12-14 07:57 - 2016-12-09 05:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-12-14 07:57 - 2016-12-09 05:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-12-14 07:57 - 2016-12-09 05:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2016-12-14 07:57 - 2016-12-09 05:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2016-12-14 07:57 - 2016-12-09 05:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2016-12-14 07:57 - 2016-12-09 05:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2016-12-14 07:57 - 2016-12-09 05:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2016-12-14 07:57 - 2016-12-09 05:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2016-12-14 07:57 - 2016-12-09 05:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2016-12-14 07:57 - 2016-12-09 05:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
    2016-12-14 07:57 - 2016-12-09 05:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2016-12-14 07:57 - 2016-12-09 05:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2016-12-14 07:57 - 2016-12-09 05:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
    2016-12-14 07:57 - 2016-12-09 05:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2016-12-14 07:57 - 2016-12-09 05:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2016-12-14 07:57 - 2016-12-09 05:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2016-12-14 07:57 - 2016-12-09 05:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
    2016-12-14 07:57 - 2016-12-09 05:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2016-12-14 07:57 - 2016-12-09 05:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2016-12-14 07:57 - 2016-12-09 05:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2016-12-14 07:57 - 2016-12-09 05:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2016-12-14 07:57 - 2016-12-09 05:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
    2016-12-14 07:57 - 2016-12-09 05:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
    2016-12-14 07:57 - 2016-12-09 05:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2016-12-14 07:57 - 2016-12-09 05:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2016-12-14 07:57 - 2016-12-09 05:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2016-12-14 07:57 - 2016-12-09 05:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2016-12-14 07:57 - 2016-12-09 05:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2016-12-14 07:57 - 2016-12-09 05:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2016-12-14 07:57 - 2016-12-09 05:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
    2016-12-14 07:57 - 2016-12-09 05:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2016-12-14 07:57 - 2016-12-09 05:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
    2016-12-14 07:57 - 2016-12-09 04:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2016-12-14 07:57 - 2016-12-09 04:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
    2016-12-14 07:57 - 2016-12-09 04:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2016-12-14 07:57 - 2016-12-09 04:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2016-12-14 07:57 - 2016-12-09 04:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2016-12-14 07:57 - 2016-12-09 04:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2016-12-14 07:57 - 2016-12-09 04:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
    2016-12-14 07:57 - 2016-12-09 04:45 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll
    2016-12-14 07:57 - 2016-12-09 04:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
    2016-12-14 07:57 - 2016-12-09 04:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2016-12-14 07:57 - 2016-12-09 04:42 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll
    2016-12-14 07:57 - 2016-12-09 04:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
    2016-12-14 07:57 - 2016-12-09 04:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
    2016-12-14 07:57 - 2016-12-09 04:40 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll
    2016-12-14 07:57 - 2016-12-09 04:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
    2016-12-14 07:57 - 2016-12-09 04:37 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll
    2016-12-14 07:57 - 2016-12-09 04:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2016-12-14 07:57 - 2016-12-09 04:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2016-12-14 07:57 - 2016-12-09 04:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
    2016-12-14 07:57 - 2016-12-09 04:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2016-12-14 07:57 - 2016-12-09 04:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
    2016-12-14 07:57 - 2016-12-09 04:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2016-12-14 07:57 - 2016-12-09 04:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2016-12-14 07:57 - 2016-12-09 04:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2016-12-14 07:57 - 2016-12-09 04:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2016-12-14 07:57 - 2016-12-09 04:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2016-12-14 07:57 - 2016-12-09 04:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-12-14 07:57 - 2016-12-09 04:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2016-12-14 07:57 - 2016-12-09 04:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
    2016-12-14 07:57 - 2016-12-09 04:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
    2016-12-14 07:57 - 2016-12-09 04:24 - 06583296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
    2016-12-14 07:57 - 2016-12-09 04:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-12-14 07:57 - 2016-12-09 04:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
    2016-12-14 07:57 - 2016-12-09 04:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-12-14 07:57 - 2016-12-09 04:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
    2016-12-14 07:57 - 2016-12-09 04:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2016-12-14 07:57 - 2016-12-09 04:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2016-12-14 07:57 - 2016-12-09 04:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2016-12-14 07:57 - 2016-12-09 04:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2016-12-14 07:57 - 2016-12-09 04:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
    2016-12-14 07:57 - 2016-12-09 04:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
    2016-12-14 07:57 - 2016-12-09 04:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
    2016-12-14 07:57 - 2016-12-09 04:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
    2016-12-14 07:57 - 2016-12-09 04:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2016-12-14 07:57 - 2016-12-09 04:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
    2016-12-14 07:57 - 2016-12-09 04:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2016-12-14 07:57 - 2016-12-09 04:17 - 04978176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll
    2016-12-14 07:57 - 2016-12-09 04:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
    2016-12-14 07:57 - 2016-12-09 04:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
    2016-12-14 07:57 - 2016-12-09 04:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
    2016-12-14 07:57 - 2016-12-09 04:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
    2016-12-14 07:57 - 2016-12-09 04:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
    2016-12-14 07:57 - 2016-12-09 03:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2016-12-14 07:57 - 2016-11-02 05:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
    2016-12-14 07:57 - 2016-11-02 05:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2016-12-14 07:57 - 2016-09-15 11:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
    2016-12-09 09:17 - 2016-11-11 05:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
    2016-12-09 09:17 - 2016-11-11 05:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2016-12-09 09:17 - 2016-11-11 05:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2016-12-09 09:17 - 2016-11-11 04:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2016-12-09 09:17 - 2016-11-11 04:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2016-12-09 09:17 - 2016-11-11 04:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
    2016-12-09 09:17 - 2016-11-11 04:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
    2016-12-09 09:17 - 2016-11-11 04:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2016-12-09 09:17 - 2016-11-11 04:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2016-12-09 09:17 - 2016-11-11 04:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
    2016-12-09 09:17 - 2016-11-11 04:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
    2016-12-09 09:17 - 2016-11-11 02:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
    2016-12-09 09:17 - 2016-11-11 02:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2016-12-09 09:17 - 2016-11-11 02:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
    2016-12-09 09:17 - 2016-11-11 02:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
    2016-12-09 09:16 - 2016-11-11 05:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
    2016-12-09 09:16 - 2016-11-11 05:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
    2016-12-09 09:16 - 2016-11-11 05:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
    2016-12-09 09:16 - 2016-11-11 05:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2016-12-09 09:16 - 2016-11-11 05:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
    2016-12-09 09:16 - 2016-11-11 05:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2016-12-09 09:16 - 2016-11-11 05:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
    2016-12-09 09:16 - 2016-11-11 05:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
    2016-12-09 09:16 - 2016-11-11 05:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
    2016-12-09 09:16 - 2016-11-11 05:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
    2016-12-09 09:16 - 2016-11-11 05:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
    2016-12-09 09:16 - 2016-11-11 05:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2016-12-09 09:16 - 2016-11-11 05:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2016-12-09 09:16 - 2016-11-11 05:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
    2016-12-09 09:16 - 2016-11-11 04:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2016-12-09 09:16 - 2016-11-11 04:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-12-09 09:16 - 2016-11-11 04:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
    2016-12-09 09:16 - 2016-11-11 04:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
    2016-12-09 09:16 - 2016-11-11 04:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
    2016-12-09 09:16 - 2016-11-11 04:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
    2016-12-09 09:16 - 2016-11-11 04:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
    2016-12-09 09:16 - 2016-11-11 04:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
    2016-12-09 09:16 - 2016-11-11 04:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2016-12-09 09:16 - 2016-11-11 04:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
    2016-12-09 09:16 - 2016-11-11 04:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
    2016-12-09 09:16 - 2016-11-11 04:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
    2016-12-09 09:16 - 2016-11-11 04:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
    2016-12-09 09:16 - 2016-11-11 04:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
    2016-12-09 09:16 - 2016-11-11 04:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
    2016-12-09 09:16 - 2016-11-11 04:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
    2016-12-09 09:16 - 2016-11-11 04:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
    2016-12-09 09:16 - 2016-11-11 04:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
    2016-12-09 09:16 - 2016-11-11 04:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
    2016-12-09 09:16 - 2016-11-11 04:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
    2016-12-09 09:16 - 2016-11-11 04:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
    2016-12-09 09:16 - 2016-11-11 04:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
    2016-12-09 09:16 - 2016-11-11 04:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
    2016-12-09 09:16 - 2016-11-11 04:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
    2016-12-09 09:16 - 2016-11-11 04:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
    2016-12-09 09:16 - 2016-11-11 04:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
    2016-12-09 09:16 - 2016-11-11 04:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
    2016-12-09 09:16 - 2016-11-11 04:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
    2016-12-09 09:16 - 2016-11-11 04:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
    2016-12-09 09:16 - 2016-11-11 04:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
    2016-12-09 09:16 - 2016-11-11 04:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
    2016-12-09 09:16 - 2016-11-11 04:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
    2016-12-09 09:16 - 2016-11-11 04:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
    2016-12-09 09:16 - 2016-11-11 04:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
    2016-12-09 09:16 - 2016-11-11 04:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
    2016-12-09 09:16 - 2016-11-11 04:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
    2016-12-09 09:16 - 2016-11-11 04:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
    2016-12-09 09:16 - 2016-11-11 04:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2016-12-09 09:16 - 2016-11-11 04:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2016-12-09 09:16 - 2016-11-11 04:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
    2016-12-09 09:16 - 2016-11-11 04:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
    2016-12-09 09:16 - 2016-11-11 04:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-12-09 09:16 - 2016-11-11 04:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
    2016-12-09 09:16 - 2016-11-11 04:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
    2016-12-09 09:16 - 2016-11-11 04:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
    2016-12-09 09:16 - 2016-11-11 04:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
    2016-12-09 09:16 - 2016-11-11 04:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
    2016-12-09 09:16 - 2016-11-11 04:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
    2016-12-09 09:16 - 2016-11-11 04:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
    2016-12-09 09:16 - 2016-11-11 04:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
    2016-12-09 09:16 - 2016-11-11 04:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
    2016-12-09 09:16 - 2016-11-11 04:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2016-12-09 09:16 - 2016-11-11 04:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2016-12-09 09:16 - 2016-11-11 04:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2016-12-09 09:16 - 2016-11-11 04:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
    2016-12-09 09:16 - 2016-11-11 04:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
    2016-12-09 09:16 - 2016-11-11 04:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
    2016-12-09 09:16 - 2016-11-11 04:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2016-12-09 09:16 - 2016-11-11 04:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
    2016-12-09 09:16 - 2016-11-11 04:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2016-12-09 09:16 - 2016-11-11 04:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
    2016-12-09 09:16 - 2016-11-11 04:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2016-12-09 09:16 - 2016-11-11 04:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2016-12-09 09:16 - 2016-11-11 04:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2016-12-09 09:16 - 2016-11-11 04:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
    2016-12-09 09:16 - 2016-11-11 04:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2016-12-09 09:16 - 2016-11-11 04:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
    2016-12-09 09:16 - 2016-11-11 04:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2016-12-09 09:16 - 2016-11-11 04:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2016-12-09 09:16 - 2016-11-11 04:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2016-12-09 09:16 - 2016-11-11 04:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
    2016-12-09 09:16 - 2016-11-11 04:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2016-12-09 09:16 - 2016-11-11 04:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2016-12-09 09:16 - 2016-11-11 03:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2016-12-09 09:16 - 2016-11-11 02:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2016-12-09 09:16 - 2016-11-11 02:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
    2016-12-09 09:16 - 2016-11-11 02:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
    2016-12-09 09:16 - 2016-11-11 02:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2016-12-09 09:16 - 2016-11-11 02:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
    2016-12-09 09:16 - 2016-11-11 02:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2016-12-09 09:16 - 2016-11-11 02:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2016-12-09 09:16 - 2016-11-11 02:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
    2016-12-09 09:16 - 2016-11-11 02:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
    2016-12-09 09:16 - 2016-11-11 02:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
    2016-12-09 09:16 - 2016-11-11 02:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2016-12-09 09:16 - 2016-11-11 02:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
    2016-12-09 09:16 - 2016-11-11 02:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2016-12-09 09:16 - 2016-11-11 02:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
    2016-12-09 09:16 - 2016-11-11 02:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
    2016-12-09 09:16 - 2016-11-11 02:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
    2016-12-09 09:16 - 2016-11-11 02:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
    2016-12-09 09:16 - 2016-11-11 02:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
    2016-12-09 09:16 - 2016-11-11 02:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
    2016-12-09 09:16 - 2016-11-11 02:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
    2016-12-09 09:16 - 2016-11-11 02:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
    2016-12-09 09:16 - 2016-11-11 02:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
    2016-12-09 09:16 - 2016-11-11 02:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2016-12-09 09:16 - 2016-11-11 02:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
    2016-12-09 09:16 - 2016-11-11 02:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
    2016-12-09 09:16 - 2016-11-11 02:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
    2016-12-09 09:16 - 2016-11-11 02:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2016-12-09 09:16 - 2016-11-11 02:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
    2016-12-09 09:16 - 2016-11-11 02:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
    2016-12-09 09:16 - 2016-11-11 02:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
    2016-12-09 09:16 - 2016-11-11 02:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
    2016-12-09 09:16 - 2016-11-11 02:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
    2016-12-09 09:16 - 2016-11-11 02:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
    2016-12-09 09:16 - 2016-11-11 02:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
    2016-12-09 09:16 - 2016-11-11 02:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
    2016-12-09 09:16 - 2016-11-11 02:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
    2016-12-09 09:16 - 2016-11-11 02:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2016-12-09 09:16 - 2016-11-11 02:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
    2016-12-09 09:16 - 2016-11-11 02:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
    2016-12-09 09:16 - 2016-11-11 02:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
    2016-12-09 09:16 - 2016-11-11 02:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2016-12-09 09:16 - 2016-11-11 02:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
    2016-12-09 09:16 - 2016-11-11 02:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2016-12-09 09:16 - 2016-11-11 02:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
    2016-12-09 09:16 - 2016-11-11 02:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
    2016-12-09 09:16 - 2016-11-11 02:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
    2016-12-09 09:16 - 2016-11-11 02:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
    2016-12-09 09:16 - 2016-11-11 02:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
    2016-12-09 09:16 - 2016-11-11 02:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
    2016-12-09 09:16 - 2016-11-11 02:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
    2016-12-09 09:16 - 2016-11-11 02:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2016-12-09 09:16 - 2016-11-11 02:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
    2016-12-09 09:16 - 2016-11-11 02:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2016-12-09 09:16 - 2016-11-11 02:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-12-09 09:16 - 2016-11-11 02:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
    2016-12-09 09:16 - 2016-11-11 02:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
    2016-12-09 09:16 - 2016-11-11 02:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
    2016-12-09 09:16 - 2016-11-11 02:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
    2016-12-09 09:16 - 2016-11-11 02:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2016-12-09 09:16 - 2016-11-11 02:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2016-12-09 09:16 - 2016-11-11 02:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2016-12-09 09:16 - 2016-11-11 02:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
    2016-12-09 09:16 - 2016-11-11 02:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
    2016-12-09 09:16 - 2016-11-11 02:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
    2016-12-09 09:15 - 2016-11-11 05:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2016-12-09 09:15 - 2016-11-11 04:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2016-12-09 09:15 - 2016-11-11 04:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2016-12-09 09:15 - 2016-11-11 04:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
    2016-12-09 09:15 - 2016-11-11 04:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
    2016-12-09 09:15 - 2016-11-11 04:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
    2016-12-09 09:15 - 2016-11-11 04:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
    2016-12-09 09:15 - 2016-11-11 04:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
    2016-12-09 09:15 - 2016-11-11 04:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
    2016-12-09 09:15 - 2016-11-11 04:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
    2016-12-09 09:15 - 2016-11-11 04:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
    2016-12-09 09:15 - 2016-11-11 04:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
    2016-12-09 09:15 - 2016-11-11 04:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2016-12-09 09:15 - 2016-11-11 04:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2016-12-09 09:15 - 2016-11-11 04:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2016-12-09 09:15 - 2016-11-11 04:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2016-12-09 09:15 - 2016-11-11 04:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
    2016-12-09 09:15 - 2016-11-11 04:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2016-12-09 09:15 - 2016-11-11 04:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
    2016-12-09 09:15 - 2016-11-11 04:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
    2016-12-09 09:15 - 2016-11-11 04:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
    2016-12-09 09:15 - 2016-11-11 04:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
    2016-12-09 09:15 - 2016-11-11 04:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
    2016-12-09 09:15 - 2016-11-11 04:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
    2016-12-09 09:15 - 2016-11-11 04:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
    2016-12-09 09:15 - 2016-11-11 04:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
    2016-12-09 09:15 - 2016-11-11 04:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
    2016-12-09 09:15 - 2016-11-11 04:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
    2016-12-09 09:15 - 2016-11-11 04:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2016-12-09 09:15 - 2016-11-11 04:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
    2016-12-09 09:15 - 2016-11-11 04:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2016-12-09 09:15 - 2016-11-11 04:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
    2016-12-09 09:15 - 2016-11-11 04:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
    2016-12-09 09:15 - 2016-11-11 04:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
    2016-12-09 09:15 - 2016-11-11 04:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2016-12-09 09:15 - 2016-11-11 04:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2016-12-09 09:15 - 2016-11-11 04:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
    2016-12-09 09:15 - 2016-11-11 04:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-12-09 09:15 - 2016-11-11 04:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2016-12-09 09:15 - 2016-11-11 04:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
    2016-12-09 09:15 - 2016-11-11 04:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
    2016-12-09 09:15 - 2016-11-11 04:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
    2016-12-09 09:15 - 2016-11-11 04:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-12-09 09:15 - 2016-11-11 04:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2016-12-09 09:15 - 2016-11-11 04:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
    2016-12-09 09:15 - 2016-11-11 04:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
    2016-12-09 09:15 - 2016-11-11 03:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
    2016-12-09 09:15 - 2016-11-11 03:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
    2016-12-09 09:15 - 2016-11-11 02:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2016-12-09 09:15 - 2016-11-11 02:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
    2016-12-09 09:15 - 2016-11-11 02:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
    2016-12-09 09:15 - 2016-11-11 02:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2016-12-09 09:15 - 2016-11-11 02:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
    2016-12-09 09:15 - 2016-11-11 02:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
    2016-12-09 09:15 - 2016-11-11 02:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
    2016-12-09 09:15 - 2016-11-11 02:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
    2016-12-09 09:15 - 2016-11-11 02:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-12-09 09:15 - 2016-11-11 02:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
    2016-12-09 09:15 - 2016-11-11 02:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
    2016-12-06 14:18 - 2016-12-06 14:18 - 00003286 _____ C:\WINDOWS\System32\Tasks\{7397805F-4A56-4686-977E-8CBC53A081AF}
    2016-11-26 08:24 - 2016-11-26 08:24 - 00000000 ____D C:\Users\Eskew\AppData\Local\CAPCOM
    2016-11-25 18:22 - 2016-11-25 18:22 - 00606404 _____ C:\Users\Eskew\Downloads\DirtedTankQuestionGuideFull.pdf
    2016-11-25 18:22 - 2016-11-25 18:22 - 00214932 _____ C:\Users\Eskew\Downloads\Top10PlantedTanktips.pdf
     
    ==================== Three Months Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2017-02-22 15:23 - 2012-12-23 18:03 - 00000000 ____D C:\Program Files (x86)\Steam
    2017-02-22 15:19 - 2016-10-17 07:48 - 00000000 ____D C:\Users\Eskew
    2017-02-22 14:44 - 2016-10-17 08:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-02-22 14:44 - 2016-10-17 07:45 - 00000000 ____D C:\ProgramData\NVIDIA
    2017-02-22 14:44 - 2014-11-02 09:09 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
    2017-02-22 14:43 - 2016-10-17 07:43 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
    2017-02-22 14:43 - 2016-07-16 01:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
    2017-02-22 14:39 - 2013-01-17 19:19 - 00000000 ____D C:\Users\Eskew\AppData\Local\CrashDumps
    2017-02-22 14:26 - 2013-06-21 12:09 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Mahjong Games
    2017-02-22 14:18 - 2014-03-29 10:34 - 00000000 ____D C:\Users\Eskew\AppData\Local\Battle.net
    2017-02-22 13:59 - 2015-02-27 20:51 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
    2017-02-22 13:52 - 2014-09-03 13:24 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2017-02-22 12:14 - 2016-09-05 06:32 - 00000000 ____D C:\Users\Eskew\AppData\Local\ftblauncher
    2017-02-22 11:02 - 2016-09-05 06:32 - 00000000 ____D C:\ftb
    2017-02-22 10:50 - 2016-10-17 07:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-02-22 07:05 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
    2017-02-22 07:04 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
    2017-02-22 06:51 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2017-02-22 06:51 - 2013-02-02 22:13 - 00000000 ____D C:\Users\Eskew\AppData\Local\Adobe
    2017-02-21 17:45 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
    2017-02-21 15:01 - 2013-11-18 18:45 - 00000000 __RDO C:\Users\Eskew\SkyDrive
    2017-02-21 12:52 - 2016-08-04 18:55 - 00000000 ____D C:\Users\Eskew\AppData\Local\Citrix
    2017-02-21 12:52 - 2013-06-25 09:49 - 00000000 ____D C:\ProgramData\HappyCloud
    2017-02-21 12:31 - 2015-10-30 06:06 - 00000000 ____D C:\ProgramData\Avg
    2017-02-21 12:31 - 2014-10-04 17:01 - 00000000 ____D C:\Program Files (x86)\AVG
    2017-02-21 12:29 - 2015-10-30 06:05 - 00000000 ____D C:\Users\Eskew\AppData\Local\AvgSetupLog
    2017-02-21 10:42 - 2013-05-21 15:00 - 00000348 _____ C:\WINDOWS\Tasks\HPCeeScheduleForEskew.job
    2017-02-21 08:11 - 2016-10-17 08:28 - 00003240 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForEskew
    2017-02-20 12:36 - 2013-11-12 08:25 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2017-02-20 12:34 - 2015-04-16 08:23 - 00000000 ____D C:\Program Files (x86)\Minecraft
    2017-02-20 12:32 - 2013-10-31 08:11 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\CyberLink
    2017-02-20 07:49 - 2015-12-14 16:01 - 00551464 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
    2017-02-17 13:53 - 2016-09-05 06:32 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\ftblauncher
    2017-02-17 13:53 - 2015-06-16 16:40 - 00000000 ___RD C:\Users\Eskew\Desktop\Games
    2017-02-16 19:28 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2017-02-16 19:28 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
    2017-02-16 07:49 - 2013-01-19 12:07 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Skype
    2017-02-15 09:51 - 2016-05-06 15:15 - 00000000 ____D C:\Program Files (x86)\Overwatch
    2017-02-15 09:51 - 2015-02-27 21:11 - 00000000 ____D C:\Program Files (x86)\Diablo III
    2017-02-12 15:36 - 2015-04-16 08:24 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\.minecraft
    2017-02-08 17:24 - 2016-10-17 07:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-02-08 17:24 - 2016-07-05 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2017-02-08 17:23 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
    2017-02-08 17:22 - 2016-10-17 07:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2017-02-08 17:22 - 2016-10-17 07:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-02-08 17:22 - 2016-07-05 07:09 - 00000000 ____D C:\Users\Eskew\AppData\Local\NVIDIA Corporation
    2017-02-08 06:39 - 2015-12-22 07:51 - 00000000 ____D C:\ProgramData\AMD
    2017-02-06 17:23 - 2013-08-21 17:10 - 00002494 _____ C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-02-06 14:48 - 2016-07-16 06:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2017-02-06 14:48 - 2016-07-16 06:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2017-02-04 19:27 - 2015-03-18 08:29 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\OBS
    2017-02-03 17:57 - 2014-08-29 14:03 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
    2017-02-02 16:46 - 2013-05-03 14:34 - 00000000 ____D C:\Users\Eskew\AppData\Local\Spotify
    2017-02-02 16:44 - 2013-05-03 14:32 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Spotify
    2017-02-02 08:44 - 2014-06-23 10:50 - 00000000 ____D C:\Program Files (x86)\StarCraft II
    2017-02-02 08:18 - 2016-09-27 15:29 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\discord
    2017-01-31 19:50 - 2016-03-16 07:22 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\StardewValley
    2017-01-29 08:01 - 2016-10-17 07:43 - 00000000 ____D C:\Program Files\AMD
    2017-01-28 11:36 - 2014-03-22 12:55 - 00000000 ____D C:\AMD
    2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\SET5280.tmp
    2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\coinst_16.40.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00643096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00310808 _____ C:\WINDOWS\system32\dgtrayicon.exe
    2017-01-25 01:29 - 2016-10-26 00:04 - 00293400 _____ C:\WINDOWS\system32\GameManager64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00287248 _____ C:\WINDOWS\system32\clinfo.exe
    2017-01-25 01:29 - 2016-10-26 00:04 - 00285720 _____ C:\WINDOWS\system32\hsa-thunk64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00248344 _____ C:\WINDOWS\system32\atieah64.exe
    2017-01-25 01:29 - 2016-10-26 00:04 - 00239128 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00178200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00154648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00147480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00128536 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00084504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 07589400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 02150928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\SET4C27.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00541208 _____ (AMD) C:\WINDOWS\system32\SET45E2.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00541208 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
    2017-01-25 01:29 - 2016-09-13 21:08 - 00305176 _____ (AMD) C:\WINDOWS\system32\SET46DE.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00305176 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
    2017-01-25 01:29 - 2016-09-13 21:08 - 00258072 _____ C:\WINDOWS\SysWOW64\SET5071.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00258072 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00251416 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00226328 _____ C:\WINDOWS\SysWOW64\atieah32.exe
    2017-01-25 01:29 - 2016-09-13 21:08 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET4740.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00193560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00153112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00145952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00135704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00130584 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00126488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00107544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00038424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
    2017-01-25 01:28 - 2016-10-26 00:05 - 00145872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
    2017-01-25 01:28 - 2016-10-26 00:05 - 00145360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
    2017-01-25 01:28 - 2016-10-26 00:05 - 00130216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
    2017-01-25 01:28 - 2016-09-13 21:08 - 00112336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
    2017-01-25 01:28 - 2016-09-13 21:08 - 00112328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
    2017-01-23 17:56 - 2015-07-30 14:56 - 00002404 _____ C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
     
    ==================== Files in the root of some directories =======
     
    2013-04-21 13:34 - 2013-04-21 13:34 - 0000093 _____ () C:\Users\Eskew\AppData\Local\fusioncache.dat
    2013-05-31 12:21 - 2013-05-31 12:21 - 0007598 _____ () C:\Users\Eskew\AppData\Local\Resmon.ResmonCfg
    2016-11-04 14:15 - 2016-11-04 14:15 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
     
    ==================== Bamital & volsnap ======================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    ATTENTION: ==> Could not access BCD. 
     
    ==================== BCD ================================
    'bcdedit' is not recognized as an internal or external command,
    operable program or batch file.
     
     
    LastRegBack: 2017-02-13 12:19
     
    ==================== End of FRST.txt ============================
     
     
    Addition.txt Log:Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2017 01
    Ran by Eskew (22-02-2017 16:26:01)
    Running from C:\Users\Eskew\Downloads
    Windows 10 Home Version 1607 (X64) (2016-10-17 13:33:36)
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-105371738-2419289027-4122941235-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-105371738-2419289027-4122941235-1004 - Limited - Enabled)
    DefaultAccount (S-1-5-21-105371738-2419289027-4122941235-503 - Limited - Disabled)
    Eskew (S-1-5-21-105371738-2419289027-4122941235-1001 - Administrator - Enabled) => C:\Users\Eskew
    Guest (S-1-5-21-105371738-2419289027-4122941235-501 - Limited - Disabled)
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
     (HKLM\...\UDK-04d245e5-f683-46e7-8173-d68ff31ec8e7) (Version:  - RuneStorm
    @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
    µTorrent (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\uTorrent) (Version: 3.4.6.42178 - BitTorrent Inc.)
    7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.0.2.189 - Adobe Systems Incorporated)
    Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.19) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
    AMD Catalyst Install Manager (HKLM\...\{DA9FFDE7-5474-DE51-8729-76A31DB5682B}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
    ASTRONEER (HKLM\...\Steam App 361420) (Version:  - System Era Softworks)
    Atlas Reactor (HKLM\...\Steam App 402570) (Version:  - Trion Worlds)
    Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
    AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
    Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - )
    Battle for Wesnoth 1.12.5 (HKLM-x32\...\Battle for Wesnoth 1.12.5) (Version: 1.12.5 - )
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
    bl (x32 Version: 1.0.0 - Your Company Name) Hidden
    Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Bloons TD5 (HKLM\...\Steam App 306020) (Version:  - Ninja Kiwi)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    BYOND (HKLM-x32\...\BYOND) (Version: 511.1363 - BYOND)
    Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
    Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‎Canon Inc.‬)
    Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
    Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
    Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
    Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
    Canon MG3200 series User Registration (HKLM-x32\...\Canon MG3200 series User Registration) (Version:  - Canon Inc.‎)
    Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
    Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
    Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
    Castle Crashers (HKLM\...\Steam App 204360) (Version:  - The Behemoth)
    Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Chronicle: RuneScape Legends (HKLM\...\Steam App 205890) (Version:  - Jagex)
    Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
    Clicker Guild (HKLM\...\Steam App 557810) (Version:  - Fox Dawn)
    Clicker Heroes (HKLM\...\Steam App 363970) (Version:  - Playsaurus)
    Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
    Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
    Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
    CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
    CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
    CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Darkest Dungeon (HKLM\...\Steam App 262060) (Version:  - Red Hook Studios)
    Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
    Discord (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
    Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
    Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
    DOOM 3: BFG Edition (HKLM-x32\...\Steam App 208200) (Version:  - id Software)
    Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
    Dragon's Dogma: Dark Arisen (HKLM\...\Steam App 367500) (Version:  - Capcom)
    Dungeon Defenders II (HKLM\...\Steam App 236110) (Version:  - Trendy Entertainment)
    Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
    Easy Tune 6 B14.0508.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
    Easy Tune 6 B14.0508.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
    Empyrion - Galactic Survival (HKLM\...\Steam App 383120) (Version:  - Eleon Game Studios)
    Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
    Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
    Factorio (HKLM\...\Steam App 427520) (Version:  - Wube Software LTD.)
    FLV2PC v5.9.0 (HKLM-x32\...\FLV2PC_is1) (Version: 5.9.0 - )
    FMW 1 (Version: 1.163.1 - AVG Technologies) Hidden
    Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
    Free Mahjong Games (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Free Mahjong Games) (Version: 1.0 - )
    Free Screen To Video V 2.0 (HKLM-x32\...\Free Screen To Video_is1) (Version: 2.0.0.0 - Koyote Soft)
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
    Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
    Google Chrome (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
    Guild of Dungeoneering (HKLM-x32\...\Steam App 317820) (Version:  - Gambrinous)
    Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
    HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.4.4 - Hi-Rez Studios)
    Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
    HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
    HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
    HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
    IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
    IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
    InfiniteCrisis_410193F41CAE (HKLM-x32\...\InfiniteCrisis_410193F41CAE) (Version:  - Turbine, Inc)
    iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
    Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
    Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
    King Arthur's Gold (HKLM-x32\...\{AC34F03B-B4C8-4892-8BD3-34DC1C7E8DE5}) (Version: 0.95.590.0 - THD)
    League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
    League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
    Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
    LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
    LEGO® Worlds (HKLM\...\Steam App 332310) (Version:  - TT Games)
    LibreOffice 4.0.2.2 (HKLM-x32\...\{1062AD6C-80F4-4BC6-AB7C-A28892B497B8}) (Version: 4.0.2.2 - The Document Foundation)
    LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
    LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
    LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
    LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
    Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)
    Magicka 2 (HKLM\...\Steam App 238370) (Version:  - Pieces Interactive)
    Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
    Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
    Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{17c2e197-cf26-443b-8beb-53151940df3f}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
    Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
    Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Microsoft Zoo Tycoon (HKLM-x32\...\Zoo Tycoon 1.0) (Version:  - )
    Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
    Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
    Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
    Multimedia Fusion 2 (HKLM-x32\...\Multimedia Fusion 2) (Version:  - )
    Mumble 1.2.5 (HKLM-x32\...\{C7BC557D-8C8B-4F5F-83AB-D20C58CF4575}) (Version: 1.2.5 - Thorvald Natvig)
    NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
    NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
    OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.3 - OBS Project)
    Online.io Application (x32 Version: 2.1.0 - Microleaves) Hidden <==== ATTENTION
    Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
    Oracle VM VirtualBox 4.2.6 (HKLM\...\{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}) (Version: 4.2.6 - Oracle Corporation)
    ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
    Osiris: New Dawn (HKLM\...\Steam App 402710) (Version:  - Fenix Fire Entertainment)
    Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
    PakkISO 0.4 (HKLM-x32\...\PakkISO_is1) (Version: PakkISO 0.4 by zorted, installer by BitLooter - )
    Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
    Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
    PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
    ph (x32 Version: 1.0.0 - Your Company Name) Hidden
    Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
    Pixelmon Launcher (Beta) (HKLM-x32\...\Pixelmon Launcher (Beta) 2.0.26) (Version: 2.0.26 - Ikara Software Limited)
    Pixelmon Launcher (Beta) (x32 Version: 2.0.26 - Ikara Software Limited) Hidden
    PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Daybreak Game Company)
    PlanetSide 2 (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Project Zomboid (HKLM\...\Steam App 108600) (Version:  - The Indie Stone)
    Project Zomboid Dedicated Server (HKLM\...\Steam App 380870) (Version:  - )
    PULSAR: Lost Colony (HKLM\...\Steam App 252870) (Version:  - Leafy Games)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
    Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27599 - Razer Inc.)
    Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
    ROBLOX Player for Eskew (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
    ROBLOX Studio for Eskew (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
    Robocraft version 0.3.274 (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.274 - Freejam)
    RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
    RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd)
    Security Task Manager 2.1i (HKLM-x32\...\Security Task Manager) (Version: 2.1i - Neuber Software)
    SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
    Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
    Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
    SMITE (HKLM\...\Steam App 386360) (Version:  - Hi-Rez Studios)
    Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
    SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
    Spotify (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Spotify) (Version: 1.0.42.151.g19de0aa6 - Spotify AB)
    Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
    STAR WARS™ Battlefront™ II (HKLM\...\Steam App 6060) (Version:  - Pandemic Studios)
    STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
    Starbound (HKLM\...\Steam App 211820) (Version:  - )
    StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
    Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    SteamVR (HKLM-x32\...\Steam App 250820) (Version:  - )
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Tabletop Simulator (HKLM\...\Steam App 286160) (Version:  - Berserk Games)
    Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
    TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
    TeamSpeak 3 Client (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
    Techne (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\244a1e8693fd9c7e) (Version: 1.3.0.15 - ZeuX and r4wk)
    Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
    The Jackbox Party Pack 3 (HKLM\...\Steam App 434170) (Version:  - Jackbox Games, Inc.)
    The Witcher 2: Assassins of Kings Enhanced Edition (HKLM\...\Steam App 20920) (Version:  - CD PROJEKT RED)
    The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version:  - CD PROJEKT RED)
    The Witcher: Enhanced Edition (HKLM\...\Steam App 20900) (Version:  - CD PROJEKT RED)
    Trove (HKLM-x32\...\Glyph Trove) (Version:  - Trion Worlds, Inc.)
    Tt eSPORTS VENTUS Mouse (HKLM-x32\...\{766BD494-B1C8-4491-BBA7-1AABF9BF0660}) (Version: 1.0.0 - Tt eSPORTS)
    Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
    Unity Web Player (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\UnityWebPlayer) (Version: 5.2.3f1 - Unity Technologies ApS)
    univcredist (HKLM-x32\...\{2d9d4a60-1d22-46c1-84bb-1de04b4715d7}) (Version: 1.0.0.0 - Motiga)
    Unturned (HKLM\...\Steam App 304930) (Version:  - Smartly Dressed Games)
    Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
    VIO Player version 1.0.1 (HKLM-x32\...\{C8A17598-7F89-41EA-9876-0F89DA0B24F1}_is1) (Version: 1.0.1 - VIO)
    Viscera Cleanup Detail (HKLM-x32\...\Steam App 246900) (Version:  - RuneStorm)
    Viscera Cleanup Detail: alpha v0.25
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
    Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
    Warhammer: End Times - Vermintide (HKLM\...\Steam App 235540) (Version:  - Fatshark)
    Waste Walkers (HKLM\...\Steam App 371100) (Version:  - Corrosive Studios LLC)
    WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
    XSplit Broadcaster (HKLM-x32\...\{4202CAFA-F8F9-4311-8A13-19DB48AAF5F7}) (Version: 2.2.1502.1633 - SplitmediaLabs)
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{66131700-2ee5-4034-a67a-9f28774368e3}\InprocServer32 -> C:\Windows\SysWOW64\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Roblox\Versions\version-8756646edb404aaf\RobloxProxy64.dll (ROBLOX Corporation)
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {01CAA392-C8CC-4E43-B2F0-5ADF0849446D} - \Online Application -> No File <==== ATTENTION
    Task: {07BD2292-EC2F-44E3-BC45-0B9B4F9DFBF3} - \Online Application Guardian -> No File <==== ATTENTION
    Task: {0A35FB88-BBAA-4395-8ADD-1839F48C30CE} - \ProPCCleaner_Start -> No File <==== ATTENTION
    Task: {0D1DFA29-1053-47FF-96B2-D2D0D96E36AB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {0E69CC2E-3CFB-4F3B-AF73-75F0CB405123} - \YourFile DownloaderUpdate -> No File <==== ATTENTION
    Task: {10062C3D-0C1A-4C2A-98F9-7A3D7D3E743E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {192885F3-F656-4D31-92AD-D719693FD8ED} - \Online Application Guard -> No File <==== ATTENTION
    Task: {2606D56A-E37C-477B-AE46-6A80E18E0966} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {26E636BA-44CD-4450-8C94-067074443D37} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-10] (Microsoft Corporation)
    Task: {2E1AD61C-9923-4505-A94D-D2EFA9C12430} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe 
    Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
    Task: {3CB8C14F-58BC-4B18-B360-3255709C654C} - System32\Tasks\Online Application v209 Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ATTENTION
    Task: {4C8BE195-6011-48A1-98C0-1AA1935C5EBA} - System32\Tasks\Online Application v209 Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ATTENTION
    Task: {4CA5593B-CDC2-4663-A1E0-275A25429E4C} - System32\Tasks\{88A2001F-FBC4-477A-99DF-0C91444C63AD} => pcalua.exe -a "C:\Users\Eskew\Downloads\dotnetfx (1).exe" -d C:\Users\Eskew\Downloads
    Task: {50D9217A-46C1-44E6-90A1-A7129039CE3B} - System32\Tasks\{7397805F-4A56-4686-977E-8CBC53A081AF} => pcalua.exe -a "C:\Program Files (x86)\Glyph\GlyphClient.exe" -c -uninstall  -game 131
    Task: {6038FBF3-3629-488B-8FC1-DB73A95AE455} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001UA1d257fbdc135398 => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {60770388-0698-411C-A806-138DE75ED88B} - \ProPCCleaner_Popup -> No File <==== ATTENTION
    Task: {6BC87123-6D21-4A28-AB87-043B4CD12230} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {6F5B6BC8-EA96-4091-9C6D-89D881882B06} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001Core => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {754F9FF1-3A07-481C-9530-E732508587F6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {7620D919-D7E9-475D-A35C-DD938E5D5E47} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {7ADBD0EE-0CDE-4CD8-820B-E188292104EA} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [2016-07-16] (Microsoft Corporation)
    Task: {7B225396-9243-4EA4-9E43-BFE678D480FA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
    Task: {7C3C31D7-9BFA-474B-8BA4-10ACEF825737} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {7CDD50C5-E566-4447-BD1F-06C26A337509} - \WPD\SqmUpload_S-1-5-21-105371738-2419289027-4122941235-1001 -> No File <==== ATTENTION
    Task: {7EEC96AE-F97E-48F7-B718-68F4B08E039F} - System32\Tasks\Online Application v209 => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ATTENTION
    Task: {80C0B092-4558-4A88-A385-065AD6F1D107} - System32\Tasks\HPCeeScheduleForEskew => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
    Task: {81093AC7-C134-463E-A18D-F9D029CF3722} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-16] (Adobe Systems Incorporated)
    Task: {B249ABB8-47E2-402D-ADBF-32928C961AF8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {B6309D8F-431C-4226-9205-20D2D50F5679} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {BD6D1757-FE32-4B78-869D-A93012C21857} - System32\Tasks\{D01AF756-DFFD-4359-8D62-4BA2DA949F2F} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/en/abandoninstall?page=tsProgressBar
    Task: {C171877A-DEE5-4A45-B5FD-1D3DAD79E1BD} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Eskew\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
    Task: {CAB80E29-6429-4EC2-AC3A-08E776A8C37B} - \Omiga Plus RunAsStdUser -> No File <==== ATTENTION
    Task: {CEB93C34-393F-460F-B504-B16C1EB49EBB} - System32\Tasks\{E685A87F-9C1B-4E90-B1E2-BE4DF9EF4403} => pcalua.exe -a E:\PNY_CD.exe -d E:\
    Task: {D487CBE6-87CC-4D3D-859D-901F09733C72} - System32\Tasks\{9683697A-7CBF-4F87-96C3-1F514C197363} => pcalua.exe -a C:\Users\Eskew\AppData\Local\Roblox\Versions\version-1600d28b04c54698\RobloxPlayerLauncher.exe -c -uninstall
    Task: {D4DAB5AA-64FA-4200-A100-0DD4C6D8B2A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001UA => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {DFF0F439-CE45-4D3B-B802-17589BA6D15C} - System32\Tasks\AdobeAAMUpdater-1.0-EskewPC-Eskew => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
    Task: {E1EB435A-B19B-490C-8D07-E641ADC9BB97} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {E2493870-DE08-47F2-9B77-992484AE3430} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {EA2E1BBB-507B-42EE-BAE2-6DB71C9AE74B} - System32\Tasks\{8F7B53BB-88C5-41E2-A80D-64960DF2106B} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/en/abandoninstall?page=tsProgressBar
    Task: {EABB08EB-3428-4EBA-837D-A4EC927779AC} - \GoforFilesUpdate -> No File <==== ATTENTION
    Task: {EAEB5010-0574-469D-8346-D2B137B0BED0} - \Desk 365 RunAsStdUser -> No File <==== ATTENTION
    Task: {EB0C046F-147E-496A-8498-A908EC345523} - System32\Tasks\{85C1A459-4CC3-41EF-8702-6EAA011491A5} => pcalua.exe -a C:\Users\Eskew\AppData\Local\uninstallro.exe
    Task: {F47777FE-9976-47EC-81F2-BB370C21FADA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {F63D0CAD-069D-4C96-B0F0-18E7372DD452} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001Core1d257fbdbfad668 => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001Core.job => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001UA.job => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\HPCeeScheduleForEskew.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\WINDOWS\Tasks\Online Application v209 Guard.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\Online Application v209 Guardian.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\Online Application v209.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    ShortcutWithArgument: C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecontrol for Minecraft\Minecontrol for Minecraft.lnk -> C:\Windows\SysWOW64\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://update.joshjcarrier.com/minecontrol/launch.jnlp "C:\Users\Eskew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\3e77bec5-37671518"
    ShortcutWithArgument: C:\Users\Eskew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --user-data-dir="C:\Users\Eskew\AppData\Local\Google\Chrome\User Data"
    ShortcutWithArgument: C:\Users\Eskew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b2221afffb6f8637\Josh - Chrome.lnk -> C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
     
    ==================== Loaded Modules (Whitelisted) ==============
     
    2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2016-12-14 07:57 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2016-10-17 07:45 - 2016-12-29 07:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2017-01-05 17:36 - 2017-01-05 17:36 - 00077824 ____N () C:\Program Files (x86)\dataup\dataup.exe
    2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2015-06-23 14:11 - 2015-06-23 14:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    2016-07-05 07:08 - 2016-06-03 02:22 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
    2016-12-14 07:57 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
    2013-06-19 23:45 - 2013-06-19 23:45 - 03317616 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
    2016-10-17 11:35 - 2016-10-17 11:35 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
    2017-01-10 16:50 - 2016-12-21 02:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
    2017-01-10 16:50 - 2016-12-21 01:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2017-01-10 16:50 - 2016-12-21 01:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2017-01-10 16:50 - 2016-12-21 01:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
    2017-01-10 16:50 - 2016-12-21 01:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
    2017-01-10 16:50 - 2016-12-21 01:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2017-01-10 16:50 - 2016-12-21 01:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2017-02-22 06:53 - 2017-02-22 06:54 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    2017-02-22 06:53 - 2017-02-22 06:54 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
    2017-02-22 06:53 - 2017-02-22 06:54 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
    2017-02-06 11:48 - 2017-02-06 11:48 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
    2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
    2016-06-30 19:12 - 2016-06-30 19:12 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
    2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
    2016-06-30 19:12 - 2016-06-30 19:12 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
    2016-06-30 19:12 - 2016-06-30 19:12 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
    2016-06-30 19:12 - 2016-06-30 19:12 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
    2017-01-13 20:09 - 2017-01-13 20:09 - 00896512 _____ () C:\Program Files (x86)\svcvmx\svcvmx.exe
    2017-01-20 20:18 - 2017-01-20 20:18 - 01087488 _____ () C:\Program Files (x86)\svcvmx\vmxclient.exe
    2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
    2017-01-10 12:57 - 2017-01-10 12:57 - 00145920 _____ () C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
    2016-09-21 23:32 - 2016-09-21 23:32 - 00224768 ____N () C:\Program Files (x86)\dataup\help_dll.dll
    2014-05-14 11:45 - 2014-05-14 11:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
    2014-11-27 22:27 - 2014-10-07 16:43 - 03174184 _____ () C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS VENTUS Mouse\VentusOsd.dll
    2017-01-14 19:40 - 2017-01-14 19:40 - 53460992 _____ () C:\Program Files (x86)\svcvmx\libcef.dll
    2016-05-31 11:43 - 2016-05-31 11:43 - 01976832 _____ () C:\Program Files (x86)\svcvmx\libglesv2.dll
    2016-05-31 11:44 - 2016-05-31 11:44 - 00075264 _____ () C:\Program Files (x86)\svcvmx\libegl.dll
    2016-12-14 07:57 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2017-02-06 17:23 - 2017-02-01 04:01 - 01870168 _____ () C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
    2017-02-06 17:23 - 2017-02-01 04:01 - 00085848 _____ () C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\libegl.dll
    2013-02-28 10:52 - 2017-02-02 20:42 - 00668960 _____ () C:\Program Files (x86)\Steam\SDL2.dll
    2014-12-02 17:38 - 2016-08-31 20:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
    2014-05-01 16:31 - 2017-02-21 15:36 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
    2014-12-02 17:38 - 2016-08-31 20:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
    2014-12-02 17:38 - 2016-08-31 20:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
    2014-08-22 13:26 - 2016-01-27 02:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
    2014-08-22 13:26 - 2016-01-27 02:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
    2014-08-22 13:26 - 2016-01-27 02:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
    2014-08-22 13:26 - 2016-01-27 02:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
    2014-08-22 13:26 - 2016-01-27 02:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
    2012-12-23 18:04 - 2017-02-21 15:36 - 00838432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
    2016-02-20 17:10 - 2016-07-04 17:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
    2016-11-02 11:40 - 2017-01-30 16:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
    2012-12-23 18:04 - 2017-02-21 15:36 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
    2014-12-17 09:04 - 2015-09-24 18:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
    2016-06-15 17:15 - 2016-06-15 17:15 - 17599640 _____ () C:\Program Files (x86)\svcvmx\pepflashplayer.dll
     
    ==================== Alternate Data Streams (Whitelisted) =========
     
    (If an entry is included in the fixlist, only the ADS will be removed.)
     
    AlternateDataStreams: C:\ProgramData\Temp:7793C843 [144]
    AlternateDataStreams: C:\Users\Eskew\AppData\Local\11rpLHJDugDoF:40uX8RRB5MWZDhHOsS9bdlM [2256]
     
    ==================== Safe Mode (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
     
    ==================== Association (Whitelisted) ===============
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
     
     
    ==================== Internet Explorer trusted/restricted ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry.)
     
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\clonewarsadventures.com -> clonewarsadventures.com
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\freerealms.com -> freerealms.com
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\genieo.com -> hxxp://search.genieo.com
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\soe.com -> soe.com
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\sony.com -> sony.com
     
    ==================== Hosts content: ===============================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
     
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Eskew\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\6926074-cool-backgrounds-desktop.jpg
    DNS Servers: 192.168.2.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
    HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
    HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
    HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
    HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
    HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
    HKLM\...\StartupApproved\Run32: => "APSDaemon"
    HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
    HKLM\...\StartupApproved\Run32: => "Razer Synapse"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Spotify"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Spotify Web Helper"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Steam"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "EvolveClient"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Pando Media Booster"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "uTorrent"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Free Mahjong Games"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Discord"
     
    ==================== FirewallRules (Whitelisted) ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{C5652AC9-C68E-45B3-9595-0136D8FEE61C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
    FirewallRules: [{E3C34B49-ED3F-423C-A3B4-FBE5EA357807}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
    FirewallRules: [UDP Query User{53DF9442-EFF3-496F-9589-F3B3BF796535}C:\users\eskew\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eskew\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [TCP Query User{789B1715-4EAD-4486-B0CA-C25736F3DC5D}C:\users\eskew\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eskew\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [{08F163C6-5B28-4089-ABB5-FFDAEA27CA6E}] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
    FirewallRules: [{43D4B8EA-424C-44A2-B662-2DD9889D437E}] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
    FirewallRules: [UDP Query User{443B0FA0-7448-4F41-88B8-AFF91FD282A4}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
    FirewallRules: [TCP Query User{7F798589-9D79-4E55-B200-A62F5F5E06EE}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
    FirewallRules: [{F727C66F-6B67-4C50-9EEC-39B2FA9EA516}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Paladins\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{A76B1AB0-EF9E-41B7-BF49-68AF08965644}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Paladins\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{689219CB-51E4-49D0-842F-60D6EDF9EE38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
    FirewallRules: [{9AE8F4DB-B112-4EC3-8C1B-62A146F5942B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
    FirewallRules: [{DC6C3319-9BD7-498E-AF1D-528F9994076F}] => (Block) C:\program files\java\jre1.8.0_101\bin\javaw.exe
    FirewallRules: [{9F83F63A-2EBE-4F23-931B-849B41BB312C}] => (Block) C:\program files\java\jre1.8.0_101\bin\javaw.exe
    FirewallRules: [UDP Query User{4FA2DA4B-9C72-4E6F-A865-225D3E29EB0E}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
    FirewallRules: [TCP Query User{A18FFF3B-A695-4CE6-9880-F5B90F4EF80A}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
    FirewallRules: [{759A6D99-A4BE-4AE8-A1B5-B48C6FA632E9}] => (Block) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
    FirewallRules: [{DC4939D8-9347-4108-806A-4D96052D2130}] => (Block) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{F6EF9304-C3BB-4CA6-AD4A-323515B199E8}C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{808ED691-7B4A-4884-8F6E-50795EFF4419}C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
    FirewallRules: [{0ECD3F9F-6920-4648-8563-33D61471BD64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
    FirewallRules: [{C404A64D-4816-4FD1-BB2C-75EF6FFA0F54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
    FirewallRules: [{9A7E3A3F-348D-4C76-989F-FE8A686ED5A8}] => (Block) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [{CD750997-7273-48F2-8CA1-81CAC47E0B40}] => (Block) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{4AB01451-7B36-4FC6-9FFC-EF63D2055A2A}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{28A5F0AE-36BA-4D85-8B59-21BF61F762BA}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [{29F39C1C-8700-4351-B74F-EE32BEB0A80C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{60754CC7-2671-4C21-AEB1-390BFC232435}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{DFC70AC3-12EB-4D7A-8876-65822C86C64F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{5247466D-4DDC-4127-9512-08BC3B1CCDA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{2D2A8444-A5F1-405A-90E3-0795CBAE949B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{49A6075A-BC38-4762-8805-67BBA59BB1F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{2D2EA61F-F4F8-4E59-B1F2-09ED6F0D940A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{D542E109-6B0A-4027-A579-EA9E51322B78}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{B9FD509F-542D-48AA-B960-0B3634D1B1B3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{D6CD9F7B-6F14-426A-9B4E-3289A63B4E69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka 2\engine\Magicka2.exe
    FirewallRules: [{BE6F2DF3-933C-4C81-811D-428BCE328393}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka 2\engine\Magicka2.exe
    FirewallRules: [UDP Query User{188442E6-91AB-4FD6-9FBF-CE31D6996C6C}C:\program files\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_92\bin\javaw.exe
    FirewallRules: [TCP Query User{359C51DA-7834-4FCB-81D2-F8B588778C62}C:\program files\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_92\bin\javaw.exe
    FirewallRules: [UDP Query User{59720194-978E-4C8F-BF83-62C4F0946683}C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
    FirewallRules: [TCP Query User{F56A6D76-B3E2-4B5F-8475-989BFF0C3777}C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
    FirewallRules: [{24C91BDA-5DF3-4E29-8ABA-295C33BBDBE4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chronicle\Chronicle.exe
    FirewallRules: [{FF7F79D0-0F1B-45C9-966E-1469CEF1B155}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chronicle\Chronicle.exe
    FirewallRules: [UDP Query User{BCC43D6A-1C9B-43E6-B2C7-D8421FB125AE}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
    FirewallRules: [TCP Query User{ED0291AF-E1EE-4684-A183-7B1A27D6B643}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
    FirewallRules: [UDP Query User{46681C6E-7546-4B52-9881-DFD7CD62C13C}C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{26898491-322A-4021-A5CB-5B68E66D527C}C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe
    FirewallRules: [{E46F1158-D4F7-4661-B8E4-7F82EB339AED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Instant Dungeon!\bin\instantdungeon.exe
    FirewallRules: [{6A4094A5-7975-42FB-ABAE-A9B901BED62C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Instant Dungeon!\bin\instantdungeon.exe
    FirewallRules: [{4D6F1C54-98D1-4244-8FE9-C8B3450FEA17}] => (Block) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
    FirewallRules: [{EBD60850-2F12-4A3F-8851-6E6023FC3533}] => (Block) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{52AD9C15-A3FA-4A6F-AD22-5AB5AD78ED1B}C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{ADFCA11F-2BAD-4186-8B08-C23937F2AD68}C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
    FirewallRules: [{A2658393-E8F5-43A2-B9C8-E4F488D9ECD8}] => (Block) C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe
    FirewallRules: [{41BCD1F8-E3D2-46D6-B537-DA31A59765BE}] => (Block) C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe
    FirewallRules: [UDP Query User{6CEDB2A2-B395-4FB5-A541-D251F86790D4}C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe] => (Allow) C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe
    FirewallRules: [TCP Query User{E0F566F5-A9FB-4653-8204-DB4204997963}C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe] => (Allow) C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe
    FirewallRules: [{494A8809-FF61-4B6A-A791-88C34A947BE5}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{B83D9B01-F72E-4BF2-8F68-D7432F3C39DC}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{D545C17C-5402-493E-935B-AC64AB4D52B8}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{9480CDA7-FCCA-442F-B64F-7A26353822DD}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{AA448F59-2A6E-4B72-88E6-DCDAD5D93C96}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{BE9B94E6-1C8B-4AE6-AEF2-93AF6A1E7DDF}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{269D48B0-D1F5-49EC-8A33-B1451EAE405A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{816FBEFF-133D-44BE-B774-5EA783E12338}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{51DB5B1F-4FA2-430B-B950-ABFF94497918}] => (Block) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
    FirewallRules: [{674D7293-C5B3-4F41-B0B6-0F4EB035369F}] => (Block) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{95CBE8EC-B639-4D1E-9D18-93A14255D4B6}C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{A07818E0-E64C-4E2E-9C34-338B497263DB}C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
    FirewallRules: [{F3B1EA0F-4E33-41BD-BCD5-7CE2F7E57C5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{912A511B-5519-4638-8882-FDD307526D99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{F2478B16-823C-4695-A153-605CA44DE3F2}] => (Block) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
    FirewallRules: [{71EE9503-AC48-4AFE-8925-5C6AD3796D2B}] => (Block) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{081322BB-BB0E-44A5-88D5-8E9D19FBEBF0}C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{8ADC0EEE-C5C2-4C4A-8A74-79D021EF61EB}C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
    FirewallRules: [{352BE075-7FD9-4527-827F-E2EE783DF1C7}] => (Block) C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe
    FirewallRules: [{CB6FC3CC-BD50-4FB4-861B-3B24B8ACD07E}] => (Block) C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe
    FirewallRules: [UDP Query User{6ADC5327-3C73-4276-8B6D-D53992B89050}C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe
    FirewallRules: [TCP Query User{7925AC55-E7CF-4B89-BF00-CD995D07FBA8}C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe
    FirewallRules: [{F54E3BA1-977F-47A3-841E-F1DDD2C75182}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Project Zomboid Dedicated Server\ProjectZomboid64.exe
    FirewallRules: [{73B047D1-17F7-4C37-9483-C76F5D068079}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Project Zomboid Dedicated Server\ProjectZomboid64.exe
    FirewallRules: [{65D6F146-C366-46B6-BAD0-DDE08AF3DE1E}] => (Block) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [{D9322CBA-8D58-465E-8B5F-05FA60B33771}] => (Block) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [UDP Query User{F9C986AE-486B-41DE-8F6A-A8348D2C0928}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [TCP Query User{00FA93B1-E68C-4973-9F4D-B5C173A6A2B6}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [{3F295F88-8B08-47E6-83FC-F2575163C25F}] => (Block) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
    FirewallRules: [{BD8E1259-078B-4975-AD7E-F969E51D63D6}] => (Block) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
    FirewallRules: [UDP Query User{8455F34D-B2CC-4D6D-8B19-29108D2BFDB6}C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
    FirewallRules: [TCP Query User{F31558B0-C735-4AD6-B43D-A615C935DAC4}C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
    FirewallRules: [{E342A7CE-03FF-4A79-9595-D53277A0CA61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
    FirewallRules: [{6348AD98-9D24-4CCD-A6FA-30C2DB5719B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
    FirewallRules: [{017255D7-371F-447E-98EC-B31BCBF27F10}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid32.exe
    FirewallRules: [{A2BB8799-0C5E-4D3F-AAFD-EE2D3096F390}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid32.exe
    FirewallRules: [{1CBCAEAF-B9A0-4DEA-AFE9-105CA90D5CA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win64\UDK.exe
    FirewallRules: [{B7F79E19-6AAB-48E1-A110-572E700FF9E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win64\UDK.exe
    FirewallRules: [{A4B5A2B4-6B6E-41CE-9CDF-D1003D5F086B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win32\UDK.exe
    FirewallRules: [{6496FE8F-E784-4821-A737-903618217E73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win32\UDK.exe
    FirewallRules: [{59874DFF-6F70-410E-8D5A-A9810FCFC380}] => (Block) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
    FirewallRules: [{1AA9AA47-E317-41BF-BB36-1BA3728CEC37}] => (Block) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{81FC4DD7-08C9-42BE-80E5-CB7DC04E3BDA}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{A23E57CA-D3CD-4BA4-AF9E-C9F0B2E1B2AC}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
    FirewallRules: [{96EA9B7F-37E6-4782-8CA8-BAA1AF9F48AC}] => (Block) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
    FirewallRules: [{807DA272-445C-431C-BC8E-634FC7612603}] => (Block) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{13AABE66-5512-4930-BDEA-B848773EAB8C}C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{AD8E3720-CBF6-4D0F-A75F-2995C206DABA}C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{1377C921-1551-41D0-A0E3-8455F8E5D82A}C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{944E90ED-69C5-4D81-809A-D90ADBFDEC1A}C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
    FirewallRules: [{8675C87C-B63C-4192-A4CB-D13B9CBB0C26}] => (Block) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
    FirewallRules: [{EA989A95-E165-4470-AB22-FD3FF12A0CA6}] => (Block) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{FDC982AB-D698-4E02-A968-1BB314FA19FF}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{524C20EB-D0CF-48BF-AABC-02C5B02FD43D}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{8656E366-401C-4BF8-9F5D-C6DDBDB652B5}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
    FirewallRules: [TCP Query User{BF5163AA-8F7B-4A8F-B164-F05E0D9F4325}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
    FirewallRules: [{976BB0F0-2C25-4219-8CC1-AC87AFAB4BD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
    FirewallRules: [{8FAB2DE4-1381-46C8-AB53-5231A79CD049}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
    FirewallRules: [{2522A6C2-24F5-4BC2-B689-72F34F42DEB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exe
    FirewallRules: [{65E0B3F6-53F9-49A1-BB09-ABC6E7BB2572}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exe
    FirewallRules: [{F1151460-4146-4DA8-9BEB-8A0F9A8D3EB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
    FirewallRules: [{2FA8444E-8EAC-4022-8B2D-83C0252A50AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
    FirewallRules: [{8DFCC7B1-11BE-42C3-9181-405BEF2E59BB}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{2C17D8D6-BD18-448A-9881-B5C98BEEA43F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{049D419A-5EE0-43CD-8B30-D64DBD4DC913}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{04E47672-E680-4B25-8FE7-4A04B0173351}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{8B7B1417-D1E6-4090-BF96-26DD21B827C5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{F6F21453-4FCC-44E4-A913-A437198DB298}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guild of Dungeoneering\dungeoneering.exe
    FirewallRules: [{1E20A117-C8FF-4D38-84AA-28FA1446DB3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guild of Dungeoneering\dungeoneering.exe
    FirewallRules: [UDP Query User{772C82F0-4B50-486D-90C7-AD79BE648CEC}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
    FirewallRules: [TCP Query User{967A207F-DF38-497D-A895-192552EAAD6F}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
    FirewallRules: [{D77DAA36-B60F-4A8B-B657-C48998D0C874}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
    FirewallRules: [{E0D978CE-DE8F-447D-A57C-1E39DA268050}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
    FirewallRules: [UDP Query User{01C7274E-0635-4208-9FCC-3F63E2E1A206}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{CACBCDF0-CD76-4343-BD4F-F2E2448F19B0}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{ED7ABC0D-1986-4344-944D-6CD80A5F7D2A}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
    FirewallRules: [TCP Query User{8BD62EB2-2767-4E85-BD5B-E1C503C8D26F}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
    FirewallRules: [{AAFEAE83-176B-4DAE-BAAF-3669CFCDE641}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
    FirewallRules: [{B7E68FD3-4B05-4FB4-A1C7-224D5F68E659}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
    FirewallRules: [UDP Query User{5A68E45B-EA81-42E3-B1E0-58F3B6687A32}C:\users\eskew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eskew\appdata\roaming\spotify\spotify.exe
    FirewallRules: [TCP Query User{F825687C-606F-4337-8168-8ED6B8B26215}C:\users\eskew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eskew\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{B84C352C-B84B-4D2B-8016-1020298093F7}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
    FirewallRules: [{67BA0047-F06F-40FB-A906-E5906FC95491}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{87AF74AA-98E1-4353-A586-6D587C6F007A}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{4B6E2F9E-E771-4D5B-8A94-BFFE2FC34EF8}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
    FirewallRules: [{4FCF659D-0841-4328-BEC6-35ED3C97B573}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [{629607DD-9943-4E04-B2E2-A08995B48806}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{DA340BD8-E5FA-4B41-AF89-6B0253C3170B}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{D8164110-2C99-4764-AF41-672530A922CF}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [{46C46BD3-3F59-4A7F-9F90-1602B16816B8}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
    FirewallRules: [{AC1D6983-7F93-4927-A845-ECAF176743F0}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{34C7F983-1357-402C-9974-3D865609407F}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{1D63E604-3DA5-43DA-AECF-341C4EC891BC}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
    FirewallRules: [{F721C625-7474-4BB8-8B5F-A0EE4691FA73}] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [{6B5AEF11-CC9A-41A1-ABB2-848AC93F6122}] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [UDP Query User{C80D652A-E93E-4A41-9411-157BF4ABCE90}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [TCP Query User{2B8E5443-6653-4545-B270-2B51D2869EA7}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [{1BA8A699-5B88-4978-8AF3-FCF1F9BDB76D}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [{53D157D0-26F1-4E94-9257-19E4FA19E473}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [UDP Query User{F2B2638D-94E1-4CC4-AF09-7E709D2E2389}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [TCP Query User{00BC6A53-4242-4729-AA2D-1D7BABCAD5C3}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [{27D79B84-02C7-4437-AE15-CBE082E434EE}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
    FirewallRules: [{E4290456-2BC2-4788-9088-C018AD3D1BE2}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{F0D85276-DF98-4F6E-9E69-D4AEB2E5BF61}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{A5444306-1310-46EA-A7C3-0646570DAF84}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
    FirewallRules: [{158F2EA5-0CAA-4FE4-A7FD-E3935B9AB210}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
    FirewallRules: [{488C75C1-CEF0-4C31-BB23-38EFE3E30A19}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{6250938F-B39B-4D6F-93F2-A26254172F13}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{DCA7BC27-A9E3-494B-9407-6D9646E6853E}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
    FirewallRules: [{29299EB9-772E-4AA0-B7B3-CF0BBBFBC6F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [{E8BC3962-FF3A-4C29-8E8C-A647457395EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{5B5BE4D9-49C9-460C-955D-04D16E32A449}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{B32BA7DB-F950-408D-85E8-8BB49A0FD449}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{8690A699-7D5D-43DE-A6C7-8AC0594D15D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{D1962BC6-CC32-4E29-B34E-7A86FC506C43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{7CA8FE1E-467B-46ED-8E3A-AC021D68AB5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [{2B7B1E43-57CB-4430-8AAD-50D8C7C8864F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{ACDDDED2-BC66-4815-8161-061FCC1DF6A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{5BD6366A-3229-4030-B19A-123547EA5A80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{729F005F-EAF5-4FBB-96BA-3F00DB9851AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{3650BB56-943A-4CF2-A240-EB93BC8ECE5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [UDP Query User{65366372-1E9B-4539-B442-FC49320C638F}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{45751F75-4EDA-4C6C-BB13-AB717EE0FAE7}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
    FirewallRules: [{A5BAE59E-379B-4B80-9B03-2C3767478350}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [{4C6E0365-8C02-4E15-88AD-BA95DB934FDD}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [{27CFACCD-EB72-42A5-BEFC-6D989DC093FF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    FirewallRules: [{1500E4C5-F476-4CE0-B883-2EA6DBE4DBB5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    FirewallRules: [{6779208D-6A39-4499-8659-2B0E1498D37C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
    FirewallRules: [{D3F1C6F7-0111-4C06-8C3E-AFC1CA6D6158}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
    FirewallRules: [{66D10DB5-63FB-4D50-A008-B7327054331C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    FirewallRules: [{56FD8CF5-8094-465B-87C4-FA75C0150560}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    FirewallRules: [{79A96380-F239-4CEE-ABD0-1C89E79F0221}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
    FirewallRules: [{433084C9-E939-476F-ABF6-2D0583E79677}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
    FirewallRules: [{2CB9C27D-2DEB-4A43-A342-2DC801CA7735}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{07EEE626-4104-4676-9436-F9E7BB37E923}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{2C1189AB-CD11-48AC-87CF-74E5E01C89EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
    FirewallRules: [{8F864BDF-864A-4684-BEE4-3D09CCB5CB9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
    FirewallRules: [UDP Query User{D2C756D5-3562-4E6B-918B-9E479E20FAA7}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
    FirewallRules: [TCP Query User{AABE563C-446A-496E-8929-9221C958C93B}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
    FirewallRules: [{FEA6925D-AFA8-49B0-ABB4-D9E4794A6164}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{3507BE52-5C14-49D0-A909-EE32B3C3E977}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{A277961D-320F-472E-B36B-3EC2F31CC8D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe
    FirewallRules: [{432A7438-1581-4137-8538-91E0327AF46D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe
    FirewallRules: [{D82CB721-3898-4FB9-810F-B45B4DF998DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pixel Piracy\PixelPiracy.exe
    FirewallRules: [{F0DDD9ED-4E46-4307-BFD1-080283040E1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pixel Piracy\PixelPiracy.exe
    FirewallRules: [{3F343D5E-B008-475B-9821-131ADF2D6A35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{9CC51CC6-9DC3-4703-A0D7-9C04692A7AF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{4309C819-29CF-4B4C-80E7-63C3009FB764}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
    FirewallRules: [{DED4B7DD-1D85-4D1E-AC6D-EF98E2346F2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
    FirewallRules: [UDP Query User{F798A0DF-0B91-47F7-94D8-E84C1042086F}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
    FirewallRules: [TCP Query User{488043AD-4F39-424C-94D4-1C019D8304DD}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
    FirewallRules: [UDP Query User{2FAD617D-53CE-44FA-925D-E9C95D1CDBBB}C:\users\eskew\appdata\local\roblox\versions\version-690117d1a88742de\robloxstudiobeta.exe] => (Allow) C:\users\eskew\appdata\local\roblox\versions\version-690117d1a88742de\robloxstudiobeta.exe
    FirewallRules: [TCP Query User{F76C0655-DAD5-4364-B571-3997BDB347AC}C:\users\eskew\appdata\local\roblox\versions\version-690117d1a88742de\robloxstudiobeta.exe] => (Allow) C:\users\eskew\appdata\local\roblox\versions\version-690117d1a88742de\robloxstudiobeta.exe
    FirewallRules: [{462EF32A-E6BF-4950-A180-2E09CD5A6FFA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
    FirewallRules: [{C939007C-0BB0-444A-804B-2D95F7F4C4FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
    FirewallRules: [UDP Query User{D33D09A6-5F14-4AA7-BD31-F617857BDDF3}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{B8814D91-C19A-4F4F-B2CD-58A9F8B841D8}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{0286963B-A98A-4472-826A-CB6369C2D57E}C:\users\eskew\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\eskew\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
    FirewallRules: [TCP Query User{CDC8D4F5-881E-4AD4-B065-025FBDE2A9F7}C:\users\eskew\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\eskew\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
    FirewallRules: [{882F7DE9-1497-4072-A3B5-16EB65D0B829}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
    FirewallRules: [{CF840A47-0F05-4B12-A778-ADC1DF4FB0AF}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
    FirewallRules: [{727D7F74-91DA-4FF8-97AF-BADA1180BDE2}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
    FirewallRules: [{7CAAF848-F6EE-4258-8FFB-6ECCA7F4B507}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
    FirewallRules: [{6F94D2BD-B45F-4583-A572-0AF2554ACC01}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
    FirewallRules: [{7F088BD1-9B29-4A58-92CA-F03E7276E7F8}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
    FirewallRules: [{5D656651-A5F4-4DD5-828A-177F9F6A1B5F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
    FirewallRules: [{4DF20550-9CC7-448E-9B74-BF585DCAFF97}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
    FirewallRules: [{4EF1DFA3-FFCE-428A-91AD-5E053536590C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{D6617688-08F1-4418-BE3C-189FA444ECAF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{D193AB41-BEDC-4A4F-9FBB-4DFCF9CA5B3E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
    FirewallRules: [{24AE5643-3A77-4A25-BBE3-59DDC27381BD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
    FirewallRules: [UDP Query User{77A80E8D-D61E-4B30-8A99-98DADBE175CA}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
    FirewallRules: [TCP Query User{C63926D2-9E37-4A28-86D7-0978E8B10407}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
    FirewallRules: [UDP Query User{3C77E4B7-A7E6-4830-9D1A-ED7DBDC08F99}C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
    FirewallRules: [TCP Query User{C3748463-D552-4DDA-B96B-9341DDDD68FF}C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
    FirewallRules: [{66ADD3EA-8898-45A7-8C4A-37D220A2493C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{39E9DAA7-CA0D-46F7-82F9-52C87EADFC52}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [UDP Query User{39E0FA79-E8CD-458C-8465-501D7E1CC57C}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
    FirewallRules: [TCP Query User{28A2EE4A-BACA-4CB1-BDCF-34E05BBC903B}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
    FirewallRules: [{D0DE57AA-49BE-4D79-87E8-0D454849E613}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
    FirewallRules: [{9FAFCB57-0466-4B12-98AF-4D75DFC786FB}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
    FirewallRules: [{18E91F99-ADE6-4911-AF6D-68FBD305C95F}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
    FirewallRules: [{AE970FF9-00D9-4A7D-A6DD-577AF4C674AD}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
    FirewallRules: [{AD8284F2-1465-4FF1-9183-5A8DAE3D21D7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [{904805D9-1590-409F-B5E4-DC34F955CEF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [UDP Query User{2EF22253-4F41-423E-9ADD-5228B3DEE986}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
    FirewallRules: [TCP Query User{E6CEF907-F362-4DEF-B0AE-4084F2ACFDF4}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
    FirewallRules: [UDP Query User{2889BC7D-3D7D-4DF4-847C-6E3240862F9C}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [TCP Query User{C79B9B61-7D90-4315-AF0A-EA145431ADD4}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [{E085033A-29D8-4044-B9E4-D8DF3A8F5EF4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [{28F48236-2208-4DA7-A341-E92FD61276E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [UDP Query User{BAC210B7-3E2B-43E6-A250-04D8C239DFE8}C:\users\eskew\kag-beta\kag.exe] => (Allow) C:\users\eskew\kag-beta\kag.exe
    FirewallRules: [TCP Query User{0680FB6D-6A62-4D26-9A12-136CCA085BCA}C:\users\eskew\kag-beta\kag.exe] => (Allow) C:\users\eskew\kag-beta\kag.exe
    FirewallRules: [{C6904E55-EFE8-4D2C-9FD9-5E1B5C042FC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
    FirewallRules: [{BF130B46-151A-4DC0-B392-2EB7AE3DBFC2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
    FirewallRules: [{BC82BB4D-A707-4F7D-BE6E-B9EA8ED115A2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [{6ABC15CC-2EB5-4D08-AA67-CE42220BC680}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [{E6912596-3290-445E-8081-B3EE26A2C166}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{BEEC0F47-12EA-4686-BD92-244E61561063}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{9040F65D-DDB4-4A49-9E62-CF2169B038ED}] => (Allow) C:\Windows\SysWOW64\javaws.exe
    FirewallRules: [{2342D790-2291-4C84-AADA-4600B996237B}] => (Allow) C:\Windows\SysWOW64\javaws.exe
    FirewallRules: [{4ED38164-8E3A-4476-9749-EC99E02116E9}] => (Allow) C:\Windows\SysWOW64\javaws.exe
    FirewallRules: [{D058ED8A-EA75-4572-BA8E-A62AA63D1094}] => (Allow) C:\Windows\SysWOW64\javaws.exe
    FirewallRules: [{97BBAA5D-0269-4B91-ACBA-BBEAB69C2329}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
    FirewallRules: [{33C85BAF-A7B1-4C87-90AE-698F2B615A2D}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
    FirewallRules: [{11AD28E4-D36A-4376-85EC-BCF766AD8D0B}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
    FirewallRules: [{31B102E3-3AE7-413E-A4C9-DC0F172F2481}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
    FirewallRules: [{CD9B8F7D-7219-47AC-9BF9-858D2694796F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
    FirewallRules: [{64494BDA-DA5F-4748-8A72-B6A6DFAB236C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
    FirewallRules: [{E4350CED-0E8F-401E-90BB-F6ADA010E7A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{C94CEC50-5384-4DC9-B591-D1CA5BF899A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [UDP Query User{9DEBCF8E-CB10-4E1C-A945-9B42914445DF}C:\program files (x86)\infinitecrisis\infinitecrisis.exe] => (Allow) C:\program files (x86)\infinitecrisis\infinitecrisis.exe
    FirewallRules: [TCP Query User{D270D2FE-0A71-47DA-86A3-158AE2D62A69}C:\program files (x86)\infinitecrisis\infinitecrisis.exe] => (Allow) C:\program files (x86)\infinitecrisis\infinitecrisis.exe
    FirewallRules: [{02A55193-E5EE-47A2-AD1C-5DD374A6CB92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{37EBD480-83EF-4726-89B4-53399C462615}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{FF9E5B5E-BC43-4973-ABBD-57806AC0E585}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{71F225AD-A723-4E86-860A-E4321EF912B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{359F67E8-20E4-4FA8-844B-48F160AD2ED0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
    FirewallRules: [{73977880-CBB6-49D8-AEB4-70073C700CF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
    FirewallRules: [{C8A6C7F9-121F-4CB5-9004-5072EBBE8A06}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{29C5D8D9-E872-4ABD-89F7-3C0B681FB7A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{29B60F48-08E2-4EEB-BCA3-582840880D34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
    FirewallRules: [{9F4E5BFB-647E-4D69-855E-F5480E9DC3E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
    FirewallRules: [{70D5AA57-7468-4358-A7AF-486E39963D04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{F49F843E-74EF-4EFF-8A96-D2502B328762}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [UDP Query User{CB59A18A-514C-460F-BDB9-C1DE251886D9}C:\users\eskew\desktop\new folder\7 days to die alpha 4 x86 cracked\7daystodie.exe] => (Block) C:\users\eskew\desktop\new folder\7 days to die alpha 4 x86 cracked\7daystodie.exe
    FirewallRules: [TCP Query User{1502BABB-ACFF-4CC7-BD17-58F9B6B0A994}C:\users\eskew\desktop\new folder\7 days to die alpha 4 x86 cracked\7daystodie.exe] => (Block) C:\users\eskew\desktop\new folder\7 days to die alpha 4 x86 cracked\7daystodie.exe
    FirewallRules: [{51AAC650-7E08-465C-8A0F-A05F410DE9EF}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{B2090C5B-884C-4524-9100-590098663059}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{51F3D22E-20A8-43E6-BC71-C17CFA6F2C7C}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{6FC1C550-C981-455E-9FF9-50B9C5A50702}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{CBB40C8D-B530-4778-BBD2-64EB2FB82ED3}] => (Allow) LPort=2869
    FirewallRules: [{FF47D2AC-0BAA-4867-A12D-80A78EC37C62}] => (Allow) LPort=1900
    FirewallRules: [{129D72B3-0F31-468A-80E0-5EA1CC86329F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{93FF6E1B-342B-4E62-BB25-B86A00B67734}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{4D92535A-1C04-41B4-86DD-246E237CCE60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DC Universe Online\LaunchPad.exe
    FirewallRules: [{71FCEEF0-CCB1-4803-9964-C54391C8A33E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DC Universe Online\LaunchPad.exe
    FirewallRules: [{5A6E21B4-6E1D-419B-84C7-37004433CACF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\ameskew\garrysmod\hl2.exe
    FirewallRules: [{8753C357-7DAC-4B01-8C16-2EF867425495}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\ameskew\garrysmod\hl2.exe
    FirewallRules: [{640DF447-7CF4-48B2-A8CE-136C7BBF167F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Home\home-win-eng.exe
    FirewallRules: [{AF3D6A11-6D36-4C03-B0B1-BE6733031AD2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Home\home-win-eng.exe
    FirewallRules: [{9687C0E9-F850-4769-885B-9B33BDB84787}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
    FirewallRules: [{BC5091A9-1BDD-493C-B12C-4D6A55E7F0A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
    FirewallRules: [{C28C3756-0EC9-4EDF-9A93-8CF13B3288EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
    FirewallRules: [{A2784F60-B248-4325-A22C-838E8E2C97C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
    FirewallRules: [{993FD205-6FF2-4E8F-AE95-DB4C62B57262}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
    FirewallRules: [{01F9C409-73DD-47E3-BE35-55401391B2CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
    FirewallRules: [{0BE90592-5C08-4185-A7BC-66C69A50FA18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
    FirewallRules: [{300544C8-A45F-473C-BF6E-B69106BBD518}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
    FirewallRules: [TCP Query User{7C9DBE65-76D8-4D25-B19D-4E0DA12E989E}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe
    FirewallRules: [UDP Query User{57CAD985-C0DA-4602-B307-2FA8ECB1FEFB}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe
    FirewallRules: [{083275FC-DF56-4BF0-B8F6-5B3295282F65}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{3727DC60-5123-4E27-9B81-B811DA5827D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{377DC8E0-99F1-450D-95DC-A1553B82A764}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{6396D7ED-D40E-4F8C-93D7-225ADDB1B822}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{2BDD0805-B813-49E8-8E94-690694F6F5B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeons and Dragons Online\TurbineInvoker.exe
    FirewallRules: [{1DC97F4B-75B6-4B01-89A6-4A3269CDF404}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeons and Dragons Online\TurbineInvoker.exe
    FirewallRules: [TCP Query User{8DC8EB89-D591-42C6-9028-549F66ABAA96}C:\users\eskew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eskew\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{A962C5C5-5160-45B6-84C4-CC9F2E1EDD87}C:\users\eskew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eskew\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{9FEFA130-AB38-4007-B567-B490FE298519}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\zanarisfate\garrysmod\hl2.exe
    FirewallRules: [{936DCAD8-D74E-48B4-95C7-49D68FFE5871}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\zanarisfate\garrysmod\hl2.exe
    FirewallRules: [{95088223-0492-4E09-9E66-5889E0CD9F98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MapleStory\nxsteam.exe
    FirewallRules: [{47B7A179-1C07-4B43-BCAD-96C16405A7F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MapleStory\nxsteam.exe
    FirewallRules: [TCP Query User{9D9C0F06-C16E-454F-A09F-2E0968EF1035}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{C696358D-8365-4F73-A157-117132A21691}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{15BA5031-0EE7-4A51-8E30-9ED70C2311FD}] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{1EB996D9-290A-41D4-9B6C-DDAE52609207}] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{B3B02E27-19A0-4D92-86B0-93BA62E08CCC}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{EF42FCEB-0A56-4D0D-BEAC-D500887EC822}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{CD219F44-BE23-408F-900A-9115E87CBA45}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
    FirewallRules: [{96EDE56A-911A-4F91-A032-87845EB91380}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
    FirewallRules: [{0CD0A5BA-26F9-4638-9CFA-F03A45B84F15}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{47CBF0FC-517B-4924-9A74-DE2EEC586D90}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{C764C2F2-16D8-4FB2-87C9-295876EBF6B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
    FirewallRules: [{2E48FB1D-D9CB-471E-9D18-E388E2A598B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
    FirewallRules: [{6EAB85AA-CA27-42BC-9191-22106EDA37B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
    FirewallRules: [{321ECD84-8543-40C8-8F55-15CD066F8421}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
    FirewallRules: [TCP Query User{82070E4A-4BCB-4769-959F-B8BF5948BAB4}C:\program files (x86)\steam\steamapps\zanarisfate\garrysmod\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\zanarisfate\garrysmod\hl2.exe
    FirewallRules: [UDP Query User{B6542556-E585-44B3-9DF4-85F55400BA1D}C:\program files (x86)\steam\steamapps\zanarisfate\garrysmod\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\zanarisfate\garrysmod\hl2.exe
    FirewallRules: [{F7954F26-32D2-4584-9FF3-25CDEF9E8DE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
    FirewallRules: [{767E7EA8-F930-480F-A4CD-EB530BB5055F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
    FirewallRules: [TCP Query User{A4C152BC-420C-404B-8829-B398C76BCA76}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{D7080420-50A9-487C-85DF-DFC60308863B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
    FirewallRules: [TCP Query User{046BEE4B-CA80-4EB5-ABCF-970030F376B7}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
    FirewallRules: [UDP Query User{53AF9705-1AAF-4974-B4C7-F2B2F52A8FF4}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
    FirewallRules: [{6F2FF07B-F3B5-4A0C-9EB7-63D4FD087684}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
    FirewallRules: [{AD6FFDF5-033A-48B0-A836-469824A8B338}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
    FirewallRules: [TCP Query User{E2C52AB1-8542-4A96-A3AC-FC3F03944A00}C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
    FirewallRules: [UDP Query User{FC211E3A-F862-4C68-8259-27557F111AFB}C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
    FirewallRules: [{CD6FDFD1-96E4-40A8-B2B2-8B032EAF5AA4}] => (Block) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
    FirewallRules: [{E441DB00-E00C-4923-B88C-35738BA3F3ED}] => (Block) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
    FirewallRules: [TCP Query User{D4B16E9D-FF24-41B5-846A-AC99347D4E68}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
    FirewallRules: [UDP Query User{1D9CBAD3-8477-4942-A73B-1FF6901C1CF0}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
    FirewallRules: [{3918B90C-99CA-4628-9484-C169043639AD}] => (Block) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
    FirewallRules: [{5C5CD840-490C-4C67-B883-1DB3778C4531}] => (Block) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
    FirewallRules: [TCP Query User{47E45C5A-FCB5-4B73-84A8-C5EB0DD971A9}C:\users\eskew\kag\kag.exe] => (Allow) C:\users\eskew\kag\kag.exe
    FirewallRules: [UDP Query User{7F0E2DF6-2F6B-41F8-AFB6-D42631E20861}C:\users\eskew\kag\kag.exe] => (Allow) C:\users\eskew\kag\kag.exe
    FirewallRules: [{110EDBBB-525D-4468-814B-6B0B00772DA0}] => (Block) C:\users\eskew\kag\kag.exe
    FirewallRules: [{F75C98CF-7E5F-4FFD-A505-94F1C490C0C8}] => (Block) C:\users\eskew\kag\kag.exe
    FirewallRules: [TCP Query User{777DE7FB-0F6F-4F84-93DC-AC58E79EEF75}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [UDP Query User{E32A2249-BCAE-4A1C-827E-F9E1820CED1F}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [{D96E8E8B-22F0-440B-9B89-909BB88390C6}] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [{A5CE8234-D717-4139-AE85-C5A216B242CD}] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [TCP Query User{48CC05DC-88E5-4EC9-BBDE-DBA95A1EE8E9}C:\users\eskew\appdata\local\temp\iesearchprovider.exe] => (Allow) C:\users\eskew\appdata\local\temp\iesearchprovider.exe
    FirewallRules: [UDP Query User{A39E0028-C020-4D11-823F-A2246A015217}C:\users\eskew\appdata\local\temp\iesearchprovider.exe] => (Allow) C:\users\eskew\appdata\local\temp\iesearchprovider.exe
    FirewallRules: [{3DBFB9A2-0B64-432D-ACCF-DF7250C81928}] => (Block) C:\users\eskew\appdata\local\temp\iesearchprovider.exe
    FirewallRules: [{BABC2522-8848-4B85-A072-331E19A5E6EA}] => (Block) C:\users\eskew\appdata\local\temp\iesearchprovider.exe
    FirewallRules: [{4B523AF8-B458-4B4B-A1CF-56A09F7F37B1}] => (Allow) C:\Windows\System32\dmwu.exe
    FirewallRules: [{1F50498D-6DF7-4161-8296-847C6860E628}] => (Allow) C:\Windows\System32\dmwu.exe
    FirewallRules: [{1A109CF0-C1CF-4BE1-B517-13F1649BC3D0}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
    FirewallRules: [{FDA8BD91-761F-4781-9E30-083A725A9298}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
    FirewallRules: [{BC9ECEFB-42A5-40DA-87DB-DF5902E378E5}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
    FirewallRules: [{52304CCC-6D43-418E-8EEA-97187E7F0BD1}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
    FirewallRules: [{E512AB59-EF58-4107-90F9-E5113CC1CA06}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
    FirewallRules: [{F06EFD6C-40F0-45E1-8CD6-01B44670C6DF}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
    FirewallRules: [{6DE3B1AE-7E58-4C88-98C2-37D8F77B28C3}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
    FirewallRules: [{E5DAB6BD-8C91-4244-A06B-6357B33E0113}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
    FirewallRules: [{83FD3ADD-55AF-4231-AAB0-FE797016898B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{806B84E3-BDCC-447E-854C-43D815F14C0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{6C2DD3D1-7358-42FC-AFBC-B4F1098AFD02}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
    FirewallRules: [{2F482D6E-6530-4002-9A8C-495541F63D19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
    FirewallRules: [TCP Query User{EDFC7DAC-C04B-4085-A59A-9D3EF17A06BB}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{D839CE73-F5D4-4B1E-8D35-E27787730FA2}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
    FirewallRules: [{2D175AD6-54C0-49C8-9853-8452FCC8C7FC}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe
    FirewallRules: [{73E103A8-4C47-4FEC-9B2C-69832C502F5B}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
    FirewallRules: [{9B5D6FC9-C1DE-4F53-ADCB-500161E895C3}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
    FirewallRules: [{C0D80DD9-23EF-428F-B54D-8135D23DB234}] => (Allow) LPort=26675
    FirewallRules: [{31430884-622E-4F15-862A-D4FD0E59D381}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
    FirewallRules: [{C1AE8BC7-AC94-4D7F-8CED-F742E79218F4}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
    FirewallRules: [{213E4368-D6D1-4513-AA0A-469899180459}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
    FirewallRules: [{E3DB1464-5CC6-447C-9E03-CA33847D412C}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
    FirewallRules: [TCP Query User{D28447DF-6261-4EC3-95E5-89DA95681564}C:\users\eskew\desktop\survivers_beta_3.exe] => (Allow) C:\users\eskew\desktop\survivers_beta_3.exe
    FirewallRules: [UDP Query User{310A90A6-C50E-4F2B-9027-F6951B655402}C:\users\eskew\desktop\survivers_beta_3.exe] => (Allow) C:\users\eskew\desktop\survivers_beta_3.exe
    FirewallRules: [{E39CC0DD-AA06-4CEB-8450-846B1A4036C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
    FirewallRules: [{37B52915-69F5-44F5-ABFD-3F37D434B467}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
    FirewallRules: [{093C521F-CFE7-4C88-BD14-D680D7339E82}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
    FirewallRules: [{7DBADAFE-67A0-4998-A6FA-CE40540BE374}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
    FirewallRules: [TCP Query User{C8AF1959-9DA9-4939-8115-0485E35E7BB7}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
    FirewallRules: [UDP Query User{5E0C3FA3-52B0-4A86-AAA5-45ECC89A67CB}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
    FirewallRules: [{328496CF-BC92-47B8-A144-B5DF314FE6A6}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
    FirewallRules: [TCP Query User{4B43DE08-66D7-416D-B426-C778CFAA08B8}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
    FirewallRules: [UDP Query User{78285864-8AA8-4209-B8D8-43C8CA8912BE}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
    FirewallRules: [{5DDA64F1-C0FD-420A-B5BE-1EDB6DF57BB4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
    FirewallRules: [{1BF002F2-DA63-4280-A638-A172917A30C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
    FirewallRules: [{611835FA-5AC0-4112-8FBD-448C7C490847}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{F0B0B6C7-285D-4FD0-BBFF-0D6BB0D27ABA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{4DE1DD98-CC2E-4580-A2FA-3D8B682F4830}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\Support\EA Help\Electronic_Arts_Technical_Support.htm
    FirewallRules: [{8269D734-8C8C-4046-9E5D-73F621E6063B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\Support\EA Help\Electronic_Arts_Technical_Support.htm
    FirewallRules: [{F92511A4-2E20-4112-9901-E2C7B9031D2B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{C6022C15-594E-495E-821E-1157BEABE48B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{BF861A46-2CBD-4B97-A9C2-E01FC2F9F243}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{DF077FEF-4869-432D-9FDD-B9736B2DF8EB}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{61A07A10-1EBB-488F-B3D2-69CE6AB7F4F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVR\tools\bin\win32\vrmonitor.exe
    FirewallRules: [{3799B790-F732-4A49-A1AA-3A50B797D6DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVR\tools\bin\win32\vrmonitor.exe
    FirewallRules: [{CCAD66F7-A59A-41F3-8E10-7B12A5673A3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
    FirewallRules: [{3E2C9F2B-C3D2-476F-9DAC-8027BEE0DBC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
    FirewallRules: [TCP Query User{1B47E641-47BA-499D-BAFF-53DD031CA322}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{02379281-1F29-4308-B3E5-8C2EA930DE43}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{CEAC703F-D40B-4020-AD40-43DC8F31456C}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{A762FE3A-E748-4E8F-A98F-E9C554F52C09}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{924DD697-036B-4728-B608-3681C5BD759F}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{3012E076-7E16-4CC6-AE99-21AEED75287D}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
    FirewallRules: [{3E0C1AB2-408A-4113-8731-C3EE85B6669F}] => (Block) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
    FirewallRules: [{6495C69E-4EA2-4A69-A562-CD30B2373EF1}] => (Block) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
    FirewallRules: [{3CE3A341-CE20-4FB5-9DD2-C85A526F4C45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
    FirewallRules: [{FBF7281B-9B4C-43DC-86A5-345EAEAFD4F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
    FirewallRules: [TCP Query User{A08CF092-B184-4E9E-AE43-BD1DC728D816}C:\users\eskew\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eskew\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [UDP Query User{FE90E4CA-D4DE-4967-9364-53B71C5CA7A4}C:\users\eskew\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eskew\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [TCP Query User{A6C80422-1FCC-49D9-8839-75324392D386}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{0185A545-410D-418E-AFF2-487D0FE7EB84}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
    FirewallRules: [{A936083E-A622-4E34-88B2-3C13425C8E6A}] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
    FirewallRules: [{13D4AFEE-153A-4311-877A-8EAF5B7E42F7}] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{9530A9FE-C412-45E2-B702-EC17FF2B3B2C}C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe] => (Allow) C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe
    FirewallRules: [UDP Query User{7B481E2E-44A0-44E0-ABEB-D78FE954DE15}C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe] => (Allow) C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe
    FirewallRules: [{0EA9F534-5B93-47B5-AE38-2F926FA9CFB0}] => (Block) C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe
    FirewallRules: [{8AA3277B-1624-40BB-90E2-228E9F34FB32}] => (Block) C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe
    FirewallRules: [TCP Query User{1A13436D-371A-459F-842E-4A598E20EB96}C:\program files (x86)\byond\bin\byond.exe] => (Block) C:\program files (x86)\byond\bin\byond.exe
    FirewallRules: [UDP Query User{9FD3A9F0-8115-42EB-803C-D611D9134C4F}C:\program files (x86)\byond\bin\byond.exe] => (Block) C:\program files (x86)\byond\bin\byond.exe
    FirewallRules: [TCP Query User{76BFE78F-D568-4CD6-BFE5-50AAD968924D}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{FD1D51C9-F83C-474D-A63C-CAB983167A46}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{16D0F0C7-6BCD-4914-944E-24D95467AFBE}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{7BC23BB1-63A9-4D55-9702-F5F80932A4BE}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{5ACDF0F1-5F15-4592-8C7B-E236C95CEAEB}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{C55DB5CE-69EA-401C-838E-B28B80567369}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{8BE2B8EA-3340-4779-88F0-612727485676}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{6433ADF4-9B68-477B-81F6-37DC1733696D}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
    FirewallRules: [{6BC1FEF1-BA47-42B3-8A52-4095930A5933}] => (Block) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
    FirewallRules: [{77D257B5-3FC8-42C8-84BC-C4EF41497423}] => (Block) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
    FirewallRules: [{7F6B48A8-EF36-46B1-BEF4-3726EA54E549}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [{D661BF6A-E758-410B-9944-FCDBD7488B3C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [TCP Query User{28CBD98A-36BA-4DA2-8CD8-07C3D5A905BE}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
    FirewallRules: [UDP Query User{F6183F2D-26BF-4A62-A1D1-4B66E7DDC310}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
    FirewallRules: [{83C119E7-D9E7-4A8D-856D-8BBC6D092B4F}] => (Block) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
    FirewallRules: [{C6696BCF-8CB6-401E-BD20-E2F8880638C2}] => (Block) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
    FirewallRules: [TCP Query User{03B2B9A9-6FED-41C6-98D8-D69B89C88492}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{C20ACDD2-1CA4-4F52-95AB-F12E13118EEE}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
    FirewallRules: [{1E3057F5-5F42-4A50-BDBE-AA809D8F54C7}] => (Block) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
    FirewallRules: [{6B1DB875-BC7D-48D7-8019-D30FEFD92F3E}] => (Block) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{034FCA97-A6E8-4A7F-804E-6EEA00994CAC}C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
    FirewallRules: [UDP Query User{A58DE83D-0845-4EC9-B742-40C4EEBAE269}C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
    FirewallRules: [{9F138F0A-89C3-41B0-B034-3690769F1F5E}] => (Block) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
    FirewallRules: [{7E66B2DC-872A-475D-A95D-FB720C8BFF65}] => (Block) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
    FirewallRules: [{B7894C23-2B3D-4880-ADCA-3F6FCA06CF92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\launcher\launcher.exe
    FirewallRules: [{5D566D00-8D6A-454C-BDA2-7871469A75E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\launcher\launcher.exe
    FirewallRules: [{FF1994C2-A54A-40DB-ACCD-1C80D543ED60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
    FirewallRules: [{8711C185-5CA7-4A61-923A-8938ED44A268}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
    FirewallRules: [{124830E5-34BB-4774-ADEC-8FF810184F04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
    FirewallRules: [{BC911937-3D8F-4B9D-B50C-84DC62C6B311}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
    FirewallRules: [TCP Query User{E2960BA0-DD73-49B0-BC8E-7620904C6D9F}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
    FirewallRules: [UDP Query User{8CFA3EF6-4F36-41E1-834B-0CD2599F20EA}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
    FirewallRules: [{C9B81486-F4B0-4A08-B84B-61985E25A0E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BloonsTD5\BTD5-Win.exe
    FirewallRules: [{C7F50363-F863-403A-BB6B-56D998F41DC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BloonsTD5\BTD5-Win.exe
    FirewallRules: [{73F2F37D-AE2F-42BD-8B93-359065102788}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned_BE.exe
    FirewallRules: [{7039607E-2151-4471-A793-7605E713B9C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned_BE.exe
    FirewallRules: [TCP Query User{0D309EFF-B512-4318-A9F2-C7DEB29A160E}C:\program files (x86)\byond\bin\dreamdaemon.exe] => (Allow) C:\program files (x86)\byond\bin\dreamdaemon.exe
    FirewallRules: [UDP Query User{DF03DCBB-B6EF-46A3-B2B7-8FEEEBFD462C}C:\program files (x86)\byond\bin\dreamdaemon.exe] => (Allow) C:\program files (x86)\byond\bin\dreamdaemon.exe
    FirewallRules: [{6F34D1E9-7DE4-4953-8B8D-3BAD36CCC1EF}] => (Block) C:\program files (x86)\byond\bin\dreamdaemon.exe
    FirewallRules: [{81108999-338E-45F8-B960-60379E87F9DD}] => (Block) C:\program files (x86)\byond\bin\dreamdaemon.exe
    FirewallRules: [{CA302790-6816-4039-B578-4280A1A3D427}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{2D0B1A92-D53E-441A-8EE4-6685D5C273B0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{5901C9E2-5C8C-440B-937B-897D7C7B7868}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TigerKnight_EW\frontend\bin\frontend.exe
    FirewallRules: [{7B4198B6-9C7A-4E17-B8A8-87B6051E306E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TigerKnight_EW\frontend\bin\frontend.exe
    FirewallRules: [{DCC09FAB-831D-4382-ABDD-1E96EB3DD99A}] => (Allow) %ProgramFiles% (x86)\BYOND\bin\byond.exe
    FirewallRules: [TCP Query User{630969BC-F554-432A-8915-454CF03BD6BF}C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{BD7EC8E3-3DFC-4FBD-86DB-0E8D1A89F03A}C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
    FirewallRules: [{6144D13C-D27F-4277-BDC0-74B421864ADE}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
    FirewallRules: [{A5A993E5-0833-46AD-B4FB-7E7A3FAA4473}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
    FirewallRules: [{C9915D56-EB44-4A36-8296-B5974775FEC6}] => (Allow) %ProgramFiles% (x86)\BYOND\bin\byond.exe
    FirewallRules: [TCP Query User{68F9479C-8ECE-47A4-872B-326A4F6C41D6}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
    FirewallRules: [UDP Query User{876F8F83-B114-4111-80D3-C6EF62AB704E}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
    FirewallRules: [{68807056-81EA-4751-B251-E1C9B7872B7F}] => (Block) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
    FirewallRules: [{C4CEAD7A-FDCB-4C4A-9FA3-F267D8699577}] => (Block) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
    FirewallRules: [TCP Query User{B462CF9E-F158-4651-B7A2-00E66EA1401F}C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe] => (Allow) C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe
    FirewallRules: [UDP Query User{316532B7-D328-40EA-BC18-E1C2B02ED040}C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe] => (Allow) C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe
    FirewallRules: [{F69029A8-B35D-4F16-B445-61A7AE89FB63}] => (Block) C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe
    FirewallRules: [{D2A789B9-52BF-4D81-AFE2-657AC3397518}] => (Block) C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe
    FirewallRules: [TCP Query User{8F52D76F-B5B8-4E78-9E60-1AD65794A563}C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
    FirewallRules: [UDP Query User{CF27E9E1-E5B2-4A26-9831-E1D3EAF2F66C}C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
    FirewallRules: [{04CC1249-03F4-4A96-BD65-0078EBD1B2AF}] => (Block) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
    FirewallRules: [{3B541542-D4C4-4156-9274-BB613B82B02A}] => (Block) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
    FirewallRules: [{8505BB30-6615-42D6-851F-C2E78D3CBBE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
    FirewallRules: [{F46C1EFC-38F5-4826-8943-2F19087B4FE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
    FirewallRules: [TCP Query User{6DC022F6-439D-47DA-A425-5DAC9EB28B1B}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
    FirewallRules: [UDP Query User{24738233-C2F3-483E-A4A8-67929771E3B9}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
    FirewallRules: [{7B5CCD4C-60C8-4432-8A35-190366325241}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
    FirewallRules: [{42524318-0C4C-4E9D-84C0-527755A25965}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
    FirewallRules: [{7DDFC4C7-680F-4E2C-919A-8C38991FA4FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
    FirewallRules: [{F82552C4-937F-4547-86B9-9813CFD18D88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
    FirewallRules: [{D28FDF49-9D72-476F-B05A-937B6A907A96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
    FirewallRules: [{1F08E3D6-A3F2-4041-B67F-2D29EF2A0016}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
    FirewallRules: [{2BDDADFB-5712-446F-BF70-3D5A3556297D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DDDA\DDDA.exe
    FirewallRules: [{2C5B4878-D54A-4534-AB68-F8B85326A4F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DDDA\DDDA.exe
    FirewallRules: [{B7E2E8B9-429C-4EA9-A929-528790B78C37}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{0EAAFF90-D1FC-45F6-A9DF-DF3551F7A467}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{34F96366-62A8-4427-9A70-4F476662DA96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Waste Walkers\Game.exe
    FirewallRules: [{961270B8-9EA1-4338-9878-F0B1923CE962}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Waste Walkers\Game.exe
    FirewallRules: [{E936EBED-EB53-4E42-89D5-3FBCA2E73BE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
    FirewallRules: [{ED27A468-02C6-47DA-8EE9-C127A99F76ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
    FirewallRules: [{EA562D70-AA24-4836-85FD-4CD94C0FC945}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Interstellar Rift\Build\IR.exe
    FirewallRules: [{8DF3ABA3-AC57-4B0F-86B7-7935F7BC88D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Interstellar Rift\Build\IR.exe
    FirewallRules: [{6A00FB8F-9AE9-4CE0-B565-C4C064BF7DEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
    FirewallRules: [{252F0AB3-F305-45CA-87CA-76B1C40C5E78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
    FirewallRules: [{AFBE26DE-19C7-44AB-A600-1ACD81EEE0D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
    FirewallRules: [{06C22F12-028B-4CB5-9AF5-B80995CA0BFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
    FirewallRules: [TCP Query User{4CF5A4CA-F41C-4CF1-89F4-045A8E577B83}C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
    FirewallRules: [UDP Query User{F980D522-DC21-4033-843B-B292468981F4}C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
    FirewallRules: [{0ECA90B2-7664-496B-AE1E-7E662EF65F4C}] => (Block) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
    FirewallRules: [{16F787BA-D62E-4C0F-B1C7-3627E871E54F}] => (Block) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
    FirewallRules: [{19299D7C-7A9E-4A26-A4B2-39D8C8799F77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win32\UDK.exe
    FirewallRules: [{BEA5DE29-27EF-40D7-97E5-8F5D86BC73C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win32\UDK.exe
    FirewallRules: [{E611FC9D-5B0C-48ED-BCC9-E179080860EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win64\UDK.exe
    FirewallRules: [{183E4FAD-4760-4561-980A-2273AA54838F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win64\UDK.exe
    FirewallRules: [{9C1E133D-980E-4D7D-B8DC-ACB619C912C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
    FirewallRules: [{7537E661-B6E4-4E56-B6F6-EE638FFC878C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
    FirewallRules: [{374B0F5E-3260-4456-9E2A-39DFC96E3373}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Guild\guild.exe
    FirewallRules: [{BD7012FB-DF7B-4278-98E0-E59197239D4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Guild\guild.exe
    FirewallRules: [{C482EA72-8E2B-450F-9A13-BD1BF22ACA29}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
    FirewallRules: [{7431F277-B541-4F69-B7D8-460ADC435268}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
    FirewallRules: [{8B0BC301-124C-4BCC-9C4B-C63BE70B5F0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ASTRONEER Early Access\Astro.exe
    FirewallRules: [{6BAEF279-D0F4-423E-B3B6-CEE53C45C8CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ASTRONEER Early Access\Astro.exe
    FirewallRules: [TCP Query User{8EB2F3A4-0080-41FA-A1CB-077A9BBC93B5}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe
    FirewallRules: [UDP Query User{2AECA291-47C4-4E7C-B063-0F7F0F71483C}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe
    FirewallRules: [{FB7C0963-F8A8-4616-AB66-272E7EAF55EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe
    FirewallRules: [{16BFC85B-70E1-4177-BE41-E41C27690402}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe
    FirewallRules: [TCP Query User{BEB708A8-8BFF-4B52-AB83-1A56AD6D5699}C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe
    FirewallRules: [UDP Query User{2EBC3C13-1C7B-41C4-88E4-6DCCC6C2D2D0}C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe
    FirewallRules: [{7EF99EF8-B5D5-41BE-A66C-64E3F1154870}] => (Block) C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe
    FirewallRules: [{303AB1FB-8A2B-492B-B12A-B30129A1045D}] => (Block) C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe
    FirewallRules: [{074C2BDA-493D-49C0-BCCA-4582929F85E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Osiris\OsirisNewDawn.exe
    FirewallRules: [{731959A4-2953-4417-8356-F31F7A7D3251}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Osiris\OsirisNewDawn.exe
    FirewallRules: [TCP Query User{B2FD3F3D-05DD-4C52-8B5C-2BD97258555D}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [UDP Query User{700AD650-D8C0-4413-8268-4D58310E1C5F}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [{041734AD-28A2-4C21-8043-EE877EE31FBB}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [{7CF4B58F-3BB2-4DDB-A3C6-BB715DA9A6BD}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [{29FDDCAF-5B64-4A19-BBCC-472F52288182}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
    FirewallRules: [{A0D5AD22-FFE7-4174-9BFC-EA135EC15BB2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
    FirewallRules: [{6E120739-EF3D-45D0-89B1-D49B8EB61F71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
    FirewallRules: [{B714F92F-9757-4A2F-B4F9-474D3E6FAE6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
    FirewallRules: [{9F96FF1D-7414-4C46-9A93-4382EAF86A0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
    FirewallRules: [{08696AA0-45F7-4F9C-A811-41FCE092835F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
    FirewallRules: [{AA350F8C-580B-4A56-A09D-5C3DB98D8313}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
    FirewallRules: [{ACC8ADF2-D516-4941-90ED-2295FE48CC04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
    FirewallRules: [{6E107C1C-4128-43AB-AE75-09E18624628A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{B59F700F-03CF-418C-8E6B-0F6A9D65C225}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{F7035469-47C4-4AF6-ACBE-571E94E279C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Atlas Reactor\GlyphClient.exe
    FirewallRules: [{5C55D716-4F12-4112-A7FD-0073CC3E9C16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Atlas Reactor\GlyphClient.exe
    FirewallRules: [{D32AFE17-0DA8-4137-B1A3-C1C9F82E38DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe
    FirewallRules: [{A2BA9716-7848-4945-BA18-6A45DDC1FD07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe
    FirewallRules: [{DBFFB1FA-CC21-4313-A9E6-418FFC32B793}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{58E11E3D-EEF3-4963-9072-07D405533555}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{E8FBFF4C-0648-4222-89F9-25FBA6E8A548}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [{65FD705D-EF2F-4F85-BD64-08B170B822F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [{C3128996-66B1-4AC5-BDD9-007C82DDC81E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{CB290AA9-E0C4-48B9-958E-0028DE4CEB10}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{DD297620-EFC2-4499-AEFE-FED6B4F581A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [{242B5F55-95ED-456E-8B6E-9D3AECBF96C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [{AD230024-5504-4556-B293-725338646A7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
    FirewallRules: [{29E7BC81-A461-4315-9854-F9353B2205CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
    FirewallRules: [TCP Query User{80728A35-4F73-4D36-9A45-A40DDD93A664}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [UDP Query User{0B077690-6F69-48B0-BFF0-292538207D29}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [{4EC4DA67-CC20-477E-8569-CDD2651D5721}] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [{67F1CB20-6A51-479F-A01C-718C3DC5C0B2}] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [{4F33B127-7D52-41FC-A21E-B1DD9E68F0AF}] => (Allow) C:\WINDOWS\system32\rundll32.exe
    FirewallRules: [{A33ACC3B-E559-450F-A274-97113ACED80C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chronicle\WorkshopTool\WorkshopManager.exe
    FirewallRules: [{3703CE89-EEB1-414A-8C5A-C17A9A1E9828}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chronicle\WorkshopTool\WorkshopManager.exe
    FirewallRules: [{A6C0F87A-54C3-449C-995D-D0B40FD683FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\starbound.exe
    FirewallRules: [{CB86612A-D7E5-42A2-B677-00D96F259838}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\starbound.exe
    FirewallRules: [{F388882D-4F10-41FC-B729-BC280D73ED25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
    FirewallRules: [{B83126A5-69F9-4075-985A-5BB21DC25F27}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
    FirewallRules: [{4DFEF511-42E3-4B35-92B4-CF29E6B998C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
    FirewallRules: [{F2817B3E-7225-4C34-8DAC-C26897559322}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
    FirewallRules: [{3382F0CD-8DEE-4B7F-AB1B-8878FC441169}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win32\starbound.exe
    FirewallRules: [{58447B36-BEED-455A-A5B0-DDA19A02C547}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win32\starbound.exe
    FirewallRules: [{FBDF3CED-0F40-4568-A905-0A2DF5728A58}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{C0E1D93F-0FD9-4461-9876-414FAB482D6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
     
    ==================== Restore Points =========================
     
    16-02-2017 19:21:48 Scheduled Checkpoint
    21-02-2017 12:05:20 Move file to quarantine: winvmx client
    21-02-2017 12:08:54 Move file to quarantine: winscr
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (02/22/2017 02:45:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/22/2017 02:39:28 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ctfmon.exe, version: 10.0.14393.0, time stamp: 0x57899148
    Faulting module name: InputService.dll, version: 10.0.14393.576, time stamp: 0x584a76ec
    Exception code: 0xc0000005
    Fault offset: 0x00057f66
    Faulting process id: 0x1f30
    Faulting application start time: 0x01d28d4245faa7f8
    Faulting application path: C:\WINDOWS\SysWOW64\ctfmon.exe
    Faulting module path: C:\WINDOWS\system32\InputService.dll
    Report Id: 6b344acc-2276-4826-a054-620422aa33e4
    Faulting package full name: 
    Faulting package-relative application ID:
     
    Error: (02/22/2017 02:30:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/22/2017 02:30:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: ESKEWPC)
    Description: App Microsoft.MicrosoftStickyNotes_1.6.2.0_x64__8wekyb3d8bbwe+App did not launch within its allotted time.
     
    Error: (02/22/2017 02:19:37 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ctfmon.exe, version: 10.0.14393.0, time stamp: 0x57899148
    Faulting module name: InputService.dll, version: 10.0.14393.576, time stamp: 0x584a76ec
    Exception code: 0xc0000005
    Fault offset: 0x00057f66
    Faulting process id: 0x6434
    Faulting application start time: 0x01d28d01e88b2b1f
    Faulting application path: C:\WINDOWS\SysWOW64\ctfmon.exe
    Faulting module path: C:\WINDOWS\system32\InputService.dll
    Report Id: 3a55b0e5-644c-499e-bda8-37871f2242a5
    Faulting package full name: 
    Faulting package-relative application ID:
     
    Error: (02/22/2017 01:52:34 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: GameBarPresenceWriter.exe, version: 10.0.14393.0, time stamp: 0x57899bd6
    Faulting module name: ntdll.dll, version: 10.0.14393.479, time stamp: 0x5825887f
    Exception code: 0xc0000374
    Fault offset: 0x00000000000f8283
    Faulting process id: 0xd0bc
    Faulting application start time: 0x01d28d3cc4a9a82f
    Faulting application path: C:\Windows\System32\GameBarPresenceWriter.exe
    Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
    Report Id: a682dabf-8bfc-4a20-81bc-5b6e236e5a5a
    Faulting package full name: 
    Faulting package-relative application ID:
     
    Error: (02/22/2017 06:48:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/22/2017 06:48:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: ESKEWPC)
    Description: App Microsoft.MicrosoftStickyNotes_1.6.2.0_x64__8wekyb3d8bbwe+App did not launch within its allotted time.
     
    Error: (02/21/2017 07:43:29 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819bf85
    Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.594, time stamp: 0x5850ccd3
    Exception code: 0xc000027b
    Fault offset: 0x00000000006d682b
    Faulting process id: 0x5c1c
    Faulting application start time: 0x01d28ca4adf4842f
    Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
    Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
    Report Id: c7c9551e-e8f0-438c-9088-bbf89e214419
    Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy
    Faulting package-relative application ID: App
     
    Error: (02/21/2017 07:43:22 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819bf85
    Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.594, time stamp: 0x5850ccd3
    Exception code: 0xc000027b
    Fault offset: 0x00000000006d682b
    Faulting process id: 0x16cc
    Faulting application start time: 0x01d28c7fbe6fcb57
    Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
    Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
    Report Id: b71943d5-1c8f-474d-ac6b-b7c32c39eb3b
    Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy
    Faulting package-relative application ID: App
     
     
    System errors:
    =============
    Error: (02/22/2017 04:26:01 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 04:26:01 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 04:23:19 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 04:23:19 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 04:23:19 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 04:23:07 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 04:23:06 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 04:23:06 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 04:23:06 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 04:23:05 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
     
    ==================== Memory info =========================== 
     
    Processor: AMD A10-7850K Radeon R7, 12 Compute Cores 4C+8G
    Percentage of memory in use: 20%
    Total physical RAM: 21447.46 MB
    Available physical RAM: 17053.59 MB
    Total Virtual: 24647.46 MB
    Available Virtual: 19754.89 MB
     
    ==================== Drives ================================
     
    Drive c: (OS) (Fixed) (Total:912.18 GB) (Free:216.43 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (Recovery Image) (Fixed) (Total:17.07 GB) (Free:2.08 GB) NTFS ==>[system with boot components (obtained from drive)]
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: ABF53763)
     
    Partition: GPT.
     
    ==================== End of Addition.txt ============================

    • 0

    #4
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,017 posts
    • MVP
     
    Download the attached fixlist.txt to the same location as FRST
     
    Attached File  fixlist.txt   27.64KB   46 downloads
     
    Run FRST and press Fix.  System will reboot.
    A fix log will be generated please post that 
     
     
    Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.
     
     
     
    Get Process Explorer
     
    Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
     
    View, Select Column, check Verified Signer, OK
    Options, Verify Image Signatures
     
     
    Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
     
    Wait a full minute then:
     
    File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
     

     


    • 0

    #5
    Zanarisfate

    Zanarisfate

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts

    Fix Log:

     

    Fix result of Farbar Recovery Scan Tool (x64) Version: 23-02-2017
    Ran by Eskew (22-02-2017 18:35:41) Run:1
    Running from C:\Users\Eskew\Desktop\New folder (5)
    Loaded Profiles: Eskew (Available Profiles: Eskew)
    Boot Mode: Normal
    ==============================================
     
    fixlist content:
    *****************
    CloseProcesses:
    HKLM-x32\...\Run: [cpx] => "C:\Program Files (x86)\cpx\cpx.exe" -starup <===== ATTENTION
    HKLM-x32\...\Run: [cpx] => "C:\Program Files (x86)\cpx\cpx.exe" -starup <===== ATTENTION
    HKLM-x32\...\Run: [svcvmx] => C:\Program Files (x86)\svcvmx\svcvmx.exe [896512 2017-01-13] ()
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Policies\Explorer: [NoLogOff] 0
    CHR HKU\S-1-5-21-105371738-2419289027-4122941235-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll => No File
    BHO-x32: No Name -> {aa2fac44-d24d-4fed-9e32-397d138365f1} -> No File
    Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
    FF user.js: detected! => C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default\user.js [2015-01-26]
    FF Extension: (No Name) - C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default\extensions\[email protected] [not found]
    FF Extension: (Cyti Web 1.0.1) - C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default\Extensions\{1f01bfa6-8fc1-4c12-a219-da77269427c2}.xpi [2015-01-26] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4535\ff => not found
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
    CHR Plugin: (Shockwave Flash) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => No File
    CHR Plugin: (Native Client) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\pdf.dll => No File
    CHR Plugin: (Norton Confidential) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll => No File
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
    CHR Plugin: (Java™ Platform SE 7 U10) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
    CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => No File
    CHR Plugin: (Windows LiveÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Java Deployment Toolkit 7.0.100.18) - C:\windows\SysWOW64\npDeployJava1.dll => No File
    CHR HKLM-x32\...\Chrome\Extension: [bocnojmkdlamkknefedafeamofpjehlk] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4535\ch\TrustMediaViewerV1alpha4535.crx <not found>
    R1 drmkpro64; C:\WINDOWS\System32\drivers\drmkpro64.sys [53832 2017-02-20] () [File not signed]
    R2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
    S2 windowsmanagementservice; C:\Users\Eskew\AppData\Local\Temp\20170220\ct.exe [X] <==== ATTENTION <==== ATTENTION
    2017-02-20 14:55 - 2017-02-20 14:55 - 00053832 _____ C:\WINDOWS\system32\Drivers\drmkpro64.sys
    2017-02-20 14:40 - 2017-02-21 10:25 - 00000000 ____D C:\Users\Eskew\AppData\Local\cpx
    2017-02-20 13:40 - 2017-02-21 07:22 - 00000000 ____D C:\Users\Eskew\AppData\Local\llssoft
    2017-02-20 12:34 - 2017-02-20 12:36 - 00000358 _____ C:\WINDOWS\Tasks\Online Application v209.job
    2017-02-20 12:34 - 2017-02-20 12:36 - 00000358 _____ C:\WINDOWS\Tasks\Online Application v209 Guardian.job
    2017-02-20 12:34 - 2017-02-20 12:36 - 00000358 _____ C:\WINDOWS\Tasks\Online Application v209 Guard.job
    2017-02-20 12:34 - 2017-02-20 12:34 - 00006549 _____ C:\WINDOWS\TEMPcoral.vbs
    2017-02-20 12:34 - 2017-02-20 12:34 - 00003264 _____ C:\WINDOWS\System32\Tasks\Online Application v209 Guardian
    2017-02-20 12:34 - 2017-02-20 12:34 - 00003258 _____ C:\WINDOWS\System32\Tasks\Online Application v209 Guard
    2017-02-20 12:34 - 2017-02-20 12:34 - 00003246 _____ C:\WINDOWS\System32\Tasks\Online Application v209
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\c
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\ProgramData\1487612071
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\Program Files (x86)\qdcomsvc
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\Program Files (x86)\dataup
    Online.io Application (x32 Version: 2.1.0 - Microleaves) Hidden <==== ATTENTION
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
    Task: {01CAA392-C8CC-4E43-B2F0-5ADF0849446D} - \Online Application -> No File <==== ATTENTION
    Task: {07BD2292-EC2F-44E3-BC45-0B9B4F9DFBF3} - \Online Application Guardian -> No File <==== ATTENTION
    Task: {0A35FB88-BBAA-4395-8ADD-1839F48C30CE} - \ProPCCleaner_Start -> No File <==== ATTENTION
    Task: {0D1DFA29-1053-47FF-96B2-D2D0D96E36AB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {0E69CC2E-3CFB-4F3B-AF73-75F0CB405123} - \YourFile DownloaderUpdate -> No File <==== ATTENTION
    Task: {10062C3D-0C1A-4C2A-98F9-7A3D7D3E743E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {192885F3-F656-4D31-92AD-D719693FD8ED} - \Online Application Guard -> No File <==== ATTENTION
    Task: {2606D56A-E37C-477B-AE46-6A80E18E0966} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {60770388-0698-411C-A806-138DE75ED88B} - \ProPCCleaner_Popup -> No File <==== ATTENTION
    Task: {6BC87123-6D21-4A28-AB87-043B4CD12230} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {754F9FF1-3A07-481C-9530-E732508587F6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {7620D919-D7E9-475D-A35C-DD938E5D5E47} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {7C3C31D7-9BFA-474B-8BA4-10ACEF825737} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {7CDD50C5-E566-4447-BD1F-06C26A337509} - \WPD\SqmUpload_S-1-5-21-105371738-2419289027-4122941235-1001 -> No File <==== ATTENTION
    Task: {7EEC96AE-F97E-48F7-B718-68F4B08E039F} - System32\Tasks\Online Application v209 => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ATTENTION
    Task: {B249ABB8-47E2-402D-ADBF-32928C961AF8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {B6309D8F-431C-4226-9205-20D2D50F5679} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {CAB80E29-6429-4EC2-AC3A-08E776A8C37B} - \Omiga Plus RunAsStdUser -> No File <==== ATTENTION
    Task: {CEB93C34-393F-460F-B504-B16C1EB49EBB} - System32\Tasks\{E685A87F-9C1B-4E90-B1E2-BE4DF9EF4403} => pcalua.exe -a E:\PNY_CD.exe -d E:\
    Task: {E2493870-DE08-47F2-9B77-992484AE3430} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {EABB08EB-3428-4EBA-837D-A4EC927779AC} - \GoforFilesUpdate -> No File <==== ATTENTION
    Task: {EAEB5010-0574-469D-8346-D2B137B0BED0} - \Desk 365 RunAsStdUser -> No File <==== ATTENTION
    Task: {F47777FE-9976-47EC-81F2-BB370C21FADA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001Core.job => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001UA.job => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\HPCeeScheduleForEskew.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\WINDOWS\Tasks\Online Application v209 Guard.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\Online Application v209 Guardian.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\Online Application v209.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ATTENTION
    ShortcutWithArgument: C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecontrol for Minecraft\Minecontrol for Minecraft.lnk -> C:\Windows\SysWOW64\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://update.joshjcarrier.com/minecontrol/launch.jnlp "C:\Users\Eskew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\3e77bec5-37671518"
    ShortcutWithArgument: C:\Users\Eskew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --user-data-dir="C:\Users\Eskew\AppData\Local\Google\Chrome\User Data"
    ShortcutWithArgument: C:\Users\Eskew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b2221afffb6f8637\Josh - Chrome.lnk -> C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
    C:\Program Files (x86)\dataup
    C:\Program Files (x86)\svcvmx
    AlternateDataStreams: C:\ProgramData\Temp:7793C843 [144]
    AlternateDataStreams: C:\Users\Eskew\AppData\Local\11rpLHJDugDoF:40uX8RRB5MWZDhHOsS9bdlM [2256]
    FirewallRules: [TCP Query User{48CC05DC-88E5-4EC9-BBDE-DBA95A1EE8E9}C:\users\eskew\appdata\local\temp\iesearchprovider.exe] => (Allow) C:\users\eskew\appdata\local\temp\iesearchprovider.exe
    FirewallRules: [UDP Query User{A39E0028-C020-4D11-823F-A2246A015217}C:\users\eskew\appdata\local\temp\iesearchprovider.exe] => (Allow) C:\users\eskew\appdata\local\temp\iesearchprovider.exe
    FirewallRules: [{3DBFB9A2-0B64-432D-ACCF-DF7250C81928}] => (Block) C:\users\eskew\appdata\local\temp\iesearchprovider.exe
    FirewallRules: [{BABC2522-8848-4B85-A072-331E19A5E6EA}] => (Block) C:\users\eskew\appdata\local\temp\iesearchprovider.exe
    FirewallRules: [{4B523AF8-B458-4B4B-A1CF-56A09F7F37B1}] => (Allow) C:\Windows\System32\dmwu.exe
    FirewallRules: [{1F50498D-6DF7-4161-8296-847C6860E628}] => (Allow) C:\Windows\System32\dmwu.exe 
    FirewallRules: [TCP Query User{EDFC7DAC-C04B-4085-A59A-9D3EF17A06BB}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{D839CE73-F5D4-4B1E-8D35-E27787730FA2}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
    CMD: for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"
    *****************
     
    Processes closed successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\cpx => value could not remove.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\cpx => value could not remove.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\svcvmx => value could not remove.
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogOff => value removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\SOFTWARE\Policies\Google => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully
    HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. 
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa2fac44-d24d-4fed-9e32-397d138365f1} => key removed successfully
    HKCR\Wow6432Node\CLSID\{aa2fac44-d24d-4fed-9e32-397d138365f1} => key not found. 
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => value removed successfully
    HKCR\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} => key not found. 
    C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default\user.js => moved successfully
    C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default\user.js => not found.
    C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default\extensions\[email protected] => path removed successfully
    C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default\Extensions\{1f01bfa6-8fc1-4c12-a219-da77269427c2}.xpi => moved successfully
    C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default\Extensions\{1f01bfa6-8fc1-4c12-a219-da77269427c2}.xpi => path removed successfully
    HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => value removed successfully
    HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin => key removed successfully
    C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => not found.
    C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => not found.
    C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\pdf.dll => not found.
    C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll => not found.
    C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => not found.
    C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => not found.
    C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => not found.
    C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll => moved successfully
    C:\windows\SysWOW64\npDeployJava1.dll => not found.
    HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bocnojmkdlamkknefedafeamofpjehlk => key removed successfully
    drmkpro64 => Unable to stop service.
    HKLM\System\CurrentControlSet\Services\drmkpro64 => key could not remove, key could be protected
    Dataup => Unable to stop service.
    HKLM\System\CurrentControlSet\Services\Dataup => key could not remove, key could be protected
    HKLM\System\CurrentControlSet\Services\windowsmanagementservice => key could not remove, key could be protected
    Could not move "C:\WINDOWS\system32\Drivers\drmkpro64.sys" => Scheduled to move on reboot.
     
    "C:\Users\Eskew\AppData\Local\cpx" folder move:
     
    Could not move "C:\Users\Eskew\AppData\Local\cpx" => Scheduled to move on reboot.
     
     
    "C:\Users\Eskew\AppData\Local\llssoft" folder move:
     
    Could not move "C:\Users\Eskew\AppData\Local\llssoft" => Scheduled to move on reboot.
     
    C:\WINDOWS\Tasks\Online Application v209.job => moved successfully
    C:\WINDOWS\Tasks\Online Application v209 Guardian.job => moved successfully
    C:\WINDOWS\Tasks\Online Application v209 Guard.job => moved successfully
    Could not move "C:\WINDOWS\TEMPcoral.vbs" => Scheduled to move on reboot.
    C:\WINDOWS\System32\Tasks\Online Application v209 Guardian => moved successfully
    C:\WINDOWS\System32\Tasks\Online Application v209 Guard => moved successfully
    C:\WINDOWS\System32\Tasks\Online Application v209 => moved successfully
    C:\Users\Eskew\AppData\Roaming\c => moved successfully
    C:\Users\Default\AppData\Local\AdvinstAnalytics => moved successfully
    "C:\Users\Default User\AppData\Local\AdvinstAnalytics" => not found.
    C:\ProgramData\1487612071 => moved successfully
    C:\Program Files (x86)\qdcomsvc => moved successfully
     
    "C:\Program Files (x86)\dataup" folder move:
     
    Could not move "C:\Program Files (x86)\dataup" => Scheduled to move on reboot.
     
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0847AE0-465A-4D7B-A555-AABB43B550F0}\\SystemComponent => value removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208} => key removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => key removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1} => key removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => key removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => key removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E} => key removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => key removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => key removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8} => key removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} => key removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => key removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => key removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => key removed successfully
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01CAA392-C8CC-4E43-B2F0-5ADF0849446D} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01CAA392-C8CC-4E43-B2F0-5ADF0849446D} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07BD2292-EC2F-44E3-BC45-0B9B4F9DFBF3} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07BD2292-EC2F-44E3-BC45-0B9B4F9DFBF3} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application Guardian => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0A35FB88-BBAA-4395-8ADD-1839F48C30CE} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A35FB88-BBAA-4395-8ADD-1839F48C30CE} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Start => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D1DFA29-1053-47FF-96B2-D2D0D96E36AB} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D1DFA29-1053-47FF-96B2-D2D0D96E36AB} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0E69CC2E-3CFB-4F3B-AF73-75F0CB405123} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E69CC2E-3CFB-4F3B-AF73-75F0CB405123} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFile DownloaderUpdate => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10062C3D-0C1A-4C2A-98F9-7A3D7D3E743E} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10062C3D-0C1A-4C2A-98F9-7A3D7D3E743E} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{192885F3-F656-4D31-92AD-D719693FD8ED} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{192885F3-F656-4D31-92AD-D719693FD8ED} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application Guard => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2606D56A-E37C-477B-AE46-6A80E18E0966} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2606D56A-E37C-477B-AE46-6A80E18E0966} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{60770388-0698-411C-A806-138DE75ED88B} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60770388-0698-411C-A806-138DE75ED88B} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Popup => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BC87123-6D21-4A28-AB87-043B4CD12230} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BC87123-6D21-4A28-AB87-043B4CD12230} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{754F9FF1-3A07-481C-9530-E732508587F6} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{754F9FF1-3A07-481C-9530-E732508587F6} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7620D919-D7E9-475D-A35C-DD938E5D5E47} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7620D919-D7E9-475D-A35C-DD938E5D5E47} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C3C31D7-9BFA-474B-8BA4-10ACEF825737} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C3C31D7-9BFA-474B-8BA4-10ACEF825737} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CDD50C5-E566-4447-BD1F-06C26A337509} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CDD50C5-E566-4447-BD1F-06C26A337509} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-105371738-2419289027-4122941235-1001 => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EEC96AE-F97E-48F7-B718-68F4B08E039F} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EEC96AE-F97E-48F7-B718-68F4B08E039F} => key removed successfully
    C:\WINDOWS\System32\Tasks\Online Application v209 => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application v209 => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B249ABB8-47E2-402D-ADBF-32928C961AF8} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B249ABB8-47E2-402D-ADBF-32928C961AF8} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6309D8F-431C-4226-9205-20D2D50F5679} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6309D8F-431C-4226-9205-20D2D50F5679} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CAB80E29-6429-4EC2-AC3A-08E776A8C37B} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAB80E29-6429-4EC2-AC3A-08E776A8C37B} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Omiga Plus RunAsStdUser => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEB93C34-393F-460F-B504-B16C1EB49EBB} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEB93C34-393F-460F-B504-B16C1EB49EBB} => key removed successfully
    C:\WINDOWS\System32\Tasks\{E685A87F-9C1B-4E90-B1E2-BE4DF9EF4403} => moved successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E685A87F-9C1B-4E90-B1E2-BE4DF9EF4403} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2493870-DE08-47F2-9B77-992484AE3430} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2493870-DE08-47F2-9B77-992484AE3430} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EABB08EB-3428-4EBA-837D-A4EC927779AC} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EABB08EB-3428-4EBA-837D-A4EC927779AC} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoforFilesUpdate => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EAEB5010-0574-469D-8346-D2B137B0BED0} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAEB5010-0574-469D-8346-D2B137B0BED0} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F47777FE-9976-47EC-81F2-BB370C21FADA} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F47777FE-9976-47EC-81F2-BB370C21FADA} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
    C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
    C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
    C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001Core.job => moved successfully
    C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001UA.job => moved successfully
    C:\WINDOWS\Tasks\HPCeeScheduleForEskew.job => moved successfully
    C:\WINDOWS\Tasks\Online Application v209 Guard.job => not found.
    C:\WINDOWS\Tasks\Online Application v209 Guardian.job => not found.
    C:\WINDOWS\Tasks\Online Application v209.job => not found.
    C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecontrol for Minecraft\Minecontrol for Minecraft.lnk => Shortcut argument removed successfully.
    C:\Users\Eskew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Shortcut argument removed successfully.
    C:\Users\Eskew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b2221afffb6f8637\Josh - Chrome.lnk => Shortcut argument removed successfully.
     
    "C:\Program Files (x86)\dataup" folder move:
     
    Could not move "C:\Program Files (x86)\dataup" => Scheduled to move on reboot.
     
     
    "C:\Program Files (x86)\svcvmx" folder move:
     
    Could not move "C:\Program Files (x86)\svcvmx" => Scheduled to move on reboot.
     
    C:\ProgramData\Temp => ":7793C843" ADS removed successfully.
    C:\Users\Eskew\AppData\Local\11rpLHJDugDoF => ":40uX8RRB5MWZDhHOsS9bdlM" ADS removed successfully.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{48CC05DC-88E5-4EC9-BBDE-DBA95A1EE8E9}C:\users\eskew\appdata\local\temp\iesearchprovider.exe => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A39E0028-C020-4D11-823F-A2246A015217}C:\users\eskew\appdata\local\temp\iesearchprovider.exe => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3DBFB9A2-0B64-432D-ACCF-DF7250C81928} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BABC2522-8848-4B85-A072-331E19A5E6EA} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4B523AF8-B458-4B4B-A1CF-56A09F7F37B1} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F50498D-6DF7-4161-8296-847C6860E628} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EDFC7DAC-C04B-4085-A59A-9D3EF17A06BB}C:\program files (x86)\java\jre7\bin\javaw.exe => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D839CE73-F5D4-4B1E-8D35-E27787730FA2}C:\program files (x86)\java\jre7\bin\javaw.exe => value removed successfully
     
    ========= for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1" =========
     
     
    ========= End of CMD: =========
     
     
    Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-02-2017 18:43:33)
     
    "C:\WINDOWS\system32\Drivers\drmkpro64.sys" => Could not move
    "C:\Users\Eskew\AppData\Local\cpx" => Could not move
    C:\Users\Eskew\AppData\Local\llssoft => Is moved successfully
    "C:\WINDOWS\TEMPcoral.vbs" => Could not move
    "C:\Program Files (x86)\dataup" => Could not move
    "C:\Program Files (x86)\dataup" => Could not move
    "C:\Program Files (x86)\svcvmx" => Could not move
     
    Result of scheduled keys to remove after reboot:
     
    HKLM\System\CurrentControlSet\Services\drmkpro64 => key could not remove, key could be protected
    HKLM\System\CurrentControlSet\Services\Dataup => key could not remove, key could be protected
    HKLM\System\CurrentControlSet\Services\windowsmanagementservice => key could not remove, key could be protected
     
    ==== End of Fixlog 18:43:56 ====
     
    Addition.txt:
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2017
    Ran by Eskew (22-02-2017 18:53:20)
    Running from C:\Users\Eskew\Desktop\New folder (5)
    Windows 10 Home Version 1607 (X64) (2016-10-17 13:33:36)
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-105371738-2419289027-4122941235-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-105371738-2419289027-4122941235-1004 - Limited - Enabled)
    DefaultAccount (S-1-5-21-105371738-2419289027-4122941235-503 - Limited - Disabled)
    Eskew (S-1-5-21-105371738-2419289027-4122941235-1001 - Administrator - Enabled) => C:\Users\Eskew
    Guest (S-1-5-21-105371738-2419289027-4122941235-501 - Limited - Disabled)
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
     (HKLM\...\UDK-04d245e5-f683-46e7-8173-d68ff31ec8e7) (Version:  - RuneStorm
    @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
    µTorrent (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\uTorrent) (Version: 3.4.6.42178 - BitTorrent Inc.)
    7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.0.2.189 - Adobe Systems Incorporated)
    Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.19) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
    AMD Catalyst Install Manager (HKLM\...\{DA9FFDE7-5474-DE51-8729-76A31DB5682B}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
    ASTRONEER (HKLM\...\Steam App 361420) (Version:  - System Era Softworks)
    Atlas Reactor (HKLM\...\Steam App 402570) (Version:  - Trion Worlds)
    Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
    AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
    Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - )
    Battle for Wesnoth 1.12.5 (HKLM-x32\...\Battle for Wesnoth 1.12.5) (Version: 1.12.5 - )
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
    bl (x32 Version: 1.0.0 - Your Company Name) Hidden
    Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Bloons TD5 (HKLM\...\Steam App 306020) (Version:  - Ninja Kiwi)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    BYOND (HKLM-x32\...\BYOND) (Version: 511.1363 - BYOND)
    Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
    Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‎Canon Inc.‬)
    Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
    Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
    Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
    Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
    Canon MG3200 series User Registration (HKLM-x32\...\Canon MG3200 series User Registration) (Version:  - Canon Inc.‎)
    Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
    Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
    Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
    Castle Crashers (HKLM\...\Steam App 204360) (Version:  - The Behemoth)
    Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Chronicle: RuneScape Legends (HKLM\...\Steam App 205890) (Version:  - Jagex)
    Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
    Clicker Guild (HKLM\...\Steam App 557810) (Version:  - Fox Dawn)
    Clicker Heroes (HKLM\...\Steam App 363970) (Version:  - Playsaurus)
    Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
    Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
    Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
    CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
    CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
    CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Darkest Dungeon (HKLM\...\Steam App 262060) (Version:  - Red Hook Studios)
    Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
    Discord (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
    Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
    Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
    DOOM 3: BFG Edition (HKLM-x32\...\Steam App 208200) (Version:  - id Software)
    Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
    Dragon's Dogma: Dark Arisen (HKLM\...\Steam App 367500) (Version:  - Capcom)
    Dungeon Defenders II (HKLM\...\Steam App 236110) (Version:  - Trendy Entertainment)
    Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
    Easy Tune 6 B14.0508.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
    Easy Tune 6 B14.0508.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
    Empyrion - Galactic Survival (HKLM\...\Steam App 383120) (Version:  - Eleon Game Studios)
    Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
    Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
    Factorio (HKLM\...\Steam App 427520) (Version:  - Wube Software LTD.)
    FLV2PC v5.9.0 (HKLM-x32\...\FLV2PC_is1) (Version: 5.9.0 - )
    FMW 1 (Version: 1.163.1 - AVG Technologies) Hidden
    Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
    Free Mahjong Games (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Free Mahjong Games) (Version: 1.0 - )
    Free Screen To Video V 2.0 (HKLM-x32\...\Free Screen To Video_is1) (Version: 2.0.0.0 - Koyote Soft)
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
    Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
    Google Chrome (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
    Guild of Dungeoneering (HKLM-x32\...\Steam App 317820) (Version:  - Gambrinous)
    Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
    HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.4.4 - Hi-Rez Studios)
    Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
    HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
    HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
    HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
    IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
    IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
    InfiniteCrisis_410193F41CAE (HKLM-x32\...\InfiniteCrisis_410193F41CAE) (Version:  - Turbine, Inc)
    iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
    Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
    Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
    King Arthur's Gold (HKLM-x32\...\{AC34F03B-B4C8-4892-8BD3-34DC1C7E8DE5}) (Version: 0.95.590.0 - THD)
    League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
    League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
    Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
    LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
    LEGO® Worlds (HKLM\...\Steam App 332310) (Version:  - TT Games)
    LibreOffice 4.0.2.2 (HKLM-x32\...\{1062AD6C-80F4-4BC6-AB7C-A28892B497B8}) (Version: 4.0.2.2 - The Document Foundation)
    LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
    LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
    LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
    LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
    Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)
    Magicka 2 (HKLM\...\Steam App 238370) (Version:  - Pieces Interactive)
    Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
    Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
    Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{17c2e197-cf26-443b-8beb-53151940df3f}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
    Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
    Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Microsoft Zoo Tycoon (HKLM-x32\...\Zoo Tycoon 1.0) (Version:  - )
    Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
    Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
    Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
    Multimedia Fusion 2 (HKLM-x32\...\Multimedia Fusion 2) (Version:  - )
    Mumble 1.2.5 (HKLM-x32\...\{C7BC557D-8C8B-4F5F-83AB-D20C58CF4575}) (Version: 1.2.5 - Thorvald Natvig)
    NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
    NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
    OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.3 - OBS Project)
    Online.io Application (HKLM-x32\...\{F0847AE0-465A-4D7B-A555-AABB43B550F0}) (Version: 2.1.0 - Microleaves) <==== ATTENTION
    Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
    Oracle VM VirtualBox 4.2.6 (HKLM\...\{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}) (Version: 4.2.6 - Oracle Corporation)
    ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
    Osiris: New Dawn (HKLM\...\Steam App 402710) (Version:  - Fenix Fire Entertainment)
    Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
    PakkISO 0.4 (HKLM-x32\...\PakkISO_is1) (Version: PakkISO 0.4 by zorted, installer by BitLooter - )
    Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
    Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
    PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
    ph (x32 Version: 1.0.0 - Your Company Name) Hidden
    Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
    Pixelmon Launcher (Beta) (HKLM-x32\...\Pixelmon Launcher (Beta) 2.0.26) (Version: 2.0.26 - Ikara Software Limited)
    Pixelmon Launcher (Beta) (x32 Version: 2.0.26 - Ikara Software Limited) Hidden
    PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Daybreak Game Company)
    PlanetSide 2 (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Project Zomboid (HKLM\...\Steam App 108600) (Version:  - The Indie Stone)
    Project Zomboid Dedicated Server (HKLM\...\Steam App 380870) (Version:  - )
    PULSAR: Lost Colony (HKLM\...\Steam App 252870) (Version:  - Leafy Games)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
    Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27599 - Razer Inc.)
    Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
    ROBLOX Player for Eskew (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
    ROBLOX Studio for Eskew (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
    Robocraft version 0.3.274 (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.274 - Freejam)
    RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
    RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd)
    Security Task Manager 2.1i (HKLM-x32\...\Security Task Manager) (Version: 2.1i - Neuber Software)
    SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
    Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
    Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
    SMITE (HKLM\...\Steam App 386360) (Version:  - Hi-Rez Studios)
    Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
    SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
    Spotify (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Spotify) (Version: 1.0.42.151.g19de0aa6 - Spotify AB)
    Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
    STAR WARS™ Battlefront™ II (HKLM\...\Steam App 6060) (Version:  - Pandemic Studios)
    STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
    Starbound (HKLM\...\Steam App 211820) (Version:  - )
    StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
    Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    SteamVR (HKLM-x32\...\Steam App 250820) (Version:  - )
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Tabletop Simulator (HKLM\...\Steam App 286160) (Version:  - Berserk Games)
    Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
    TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
    TeamSpeak 3 Client (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
    Techne (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\244a1e8693fd9c7e) (Version: 1.3.0.15 - ZeuX and r4wk)
    Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
    The Jackbox Party Pack 3 (HKLM\...\Steam App 434170) (Version:  - Jackbox Games, Inc.)
    The Witcher 2: Assassins of Kings Enhanced Edition (HKLM\...\Steam App 20920) (Version:  - CD PROJEKT RED)
    The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version:  - CD PROJEKT RED)
    The Witcher: Enhanced Edition (HKLM\...\Steam App 20900) (Version:  - CD PROJEKT RED)
    Trove (HKLM-x32\...\Glyph Trove) (Version:  - Trion Worlds, Inc.)
    Tt eSPORTS VENTUS Mouse (HKLM-x32\...\{766BD494-B1C8-4491-BBA7-1AABF9BF0660}) (Version: 1.0.0 - Tt eSPORTS)
    Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
    Unity Web Player (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\UnityWebPlayer) (Version: 5.2.3f1 - Unity Technologies ApS)
    univcredist (HKLM-x32\...\{2d9d4a60-1d22-46c1-84bb-1de04b4715d7}) (Version: 1.0.0.0 - Motiga)
    Unturned (HKLM\...\Steam App 304930) (Version:  - Smartly Dressed Games)
    Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
    VIO Player version 1.0.1 (HKLM-x32\...\{C8A17598-7F89-41EA-9876-0F89DA0B24F1}_is1) (Version: 1.0.1 - VIO)
    Viscera Cleanup Detail (HKLM-x32\...\Steam App 246900) (Version:  - RuneStorm)
    Viscera Cleanup Detail: alpha v0.25
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
    Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
    Warhammer: End Times - Vermintide (HKLM\...\Steam App 235540) (Version:  - Fatshark)
    Waste Walkers (HKLM\...\Steam App 371100) (Version:  - Corrosive Studios LLC)
    WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
    XSplit Broadcaster (HKLM-x32\...\{4202CAFA-F8F9-4311-8A13-19DB48AAF5F7}) (Version: 2.2.1502.1633 - SplitmediaLabs)
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{66131700-2ee5-4034-a67a-9f28774368e3}\InprocServer32 -> C:\Windows\SysWOW64\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Roblox\Versions\version-8756646edb404aaf\RobloxProxy64.dll (ROBLOX Corporation)
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {26E636BA-44CD-4450-8C94-067074443D37} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-22] (Microsoft Corporation)
    Task: {2E1AD61C-9923-4505-A94D-D2EFA9C12430} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe 
    Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
    Task: {3CB8C14F-58BC-4B18-B360-3255709C654C} - \Online Application v209 Guard -> No File <==== ATTENTION
    Task: {4C8BE195-6011-48A1-98C0-1AA1935C5EBA} - \Online Application v209 Guardian -> No File <==== ATTENTION
    Task: {4CA5593B-CDC2-4663-A1E0-275A25429E4C} - System32\Tasks\{88A2001F-FBC4-477A-99DF-0C91444C63AD} => pcalua.exe -a "C:\Users\Eskew\Downloads\dotnetfx (1).exe" -d C:\Users\Eskew\Downloads
    Task: {50D9217A-46C1-44E6-90A1-A7129039CE3B} - System32\Tasks\{7397805F-4A56-4686-977E-8CBC53A081AF} => pcalua.exe -a "C:\Program Files (x86)\Glyph\GlyphClient.exe" -c -uninstall  -game 131
    Task: {6038FBF3-3629-488B-8FC1-DB73A95AE455} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001UA1d257fbdc135398 => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {6F5B6BC8-EA96-4091-9C6D-89D881882B06} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001Core => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {7ADBD0EE-0CDE-4CD8-820B-E188292104EA} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [2016-07-16] (Microsoft Corporation)
    Task: {7B225396-9243-4EA4-9E43-BFE678D480FA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
    Task: {80C0B092-4558-4A88-A385-065AD6F1D107} - System32\Tasks\HPCeeScheduleForEskew => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
    Task: {81093AC7-C134-463E-A18D-F9D029CF3722} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-16] (Adobe Systems Incorporated)
    Task: {BD6D1757-FE32-4B78-869D-A93012C21857} - System32\Tasks\{D01AF756-DFFD-4359-8D62-4BA2DA949F2F} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/en/abandoninstall?page=tsProgressBar
    Task: {C171877A-DEE5-4A45-B5FD-1D3DAD79E1BD} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Eskew\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
    Task: {D487CBE6-87CC-4D3D-859D-901F09733C72} - System32\Tasks\{9683697A-7CBF-4F87-96C3-1F514C197363} => pcalua.exe -a C:\Users\Eskew\AppData\Local\Roblox\Versions\version-1600d28b04c54698\RobloxPlayerLauncher.exe -c -uninstall
    Task: {D4DAB5AA-64FA-4200-A100-0DD4C6D8B2A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001UA => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {DFF0F439-CE45-4D3B-B802-17589BA6D15C} - System32\Tasks\AdobeAAMUpdater-1.0-EskewPC-Eskew => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
    Task: {E1EB435A-B19B-490C-8D07-E641ADC9BB97} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {EA2E1BBB-507B-42EE-BAE2-6DB71C9AE74B} - System32\Tasks\{8F7B53BB-88C5-41E2-A80D-64960DF2106B} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/en/abandoninstall?page=tsProgressBar
    Task: {EB0C046F-147E-496A-8498-A908EC345523} - System32\Tasks\{85C1A459-4CC3-41EF-8702-6EAA011491A5} => pcalua.exe -a C:\Users\Eskew\AppData\Local\uninstallro.exe
    Task: {F63D0CAD-069D-4C96-B0F0-18E7372DD452} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001Core1d257fbdbfad668 => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    ==================== Loaded Modules (Whitelisted) ==============
     
    2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2016-12-14 07:57 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2016-10-17 07:45 - 2016-12-29 07:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
    2015-06-23 14:11 - 2015-06-23 14:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    2017-01-05 17:36 - 2017-01-05 17:36 - 00077824 _____ () C:\Program Files (x86)\dataup\dataup.exe
    2016-07-05 07:08 - 2016-06-03 02:22 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
    2016-12-14 07:57 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
    2013-06-19 23:45 - 2013-06-19 23:45 - 03317616 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
    2016-10-17 11:35 - 2016-10-17 11:35 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
    2017-01-10 16:50 - 2016-12-21 02:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
    2017-01-10 16:50 - 2016-12-21 01:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2017-01-10 16:50 - 2016-12-21 01:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2017-01-10 16:50 - 2016-12-21 01:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
    2017-01-10 16:50 - 2016-12-21 01:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
    2017-01-10 16:50 - 2016-12-21 01:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2017-01-10 16:50 - 2016-12-21 01:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2017-02-22 06:53 - 2017-02-22 06:54 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    2017-02-22 06:53 - 2017-02-22 06:54 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
    2017-02-22 06:53 - 2017-02-22 06:54 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
    2017-02-06 11:48 - 2017-02-06 11:48 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
    2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
    2016-06-30 19:12 - 2016-06-30 19:12 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
    2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
    2016-06-30 19:12 - 2016-06-30 19:12 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
    2016-06-30 19:12 - 2016-06-30 19:12 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
    2016-06-30 19:12 - 2016-06-30 19:12 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
    2017-01-13 20:09 - 2017-01-13 20:09 - 00896512 _____ () C:\Program Files (x86)\svcvmx\svcvmx.exe
    2017-01-20 20:18 - 2017-01-20 20:18 - 01087488 _____ () C:\Program Files (x86)\svcvmx\vmxclient.exe
    2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
    2014-05-14 11:45 - 2014-05-14 11:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll
    2016-09-21 23:32 - 2016-09-21 23:32 - 00224768 _____ () C:\Program Files (x86)\dataup\help_dll.dll
    2016-07-05 07:08 - 2016-06-03 02:22 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
    2014-11-27 22:27 - 2014-10-07 16:43 - 03174184 _____ () C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS VENTUS Mouse\VentusOsd.dll
    2017-02-06 17:23 - 2017-02-01 04:01 - 01870168 _____ () C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
    2017-02-06 17:23 - 2017-02-01 04:01 - 00085848 _____ () C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\libegl.dll
    2017-01-14 19:40 - 2017-01-14 19:40 - 53460992 _____ () C:\Program Files (x86)\svcvmx\libcef.dll
    2016-05-31 11:43 - 2016-05-31 11:43 - 01976832 _____ () C:\Program Files (x86)\svcvmx\libglesv2.dll
    2016-05-31 11:44 - 2016-05-31 11:44 - 00075264 _____ () C:\Program Files (x86)\svcvmx\libegl.dll
    2016-12-14 07:57 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2016-06-15 17:15 - 2016-06-15 17:15 - 17599640 _____ () C:\Program Files (x86)\svcvmx\pepflashplayer.dll
     
    ==================== Alternate Data Streams (Whitelisted) =========
     
    (If an entry is included in the fixlist, only the ADS will be removed.)
     
     
    ==================== Safe Mode (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
     
    ==================== Association (Whitelisted) ===============
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
     
     
    ==================== Internet Explorer trusted/restricted ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry.)
     
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\clonewarsadventures.com -> clonewarsadventures.com
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\freerealms.com -> freerealms.com
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\genieo.com -> hxxp://search.genieo.com
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\soe.com -> soe.com
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\sony.com -> sony.com
     
    ==================== Hosts content: ===============================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
     
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Eskew\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\6926074-cool-backgrounds-desktop.jpg
    DNS Servers: 192.168.2.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
    HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
    HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
    HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
    HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
    HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
    HKLM\...\StartupApproved\Run32: => "APSDaemon"
    HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
    HKLM\...\StartupApproved\Run32: => "Razer Synapse"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Spotify"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Spotify Web Helper"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Steam"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "EvolveClient"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Pando Media Booster"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "uTorrent"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Free Mahjong Games"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Discord"
     
    ==================== FirewallRules (Whitelisted) ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{C5652AC9-C68E-45B3-9595-0136D8FEE61C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
    FirewallRules: [{E3C34B49-ED3F-423C-A3B4-FBE5EA357807}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
    FirewallRules: [UDP Query User{53DF9442-EFF3-496F-9589-F3B3BF796535}C:\users\eskew\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eskew\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [TCP Query User{789B1715-4EAD-4486-B0CA-C25736F3DC5D}C:\users\eskew\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eskew\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [{08F163C6-5B28-4089-ABB5-FFDAEA27CA6E}] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
    FirewallRules: [{43D4B8EA-424C-44A2-B662-2DD9889D437E}] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
    FirewallRules: [UDP Query User{443B0FA0-7448-4F41-88B8-AFF91FD282A4}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
    FirewallRules: [TCP Query User{7F798589-9D79-4E55-B200-A62F5F5E06EE}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
    FirewallRules: [{F727C66F-6B67-4C50-9EEC-39B2FA9EA516}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Paladins\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{A76B1AB0-EF9E-41B7-BF49-68AF08965644}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Paladins\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{689219CB-51E4-49D0-842F-60D6EDF9EE38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
    FirewallRules: [{9AE8F4DB-B112-4EC3-8C1B-62A146F5942B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
    FirewallRules: [{DC6C3319-9BD7-498E-AF1D-528F9994076F}] => (Block) C:\program files\java\jre1.8.0_101\bin\javaw.exe
    FirewallRules: [{9F83F63A-2EBE-4F23-931B-849B41BB312C}] => (Block) C:\program files\java\jre1.8.0_101\bin\javaw.exe
    FirewallRules: [UDP Query User{4FA2DA4B-9C72-4E6F-A865-225D3E29EB0E}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
    FirewallRules: [TCP Query User{A18FFF3B-A695-4CE6-9880-F5B90F4EF80A}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
    FirewallRules: [{759A6D99-A4BE-4AE8-A1B5-B48C6FA632E9}] => (Block) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
    FirewallRules: [{DC4939D8-9347-4108-806A-4D96052D2130}] => (Block) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{F6EF9304-C3BB-4CA6-AD4A-323515B199E8}C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{808ED691-7B4A-4884-8F6E-50795EFF4419}C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
    FirewallRules: [{0ECD3F9F-6920-4648-8563-33D61471BD64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
    FirewallRules: [{C404A64D-4816-4FD1-BB2C-75EF6FFA0F54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
    FirewallRules: [{9A7E3A3F-348D-4C76-989F-FE8A686ED5A8}] => (Block) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [{CD750997-7273-48F2-8CA1-81CAC47E0B40}] => (Block) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{4AB01451-7B36-4FC6-9FFC-EF63D2055A2A}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{28A5F0AE-36BA-4D85-8B59-21BF61F762BA}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [{29F39C1C-8700-4351-B74F-EE32BEB0A80C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{60754CC7-2671-4C21-AEB1-390BFC232435}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{DFC70AC3-12EB-4D7A-8876-65822C86C64F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{5247466D-4DDC-4127-9512-08BC3B1CCDA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{2D2A8444-A5F1-405A-90E3-0795CBAE949B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{49A6075A-BC38-4762-8805-67BBA59BB1F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{2D2EA61F-F4F8-4E59-B1F2-09ED6F0D940A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{D542E109-6B0A-4027-A579-EA9E51322B78}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{B9FD509F-542D-48AA-B960-0B3634D1B1B3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{D6CD9F7B-6F14-426A-9B4E-3289A63B4E69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka 2\engine\Magicka2.exe
    FirewallRules: [{BE6F2DF3-933C-4C81-811D-428BCE328393}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka 2\engine\Magicka2.exe
    FirewallRules: [UDP Query User{188442E6-91AB-4FD6-9FBF-CE31D6996C6C}C:\program files\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_92\bin\javaw.exe
    FirewallRules: [TCP Query User{359C51DA-7834-4FCB-81D2-F8B588778C62}C:\program files\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_92\bin\javaw.exe
    FirewallRules: [UDP Query User{59720194-978E-4C8F-BF83-62C4F0946683}C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
    FirewallRules: [TCP Query User{F56A6D76-B3E2-4B5F-8475-989BFF0C3777}C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
    FirewallRules: [{24C91BDA-5DF3-4E29-8ABA-295C33BBDBE4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chronicle\Chronicle.exe
    FirewallRules: [{FF7F79D0-0F1B-45C9-966E-1469CEF1B155}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chronicle\Chronicle.exe
    FirewallRules: [UDP Query User{BCC43D6A-1C9B-43E6-B2C7-D8421FB125AE}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
    FirewallRules: [TCP Query User{ED0291AF-E1EE-4684-A183-7B1A27D6B643}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
    FirewallRules: [UDP Query User{46681C6E-7546-4B52-9881-DFD7CD62C13C}C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{26898491-322A-4021-A5CB-5B68E66D527C}C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe
    FirewallRules: [{E46F1158-D4F7-4661-B8E4-7F82EB339AED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Instant Dungeon!\bin\instantdungeon.exe
    FirewallRules: [{6A4094A5-7975-42FB-ABAE-A9B901BED62C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Instant Dungeon!\bin\instantdungeon.exe
    FirewallRules: [{4D6F1C54-98D1-4244-8FE9-C8B3450FEA17}] => (Block) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
    FirewallRules: [{EBD60850-2F12-4A3F-8851-6E6023FC3533}] => (Block) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{52AD9C15-A3FA-4A6F-AD22-5AB5AD78ED1B}C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{ADFCA11F-2BAD-4186-8B08-C23937F2AD68}C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
    FirewallRules: [{A2658393-E8F5-43A2-B9C8-E4F488D9ECD8}] => (Block) C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe
    FirewallRules: [{41BCD1F8-E3D2-46D6-B537-DA31A59765BE}] => (Block) C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe
    FirewallRules: [UDP Query User{6CEDB2A2-B395-4FB5-A541-D251F86790D4}C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe] => (Allow) C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe
    FirewallRules: [TCP Query User{E0F566F5-A9FB-4653-8204-DB4204997963}C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe] => (Allow) C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe
    FirewallRules: [{494A8809-FF61-4B6A-A791-88C34A947BE5}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{B83D9B01-F72E-4BF2-8F68-D7432F3C39DC}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{D545C17C-5402-493E-935B-AC64AB4D52B8}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{9480CDA7-FCCA-442F-B64F-7A26353822DD}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{AA448F59-2A6E-4B72-88E6-DCDAD5D93C96}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{BE9B94E6-1C8B-4AE6-AEF2-93AF6A1E7DDF}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{269D48B0-D1F5-49EC-8A33-B1451EAE405A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{816FBEFF-133D-44BE-B774-5EA783E12338}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{51DB5B1F-4FA2-430B-B950-ABFF94497918}] => (Block) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
    FirewallRules: [{674D7293-C5B3-4F41-B0B6-0F4EB035369F}] => (Block) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{95CBE8EC-B639-4D1E-9D18-93A14255D4B6}C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{A07818E0-E64C-4E2E-9C34-338B497263DB}C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
    FirewallRules: [{F3B1EA0F-4E33-41BD-BCD5-7CE2F7E57C5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{912A511B-5519-4638-8882-FDD307526D99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{F2478B16-823C-4695-A153-605CA44DE3F2}] => (Block) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
    FirewallRules: [{71EE9503-AC48-4AFE-8925-5C6AD3796D2B}] => (Block) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{081322BB-BB0E-44A5-88D5-8E9D19FBEBF0}C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{8ADC0EEE-C5C2-4C4A-8A74-79D021EF61EB}C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
    FirewallRules: [{352BE075-7FD9-4527-827F-E2EE783DF1C7}] => (Block) C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe
    FirewallRules: [{CB6FC3CC-BD50-4FB4-861B-3B24B8ACD07E}] => (Block) C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe
    FirewallRules: [UDP Query User{6ADC5327-3C73-4276-8B6D-D53992B89050}C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe
    FirewallRules: [TCP Query User{7925AC55-E7CF-4B89-BF00-CD995D07FBA8}C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe
    FirewallRules: [{F54E3BA1-977F-47A3-841E-F1DDD2C75182}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Project Zomboid Dedicated Server\ProjectZomboid64.exe
    FirewallRules: [{73B047D1-17F7-4C37-9483-C76F5D068079}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Project Zomboid Dedicated Server\ProjectZomboid64.exe
    FirewallRules: [{65D6F146-C366-46B6-BAD0-DDE08AF3DE1E}] => (Block) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [{D9322CBA-8D58-465E-8B5F-05FA60B33771}] => (Block) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [UDP Query User{F9C986AE-486B-41DE-8F6A-A8348D2C0928}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [TCP Query User{00FA93B1-E68C-4973-9F4D-B5C173A6A2B6}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [{3F295F88-8B08-47E6-83FC-F2575163C25F}] => (Block) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
    FirewallRules: [{BD8E1259-078B-4975-AD7E-F969E51D63D6}] => (Block) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
    FirewallRules: [UDP Query User{8455F34D-B2CC-4D6D-8B19-29108D2BFDB6}C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
    FirewallRules: [TCP Query User{F31558B0-C735-4AD6-B43D-A615C935DAC4}C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
    FirewallRules: [{E342A7CE-03FF-4A79-9595-D53277A0CA61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
    FirewallRules: [{6348AD98-9D24-4CCD-A6FA-30C2DB5719B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
    FirewallRules: [{017255D7-371F-447E-98EC-B31BCBF27F10}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid32.exe
    FirewallRules: [{A2BB8799-0C5E-4D3F-AAFD-EE2D3096F390}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid32.exe
    FirewallRules: [{1CBCAEAF-B9A0-4DEA-AFE9-105CA90D5CA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win64\UDK.exe
    FirewallRules: [{B7F79E19-6AAB-48E1-A110-572E700FF9E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win64\UDK.exe
    FirewallRules: [{A4B5A2B4-6B6E-41CE-9CDF-D1003D5F086B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win32\UDK.exe
    FirewallRules: [{6496FE8F-E784-4821-A737-903618217E73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win32\UDK.exe
    FirewallRules: [{59874DFF-6F70-410E-8D5A-A9810FCFC380}] => (Block) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
    FirewallRules: [{1AA9AA47-E317-41BF-BB36-1BA3728CEC37}] => (Block) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{81FC4DD7-08C9-42BE-80E5-CB7DC04E3BDA}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{A23E57CA-D3CD-4BA4-AF9E-C9F0B2E1B2AC}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
    FirewallRules: [{96EA9B7F-37E6-4782-8CA8-BAA1AF9F48AC}] => (Block) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
    FirewallRules: [{807DA272-445C-431C-BC8E-634FC7612603}] => (Block) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{13AABE66-5512-4930-BDEA-B848773EAB8C}C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{AD8E3720-CBF6-4D0F-A75F-2995C206DABA}C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{1377C921-1551-41D0-A0E3-8455F8E5D82A}C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{944E90ED-69C5-4D81-809A-D90ADBFDEC1A}C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
    FirewallRules: [{8675C87C-B63C-4192-A4CB-D13B9CBB0C26}] => (Block) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
    FirewallRules: [{EA989A95-E165-4470-AB22-FD3FF12A0CA6}] => (Block) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{FDC982AB-D698-4E02-A968-1BB314FA19FF}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{524C20EB-D0CF-48BF-AABC-02C5B02FD43D}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{8656E366-401C-4BF8-9F5D-C6DDBDB652B5}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
    FirewallRules: [TCP Query User{BF5163AA-8F7B-4A8F-B164-F05E0D9F4325}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
    FirewallRules: [{976BB0F0-2C25-4219-8CC1-AC87AFAB4BD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
    FirewallRules: [{8FAB2DE4-1381-46C8-AB53-5231A79CD049}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
    FirewallRules: [{2522A6C2-24F5-4BC2-B689-72F34F42DEB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exe
    FirewallRules: [{65E0B3F6-53F9-49A1-BB09-ABC6E7BB2572}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exe
    FirewallRules: [{F1151460-4146-4DA8-9BEB-8A0F9A8D3EB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
    FirewallRules: [{2FA8444E-8EAC-4022-8B2D-83C0252A50AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
    FirewallRules: [{8DFCC7B1-11BE-42C3-9181-405BEF2E59BB}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{2C17D8D6-BD18-448A-9881-B5C98BEEA43F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{049D419A-5EE0-43CD-8B30-D64DBD4DC913}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{04E47672-E680-4B25-8FE7-4A04B0173351}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{8B7B1417-D1E6-4090-BF96-26DD21B827C5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{F6F21453-4FCC-44E4-A913-A437198DB298}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guild of Dungeoneering\dungeoneering.exe
    FirewallRules: [{1E20A117-C8FF-4D38-84AA-28FA1446DB3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guild of Dungeoneering\dungeoneering.exe
    FirewallRules: [UDP Query User{772C82F0-4B50-486D-90C7-AD79BE648CEC}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
    FirewallRules: [TCP Query User{967A207F-DF38-497D-A895-192552EAAD6F}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
    FirewallRules: [{D77DAA36-B60F-4A8B-B657-C48998D0C874}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
    FirewallRules: [{E0D978CE-DE8F-447D-A57C-1E39DA268050}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
    FirewallRules: [UDP Query User{01C7274E-0635-4208-9FCC-3F63E2E1A206}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{CACBCDF0-CD76-4343-BD4F-F2E2448F19B0}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{ED7ABC0D-1986-4344-944D-6CD80A5F7D2A}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
    FirewallRules: [TCP Query User{8BD62EB2-2767-4E85-BD5B-E1C503C8D26F}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
    FirewallRules: [{AAFEAE83-176B-4DAE-BAAF-3669CFCDE641}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
    FirewallRules: [{B7E68FD3-4B05-4FB4-A1C7-224D5F68E659}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
    FirewallRules: [UDP Query User{5A68E45B-EA81-42E3-B1E0-58F3B6687A32}C:\users\eskew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eskew\appdata\roaming\spotify\spotify.exe
    FirewallRules: [TCP Query User{F825687C-606F-4337-8168-8ED6B8B26215}C:\users\eskew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eskew\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{B84C352C-B84B-4D2B-8016-1020298093F7}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
    FirewallRules: [{67BA0047-F06F-40FB-A906-E5906FC95491}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{87AF74AA-98E1-4353-A586-6D587C6F007A}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{4B6E2F9E-E771-4D5B-8A94-BFFE2FC34EF8}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
    FirewallRules: [{4FCF659D-0841-4328-BEC6-35ED3C97B573}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [{629607DD-9943-4E04-B2E2-A08995B48806}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{DA340BD8-E5FA-4B41-AF89-6B0253C3170B}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{D8164110-2C99-4764-AF41-672530A922CF}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [{46C46BD3-3F59-4A7F-9F90-1602B16816B8}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
    FirewallRules: [{AC1D6983-7F93-4927-A845-ECAF176743F0}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{34C7F983-1357-402C-9974-3D865609407F}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{1D63E604-3DA5-43DA-AECF-341C4EC891BC}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
    FirewallRules: [{F721C625-7474-4BB8-8B5F-A0EE4691FA73}] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [{6B5AEF11-CC9A-41A1-ABB2-848AC93F6122}] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [UDP Query User{C80D652A-E93E-4A41-9411-157BF4ABCE90}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [TCP Query User{2B8E5443-6653-4545-B270-2B51D2869EA7}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [{1BA8A699-5B88-4978-8AF3-FCF1F9BDB76D}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [{53D157D0-26F1-4E94-9257-19E4FA19E473}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [UDP Query User{F2B2638D-94E1-4CC4-AF09-7E709D2E2389}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [TCP Query User{00BC6A53-4242-4729-AA2D-1D7BABCAD5C3}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [{27D79B84-02C7-4437-AE15-CBE082E434EE}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
    FirewallRules: [{E4290456-2BC2-4788-9088-C018AD3D1BE2}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{F0D85276-DF98-4F6E-9E69-D4AEB2E5BF61}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{A5444306-1310-46EA-A7C3-0646570DAF84}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
    FirewallRules: [{158F2EA5-0CAA-4FE4-A7FD-E3935B9AB210}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
    FirewallRules: [{488C75C1-CEF0-4C31-BB23-38EFE3E30A19}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{6250938F-B39B-4D6F-93F2-A26254172F13}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{DCA7BC27-A9E3-494B-9407-6D9646E6853E}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
    FirewallRules: [{29299EB9-772E-4AA0-B7B3-CF0BBBFBC6F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [{E8BC3962-FF3A-4C29-8E8C-A647457395EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{5B5BE4D9-49C9-460C-955D-04D16E32A449}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{B32BA7DB-F950-408D-85E8-8BB49A0FD449}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{8690A699-7D5D-43DE-A6C7-8AC0594D15D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{D1962BC6-CC32-4E29-B34E-7A86FC506C43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{7CA8FE1E-467B-46ED-8E3A-AC021D68AB5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [{2B7B1E43-57CB-4430-8AAD-50D8C7C8864F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{ACDDDED2-BC66-4815-8161-061FCC1DF6A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{5BD6366A-3229-4030-B19A-123547EA5A80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{729F005F-EAF5-4FBB-96BA-3F00DB9851AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{3650BB56-943A-4CF2-A240-EB93BC8ECE5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [UDP Query User{65366372-1E9B-4539-B442-FC49320C638F}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{45751F75-4EDA-4C6C-BB13-AB717EE0FAE7}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
    FirewallRules: [{A5BAE59E-379B-4B80-9B03-2C3767478350}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [{4C6E0365-8C02-4E15-88AD-BA95DB934FDD}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [{27CFACCD-EB72-42A5-BEFC-6D989DC093FF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    FirewallRules: [{1500E4C5-F476-4CE0-B883-2EA6DBE4DBB5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    FirewallRules: [{6779208D-6A39-4499-8659-2B0E1498D37C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
    FirewallRules: [{D3F1C6F7-0111-4C06-8C3E-AFC1CA6D6158}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
    FirewallRules: [{66D10DB5-63FB-4D50-A008-B7327054331C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    FirewallRules: [{56FD8CF5-8094-465B-87C4-FA75C0150560}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    FirewallRules: [{79A96380-F239-4CEE-ABD0-1C89E79F0221}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
    FirewallRules: [{433084C9-E939-476F-ABF6-2D0583E79677}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
    FirewallRules: [{2CB9C27D-2DEB-4A43-A342-2DC801CA7735}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{07EEE626-4104-4676-9436-F9E7BB37E923}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{2C1189AB-CD11-48AC-87CF-74E5E01C89EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
    FirewallRules: [{8F864BDF-864A-4684-BEE4-3D09CCB5CB9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
    FirewallRules: [UDP Query User{D2C756D5-3562-4E6B-918B-9E479E20FAA7}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
    FirewallRules: [TCP Query User{AABE563C-446A-496E-8929-9221C958C93B}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
    FirewallRules: [{FEA6925D-AFA8-49B0-ABB4-D9E4794A6164}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{3507BE52-5C14-49D0-A909-EE32B3C3E977}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{A277961D-320F-472E-B36B-3EC2F31CC8D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe
    FirewallRules: [{432A7438-1581-4137-8538-91E0327AF46D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe
    FirewallRules: [{D82CB721-3898-4FB9-810F-B45B4DF998DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pixel Piracy\PixelPiracy.exe
    FirewallRules: [{F0DDD9ED-4E46-4307-BFD1-080283040E1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pixel Piracy\PixelPiracy.exe
    FirewallRules: [{3F343D5E-B008-475B-9821-131ADF2D6A35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{9CC51CC6-9DC3-4703-A0D7-9C04692A7AF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{4309C819-29CF-4B4C-80E7-63C3009FB764}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
    FirewallRules: [{DED4B7DD-1D85-4D1E-AC6D-EF98E2346F2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
    FirewallRules: [UDP Query User{F798A0DF-0B91-47F7-94D8-E84C1042086F}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
    FirewallRules: [TCP Query User{488043AD-4F39-424C-94D4-1C019D8304DD}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
    FirewallRules: [UDP Query User{2FAD617D-53CE-44FA-925D-E9C95D1CDBBB}C:\users\eskew\appdata\local\roblox\versions\version-690117d1a88742de\robloxstudiobeta.exe] => (Allow) C:\users\eskew\appdata\local\roblox\versions\version-690117d1a88742de\robloxstudiobeta.exe
    FirewallRules: [TCP Query User{F76C0655-DAD5-4364-B571-3997BDB347AC}C:\users\eskew\appdata\local\roblox\versions\version-690117d1a88742de\robloxstudiobeta.exe] => (Allow) C:\users\eskew\appdata\local\roblox\versions\version-690117d1a88742de\robloxstudiobeta.exe
    FirewallRules: [{462EF32A-E6BF-4950-A180-2E09CD5A6FFA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
    FirewallRules: [{C939007C-0BB0-444A-804B-2D95F7F4C4FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
    FirewallRules: [UDP Query User{D33D09A6-5F14-4AA7-BD31-F617857BDDF3}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{B8814D91-C19A-4F4F-B2CD-58A9F8B841D8}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{0286963B-A98A-4472-826A-CB6369C2D57E}C:\users\eskew\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\eskew\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
    FirewallRules: [TCP Query User{CDC8D4F5-881E-4AD4-B065-025FBDE2A9F7}C:\users\eskew\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\eskew\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
    FirewallRules: [{882F7DE9-1497-4072-A3B5-16EB65D0B829}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
    FirewallRules: [{CF840A47-0F05-4B12-A778-ADC1DF4FB0AF}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
    FirewallRules: [{727D7F74-91DA-4FF8-97AF-BADA1180BDE2}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
    FirewallRules: [{7CAAF848-F6EE-4258-8FFB-6ECCA7F4B507}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
    FirewallRules: [{6F94D2BD-B45F-4583-A572-0AF2554ACC01}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
    FirewallRules: [{7F088BD1-9B29-4A58-92CA-F03E7276E7F8}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
    FirewallRules: [{5D656651-A5F4-4DD5-828A-177F9F6A1B5F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
    FirewallRules: [{4DF20550-9CC7-448E-9B74-BF585DCAFF97}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
    FirewallRules: [{4EF1DFA3-FFCE-428A-91AD-5E053536590C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{D6617688-08F1-4418-BE3C-189FA444ECAF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{D193AB41-BEDC-4A4F-9FBB-4DFCF9CA5B3E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
    FirewallRules: [{24AE5643-3A77-4A25-BBE3-59DDC27381BD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
    FirewallRules: [UDP Query User{77A80E8D-D61E-4B30-8A99-98DADBE175CA}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
    FirewallRules: [TCP Query User{C63926D2-9E37-4A28-86D7-0978E8B10407}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
    FirewallRules: [UDP Query User{3C77E4B7-A7E6-4830-9D1A-ED7DBDC08F99}C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
    FirewallRules: [TCP Query User{C3748463-D552-4DDA-B96B-9341DDDD68FF}C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
    FirewallRules: [{66ADD3EA-8898-45A7-8C4A-37D220A2493C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{39E9DAA7-CA0D-46F7-82F9-52C87EADFC52}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [UDP Query User{39E0FA79-E8CD-458C-8465-501D7E1CC57C}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
    FirewallRules: [TCP Query User{28A2EE4A-BACA-4CB1-BDCF-34E05BBC903B}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
    FirewallRules: [{D0DE57AA-49BE-4D79-87E8-0D454849E613}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
    FirewallRules: [{9FAFCB57-0466-4B12-98AF-4D75DFC786FB}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
    FirewallRules: [{18E91F99-ADE6-4911-AF6D-68FBD305C95F}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
    FirewallRules: [{AE970FF9-00D9-4A7D-A6DD-577AF4C674AD}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
    FirewallRules: [{AD8284F2-1465-4FF1-9183-5A8DAE3D21D7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [{904805D9-1590-409F-B5E4-DC34F955CEF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [UDP Query User{2EF22253-4F41-423E-9ADD-5228B3DEE986}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
    FirewallRules: [TCP Query User{E6CEF907-F362-4DEF-B0AE-4084F2ACFDF4}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
    FirewallRules: [UDP Query User{2889BC7D-3D7D-4DF4-847C-6E3240862F9C}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [TCP Query User{C79B9B61-7D90-4315-AF0A-EA145431ADD4}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [{E085033A-29D8-4044-B9E4-D8DF3A8F5EF4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [{28F48236-2208-4DA7-A341-E92FD61276E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [UDP Query User{BAC210B7-3E2B-43E6-A250-04D8C239DFE8}C:\users\eskew\kag-beta\kag.exe] => (Allow) C:\users\eskew\kag-beta\kag.exe
    FirewallRules: [TCP Query User{0680FB6D-6A62-4D26-9A12-136CCA085BCA}C:\users\eskew\kag-beta\kag.exe] => (Allow) C:\users\eskew\kag-beta\kag.exe
    FirewallRules: [{C6904E55-EFE8-4D2C-9FD9-5E1B5C042FC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
    FirewallRules: [{BF130B46-151A-4DC0-B392-2EB7AE3DBFC2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
    FirewallRules: [{BC82BB4D-A707-4F7D-BE6E-B9EA8ED115A2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [{6ABC15CC-2EB5-4D08-AA67-CE42220BC680}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [{E6912596-3290-445E-8081-B3EE26A2C166}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{BEEC0F47-12EA-4686-BD92-244E61561063}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{9040F65D-DDB4-4A49-9E62-CF2169B038ED}] => (Allow) C:\Windows\SysWOW64\javaws.exe
    FirewallRules: [{2342D790-2291-4C84-AADA-4600B996237B}] => (Allow) C:\Windows\SysWOW64\javaws.exe
    FirewallRules: [{4ED38164-8E3A-4476-9749-EC99E02116E9}] => (Allow) C:\Windows\SysWOW64\javaws.exe
    FirewallRules: [{D058ED8A-EA75-4572-BA8E-A62AA63D1094}] => (Allow) C:\Windows\SysWOW64\javaws.exe
    FirewallRules: [{97BBAA5D-0269-4B91-ACBA-BBEAB69C2329}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
    FirewallRules: [{33C85BAF-A7B1-4C87-90AE-698F2B615A2D}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
    FirewallRules: [{11AD28E4-D36A-4376-85EC-BCF766AD8D0B}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
    FirewallRules: [{31B102E3-3AE7-413E-A4C9-DC0F172F2481}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
    FirewallRules: [{CD9B8F7D-7219-47AC-9BF9-858D2694796F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
    FirewallRules: [{64494BDA-DA5F-4748-8A72-B6A6DFAB236C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
    FirewallRules: [{E4350CED-0E8F-401E-90BB-F6ADA010E7A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{C94CEC50-5384-4DC9-B591-D1CA5BF899A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [UDP Query User{9DEBCF8E-CB10-4E1C-A945-9B42914445DF}C:\program files (x86)\infinitecrisis\infinitecrisis.exe] => (Allow) C:\program files (x86)\infinitecrisis\infinitecrisis.exe
    FirewallRules: [TCP Query User{D270D2FE-0A71-47DA-86A3-158AE2D62A69}C:\program files (x86)\infinitecrisis\infinitecrisis.exe] => (Allow) C:\program files (x86)\infinitecrisis\infinitecrisis.exe
    FirewallRules: [{02A55193-E5EE-47A2-AD1C-5DD374A6CB92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{37EBD480-83EF-4726-89B4-53399C462615}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{FF9E5B5E-BC43-4973-ABBD-57806AC0E585}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{71F225AD-A723-4E86-860A-E4321EF912B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{359F67E8-20E4-4FA8-844B-48F160AD2ED0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
    FirewallRules: [{73977880-CBB6-49D8-AEB4-70073C700CF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
    FirewallRules: [{C8A6C7F9-121F-4CB5-9004-5072EBBE8A06}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{29C5D8D9-E872-4ABD-89F7-3C0B681FB7A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{29B60F48-08E2-4EEB-BCA3-582840880D34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
    FirewallRules: [{9F4E5BFB-647E-4D69-855E-F5480E9DC3E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
    FirewallRules: [{70D5AA57-7468-4358-A7AF-486E39963D04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{F49F843E-74EF-4EFF-8A96-D2502B328762}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [UDP Query User{CB59A18A-514C-460F-BDB9-C1DE251886D9}C:\users\eskew\desktop\new folder\7 days to die alpha 4 x86 cracked\7daystodie.exe] => (Block) C:\users\eskew\desktop\new folder\7 days to die alpha 4 x86 cracked\7daystodie.exe
    FirewallRules: [TCP Query User{1502BABB-ACFF-4CC7-BD17-58F9B6B0A994}C:\users\eskew\desktop\new folder\7 days to die alpha 4 x86 cracked\7daystodie.exe] => (Block) C:\users\eskew\desktop\new folder\7 days to die alpha 4 x86 cracked\7daystodie.exe
    FirewallRules: [{51AAC650-7E08-465C-8A0F-A05F410DE9EF}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{B2090C5B-884C-4524-9100-590098663059}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{51F3D22E-20A8-43E6-BC71-C17CFA6F2C7C}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{6FC1C550-C981-455E-9FF9-50B9C5A50702}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{CBB40C8D-B530-4778-BBD2-64EB2FB82ED3}] => (Allow) LPort=2869
    FirewallRules: [{FF47D2AC-0BAA-4867-A12D-80A78EC37C62}] => (Allow) LPort=1900
    FirewallRules: [{129D72B3-0F31-468A-80E0-5EA1CC86329F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{93FF6E1B-342B-4E62-BB25-B86A00B67734}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{4D92535A-1C04-41B4-86DD-246E237CCE60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DC Universe Online\LaunchPad.exe
    FirewallRules: [{71FCEEF0-CCB1-4803-9964-C54391C8A33E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DC Universe Online\LaunchPad.exe
    FirewallRules: [{5A6E21B4-6E1D-419B-84C7-37004433CACF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\ameskew\garrysmod\hl2.exe
    FirewallRules: [{8753C357-7DAC-4B01-8C16-2EF867425495}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\ameskew\garrysmod\hl2.exe
    FirewallRules: [{640DF447-7CF4-48B2-A8CE-136C7BBF167F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Home\home-win-eng.exe
    FirewallRules: [{AF3D6A11-6D36-4C03-B0B1-BE6733031AD2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Home\home-win-eng.exe
    FirewallRules: [{9687C0E9-F850-4769-885B-9B33BDB84787}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
    FirewallRules: [{BC5091A9-1BDD-493C-B12C-4D6A55E7F0A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
    FirewallRules: [{C28C3756-0EC9-4EDF-9A93-8CF13B3288EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
    FirewallRules: [{A2784F60-B248-4325-A22C-838E8E2C97C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
    FirewallRules: [{993FD205-6FF2-4E8F-AE95-DB4C62B57262}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
    FirewallRules: [{01F9C409-73DD-47E3-BE35-55401391B2CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
    FirewallRules: [{0BE90592-5C08-4185-A7BC-66C69A50FA18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
    FirewallRules: [{300544C8-A45F-473C-BF6E-B69106BBD518}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
    FirewallRules: [TCP Query User{7C9DBE65-76D8-4D25-B19D-4E0DA12E989E}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe
    FirewallRules: [UDP Query User{57CAD985-C0DA-4602-B307-2FA8ECB1FEFB}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe
    FirewallRules: [{083275FC-DF56-4BF0-B8F6-5B3295282F65}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{3727DC60-5123-4E27-9B81-B811DA5827D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{377DC8E0-99F1-450D-95DC-A1553B82A764}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{6396D7ED-D40E-4F8C-93D7-225ADDB1B822}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{2BDD0805-B813-49E8-8E94-690694F6F5B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeons and Dragons Online\TurbineInvoker.exe
    FirewallRules: [{1DC97F4B-75B6-4B01-89A6-4A3269CDF404}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeons and Dragons Online\TurbineInvoker.exe
    FirewallRules: [TCP Query User{8DC8EB89-D591-42C6-9028-549F66ABAA96}C:\users\eskew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eskew\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{A962C5C5-5160-45B6-84C4-CC9F2E1EDD87}C:\users\eskew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eskew\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{9FEFA130-AB38-4007-B567-B490FE298519}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\zanarisfate\garrysmod\hl2.exe
    FirewallRules: [{936DCAD8-D74E-48B4-95C7-49D68FFE5871}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\zanarisfate\garrysmod\hl2.exe
    FirewallRules: [{95088223-0492-4E09-9E66-5889E0CD9F98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MapleStory\nxsteam.exe
    FirewallRules: [{47B7A179-1C07-4B43-BCAD-96C16405A7F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MapleStory\nxsteam.exe
    FirewallRules: [TCP Query User{9D9C0F06-C16E-454F-A09F-2E0968EF1035}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{C696358D-8365-4F73-A157-117132A21691}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{15BA5031-0EE7-4A51-8E30-9ED70C2311FD}] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{1EB996D9-290A-41D4-9B6C-DDAE52609207}] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{B3B02E27-19A0-4D92-86B0-93BA62E08CCC}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{EF42FCEB-0A56-4D0D-BEAC-D500887EC822}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{CD219F44-BE23-408F-900A-9115E87CBA45}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
    FirewallRules: [{96EDE56A-911A-4F91-A032-87845EB91380}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
    FirewallRules: [{0CD0A5BA-26F9-4638-9CFA-F03A45B84F15}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{47CBF0FC-517B-4924-9A74-DE2EEC586D90}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{C764C2F2-16D8-4FB2-87C9-295876EBF6B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
    FirewallRules: [{2E48FB1D-D9CB-471E-9D18-E388E2A598B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
    FirewallRules: [{6EAB85AA-CA27-42BC-9191-22106EDA37B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
    FirewallRules: [{321ECD84-8543-40C8-8F55-15CD066F8421}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
    FirewallRules: [TCP Query User{82070E4A-4BCB-4769-959F-B8BF5948BAB4}C:\program files (x86)\steam\steamapps\zanarisfate\garrysmod\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\zanarisfate\garrysmod\hl2.exe
    FirewallRules: [UDP Query User{B6542556-E585-44B3-9DF4-85F55400BA1D}C:\program files (x86)\steam\steamapps\zanarisfate\garrysmod\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\zanarisfate\garrysmod\hl2.exe
    FirewallRules: [{F7954F26-32D2-4584-9FF3-25CDEF9E8DE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
    FirewallRules: [{767E7EA8-F930-480F-A4CD-EB530BB5055F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
    FirewallRules: [TCP Query User{A4C152BC-420C-404B-8829-B398C76BCA76}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{D7080420-50A9-487C-85DF-DFC60308863B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
    FirewallRules: [TCP Query User{046BEE4B-CA80-4EB5-ABCF-970030F376B7}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
    FirewallRules: [UDP Query User{53AF9705-1AAF-4974-B4C7-F2B2F52A8FF4}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
    FirewallRules: [{6F2FF07B-F3B5-4A0C-9EB7-63D4FD087684}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
    FirewallRules: [{AD6FFDF5-033A-48B0-A836-469824A8B338}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
    FirewallRules: [TCP Query User{E2C52AB1-8542-4A96-A3AC-FC3F03944A00}C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
    FirewallRules: [UDP Query User{FC211E3A-F862-4C68-8259-27557F111AFB}C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
    FirewallRules: [{CD6FDFD1-96E4-40A8-B2B2-8B032EAF5AA4}] => (Block) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
    FirewallRules: [{E441DB00-E00C-4923-B88C-35738BA3F3ED}] => (Block) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
    FirewallRules: [TCP Query User{D4B16E9D-FF24-41B5-846A-AC99347D4E68}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
    FirewallRules: [UDP Query User{1D9CBAD3-8477-4942-A73B-1FF6901C1CF0}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
    FirewallRules: [{3918B90C-99CA-4628-9484-C169043639AD}] => (Block) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
    FirewallRules: [{5C5CD840-490C-4C67-B883-1DB3778C4531}] => (Block) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
    FirewallRules: [TCP Query User{47E45C5A-FCB5-4B73-84A8-C5EB0DD971A9}C:\users\eskew\kag\kag.exe] => (Allow) C:\users\eskew\kag\kag.exe
    FirewallRules: [UDP Query User{7F0E2DF6-2F6B-41F8-AFB6-D42631E20861}C:\users\eskew\kag\kag.exe] => (Allow) C:\users\eskew\kag\kag.exe
    FirewallRules: [{110EDBBB-525D-4468-814B-6B0B00772DA0}] => (Block) C:\users\eskew\kag\kag.exe
    FirewallRules: [{F75C98CF-7E5F-4FFD-A505-94F1C490C0C8}] => (Block) C:\users\eskew\kag\kag.exe
    FirewallRules: [TCP Query User{777DE7FB-0F6F-4F84-93DC-AC58E79EEF75}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [UDP Query User{E32A2249-BCAE-4A1C-827E-F9E1820CED1F}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [{D96E8E8B-22F0-440B-9B89-909BB88390C6}] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [{A5CE8234-D717-4139-AE85-C5A216B242CD}] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [{1A109CF0-C1CF-4BE1-B517-13F1649BC3D0}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
    FirewallRules: [{FDA8BD91-761F-4781-9E30-083A725A9298}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
    FirewallRules: [{BC9ECEFB-42A5-40DA-87DB-DF5902E378E5}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
    FirewallRules: [{52304CCC-6D43-418E-8EEA-97187E7F0BD1}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
    FirewallRules: [{E512AB59-EF58-4107-90F9-E5113CC1CA06}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
    FirewallRules: [{F06EFD6C-40F0-45E1-8CD6-01B44670C6DF}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
    FirewallRules: [{6DE3B1AE-7E58-4C88-98C2-37D8F77B28C3}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
    FirewallRules: [{E5DAB6BD-8C91-4244-A06B-6357B33E0113}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
    FirewallRules: [{83FD3ADD-55AF-4231-AAB0-FE797016898B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{806B84E3-BDCC-447E-854C-43D815F14C0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{6C2DD3D1-7358-42FC-AFBC-B4F1098AFD02}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
    FirewallRules: [{2F482D6E-6530-4002-9A8C-495541F63D19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
    FirewallRules: [{2D175AD6-54C0-49C8-9853-8452FCC8C7FC}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe
    FirewallRules: [{73E103A8-4C47-4FEC-9B2C-69832C502F5B}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
    FirewallRules: [{9B5D6FC9-C1DE-4F53-ADCB-500161E895C3}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
    FirewallRules: [{C0D80DD9-23EF-428F-B54D-8135D23DB234}] => (Allow) LPort=26675
    FirewallRules: [{31430884-622E-4F15-862A-D4FD0E59D381}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
    FirewallRules: [{C1AE8BC7-AC94-4D7F-8CED-F742E79218F4}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
    FirewallRules: [{213E4368-D6D1-4513-AA0A-469899180459}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
    FirewallRules: [{E3DB1464-5CC6-447C-9E03-CA33847D412C}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
    FirewallRules: [TCP Query User{D28447DF-6261-4EC3-95E5-89DA95681564}C:\users\eskew\desktop\survivers_beta_3.exe] => (Allow) C:\users\eskew\desktop\survivers_beta_3.exe
    FirewallRules: [UDP Query User{310A90A6-C50E-4F2B-9027-F6951B655402}C:\users\eskew\desktop\survivers_beta_3.exe] => (Allow) C:\users\eskew\desktop\survivers_beta_3.exe
    FirewallRules: [{E39CC0DD-AA06-4CEB-8450-846B1A4036C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
    FirewallRules: [{37B52915-69F5-44F5-ABFD-3F37D434B467}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
    FirewallRules: [{093C521F-CFE7-4C88-BD14-D680D7339E82}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
    FirewallRules: [{7DBADAFE-67A0-4998-A6FA-CE40540BE374}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
    FirewallRules: [TCP Query User{C8AF1959-9DA9-4939-8115-0485E35E7BB7}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
    FirewallRules: [UDP Query User{5E0C3FA3-52B0-4A86-AAA5-45ECC89A67CB}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
    FirewallRules: [{328496CF-BC92-47B8-A144-B5DF314FE6A6}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
    FirewallRules: [TCP Query User{4B43DE08-66D7-416D-B426-C778CFAA08B8}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
    FirewallRules: [UDP Query User{78285864-8AA8-4209-B8D8-43C8CA8912BE}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
    FirewallRules: [{5DDA64F1-C0FD-420A-B5BE-1EDB6DF57BB4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
    FirewallRules: [{1BF002F2-DA63-4280-A638-A172917A30C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
    FirewallRules: [{611835FA-5AC0-4112-8FBD-448C7C490847}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{F0B0B6C7-285D-4FD0-BBFF-0D6BB0D27ABA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{4DE1DD98-CC2E-4580-A2FA-3D8B682F4830}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\Support\EA Help\Electronic_Arts_Technical_Support.htm
    FirewallRules: [{8269D734-8C8C-4046-9E5D-73F621E6063B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\Support\EA Help\Electronic_Arts_Technical_Support.htm
    FirewallRules: [{F92511A4-2E20-4112-9901-E2C7B9031D2B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{C6022C15-594E-495E-821E-1157BEABE48B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{BF861A46-2CBD-4B97-A9C2-E01FC2F9F243}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{DF077FEF-4869-432D-9FDD-B9736B2DF8EB}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{61A07A10-1EBB-488F-B3D2-69CE6AB7F4F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVR\tools\bin\win32\vrmonitor.exe
    FirewallRules: [{3799B790-F732-4A49-A1AA-3A50B797D6DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVR\tools\bin\win32\vrmonitor.exe
    FirewallRules: [{CCAD66F7-A59A-41F3-8E10-7B12A5673A3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
    FirewallRules: [{3E2C9F2B-C3D2-476F-9DAC-8027BEE0DBC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
    FirewallRules: [TCP Query User{1B47E641-47BA-499D-BAFF-53DD031CA322}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{02379281-1F29-4308-B3E5-8C2EA930DE43}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{CEAC703F-D40B-4020-AD40-43DC8F31456C}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{A762FE3A-E748-4E8F-A98F-E9C554F52C09}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{924DD697-036B-4728-B608-3681C5BD759F}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{3012E076-7E16-4CC6-AE99-21AEED75287D}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
    FirewallRules: [{3E0C1AB2-408A-4113-8731-C3EE85B6669F}] => (Block) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
    FirewallRules: [{6495C69E-4EA2-4A69-A562-CD30B2373EF1}] => (Block) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
    FirewallRules: [{3CE3A341-CE20-4FB5-9DD2-C85A526F4C45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
    FirewallRules: [{FBF7281B-9B4C-43DC-86A5-345EAEAFD4F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
    FirewallRules: [TCP Query User{A08CF092-B184-4E9E-AE43-BD1DC728D816}C:\users\eskew\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eskew\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [UDP Query User{FE90E4CA-D4DE-4967-9364-53B71C5CA7A4}C:\users\eskew\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eskew\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [TCP Query User{A6C80422-1FCC-49D9-8839-75324392D386}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{0185A545-410D-418E-AFF2-487D0FE7EB84}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
    FirewallRules: [{A936083E-A622-4E34-88B2-3C13425C8E6A}] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
    FirewallRules: [{13D4AFEE-153A-4311-877A-8EAF5B7E42F7}] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{9530A9FE-C412-45E2-B702-EC17FF2B3B2C}C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe] => (Allow) C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe
    FirewallRules: [UDP Query User{7B481E2E-44A0-44E0-ABEB-D78FE954DE15}C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe] => (Allow) C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe
    FirewallRules: [{0EA9F534-5B93-47B5-AE38-2F926FA9CFB0}] => (Block) C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe
    FirewallRules: [{8AA3277B-1624-40BB-90E2-228E9F34FB32}] => (Block) C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe
    FirewallRules: [TCP Query User{1A13436D-371A-459F-842E-4A598E20EB96}C:\program files (x86)\byond\bin\byond.exe] => (Block) C:\program files (x86)\byond\bin\byond.exe
    FirewallRules: [UDP Query User{9FD3A9F0-8115-42EB-803C-D611D9134C4F}C:\program files (x86)\byond\bin\byond.exe] => (Block) C:\program files (x86)\byond\bin\byond.exe
    FirewallRules: [TCP Query User{76BFE78F-D568-4CD6-BFE5-50AAD968924D}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{FD1D51C9-F83C-474D-A63C-CAB983167A46}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{16D0F0C7-6BCD-4914-944E-24D95467AFBE}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{7BC23BB1-63A9-4D55-9702-F5F80932A4BE}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{5ACDF0F1-5F15-4592-8C7B-E236C95CEAEB}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{C55DB5CE-69EA-401C-838E-B28B80567369}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{8BE2B8EA-3340-4779-88F0-612727485676}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{6433ADF4-9B68-477B-81F6-37DC1733696D}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
    FirewallRules: [{6BC1FEF1-BA47-42B3-8A52-4095930A5933}] => (Block) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
    FirewallRules: [{77D257B5-3FC8-42C8-84BC-C4EF41497423}] => (Block) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
    FirewallRules: [{7F6B48A8-EF36-46B1-BEF4-3726EA54E549}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [{D661BF6A-E758-410B-9944-FCDBD7488B3C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [TCP Query User{28CBD98A-36BA-4DA2-8CD8-07C3D5A905BE}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
    FirewallRules: [UDP Query User{F6183F2D-26BF-4A62-A1D1-4B66E7DDC310}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
    FirewallRules: [{83C119E7-D9E7-4A8D-856D-8BBC6D092B4F}] => (Block) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
    FirewallRules: [{C6696BCF-8CB6-401E-BD20-E2F8880638C2}] => (Block) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
    FirewallRules: [TCP Query User{03B2B9A9-6FED-41C6-98D8-D69B89C88492}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{C20ACDD2-1CA4-4F52-95AB-F12E13118EEE}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
    FirewallRules: [{1E3057F5-5F42-4A50-BDBE-AA809D8F54C7}] => (Block) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
    FirewallRules: [{6B1DB875-BC7D-48D7-8019-D30FEFD92F3E}] => (Block) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{034FCA97-A6E8-4A7F-804E-6EEA00994CAC}C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
    FirewallRules: [UDP Query User{A58DE83D-0845-4EC9-B742-40C4EEBAE269}C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
    FirewallRules: [{9F138F0A-89C3-41B0-B034-3690769F1F5E}] => (Block) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
    FirewallRules: [{7E66B2DC-872A-475D-A95D-FB720C8BFF65}] => (Block) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
    FirewallRules: [{B7894C23-2B3D-4880-ADCA-3F6FCA06CF92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\launcher\launcher.exe
    FirewallRules: [{5D566D00-8D6A-454C-BDA2-7871469A75E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\launcher\launcher.exe
    FirewallRules: [{FF1994C2-A54A-40DB-ACCD-1C80D543ED60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
    FirewallRules: [{8711C185-5CA7-4A61-923A-8938ED44A268}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
    FirewallRules: [{124830E5-34BB-4774-ADEC-8FF810184F04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
    FirewallRules: [{BC911937-3D8F-4B9D-B50C-84DC62C6B311}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
    FirewallRules: [TCP Query User{E2960BA0-DD73-49B0-BC8E-7620904C6D9F}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
    FirewallRules: [UDP Query User{8CFA3EF6-4F36-41E1-834B-0CD2599F20EA}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
    FirewallRules: [{C9B81486-F4B0-4A08-B84B-61985E25A0E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BloonsTD5\BTD5-Win.exe
    FirewallRules: [{C7F50363-F863-403A-BB6B-56D998F41DC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BloonsTD5\BTD5-Win.exe
    FirewallRules: [{73F2F37D-AE2F-42BD-8B93-359065102788}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned_BE.exe
    FirewallRules: [{7039607E-2151-4471-A793-7605E713B9C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned_BE.exe
    FirewallRules: [TCP Query User{0D309EFF-B512-4318-A9F2-C7DEB29A160E}C:\program files (x86)\byond\bin\dreamdaemon.exe] => (Allow) C:\program files (x86)\byond\bin\dreamdaemon.exe
    FirewallRules: [UDP Query User{DF03DCBB-B6EF-46A3-B2B7-8FEEEBFD462C}C:\program files (x86)\byond\bin\dreamdaemon.exe] => (Allow) C:\program files (x86)\byond\bin\dreamdaemon.exe
    FirewallRules: [{6F34D1E9-7DE4-4953-8B8D-3BAD36CCC1EF}] => (Block) C:\program files (x86)\byond\bin\dreamdaemon.exe
    FirewallRules: [{81108999-338E-45F8-B960-60379E87F9DD}] => (Block) C:\program files (x86)\byond\bin\dreamdaemon.exe
    FirewallRules: [{CA302790-6816-4039-B578-4280A1A3D427}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{2D0B1A92-D53E-441A-8EE4-6685D5C273B0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{5901C9E2-5C8C-440B-937B-897D7C7B7868}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TigerKnight_EW\frontend\bin\frontend.exe
    FirewallRules: [{7B4198B6-9C7A-4E17-B8A8-87B6051E306E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TigerKnight_EW\frontend\bin\frontend.exe
    FirewallRules: [{DCC09FAB-831D-4382-ABDD-1E96EB3DD99A}] => (Allow) %ProgramFiles% (x86)\BYOND\bin\byond.exe
    FirewallRules: [TCP Query User{630969BC-F554-432A-8915-454CF03BD6BF}C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{BD7EC8E3-3DFC-4FBD-86DB-0E8D1A89F03A}C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
    FirewallRules: [{6144D13C-D27F-4277-BDC0-74B421864ADE}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
    FirewallRules: [{A5A993E5-0833-46AD-B4FB-7E7A3FAA4473}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
    FirewallRules: [{C9915D56-EB44-4A36-8296-B5974775FEC6}] => (Allow) %ProgramFiles% (x86)\BYOND\bin\byond.exe
    FirewallRules: [TCP Query User{68F9479C-8ECE-47A4-872B-326A4F6C41D6}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
    FirewallRules: [UDP Query User{876F8F83-B114-4111-80D3-C6EF62AB704E}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
    FirewallRules: [{68807056-81EA-4751-B251-E1C9B7872B7F}] => (Block) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
    FirewallRules: [{C4CEAD7A-FDCB-4C4A-9FA3-F267D8699577}] => (Block) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
    FirewallRules: [TCP Query User{B462CF9E-F158-4651-B7A2-00E66EA1401F}C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe] => (Allow) C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe
    FirewallRules: [UDP Query User{316532B7-D328-40EA-BC18-E1C2B02ED040}C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe] => (Allow) C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe
    FirewallRules: [{F69029A8-B35D-4F16-B445-61A7AE89FB63}] => (Block) C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe
    FirewallRules: [{D2A789B9-52BF-4D81-AFE2-657AC3397518}] => (Block) C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe
    FirewallRules: [TCP Query User{8F52D76F-B5B8-4E78-9E60-1AD65794A563}C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
    FirewallRules: [UDP Query User{CF27E9E1-E5B2-4A26-9831-E1D3EAF2F66C}C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
    FirewallRules: [{04CC1249-03F4-4A96-BD65-0078EBD1B2AF}] => (Block) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
    FirewallRules: [{3B541542-D4C4-4156-9274-BB613B82B02A}] => (Block) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
    FirewallRules: [{8505BB30-6615-42D6-851F-C2E78D3CBBE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
    FirewallRules: [{F46C1EFC-38F5-4826-8943-2F19087B4FE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
    FirewallRules: [TCP Query User{6DC022F6-439D-47DA-A425-5DAC9EB28B1B}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
    FirewallRules: [UDP Query User{24738233-C2F3-483E-A4A8-67929771E3B9}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
    FirewallRules: [{7B5CCD4C-60C8-4432-8A35-190366325241}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
    FirewallRules: [{42524318-0C4C-4E9D-84C0-527755A25965}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
    FirewallRules: [{7DDFC4C7-680F-4E2C-919A-8C38991FA4FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
    FirewallRules: [{F82552C4-937F-4547-86B9-9813CFD18D88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
    FirewallRules: [{D28FDF49-9D72-476F-B05A-937B6A907A96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
    FirewallRules: [{1F08E3D6-A3F2-4041-B67F-2D29EF2A0016}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
    FirewallRules: [{2BDDADFB-5712-446F-BF70-3D5A3556297D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DDDA\DDDA.exe
    FirewallRules: [{2C5B4878-D54A-4534-AB68-F8B85326A4F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DDDA\DDDA.exe
    FirewallRules: [{B7E2E8B9-429C-4EA9-A929-528790B78C37}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{0EAAFF90-D1FC-45F6-A9DF-DF3551F7A467}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{34F96366-62A8-4427-9A70-4F476662DA96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Waste Walkers\Game.exe
    FirewallRules: [{961270B8-9EA1-4338-9878-F0B1923CE962}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Waste Walkers\Game.exe
    FirewallRules: [{E936EBED-EB53-4E42-89D5-3FBCA2E73BE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
    FirewallRules: [{ED27A468-02C6-47DA-8EE9-C127A99F76ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
    FirewallRules: [{EA562D70-AA24-4836-85FD-4CD94C0FC945}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Interstellar Rift\Build\IR.exe
    FirewallRules: [{8DF3ABA3-AC57-4B0F-86B7-7935F7BC88D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Interstellar Rift\Build\IR.exe
    FirewallRules: [{6A00FB8F-9AE9-4CE0-B565-C4C064BF7DEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
    FirewallRules: [{252F0AB3-F305-45CA-87CA-76B1C40C5E78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
    FirewallRules: [{AFBE26DE-19C7-44AB-A600-1ACD81EEE0D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
    FirewallRules: [{06C22F12-028B-4CB5-9AF5-B80995CA0BFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
    FirewallRules: [TCP Query User{4CF5A4CA-F41C-4CF1-89F4-045A8E577B83}C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
    FirewallRules: [UDP Query User{F980D522-DC21-4033-843B-B292468981F4}C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
    FirewallRules: [{0ECA90B2-7664-496B-AE1E-7E662EF65F4C}] => (Block) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
    FirewallRules: [{16F787BA-D62E-4C0F-B1C7-3627E871E54F}] => (Block) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
    FirewallRules: [{19299D7C-7A9E-4A26-A4B2-39D8C8799F77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win32\UDK.exe
    FirewallRules: [{BEA5DE29-27EF-40D7-97E5-8F5D86BC73C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win32\UDK.exe
    FirewallRules: [{E611FC9D-5B0C-48ED-BCC9-E179080860EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win64\UDK.exe
    FirewallRules: [{183E4FAD-4760-4561-980A-2273AA54838F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win64\UDK.exe
    FirewallRules: [{9C1E133D-980E-4D7D-B8DC-ACB619C912C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
    FirewallRules: [{7537E661-B6E4-4E56-B6F6-EE638FFC878C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
    FirewallRules: [{374B0F5E-3260-4456-9E2A-39DFC96E3373}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Guild\guild.exe
    FirewallRules: [{BD7012FB-DF7B-4278-98E0-E59197239D4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Guild\guild.exe
    FirewallRules: [{C482EA72-8E2B-450F-9A13-BD1BF22ACA29}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
    FirewallRules: [{7431F277-B541-4F69-B7D8-460ADC435268}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
    FirewallRules: [{8B0BC301-124C-4BCC-9C4B-C63BE70B5F0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ASTRONEER Early Access\Astro.exe
    FirewallRules: [{6BAEF279-D0F4-423E-B3B6-CEE53C45C8CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ASTRONEER Early Access\Astro.exe
    FirewallRules: [TCP Query User{8EB2F3A4-0080-41FA-A1CB-077A9BBC93B5}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe
    FirewallRules: [UDP Query User{2AECA291-47C4-4E7C-B063-0F7F0F71483C}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe
    FirewallRules: [{FB7C0963-F8A8-4616-AB66-272E7EAF55EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe
    FirewallRules: [{16BFC85B-70E1-4177-BE41-E41C27690402}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe
    FirewallRules: [TCP Query User{BEB708A8-8BFF-4B52-AB83-1A56AD6D5699}C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe
    FirewallRules: [UDP Query User{2EBC3C13-1C7B-41C4-88E4-6DCCC6C2D2D0}C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe
    FirewallRules: [{7EF99EF8-B5D5-41BE-A66C-64E3F1154870}] => (Block) C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe
    FirewallRules: [{303AB1FB-8A2B-492B-B12A-B30129A1045D}] => (Block) C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe
    FirewallRules: [{074C2BDA-493D-49C0-BCCA-4582929F85E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Osiris\OsirisNewDawn.exe
    FirewallRules: [{731959A4-2953-4417-8356-F31F7A7D3251}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Osiris\OsirisNewDawn.exe
    FirewallRules: [TCP Query User{B2FD3F3D-05DD-4C52-8B5C-2BD97258555D}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [UDP Query User{700AD650-D8C0-4413-8268-4D58310E1C5F}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [{041734AD-28A2-4C21-8043-EE877EE31FBB}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [{7CF4B58F-3BB2-4DDB-A3C6-BB715DA9A6BD}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [{29FDDCAF-5B64-4A19-BBCC-472F52288182}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
    FirewallRules: [{A0D5AD22-FFE7-4174-9BFC-EA135EC15BB2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
    FirewallRules: [{6E120739-EF3D-45D0-89B1-D49B8EB61F71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
    FirewallRules: [{B714F92F-9757-4A2F-B4F9-474D3E6FAE6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
    FirewallRules: [{9F96FF1D-7414-4C46-9A93-4382EAF86A0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
    FirewallRules: [{08696AA0-45F7-4F9C-A811-41FCE092835F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
    FirewallRules: [{AA350F8C-580B-4A56-A09D-5C3DB98D8313}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
    FirewallRules: [{ACC8ADF2-D516-4941-90ED-2295FE48CC04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
    FirewallRules: [{6E107C1C-4128-43AB-AE75-09E18624628A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{B59F700F-03CF-418C-8E6B-0F6A9D65C225}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{F7035469-47C4-4AF6-ACBE-571E94E279C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Atlas Reactor\GlyphClient.exe
    FirewallRules: [{5C55D716-4F12-4112-A7FD-0073CC3E9C16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Atlas Reactor\GlyphClient.exe
    FirewallRules: [{D32AFE17-0DA8-4137-B1A3-C1C9F82E38DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe
    FirewallRules: [{A2BA9716-7848-4945-BA18-6A45DDC1FD07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe
    FirewallRules: [{DBFFB1FA-CC21-4313-A9E6-418FFC32B793}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{58E11E3D-EEF3-4963-9072-07D405533555}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{E8FBFF4C-0648-4222-89F9-25FBA6E8A548}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [{65FD705D-EF2F-4F85-BD64-08B170B822F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [{C3128996-66B1-4AC5-BDD9-007C82DDC81E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{CB290AA9-E0C4-48B9-958E-0028DE4CEB10}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{DD297620-EFC2-4499-AEFE-FED6B4F581A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [{242B5F55-95ED-456E-8B6E-9D3AECBF96C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [{AD230024-5504-4556-B293-725338646A7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
    FirewallRules: [{29E7BC81-A461-4315-9854-F9353B2205CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
    FirewallRules: [TCP Query User{80728A35-4F73-4D36-9A45-A40DDD93A664}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [UDP Query User{0B077690-6F69-48B0-BFF0-292538207D29}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [{4EC4DA67-CC20-477E-8569-CDD2651D5721}] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [{67F1CB20-6A51-479F-A01C-718C3DC5C0B2}] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [{4F33B127-7D52-41FC-A21E-B1DD9E68F0AF}] => (Allow) C:\WINDOWS\system32\rundll32.exe
    FirewallRules: [{A33ACC3B-E559-450F-A274-97113ACED80C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chronicle\WorkshopTool\WorkshopManager.exe
    FirewallRules: [{3703CE89-EEB1-414A-8C5A-C17A9A1E9828}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chronicle\WorkshopTool\WorkshopManager.exe
    FirewallRules: [{A6C0F87A-54C3-449C-995D-D0B40FD683FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\starbound.exe
    FirewallRules: [{CB86612A-D7E5-42A2-B677-00D96F259838}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\starbound.exe
    FirewallRules: [{F388882D-4F10-41FC-B729-BC280D73ED25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
    FirewallRules: [{B83126A5-69F9-4075-985A-5BB21DC25F27}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
    FirewallRules: [{4DFEF511-42E3-4B35-92B4-CF29E6B998C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
    FirewallRules: [{F2817B3E-7225-4C34-8DAC-C26897559322}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
    FirewallRules: [{3382F0CD-8DEE-4B7F-AB1B-8878FC441169}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win32\starbound.exe
    FirewallRules: [{58447B36-BEED-455A-A5B0-DDA19A02C547}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win32\starbound.exe
    FirewallRules: [{FBDF3CED-0F40-4568-A905-0A2DF5728A58}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{C0E1D93F-0FD9-4461-9876-414FAB482D6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
     
    ==================== Restore Points =========================
     
    21-02-2017 12:05:20 Move file to quarantine: winvmx client
    21-02-2017 12:08:54 Move file to quarantine: winscr
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (02/22/2017 06:43:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/22/2017 06:35:42 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ctfmon.exe, version: 10.0.14393.0, time stamp: 0x57899148
    Faulting module name: InputService.dll, version: 10.0.14393.576, time stamp: 0x584a76ec
    Exception code: 0xc0000005
    Fault offset: 0x00057f66
    Faulting process id: 0xe5c
    Faulting application start time: 0x01d28d57456d3e99
    Faulting application path: C:\WINDOWS\SysWOW64\ctfmon.exe
    Faulting module path: C:\WINDOWS\system32\InputService.dll
    Report Id: 297afae6-f475-4c76-9941-ff001c4a5129
    Faulting package full name: 
    Faulting package-relative application ID:
     
    Error: (02/22/2017 05:18:41 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
     
    Error: (02/22/2017 04:59:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/22/2017 04:59:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: ESKEWPC)
    Description: App Microsoft.MicrosoftStickyNotes_1.6.2.0_x64__8wekyb3d8bbwe+App did not launch within its allotted time.
     
    Error: (02/22/2017 04:55:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ctfmon.exe, version: 10.0.14393.0, time stamp: 0x57899148
    Faulting module name: InputService.dll, version: 10.0.14393.576, time stamp: 0x584a76ec
    Exception code: 0xc0000005
    Fault offset: 0x00057f66
    Faulting process id: 0x3d4
    Faulting application start time: 0x01d28d445ab30822
    Faulting application path: C:\WINDOWS\SysWOW64\ctfmon.exe
    Faulting module path: C:\WINDOWS\system32\InputService.dll
    Report Id: 7e784496-2365-4c37-91bf-4f9b2bb0acb3
    Faulting package full name: 
    Faulting package-relative application ID:
     
    Error: (02/22/2017 02:45:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/22/2017 02:39:28 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ctfmon.exe, version: 10.0.14393.0, time stamp: 0x57899148
    Faulting module name: InputService.dll, version: 10.0.14393.576, time stamp: 0x584a76ec
    Exception code: 0xc0000005
    Fault offset: 0x00057f66
    Faulting process id: 0x1f30
    Faulting application start time: 0x01d28d4245faa7f8
    Faulting application path: C:\WINDOWS\SysWOW64\ctfmon.exe
    Faulting module path: C:\WINDOWS\system32\InputService.dll
    Report Id: 6b344acc-2276-4826-a054-620422aa33e4
    Faulting package full name: 
    Faulting package-relative application ID:
     
    Error: (02/22/2017 02:30:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/22/2017 02:30:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: ESKEWPC)
    Description: App Microsoft.MicrosoftStickyNotes_1.6.2.0_x64__8wekyb3d8bbwe+App did not launch within its allotted time.
     
     
    System errors:
    =============
    Error: (02/22/2017 06:55:23 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 06:55:23 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 06:51:00 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 06:50:22 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 06:50:22 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 06:48:28 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 06:48:28 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 06:48:28 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 06:48:27 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
    Error: (02/22/2017 06:48:26 PM) (Source: DCOM) (EventID: 10001) (User: ESKEWPC)
    Description: Unable to start a DCOM Server: {D63B10C5-BB46-4990-A94F-E40B9D520160} as Unavailable/Unavailable. The error:
    "87"
    Happened while starting this command:
    C:\Windows\System32\RuntimeBroker.exe -Embedding
     
     
    ==================== Memory info =========================== 
     
    Processor: AMD A10-7850K Radeon R7, 12 Compute Cores 4C+8G
    Percentage of memory in use: 13%
    Total physical RAM: 21447.46 MB
    Available physical RAM: 18467.92 MB
    Total Virtual: 24647.46 MB
    Available Virtual: 21282.32 MB
     
    ==================== Drives ================================
     
    Drive c: (OS) (Fixed) (Total:912.18 GB) (Free:217.29 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (Recovery Image) (Fixed) (Total:17.07 GB) (Free:2.08 GB) NTFS ==>[system with boot components (obtained from drive)]
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: ABF53763)
     
    Partition: GPT.
     
    ==================== End of Addition.txt ============================
     
    process explorer file:
     
     
    Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
    System Idle Process 50.94 0 K 4 K 0
    vmxclient.exe 19.57 462,336 K 468,452 K 4512 winvmx client (No signature was present in the subject)
    vmxclient.exe 5.91 52,076 K 68,272 K 11500 winvmx client (No signature was present in the subject)
    vmxclient.exe 4.77 71,248 K 85,564 K 7336 winvmx client (No signature was present in the subject)
    MsMpEng.exe 4.05 139,112 K 125,828 K 2820 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
    vmxclient.exe 2.81 54,848 K 67,572 K 12160 winvmx client (No signature was present in the subject)
    procexp64.exe 2.61 24,776 K 58,236 K 4672 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
    vmxclient.exe 2.31 112,232 K 133,740 K 11728 winvmx client (No signature was present in the subject)
    Interrupts 1.64 0 K 0 K n/a Hardware Interrupts and DPCs
    NisSrv.exe 1.14 20,736 K 16,548 K 4656 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
    System 0.82 140 K 4,792 K 4
    vmxclient.exe 0.76 68,320 K 90,884 K 7776 winvmx client (No signature was present in the subject)
    dwm.exe 0.72 41,856 K 38,576 K 720
    audiodg.exe 0.69 19,032 K 21,680 K 10152
    csrss.exe 0.31 2,044 K 5,288 K 736
    svchost.exe 0.14 10,296 K 21,796 K 984 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    explorer.exe 0.14 99,332 K 134,300 K 3872 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
    VentusMonitor.exe 0.14 2,676 K 9,276 K 5736 Wireless L10M Monitor Application Thermaltake (Verified) DEXIN
    chrome.exe 0.12 95,108 K 132,304 K 5744 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 0.09 102,656 K 106,156 K 6800 Google Chrome Google Inc. (Verified) Google Inc
    NvStreamUserAgent.exe 0.08 24,140 K 36,252 K 5152
    NvStreamNetworkService.exe 0.08 10,536 K 22,240 K 3880 NVIDIA Network Stream Service NVIDIA Corporation (Verified) NVIDIA Corporation
    SearchIndexer.exe 0.03 30,400 K 21,752 K 5340 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
    AppleMobileDeviceService.exe 0.02 3,940 K 13,068 K 2616 MobileDeviceService Apple Inc. (Verified) Apple Inc.
    services.exe 0.02 5,860 K 8,992 K 796
    svchost.exe 0.02 36,280 K 46,892 K 1128 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    NvStreamService.exe 0.01 5,204 K 13,872 K 2676 NVIDIA Streamer Service NVIDIA Corporation (Verified) NVIDIA Corporation
    svchost.exe 0.01 4,616 K 9,872 K 76 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    HiPatchService.exe 0.01 34,104 K 38,608 K 2848 HiPatchService Hi-Rez Studios (No signature was present in the subject) Hi-Rez Studios
    hamachi-2.exe 0.01 3,692 K 13,760 K 2176 Hamachi Client Tunneling Engine LogMeIn Inc. (Verified) LogMeIn
    svchost.exe < 0.01 121,416 K 132,368 K 628 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    csrss.exe < 0.01 1,420 K 3,964 K 596
    taskhostw.exe < 0.01 9,108 K 17,504 K 5020 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
    dataup.exe < 0.01 2,772 K 12,688 K 2832 (No signature was present in the subject)
    pbbtnService.exe < 0.01 2,064 K 7,744 K 2668 PasswordBox Service PasswordBox, Inc. (No signature was present in the subject) PasswordBox, Inc.
    NvBackend.exe < 0.01 9,560 K 19,104 K 5580 NVIDIA Backend NVIDIA Corporation (Verified) NVIDIA Corporation
    svchost.exe < 0.01 10,284 K 23,780 K 964 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe < 0.01 16,596 K 25,940 K 1088 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    nvxdsync.exe < 0.01 8,620 K 22,644 K 2000
    svchost.exe < 0.01 12,188 K 29,356 K 1488 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    GameScannerService.exe < 0.01 16,972 K 24,720 K 2684 GameScannerService (Verified) Razer Inc.
    LMIGuardianSvc.exe < 0.01 1,924 K 8,376 K 2600 LMIGuardianSvc LogMeIn, Inc. (Verified) LogMeIn
    WUDFHost.exe 1,908 K 8,264 K 1272
    winlogon.exe 1,932 K 8,560 K 880
    wininit.exe 1,268 K 4,944 K 724
    svcvmx.exe 2,580 K 8,484 K 7196 (No signature was present in the subject) 
    svchost.exe 5,000 K 12,944 K 3900 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 33,496 K 53,588 K 1384 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 2,732 K 9,536 K 2152 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 1,572 K 7,520 K 7152 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 7,496 K 18,828 K 2868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 8,672 K 26,060 K 2624 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 7,332 K 28,216 K 4900 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 2,116 K 7,000 K 2224 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 4,000 K 10,544 K 2764 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 1,688 K 6,652 K 3624 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    sqlwriter.exe 1,688 K 7,552 K 2772 SQL Server VSS Writer - 64 Bit Microsoft Corporation (Verified) Microsoft Corporation
    spoolsv.exe 7,120 K 16,912 K 2320 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
    smss.exe 492 K 1,248 K 380
    smartscreen.exe 8,340 K 14,656 K 6920 SmartScreen Microsoft Corporation (Verified) Microsoft Windows
    SkypeHost.exe Suspended 24,956 K 7,592 K 6636 Microsoft Skype Preview Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
    sihost.exe 5,720 K 20,292 K 4888 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
    ShellExperienceHost.exe 40,580 K 65,080 K 1700 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
    SearchUI.exe Suspended 53,488 K 86,776 K 6252 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
    RAVCpl64.exe 5,152 K 14,364 K 5908 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
    RadeonSettings.exe 118,772 K 33,120 K 5412 Radeon Settings: Host Application Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices
    procexp.exe 2,732 K 10,144 K 224 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
    nvtray.exe 3,308 K 12,096 K 6576 NVIDIA Settings NVIDIA Corporation (Verified) NVIDIA Corporation
    NvNetworkService.exe 3,808 K 10,620 K 2660 NVIDIA Network Service NVIDIA Corporation (Verified) NVIDIA Corporation
    NVDisplay.Container.exe 5,380 K 12,848 K 1636 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation
    notepad.exe 2,532 K 12,736 K 6556
    MSASCuiL.exe 3,380 K 12,880 K 4320 Windows Defender notification icon Microsoft Corporation (Verified) Microsoft Windows
    MpCmdRun.exe 3,380 K 10,964 K 7540
    Memory Compression 0 K 8 K 3004
    mDNSResponder.exe 1,792 K 6,472 K 2608 Bonjour Service Apple Inc. (Verified) Apple Inc.
    lsass.exe 5,120 K 13,740 K 804 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
    jusched.exe 1,532 K 7,028 K 2068 Java Update Scheduler Oracle Corporation (Verified) Oracle America
    HPSA_Service.exe 22,788 K 17,800 K 8752 HP Support Assistant Service Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
    GfExperienceService.exe 3,880 K 13,252 K 2644 NVIDIA GeForce ExperienceService NVIDIA Corporation (Verified) NVIDIA Corporation
    dasHost.exe 1,164 K 4,984 K 3080
    ctfmon.exe 2,276 K 7,388 K 7924 CTF Loader Microsoft Corporation (Verified) Microsoft Windows
    conhost.exe 1,620 K 6,464 K 5160
    chrome.exe 35,012 K 44,676 K 7176 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 124,212 K 115,220 K 7576 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 3,320 K 8,392 K 5440 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 2,972 K 9,000 K 5640 Google Chrome Google Inc. (Verified) Google Inc
    atiesrxx.exe 1,288 K 5,328 K 1716 AMD External Events Service Module AMD (Verified) Advanced Micro Devices
    atieclxx.exe 2,392 K 9,520 K 1868
    armsvc.exe 1,492 K 6,340 K 2588 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
    AdaptiveSleepService.exe 1,484 K 6,564 K 3128 (Verified) Advanced Micro Devices

    • 0

    #6
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,017 posts
    • MVP

    See if you can uninstall:

     

    Online.io Application 

     

    I still need  a new FRST log.  You just sent the Addition.txt log.  From the fixlog it appears that we will need to try a second fixlist.  Also in Process Explorer I can see the malware is still active.  If you run Process Explorer again and this time click on the Process column header it will sort things by Process Name.  You can find each instance of the malware:

    dataup.exe 

    vmxclient.exe (multiple copies)

     

    and right click and Suspend.  System Idle should go up to about 90% if you are able to suspend them all.  I'm curious if Process Explorer is able to suspend them.  FRST apparently wasn't able to do it.  


    • 0

    #7
    Zanarisfate

    Zanarisfate

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts

    I was able to suspend them in the process explorer.

     

    FRST.txt:

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2017
    Ran by Eskew (administrator) on ESKEWPC (22-02-2017 18:50:31)
    Running from C:\Users\Eskew\Desktop\New folder (5)
    Loaded Profiles: Eskew (Available Profiles: Eskew)
    Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
    () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    () C:\Program Files (x86)\dataup\dataup.exe
    (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Thermaltake) C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS VENTUS Mouse\VentusMonitor.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    () C:\Program Files (x86)\svcvmx\svcvmx.exe
    () C:\Program Files (x86)\svcvmx\vmxclient.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    () C:\Program Files (x86)\svcvmx\vmxclient.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    () C:\Program Files (x86)\svcvmx\vmxclient.exe
    () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    () C:\Program Files (x86)\svcvmx\vmxclient.exe
     
    ==================== Registry (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
    HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-03] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-17] (Microsoft Corporation)
    HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
    HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-20] (AVG Technologies CZ, s.r.o.)
    HKLM\...\Run: [Malwarebytes TrayApp] => C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
    HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
    HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-07-12] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
    HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Tt eSPORTS VENTUS Gaming Mouse] => C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS VENTUS Mouse\VentusMonitor.exe [135976 2014-10-07] (Thermaltake)
    HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
    HKLM-x32\...\Run: [cpx] => "C:\Program Files (x86)\cpx\cpx.exe" -starup <===== ATTENTION
    HKLM-x32\...\Run: [svcvmx] => C:\Program Files (x86)\svcvmx\svcvmx.exe [896512 2017-01-13] ()
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Spotify Web Helper] => C:\Users\Eskew\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2017-02-02] (Spotify Ltd)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3018528 2017-02-21] (Valve Corporation)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Free Mahjong Games] => C:\Users\Eskew\AppData\Local\WebPlayer\Free Mahjong Games\WebPlayer.exe
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Google Update] => C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-16] (Google Inc.)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Discord] => C:\Users\Eskew\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334528 2016-12-24] (Echobit LLC)
    HKU\S-1-5-18\...\Run: [] => [X]
    HKLM\...\Providers\Internet Print Provider: inetpp.dll
    HKLM\...\Providers\LanMan Print Services: win32spl.dll
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-19] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-19] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-19] ()
    Startup: C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2014-05-02]
    ShortcutTarget: Curse.lnk -> C:\Users\Eskew\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Tcpip\..\Interfaces\{ac6afb3d-8517-44c6-9431-c73322cdde42}: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{f773b07c-b721-4cce-a715-00099922e7cf}: [DhcpNameServer] 192.168.137.1
     
    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK13/1
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
    SearchScopes: HKLM -> {8270C55B-56AB-4326-AAFF-BA98AB9618B0} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    SearchScopes: HKLM-x32 -> {8270C55B-56AB-4326-AAFF-BA98AB9618B0} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {8270C55B-56AB-4326-AAFF-BA98AB9618B0} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-19] (Oracle Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-19] (Oracle Corporation)
    BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
    BHO-x32: No Name -> {5BDE3F24-D7B3-40D9-BD31-D1CFF12C47B4} -> No File
    BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2015-05-04] (PasswordBox, Inc.)
    BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2016-10-21] (Perfect World Entertainment Inc)
    Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default [2017-02-22]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\PasswordBox\Firefox
    FF Extension: (PasswordBox) - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-21] [not signed]
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-16] ()
    FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-19] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-19] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-07-12] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-16] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2016-10-21] (Perfect World Entertainment Inc)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-07-12] (Adobe Systems)
    FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [2008-07-08] (BYOND)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Eskew\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-04] (Citrix Online)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @nsroblox.roblox.com/launcher -> C:\Users\Eskew\AppData\Local\Roblox\Versions\version-8756646edb404aaf\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Eskew\AppData\Local\Roblox\Versions\version-8756646edb404aaf\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Eskew\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-15] (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll [2008-07-08] (BYOND)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
     
    Chrome: 
    =======
    CHR DefaultProfile: Profile 1
    CHR HomePage: Profile 1 -> hxxps://www.google.com/webhp?hl=en&tab=ww
    CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/"
    CHR Plugin: (Shockwave Flash) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => No File
    CHR Plugin: (Native Client) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\pdf.dll => No File
    CHR Plugin: (Norton Confidential) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll => No File
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
    CHR Plugin: (Java™ Platform SE 7 U10) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
    CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => No File
    CHR Plugin: (Windows LiveÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll => No File
    CHR Plugin: (Java Deployment Toolkit 7.0.100.18) - C:\windows\SysWOW64\npDeployJava1.dll => No File
    CHR Profile: C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default [2016-02-16]
    CHR Extension: (Video Deck for YouTube™) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpoakikepagdiphlmfaeifpojdmbnegj [2014-06-20]
    CHR Extension: (AVG SafeGuard) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-05-08]
    CHR Extension: (Google Wallet) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-18]
    CHR Profile: C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-02-22]
    CHR Extension: (AdBlock) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-16]
    CHR Extension: (TweetDeck by Twitter) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-11-15]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
    CHR Extension: (Chrome Media Router) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
    CHR Extension: (Space Planet) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppcocpoeoiajndepaaimnnglicichmbb [2016-05-04]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
     
    ==================== Services (Whitelisted) ====================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
    S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88024 2016-10-21] (Perfect World Entertainment Inc)
    S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1256872 2017-02-20] (AVG Technologies CZ, s.r.o.)
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-21] ()
    R2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
    S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395024 2016-12-07] (EasyAntiCheat Ltd)
    S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2016-12-24] (Echobit LLC)
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-03] (NVIDIA Corporation)
    R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
    U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-10] (Hi-Rez Studios) [File not signed]
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
    S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
    R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-03] (NVIDIA Corporation)
    R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-03] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-03] (NVIDIA Corporation)
    R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
    R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
    S2 qdcomsvc; "C:\Program Files (x86)\qdcomsvc\qdcomsvc.exe" /svc [X]
    S2 windowsmanagementservice; C:\Users\Eskew\AppData\Local\Temp\20170220\ct.exe [X] <==== ATTENTION <==== ATTENTION
     
    ===================== Drivers (Whitelisted) ======================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.)
    R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.)
    S2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
    R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
    R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
    S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3778592 2015-11-26] (C-MEDIA)
    R1 drmkpro64; C:\WINDOWS\System32\drivers\drmkpro64.sys [53832 2017-02-20] () [File not signed]
    R3 EvolveVirtualAdapter; C:\WINDOWS\system32\DRIVERS\evolve.sys [21656 2013-02-13] (Echobit, LLC)
    S3 GVTDrv64; C:\WINDOWS\GVTDrv64.sys [30528 2015-07-30] ()
    R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
    S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-03] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-06-03] (NVIDIA Corporation)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
    R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
    R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
    R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
    S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
    R3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
    R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2017-02-22 18:49 - 2017-02-22 18:49 - 00006590 _____ C:\Users\Eskew\Desktop\System Idle Process.txt
    2017-02-22 18:44 - 2017-02-22 18:45 - 02710688 _____ (Sysinternals - www.sysinternals.com) C:\Users\Eskew\Downloads\procexp.exe
    2017-02-22 18:44 - 2017-02-22 18:44 - 00000000 ____D C:\Users\Eskew\AppData\Local\llssoft
    2017-02-22 18:34 - 2017-02-22 18:50 - 00000000 ____D C:\Users\Eskew\Desktop\New folder (5)
    2017-02-22 18:34 - 2017-02-22 18:34 - 00028300 _____ C:\Users\Eskew\Downloads\fixlist.txt
    2017-02-22 16:30 - 2017-02-22 16:30 - 00115244 _____ C:\Users\Eskew\Downloads\Shortcut.txt
    2017-02-22 16:26 - 2017-02-22 16:30 - 00173134 _____ C:\Users\Eskew\Downloads\Addition.txt
    2017-02-22 16:22 - 2017-02-22 16:30 - 00140036 _____ C:\Users\Eskew\Downloads\FRST.txt
    2017-02-22 16:21 - 2017-02-22 18:50 - 00000000 ____D C:\FRST
    2017-02-22 16:20 - 2017-02-22 16:20 - 01663040 _____ (Malwarebytes) C:\Users\Eskew\Downloads\JRT.exe
    2017-02-22 14:53 - 2017-02-22 14:53 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Eskew\Downloads\rkill64.com
    2017-02-22 14:49 - 2017-02-22 14:49 - 01663040 _____ (Malwarebytes) C:\Users\Eskew\Downloads\4.exe
    2017-02-22 14:48 - 2017-02-22 14:49 - 05659775 _____ (Swearware) C:\Users\Eskew\Downloads\5.exe
    2017-02-22 14:09 - 2017-02-22 16:57 - 00000000 ____D C:\AdwCleaner
    2017-02-22 14:09 - 2017-02-22 14:09 - 04015056 _____ C:\Users\Eskew\Downloads\AdwCleaner.exe
    2017-02-22 14:07 - 2017-02-22 14:07 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Eskew\Downloads\rkill.com
    2017-02-22 14:01 - 2017-02-22 14:01 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Eskew\Downloads\spybot-2.4-1.exe
    2017-02-21 15:34 - 2017-02-21 15:34 - 55566792 _____ (Malwarebytes ) C:\Users\Eskew\Downloads\mb3-setup-consumer-3.0.6.1469 (1).exe
    2017-02-21 15:34 - 2017-02-21 15:34 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-02-21 15:34 - 2017-02-21 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-02-21 15:34 - 2017-02-21 15:34 - 00000000 ____D C:\ProgramData\Malwarebytes
    2017-02-21 15:34 - 2017-02-21 15:34 - 00000000 ____D C:\Program Files\Malwarebytes
    2017-02-21 15:34 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
    2017-02-21 15:18 - 2017-02-21 15:18 - 00000000 ____D C:\WINDOWS\Panther
    2017-02-21 12:49 - 2017-02-21 12:49 - 00003232 _____ C:\WINDOWS\System32\Tasks\{85C1A459-4CC3-41EF-8702-6EAA011491A5}
    2017-02-21 12:29 - 2017-02-22 18:44 - 00000000 ____D C:\Program Files (x86)\svcvmx
    2017-02-21 12:29 - 2017-02-21 12:29 - 00000000 ____D C:\Program Files (x86)\winscr
    2017-02-21 11:58 - 2017-02-21 12:56 - 00000000 ____D C:\ProgramData\SecTaskMan
    2017-02-21 11:58 - 2017-02-21 11:58 - 02967592 _____ C:\Users\Eskew\Downloads\SecurityTaskManager_Setup.exe
    2017-02-21 11:58 - 2017-02-21 11:58 - 00001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
    2017-02-21 11:58 - 2017-02-21 11:58 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
    2017-02-21 11:58 - 2017-02-21 11:58 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
    2017-02-21 11:50 - 2017-02-21 11:50 - 00000000 ____D C:\ProgramData\LHService
    2017-02-21 11:49 - 2017-02-21 11:49 - 00000000 ____D C:\ProgramData\LockHunter
    2017-02-21 11:47 - 2017-02-21 12:47 - 00000000 ____D C:\Program Files\LockHunter
    2017-02-21 11:47 - 2017-02-21 11:47 - 03029032 _____ (Crystal Rich Ltd ) C:\Users\Eskew\Downloads\lockhuntersetup_3-1-1.exe
    2017-02-21 11:47 - 2017-02-21 11:47 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\LockHunter
    2017-02-21 11:37 - 2017-02-21 11:37 - 04615856 _____ (Enigma Software Group USA, LLC.) C:\Users\Eskew\Downloads\SpyHunter-Installer.exe
    2017-02-21 11:29 - 2017-02-21 11:29 - 00346112 _____ C:\Users\Eskew\Downloads\Unlocker 1.9.2.msi
    2017-02-21 11:11 - 2017-02-21 11:11 - 00000000 ____D C:\WINDOWS\pss
    2017-02-21 10:38 - 2017-02-21 10:39 - 55566792 _____ (Malwarebytes ) C:\Users\Eskew\Downloads\mb3-setup-consumer-3.0.6.1469.exe
    2017-02-21 10:35 - 2017-02-21 10:35 - 01920725 _____ C:\Users\Eskew\Downloads\ProcessExplorer.zip
    2017-02-21 10:26 - 2017-02-21 11:43 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
    2017-02-21 10:25 - 2017-02-21 10:25 - 03449304 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Eskew\Downloads\AVG_Protection_Free_1606.exe
    2017-02-21 10:24 - 2017-02-21 10:25 - 09261616 _____ (Piriform Ltd) C:\Users\Eskew\Downloads\ccsetup527.exe
    2017-02-20 14:55 - 2017-02-20 14:55 - 00053832 _____ C:\WINDOWS\system32\Drivers\drmkpro64.sys
    2017-02-20 14:40 - 2017-02-21 10:25 - 00000000 ____D C:\Users\Eskew\AppData\Local\cpx
    2017-02-20 12:34 - 2017-02-20 12:34 - 00006549 _____ C:\WINDOWS\TEMPcoral.vbs
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\Program Files (x86)\dataup
    2017-02-18 17:14 - 2017-02-18 17:14 - 00004627 _____ C:\Users\Eskew\Downloads\download.jpeg
    2017-02-17 11:58 - 2017-02-17 11:58 - 00921656 _____ C:\Users\Eskew\Downloads\PSOGL2_003.bmp
    2017-02-16 19:28 - 2017-02-16 19:28 - 20359768 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
    2017-02-16 15:29 - 2017-02-16 15:30 - 00000000 ____D C:\Users\Eskew\Desktop\New folder (4)
    2017-02-16 15:29 - 2017-02-16 15:29 - 00902799 _____ C:\Users\Eskew\Downloads\ePSXe1925.zip
    2017-02-16 15:27 - 2017-02-16 15:28 - 04198111 _____ C:\Users\Eskew\Downloads\ePSXe PACK.7z
    2017-02-16 15:18 - 2017-02-16 15:18 - 01381554 _____ C:\Users\Eskew\Downloads\ePSXe205 (1).zip
    2017-02-16 15:13 - 2017-02-16 15:13 - 00081186 _____ C:\Users\Eskew\Downloads\zlib123-dll.zip
    2017-02-16 15:11 - 2017-02-16 15:11 - 00034093 _____ C:\Users\Eskew\Downloads\spupeopsdsound109.zip
    2017-02-16 15:10 - 2017-02-16 15:10 - 00173093 _____ C:\Users\Eskew\Downloads\gpupeteogl208.zip
    2017-02-16 15:10 - 2017-02-16 15:10 - 00060490 _____ C:\Users\Eskew\Downloads\cdrpeops104.zip
    2017-02-16 15:07 - 2017-02-16 15:07 - 00241658 _____ C:\Users\Eskew\Downloads\SCPH1001 (1).zip
    2017-02-16 15:06 - 2017-02-16 15:06 - 00529265 _____ C:\Users\Eskew\Downloads\epsxe170.zip
    2017-02-16 15:01 - 2017-02-16 15:01 - 08142173 _____ C:\Users\Eskew\Downloads\ePSXe 1.7.0(Best One Yet)-776.rar
    2017-02-16 14:56 - 2017-02-16 14:56 - 00169473 _____ C:\Users\Eskew\Downloads\Pcsx-1.5-218.zip
    2017-02-16 14:47 - 2017-02-16 14:47 - 154415677 _____ C:\Users\Eskew\Downloads\Digimon World (E) [SLES-02914].7z
    2017-02-16 14:39 - 2017-02-16 14:40 - 00241658 _____ C:\Users\Eskew\Downloads\SCPH1001.zip
    2017-02-16 14:36 - 2017-02-16 14:36 - 01381554 _____ C:\Users\Eskew\Downloads\ePSXe205.zip
    2017-02-08 17:23 - 2017-02-08 17:23 - 00000000 ____D C:\Program Files (x86)\VulkanRT
    2017-02-08 17:23 - 2016-12-29 07:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
    2017-02-08 17:23 - 2016-09-09 13:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
    2017-02-08 17:23 - 2016-09-09 13:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
    2017-02-08 17:23 - 2016-09-09 13:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
    2017-02-08 17:23 - 2016-09-09 13:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
    2017-02-08 17:22 - 2016-12-29 08:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
    2017-01-31 19:37 - 2017-01-31 19:37 - 01431746 _____ C:\Users\Eskew\Downloads\SMAPI-1.7 (1).zip
    2017-01-31 19:36 - 2017-01-31 19:36 - 00165868 _____ C:\Users\Eskew\Downloads\1.11-MakeshiftMultiplyer-0.2.10.zip-501-0-2-10.zip
    2017-01-31 19:30 - 2017-01-31 19:30 - 00000000 ____D C:\Users\Eskew\Desktop\New folder (3)
    2017-01-31 19:29 - 2017-01-31 19:29 - 01431746 _____ C:\Users\Eskew\Downloads\SMAPI-1.7.zip
    2017-01-29 08:02 - 2017-01-29 08:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
    2017-01-26 09:44 - 2017-01-26 09:44 - 00262144 ____N C:\WINDOWS\Minidump\012617-34921-01.dmp
    2017-01-26 09:44 - 2017-01-26 09:44 - 00000000 ____D C:\WINDOWS\Minidump
    2017-01-25 16:25 - 2016-12-21 02:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
    2017-01-25 16:25 - 2016-12-20 23:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
    2017-01-25 01:29 - 2017-01-25 01:29 - 09405464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 02463256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00768024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00476696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00420376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
    2017-01-25 01:29 - 2017-01-25 01:29 - 00266256 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00158336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00121368 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00118800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00100888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00077848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00038416 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00488496 _____ C:\WINDOWS\system32\amdmiracast.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00166408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00162216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00130224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
    2017-01-23 14:22 - 2017-01-23 14:22 - 00000000 ____D C:\Users\Eskew\AppData\LocalLow\Pixel Federation
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2017-02-22 18:43 - 2016-10-17 08:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-02-22 18:43 - 2016-10-17 07:45 - 00000000 ____D C:\ProgramData\NVIDIA
    2017-02-22 18:43 - 2014-11-02 09:09 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
    2017-02-22 18:42 - 2016-10-17 07:43 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
    2017-02-22 18:42 - 2016-07-16 01:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
    2017-02-22 18:42 - 2013-07-30 19:46 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecontrol for Minecraft
    2017-02-22 18:35 - 2013-01-17 19:19 - 00000000 ____D C:\Users\Eskew\AppData\Local\CrashDumps
    2017-02-22 18:34 - 2012-12-23 18:03 - 00000000 ____D C:\Program Files (x86)\Steam
    2017-02-22 17:47 - 2016-10-17 07:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-02-22 17:19 - 2013-07-12 09:57 - 00000000 ____D C:\WINDOWS\system32\MRT
    2017-02-22 17:15 - 2012-12-26 07:48 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2017-02-22 16:58 - 2016-10-17 07:48 - 00000000 ____D C:\Users\Eskew
    2017-02-22 14:26 - 2013-06-21 12:09 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Mahjong Games
    2017-02-22 14:18 - 2014-03-29 10:34 - 00000000 ____D C:\Users\Eskew\AppData\Local\Battle.net
    2017-02-22 13:59 - 2015-02-27 20:51 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
    2017-02-22 13:52 - 2014-09-03 13:24 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2017-02-22 12:14 - 2016-09-05 06:32 - 00000000 ____D C:\Users\Eskew\AppData\Local\ftblauncher
    2017-02-22 11:02 - 2016-09-05 06:32 - 00000000 ____D C:\ftb
    2017-02-22 07:05 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
    2017-02-22 07:04 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
    2017-02-22 06:51 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2017-02-22 06:51 - 2013-02-02 22:13 - 00000000 ____D C:\Users\Eskew\AppData\Local\Adobe
    2017-02-21 17:45 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
    2017-02-21 15:01 - 2013-11-18 18:45 - 00000000 __RDO C:\Users\Eskew\SkyDrive
    2017-02-21 12:52 - 2016-08-04 18:55 - 00000000 ____D C:\Users\Eskew\AppData\Local\Citrix
    2017-02-21 12:52 - 2013-06-25 09:49 - 00000000 ____D C:\ProgramData\HappyCloud
    2017-02-21 12:31 - 2015-10-30 06:06 - 00000000 ____D C:\ProgramData\Avg
    2017-02-21 12:31 - 2014-10-04 17:01 - 00000000 ____D C:\Program Files (x86)\AVG
    2017-02-21 12:29 - 2015-10-30 06:05 - 00000000 ____D C:\Users\Eskew\AppData\Local\AvgSetupLog
    2017-02-21 08:11 - 2016-10-17 08:28 - 00003240 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForEskew
    2017-02-20 12:34 - 2015-04-16 08:23 - 00000000 ____D C:\Program Files (x86)\Minecraft
    2017-02-20 12:32 - 2013-10-31 08:11 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\CyberLink
    2017-02-20 07:49 - 2015-12-14 16:01 - 00551464 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
    2017-02-17 13:53 - 2016-09-05 06:32 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\ftblauncher
    2017-02-17 13:53 - 2015-06-16 16:40 - 00000000 ___RD C:\Users\Eskew\Desktop\Games
    2017-02-16 19:28 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2017-02-16 19:28 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
    2017-02-16 07:49 - 2013-01-19 12:07 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Skype
    2017-02-15 09:51 - 2016-05-06 15:15 - 00000000 ____D C:\Program Files (x86)\Overwatch
    2017-02-15 09:51 - 2015-02-27 21:11 - 00000000 ____D C:\Program Files (x86)\Diablo III
    2017-02-12 15:36 - 2015-04-16 08:24 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\.minecraft
    2017-02-08 17:24 - 2016-10-17 07:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-02-08 17:24 - 2016-07-05 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2017-02-08 17:23 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
    2017-02-08 17:22 - 2016-10-17 07:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2017-02-08 17:22 - 2016-10-17 07:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-02-08 17:22 - 2016-07-05 07:09 - 00000000 ____D C:\Users\Eskew\AppData\Local\NVIDIA Corporation
    2017-02-08 06:39 - 2015-12-22 07:51 - 00000000 ____D C:\ProgramData\AMD
    2017-02-06 17:23 - 2013-08-21 17:10 - 00002494 _____ C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-02-06 14:48 - 2016-07-16 06:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2017-02-06 14:48 - 2016-07-16 06:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2017-02-04 19:27 - 2015-03-18 08:29 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\OBS
    2017-02-03 17:57 - 2014-08-29 14:03 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
    2017-02-02 16:46 - 2013-05-03 14:34 - 00000000 ____D C:\Users\Eskew\AppData\Local\Spotify
    2017-02-02 16:44 - 2013-05-03 14:32 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Spotify
    2017-02-02 08:44 - 2014-06-23 10:50 - 00000000 ____D C:\Program Files (x86)\StarCraft II
    2017-02-02 08:18 - 2016-09-27 15:29 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\discord
    2017-01-31 19:50 - 2016-03-16 07:22 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\StardewValley
    2017-01-29 08:01 - 2016-10-17 07:43 - 00000000 ____D C:\Program Files\AMD
    2017-01-28 11:36 - 2014-03-22 12:55 - 00000000 ____D C:\AMD
    2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\SET5280.tmp
    2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\coinst_16.40.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00643096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00310808 _____ C:\WINDOWS\system32\dgtrayicon.exe
    2017-01-25 01:29 - 2016-10-26 00:04 - 00293400 _____ C:\WINDOWS\system32\GameManager64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00287248 _____ C:\WINDOWS\system32\clinfo.exe
    2017-01-25 01:29 - 2016-10-26 00:04 - 00285720 _____ C:\WINDOWS\system32\hsa-thunk64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00248344 _____ C:\WINDOWS\system32\atieah64.exe
    2017-01-25 01:29 - 2016-10-26 00:04 - 00239128 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00178200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00154648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00147480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00128536 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00084504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 07589400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 02150928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\SET4C27.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00541208 _____ (AMD) C:\WINDOWS\system32\SET45E2.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00541208 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
    2017-01-25 01:29 - 2016-09-13 21:08 - 00305176 _____ (AMD) C:\WINDOWS\system32\SET46DE.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00305176 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
    2017-01-25 01:29 - 2016-09-13 21:08 - 00258072 _____ C:\WINDOWS\SysWOW64\SET5071.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00258072 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00251416 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00226328 _____ C:\WINDOWS\SysWOW64\atieah32.exe
    2017-01-25 01:29 - 2016-09-13 21:08 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET4740.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00193560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00153112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00145952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00135704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00130584 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00126488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00107544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00038424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
    2017-01-25 01:28 - 2016-10-26 00:05 - 00145872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
    2017-01-25 01:28 - 2016-10-26 00:05 - 00145360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
    2017-01-25 01:28 - 2016-10-26 00:05 - 00130216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
    2017-01-25 01:28 - 2016-09-13 21:08 - 00112336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
    2017-01-25 01:28 - 2016-09-13 21:08 - 00112328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
    2017-01-23 17:56 - 2016-12-16 17:57 - 00003274 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
    2017-01-23 17:56 - 2015-07-30 14:56 - 00002404 _____ C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
     
    ==================== Files in the root of some directories =======
     
    2013-04-21 13:34 - 2013-04-21 13:34 - 0000093 _____ () C:\Users\Eskew\AppData\Local\fusioncache.dat
    2013-05-31 12:21 - 2013-05-31 12:21 - 0007598 _____ () C:\Users\Eskew\AppData\Local\Resmon.ResmonCfg
    2016-11-04 14:15 - 2016-11-04 14:15 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
     
    ==================== Bamital & volsnap ======================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    ATTENTION: ==> Could not access BCD. 
     
    LastRegBack: 2017-02-13 12:19
     
    ==================== End of FRST.txt ============================

    • 0

    #8
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,017 posts
    • MVP

    Download the attached fixlist and save it to the same location as before.

    Attached File  fixlist.txt   4.47KB   20 downloads

     

     

    Boot into Safe Mode:

     

     
    (Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly.  Keep tapping until the Safe Mode Menu appears and choose Safe Mode with Networking.  Login with your usual login.)
     
    Run Process Explorer and if you see any of these running, SUSPEND them:
    cpx.exe
    dataup.exe
    svcvmx.exe
    vmxclient.exe
    qdcomsvc.exe
    ct.exe
     
     
    Now run FRST (remember to right click and Run As Admin) and then hit Fix.
     
    It will reboot the PC and then generate a fixlog.txt
     
    Run FRST again with Addition.txt checked and post both logs.
     
    Also post a new Process Explorer log.

     


    • 0

    #9
    Zanarisfate

    Zanarisfate

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts

    Frst.txt:

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2017
    Ran by Eskew (administrator) on ESKEWPC (23-02-2017 10:39:36)
    Running from C:\Users\Eskew\Desktop\New folder (5)
    Loaded Profiles: Eskew (Available Profiles: Eskew)
    Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Safe Mode (with Networking)
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
    (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\HelpPane.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
     
    ==================== Registry (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
    HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-03] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-17] (Microsoft Corporation)
    HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
    HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-20] (AVG Technologies CZ, s.r.o.)
    HKLM\...\Run: [Malwarebytes TrayApp] => C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
    HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
    HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-07-12] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
    HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Tt eSPORTS VENTUS Gaming Mouse] => C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS VENTUS Mouse\VentusMonitor.exe [135976 2014-10-07] (Thermaltake)
    HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
    HKLM-x32\...\Run: [cpx] => "C:\Program Files (x86)\cpx\cpx.exe" -starup <===== ATTENTION
    HKLM-x32\...\Run: [svcvmx] => C:\Program Files (x86)\svcvmx\svcvmx.exe [896512 2017-01-13] ()
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Spotify Web Helper] => C:\Users\Eskew\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2017-02-02] (Spotify Ltd)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3018528 2017-02-21] (Valve Corporation)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Free Mahjong Games] => C:\Users\Eskew\AppData\Local\WebPlayer\Free Mahjong Games\WebPlayer.exe
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Google Update] => C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-16] (Google Inc.)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Discord] => C:\Users\Eskew\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334528 2016-12-24] (Echobit LLC)
    HKU\S-1-5-18\...\Run: [] => [X]
    HKLM\...\Providers\Internet Print Provider: inetpp.dll
    HKLM\...\Providers\LanMan Print Services: win32spl.dll
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-19] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-19] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-19] ()
    Startup: C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2014-05-02]
    ShortcutTarget: Curse.lnk -> C:\Users\Eskew\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{ac6afb3d-8517-44c6-9431-c73322cdde42}: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{f773b07c-b721-4cce-a715-00099922e7cf}: [DhcpNameServer] 192.168.137.1
     
    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK13/1
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
    SearchScopes: HKLM -> {8270C55B-56AB-4326-AAFF-BA98AB9618B0} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    SearchScopes: HKLM-x32 -> {8270C55B-56AB-4326-AAFF-BA98AB9618B0} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {8270C55B-56AB-4326-AAFF-BA98AB9618B0} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-19] (Oracle Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-19] (Oracle Corporation)
    BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
    BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2015-05-04] (PasswordBox, Inc.)
    BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2016-10-21] (Perfect World Entertainment Inc)
    Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default [2017-02-23]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\PasswordBox\Firefox
    FF Extension: (PasswordBox) - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-21] [not signed]
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-16] ()
    FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-19] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-19] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-07-12] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-16] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2016-10-21] (Perfect World Entertainment Inc)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-07-12] (Adobe Systems)
    FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [2008-07-08] (BYOND)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Eskew\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-04] (Citrix Online)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @nsroblox.roblox.com/launcher -> C:\Users\Eskew\AppData\Local\Roblox\Versions\version-8756646edb404aaf\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Eskew\AppData\Local\Roblox\Versions\version-8756646edb404aaf\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Eskew\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-15] (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll [2008-07-08] (BYOND)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
     
    Chrome: 
    =======
    CHR DefaultProfile: Profile 1
    CHR HomePage: Profile 1 -> hxxps://www.google.com/webhp?hl=en&tab=ww
    CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/"
    CHR Plugin: (Shockwave Flash) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => No File
    CHR Plugin: (Native Client) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\pdf.dll => No File
    CHR Plugin: (Norton Confidential) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll => No File
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
    CHR Plugin: (Java™ Platform SE 7 U10) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
    CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => No File
    CHR Plugin: (Windows LiveÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll => No File
    CHR Plugin: (Java Deployment Toolkit 7.0.100.18) - C:\windows\SysWOW64\npDeployJava1.dll => No File
    CHR Profile: C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default [2017-02-23]
    CHR Extension: (Video Deck for YouTube™) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpoakikepagdiphlmfaeifpojdmbnegj [2014-06-20]
    CHR Extension: (AVG SafeGuard) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-05-08]
    CHR Extension: (Google Wallet) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-18]
    CHR Profile: C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-02-23]
    CHR Extension: (AdBlock) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-16]
    CHR Extension: (TweetDeck by Twitter) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-11-15]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
    CHR Extension: (Chrome Media Router) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
    CHR Extension: (Space Planet) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppcocpoeoiajndepaaimnnglicichmbb [2016-05-04]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
     
    ==================== Services (Whitelisted) ====================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
    S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
    S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88024 2016-10-21] (Perfect World Entertainment Inc)
    S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1256872 2017-02-20] (AVG Technologies CZ, s.r.o.)
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-21] ()
    S2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
    S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395024 2016-12-07] (EasyAntiCheat Ltd)
    S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2016-12-24] (Echobit LLC)
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
    S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-03] (NVIDIA Corporation)
    R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
    S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-10] (Hi-Rez Studios) [File not signed]
    S2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
    S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
    S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
    S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-03] (NVIDIA Corporation)
    S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-03] (NVIDIA Corporation)
    S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-03] (NVIDIA Corporation)
    S2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
    S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
    S2 qdcomsvc; "C:\Program Files (x86)\qdcomsvc\qdcomsvc.exe" /svc [X]
    S2 windowsmanagementservice; C:\Users\Eskew\AppData\Local\Temp\20170220\ct.exe [X] <==== ATTENTION <==== ATTENTION
     
    ===================== Drivers (Whitelisted) ======================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.)
    S3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.)
    S2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
    S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
    S1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
    S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3778592 2015-11-26] (C-MEDIA)
    R1 drmkpro64; C:\WINDOWS\System32\drivers\drmkpro64.sys [53832 2017-02-20] () [File not signed]
    R3 EvolveVirtualAdapter; C:\WINDOWS\system32\DRIVERS\evolve.sys [21656 2013-02-13] (Echobit, LLC)
    S3 GVTDrv64; C:\WINDOWS\GVTDrv64.sys [30528 2015-07-30] ()
    R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
    S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
    S3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-03] (NVIDIA Corporation)
    S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-06-03] (NVIDIA Corporation)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
    S2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
    S2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
    S3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
    S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
    S0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
    S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
    R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2017-02-23 10:28 - 2017-02-23 10:35 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
    2017-02-23 10:12 - 2017-02-23 10:12 - 00004578 _____ C:\Users\Eskew\Downloads\fixlist (1).txt
    2017-02-23 07:45 - 2017-02-23 07:45 - 00000000 ____D C:\Users\Eskew\AppData\Local\AdvinstAnalytics
    2017-02-23 07:44 - 2017-02-23 07:44 - 00000000 ____D C:\Users\Eskew\Desktop\New folder (6)
    2017-02-22 19:02 - 2017-02-22 19:02 - 00009119 _____ C:\Users\Eskew\Desktop\System Idle Process.txt
    2017-02-22 18:53 - 2017-02-22 18:56 - 00161162 _____ C:\Users\Eskew\Desktop\Addition.txt
    2017-02-22 18:50 - 2017-02-22 18:56 - 00049634 _____ C:\Users\Eskew\Desktop\FRST.txt
    2017-02-22 18:44 - 2017-02-23 07:38 - 00000000 ____D C:\Users\Eskew\AppData\Local\llssoft
    2017-02-22 18:35 - 2017-02-22 18:43 - 00035517 _____ C:\Users\Eskew\Desktop\Fixlog.txt
    2017-02-22 18:34 - 2017-02-23 10:39 - 00000000 ____D C:\Users\Eskew\Desktop\New folder (5)
    2017-02-22 18:34 - 2017-02-22 18:34 - 00028300 _____ C:\Users\Eskew\Downloads\fixlist.txt
    2017-02-22 16:30 - 2017-02-22 16:30 - 00115244 _____ C:\Users\Eskew\Downloads\Shortcut.txt
    2017-02-22 16:26 - 2017-02-22 16:30 - 00173134 _____ C:\Users\Eskew\Downloads\Addition.txt
    2017-02-22 16:22 - 2017-02-22 16:30 - 00140036 _____ C:\Users\Eskew\Downloads\FRST.txt
    2017-02-22 16:21 - 2017-02-23 10:39 - 00000000 ____D C:\FRST
    2017-02-22 16:20 - 2017-02-22 16:20 - 01663040 _____ (Malwarebytes) C:\Users\Eskew\Downloads\JRT.exe
    2017-02-22 14:53 - 2017-02-22 14:53 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Eskew\Downloads\rkill64.com
    2017-02-22 14:49 - 2017-02-22 14:49 - 01663040 _____ (Malwarebytes) C:\Users\Eskew\Downloads\4.exe
    2017-02-22 14:48 - 2017-02-22 14:49 - 05659775 _____ (Swearware) C:\Users\Eskew\Downloads\5.exe
    2017-02-22 14:09 - 2017-02-22 16:57 - 00000000 ____D C:\AdwCleaner
    2017-02-22 14:09 - 2017-02-22 14:09 - 04015056 _____ C:\Users\Eskew\Downloads\AdwCleaner.exe
    2017-02-22 14:07 - 2017-02-22 14:07 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Eskew\Downloads\rkill.com
    2017-02-22 14:01 - 2017-02-22 14:01 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Eskew\Downloads\spybot-2.4-1.exe
    2017-02-21 15:34 - 2017-02-21 15:34 - 55566792 _____ (Malwarebytes ) C:\Users\Eskew\Downloads\mb3-setup-consumer-3.0.6.1469 (1).exe
    2017-02-21 15:34 - 2017-02-21 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-02-21 15:34 - 2017-02-21 15:34 - 00000000 ____D C:\ProgramData\Malwarebytes
    2017-02-21 15:34 - 2017-02-21 15:34 - 00000000 ____D C:\Program Files\Malwarebytes
    2017-02-21 15:34 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
    2017-02-21 15:18 - 2017-02-21 15:18 - 00000000 ____D C:\WINDOWS\Panther
    2017-02-21 12:49 - 2017-02-21 12:49 - 00003232 _____ C:\WINDOWS\System32\Tasks\{85C1A459-4CC3-41EF-8702-6EAA011491A5}
    2017-02-21 12:29 - 2017-02-23 10:27 - 00000000 ____D C:\Program Files (x86)\svcvmx
    2017-02-21 12:29 - 2017-02-21 12:29 - 00000000 ____D C:\Program Files (x86)\winscr
    2017-02-21 11:58 - 2017-02-21 12:56 - 00000000 ____D C:\ProgramData\SecTaskMan
    2017-02-21 11:58 - 2017-02-21 11:58 - 02967592 _____ C:\Users\Eskew\Downloads\SecurityTaskManager_Setup.exe
    2017-02-21 11:58 - 2017-02-21 11:58 - 00001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
    2017-02-21 11:58 - 2017-02-21 11:58 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
    2017-02-21 11:58 - 2017-02-21 11:58 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
    2017-02-21 11:50 - 2017-02-21 11:50 - 00000000 ____D C:\ProgramData\LHService
    2017-02-21 11:49 - 2017-02-21 11:49 - 00000000 ____D C:\ProgramData\LockHunter
    2017-02-21 11:47 - 2017-02-21 12:47 - 00000000 ____D C:\Program Files\LockHunter
    2017-02-21 11:47 - 2017-02-21 11:47 - 03029032 _____ (Crystal Rich Ltd ) C:\Users\Eskew\Downloads\lockhuntersetup_3-1-1.exe
    2017-02-21 11:47 - 2017-02-21 11:47 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\LockHunter
    2017-02-21 11:37 - 2017-02-21 11:37 - 04615856 _____ (Enigma Software Group USA, LLC.) C:\Users\Eskew\Downloads\SpyHunter-Installer.exe
    2017-02-21 11:29 - 2017-02-21 11:29 - 00346112 _____ C:\Users\Eskew\Downloads\Unlocker 1.9.2.msi
    2017-02-21 11:11 - 2017-02-21 11:11 - 00000000 ____D C:\WINDOWS\pss
    2017-02-21 10:38 - 2017-02-21 10:39 - 55566792 _____ (Malwarebytes ) C:\Users\Eskew\Downloads\mb3-setup-consumer-3.0.6.1469.exe
    2017-02-21 10:35 - 2017-02-21 10:35 - 01920725 _____ C:\Users\Eskew\Downloads\ProcessExplorer.zip
    2017-02-21 10:26 - 2017-02-21 11:43 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
    2017-02-21 10:25 - 2017-02-21 10:25 - 03449304 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Eskew\Downloads\AVG_Protection_Free_1606.exe
    2017-02-21 10:24 - 2017-02-21 10:25 - 09261616 _____ (Piriform Ltd) C:\Users\Eskew\Downloads\ccsetup527.exe
    2017-02-20 14:55 - 2017-02-20 14:55 - 00053832 _____ C:\WINDOWS\system32\Drivers\drmkpro64.sys
    2017-02-20 14:40 - 2017-02-21 10:25 - 00000000 ____D C:\Users\Eskew\AppData\Local\cpx
    2017-02-20 12:34 - 2017-02-20 12:34 - 00006549 _____ C:\WINDOWS\TEMPcoral.vbs
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\Program Files (x86)\dataup
    2017-02-18 17:14 - 2017-02-18 17:14 - 00004627 _____ C:\Users\Eskew\Downloads\download.jpeg
    2017-02-17 11:58 - 2017-02-17 11:58 - 00921656 _____ C:\Users\Eskew\Downloads\PSOGL2_003.bmp
    2017-02-16 19:28 - 2017-02-16 19:28 - 20359768 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
    2017-02-16 15:29 - 2017-02-16 15:30 - 00000000 ____D C:\Users\Eskew\Desktop\New folder (4)
    2017-02-16 15:29 - 2017-02-16 15:29 - 00902799 _____ C:\Users\Eskew\Downloads\ePSXe1925.zip
    2017-02-16 15:27 - 2017-02-16 15:28 - 04198111 _____ C:\Users\Eskew\Downloads\ePSXe PACK.7z
    2017-02-16 15:18 - 2017-02-16 15:18 - 01381554 _____ C:\Users\Eskew\Downloads\ePSXe205 (1).zip
    2017-02-16 15:13 - 2017-02-16 15:13 - 00081186 _____ C:\Users\Eskew\Downloads\zlib123-dll.zip
    2017-02-16 15:11 - 2017-02-16 15:11 - 00034093 _____ C:\Users\Eskew\Downloads\spupeopsdsound109.zip
    2017-02-16 15:10 - 2017-02-16 15:10 - 00173093 _____ C:\Users\Eskew\Downloads\gpupeteogl208.zip
    2017-02-16 15:10 - 2017-02-16 15:10 - 00060490 _____ C:\Users\Eskew\Downloads\cdrpeops104.zip
    2017-02-16 15:07 - 2017-02-16 15:07 - 00241658 _____ C:\Users\Eskew\Downloads\SCPH1001 (1).zip
    2017-02-16 15:06 - 2017-02-16 15:06 - 00529265 _____ C:\Users\Eskew\Downloads\epsxe170.zip
    2017-02-16 15:01 - 2017-02-16 15:01 - 08142173 _____ C:\Users\Eskew\Downloads\ePSXe 1.7.0(Best One Yet)-776.rar
    2017-02-16 14:56 - 2017-02-16 14:56 - 00169473 _____ C:\Users\Eskew\Downloads\Pcsx-1.5-218.zip
    2017-02-16 14:47 - 2017-02-16 14:47 - 154415677 _____ C:\Users\Eskew\Downloads\Digimon World (E) [SLES-02914].7z
    2017-02-16 14:39 - 2017-02-16 14:40 - 00241658 _____ C:\Users\Eskew\Downloads\SCPH1001.zip
    2017-02-16 14:36 - 2017-02-16 14:36 - 01381554 _____ C:\Users\Eskew\Downloads\ePSXe205.zip
    2017-02-08 17:23 - 2017-02-08 17:23 - 00000000 ____D C:\Program Files (x86)\VulkanRT
    2017-02-08 17:23 - 2016-12-29 07:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
    2017-02-08 17:23 - 2016-09-09 13:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
    2017-02-08 17:23 - 2016-09-09 13:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
    2017-02-08 17:23 - 2016-09-09 13:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
    2017-02-08 17:23 - 2016-09-09 13:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
    2017-02-08 17:22 - 2016-12-29 08:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
    2017-01-31 19:37 - 2017-01-31 19:37 - 01431746 _____ C:\Users\Eskew\Downloads\SMAPI-1.7 (1).zip
    2017-01-31 19:36 - 2017-01-31 19:36 - 00165868 _____ C:\Users\Eskew\Downloads\1.11-MakeshiftMultiplyer-0.2.10.zip-501-0-2-10.zip
    2017-01-31 19:30 - 2017-01-31 19:30 - 00000000 ____D C:\Users\Eskew\Desktop\New folder (3)
    2017-01-31 19:29 - 2017-01-31 19:29 - 01431746 _____ C:\Users\Eskew\Downloads\SMAPI-1.7.zip
    2017-01-29 08:02 - 2017-01-29 08:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
    2017-01-26 09:44 - 2017-01-26 09:44 - 00262144 ____N C:\WINDOWS\Minidump\012617-34921-01.dmp
    2017-01-26 09:44 - 2017-01-26 09:44 - 00000000 ____D C:\WINDOWS\Minidump
    2017-01-25 16:25 - 2016-12-21 02:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
    2017-01-25 16:25 - 2016-12-20 23:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
    2017-01-25 01:29 - 2017-01-25 01:29 - 09405464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 02463256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00768024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00476696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00420376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
    2017-01-25 01:29 - 2017-01-25 01:29 - 00266256 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00158336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00121368 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00118800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00100888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00077848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00038416 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00488496 _____ C:\WINDOWS\system32\amdmiracast.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00166408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00162216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00130224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2017-02-23 10:34 - 2016-07-16 01:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
    2017-02-23 10:33 - 2012-12-23 17:42 - 00000000 ____D C:\Users\Eskew\AppData\LocalLow\Temp
    2017-02-23 10:27 - 2016-10-17 08:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-02-23 10:27 - 2016-10-17 07:43 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
    2017-02-23 10:26 - 2016-10-17 07:45 - 00000000 ____D C:\ProgramData\NVIDIA
    2017-02-23 10:26 - 2014-11-02 09:09 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
    2017-02-23 10:19 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2017-02-23 10:18 - 2013-01-17 19:19 - 00000000 ____D C:\Users\Eskew\AppData\Local\CrashDumps
    2017-02-23 10:15 - 2016-10-17 07:48 - 00000000 ____D C:\Users\Eskew
    2017-02-23 10:15 - 2012-12-23 18:03 - 00000000 ____D C:\Program Files (x86)\Steam
    2017-02-23 10:13 - 2014-03-29 10:34 - 00000000 ____D C:\Users\Eskew\AppData\Local\Battle.net
    2017-02-23 09:30 - 2015-02-27 21:11 - 00000000 ____D C:\Program Files (x86)\Diablo III
    2017-02-23 08:49 - 2015-12-14 16:01 - 00562216 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
    2017-02-23 08:29 - 2014-09-03 13:24 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2017-02-23 07:44 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
    2017-02-23 07:43 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
    2017-02-23 07:40 - 2013-02-02 22:13 - 00000000 ____D C:\Users\Eskew\AppData\Local\Adobe
    2017-02-22 18:42 - 2013-07-30 19:46 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecontrol for Minecraft
    2017-02-22 17:47 - 2016-10-17 07:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-02-22 17:19 - 2013-07-12 09:57 - 00000000 ____D C:\WINDOWS\system32\MRT
    2017-02-22 17:15 - 2012-12-26 07:48 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2017-02-22 14:26 - 2013-06-21 12:09 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Mahjong Games
    2017-02-22 13:59 - 2015-02-27 20:51 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
    2017-02-22 12:14 - 2016-09-05 06:32 - 00000000 ____D C:\Users\Eskew\AppData\Local\ftblauncher
    2017-02-22 11:02 - 2016-09-05 06:32 - 00000000 ____D C:\ftb
    2017-02-21 17:45 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
    2017-02-21 15:01 - 2013-11-18 18:45 - 00000000 __RDO C:\Users\Eskew\SkyDrive
    2017-02-21 12:52 - 2016-08-04 18:55 - 00000000 ____D C:\Users\Eskew\AppData\Local\Citrix
    2017-02-21 12:52 - 2013-06-25 09:49 - 00000000 ____D C:\ProgramData\HappyCloud
    2017-02-21 12:31 - 2015-10-30 06:06 - 00000000 ____D C:\ProgramData\Avg
    2017-02-21 12:31 - 2014-10-04 17:01 - 00000000 ____D C:\Program Files (x86)\AVG
    2017-02-21 12:29 - 2015-10-30 06:05 - 00000000 ____D C:\Users\Eskew\AppData\Local\AvgSetupLog
    2017-02-21 08:11 - 2016-10-17 08:28 - 00003240 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForEskew
    2017-02-20 12:34 - 2015-04-16 08:23 - 00000000 ____D C:\Program Files (x86)\Minecraft
    2017-02-20 12:32 - 2013-10-31 08:11 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\CyberLink
    2017-02-17 13:53 - 2016-09-05 06:32 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\ftblauncher
    2017-02-17 13:53 - 2015-06-16 16:40 - 00000000 ___RD C:\Users\Eskew\Desktop\Games
    2017-02-16 19:28 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2017-02-16 19:28 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
    2017-02-16 07:49 - 2013-01-19 12:07 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Skype
    2017-02-15 09:51 - 2016-05-06 15:15 - 00000000 ____D C:\Program Files (x86)\Overwatch
    2017-02-12 15:36 - 2015-04-16 08:24 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\.minecraft
    2017-02-08 17:24 - 2016-10-17 07:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-02-08 17:24 - 2016-07-05 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2017-02-08 17:23 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
    2017-02-08 17:22 - 2016-10-17 07:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2017-02-08 17:22 - 2016-10-17 07:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-02-08 17:22 - 2016-07-05 07:09 - 00000000 ____D C:\Users\Eskew\AppData\Local\NVIDIA Corporation
    2017-02-08 06:39 - 2015-12-22 07:51 - 00000000 ____D C:\ProgramData\AMD
    2017-02-06 17:23 - 2013-08-21 17:10 - 00002494 _____ C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-02-06 14:48 - 2016-07-16 06:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2017-02-06 14:48 - 2016-07-16 06:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2017-02-04 19:27 - 2015-03-18 08:29 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\OBS
    2017-02-03 17:57 - 2014-08-29 14:03 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
    2017-02-02 16:46 - 2013-05-03 14:34 - 00000000 ____D C:\Users\Eskew\AppData\Local\Spotify
    2017-02-02 16:44 - 2013-05-03 14:32 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Spotify
    2017-02-02 08:44 - 2014-06-23 10:50 - 00000000 ____D C:\Program Files (x86)\StarCraft II
    2017-02-02 08:18 - 2016-09-27 15:29 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\discord
    2017-01-31 19:50 - 2016-03-16 07:22 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\StardewValley
    2017-01-29 08:01 - 2016-10-17 07:43 - 00000000 ____D C:\Program Files\AMD
    2017-01-28 11:36 - 2014-03-22 12:55 - 00000000 ____D C:\AMD
    2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\SET5280.tmp
    2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\coinst_16.40.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00643096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00310808 _____ C:\WINDOWS\system32\dgtrayicon.exe
    2017-01-25 01:29 - 2016-10-26 00:04 - 00293400 _____ C:\WINDOWS\system32\GameManager64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00287248 _____ C:\WINDOWS\system32\clinfo.exe
    2017-01-25 01:29 - 2016-10-26 00:04 - 00285720 _____ C:\WINDOWS\system32\hsa-thunk64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00248344 _____ C:\WINDOWS\system32\atieah64.exe
    2017-01-25 01:29 - 2016-10-26 00:04 - 00239128 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00178200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00154648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00147480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00128536 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00084504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 07589400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 02150928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\SET4C27.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00541208 _____ (AMD) C:\WINDOWS\system32\SET45E2.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00541208 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
    2017-01-25 01:29 - 2016-09-13 21:08 - 00305176 _____ (AMD) C:\WINDOWS\system32\SET46DE.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00305176 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
    2017-01-25 01:29 - 2016-09-13 21:08 - 00258072 _____ C:\WINDOWS\SysWOW64\SET5071.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00258072 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00251416 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00226328 _____ C:\WINDOWS\SysWOW64\atieah32.exe
    2017-01-25 01:29 - 2016-09-13 21:08 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET4740.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00193560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00153112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00145952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00135704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00130584 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00126488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00107544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00038424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
    2017-01-25 01:28 - 2016-10-26 00:05 - 00145872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
    2017-01-25 01:28 - 2016-10-26 00:05 - 00145360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
    2017-01-25 01:28 - 2016-10-26 00:05 - 00130216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
    2017-01-25 01:28 - 2016-09-13 21:08 - 00112336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
    2017-01-25 01:28 - 2016-09-13 21:08 - 00112328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
     
    ==================== Files in the root of some directories =======
     
    2013-04-21 13:34 - 2013-04-21 13:34 - 0000093 _____ () C:\Users\Eskew\AppData\Local\fusioncache.dat
    2013-05-31 12:21 - 2013-05-31 12:21 - 0007598 _____ () C:\Users\Eskew\AppData\Local\Resmon.ResmonCfg
    2016-11-04 14:15 - 2016-11-04 14:15 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
     
    ==================== Bamital & volsnap ======================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    ATTENTION: ==> Could not access BCD. 
     
    LastRegBack: 2017-02-13 12:19
     
    ==================== End of FRST.txt ============================
     
    Fixlog.txt
     
    Fix result of Farbar Recovery Scan Tool (x64) Version: 23-02-2017
    Ran by Eskew (23-02-2017 10:31:21) Run:2
    Running from C:\Users\Eskew\Desktop\New folder (5)
    Loaded Profiles: Eskew (Available Profiles: Eskew)
    Boot Mode: Safe Mode (with Networking)
    ==============================================
     
    fixlist content:
    *****************
    R1 drmkpro64; C:\WINDOWS\System32\drivers\drmkpro64.sys 
    Unlock: C:\WINDOWS\System32\drivers\drmkpro64.sys
    C:\WINDOWS\System32\drivers\drmkpro64.sys
    unlock: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\drmkpro64
    reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\drmkpro64" /f
    S2 qdcomsvc; "C:\Program Files (x86)\qdcomsvc\qdcomsvc.exe" /svc [X]
    unlock: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\qdcomsvc
    reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\qdcomsvc" /f
    Unlock: C:\Program Files (x86)\qdcomsvc
    C:\Program Files (x86)\qdcomsvc
    S2 windowsmanagementservice; C:\Users\Eskew\AppData\Local\Temp\20170220\ct.exe [X] <==== ATTENTION <==== ATTENTION
    unlock: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\windowsmanagementservice
    reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\windowsmanagementservice" /f
    Unlock: C:\Users\Eskew\AppData\Local\Temp\20170220
    C:\Users\Eskew\AppData\Local\Temp\20170220
    R2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
    unlock: C:\Program Files (x86)\dataup\dataup.exe
    unlock: C:\Program Files (x86)\dataup
    C:\Program Files (x86)\dataup
    unlock: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dataup
    reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dataup" /f
    HKLM-x32\...\Run: [cpx] => "C:\Program Files (x86)\cpx\cpx.exe" -starup <===== ATTENTION
    HKLM-x32\...\Run: [svcvmx] => C:\Program Files (x86)\svcvmx\svcvmx.exe [896512 2017-01-13] ()
    unlock: C:\Program Files (x86)\cpx\cpx.exe
    unlock: C:\Program Files (x86)\cpx
    C:\Program Files (x86)\cpx
    unlock: C:\Program Files (x86)\svcvmx\svcvmx.exe
    unlock: C:\Program Files (x86)\svcvmx
    C:\Program Files (x86)\svcvmx\svcvmx.exe
    Unlock: C:\Program Files (x86)\svcvmx\vmxclient.exe
    C:\Program Files (x86)\svcvmx
    unlock: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\drmkpro64
    reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\drmkpro64" /f
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\windowsmanagementservice
    BHO-x32: No Name -> {5BDE3F24-D7B3-40D9-BD31-D1CFF12C47B4} -> No File
    EmptyTemp:
    CMD: for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"
     
    *****************
     
    drmkpro64 => Unable to stop service.
    HKLM\System\CurrentControlSet\Services\drmkpro64 => key could not remove, key could be protected
    "C:\WINDOWS\System32\drivers\drmkpro64.sys" => was unlocked
    Could not move "C:\WINDOWS\System32\drivers\drmkpro64.sys" => Scheduled to move on reboot.
    "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\drmkpro64" => key was unlocked
     
    ========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\drmkpro64" /f =========
     
    'reg' is not recognized as an internal or external command,
    operable program or batch file.
     
     
    ========= End of Reg: =========
     
    HKLM\System\CurrentControlSet\Services\qdcomsvc => key could not remove, key could be protected
    "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\qdcomsvc" => key was unlocked
     
    ========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\qdcomsvc" /f =========
     
    'reg' is not recognized as an internal or external command,
    operable program or batch file.
     
     
    ========= End of Reg: =========
     
    "C:\Program Files (x86)\qdcomsvc" => not found.
    "C:\Program Files (x86)\qdcomsvc" => not found.
    HKLM\System\CurrentControlSet\Services\windowsmanagementservice => key could not remove, key could be protected
    "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\windowsmanagementservice" => key was unlocked
     
    ========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\windowsmanagementservice" /f =========
     
    'reg' is not recognized as an internal or external command,
    operable program or batch file.
     
     
    ========= End of Reg: =========
     
    "C:\Users\Eskew\AppData\Local\Temp\20170220" => not found.
    "C:\Users\Eskew\AppData\Local\Temp\20170220" => not found.
    HKLM\System\CurrentControlSet\Services\Dataup => key could not remove, key could be protected
    "C:\Program Files (x86)\dataup\dataup.exe" => was unlocked
    "C:\Program Files (x86)\dataup" => was unlocked
     
    "C:\Program Files (x86)\dataup" folder move:
     
    Could not move "C:\Program Files (x86)\dataup" => Scheduled to move on reboot.
     
    "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dataup" => key was unlocked
     
    ========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dataup" /f =========
     
    'reg' is not recognized as an internal or external command,
    operable program or batch file.
     
     
    ========= End of Reg: =========
     
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\cpx => value could not remove.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\svcvmx => value could not remove.
    "C:\Program Files (x86)\cpx\cpx.exe" => not found.
    "C:\Program Files (x86)\cpx" => not found.
    "C:\Program Files (x86)\cpx" => not found.
    "C:\Program Files (x86)\svcvmx\svcvmx.exe" => was unlocked
    "C:\Program Files (x86)\svcvmx" => was unlocked
    Could not move "C:\Program Files (x86)\svcvmx\svcvmx.exe" => Scheduled to move on reboot.
    "C:\Program Files (x86)\svcvmx\vmxclient.exe" => was unlocked
     
    "C:\Program Files (x86)\svcvmx" folder move:
     
    Could not move "C:\Program Files (x86)\svcvmx" => Scheduled to move on reboot.
     
    "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\drmkpro64" => key was unlocked
     
    ========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\drmkpro64" /f =========
     
    'reg' is not recognized as an internal or external command,
    operable program or batch file.
     
     
    ========= End of Reg: =========
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\windowsmanagementservice => Error: No automatic fix found for this entry.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BDE3F24-D7B3-40D9-BD31-D1CFF12C47B4} => key removed successfully
    HKCR\Wow6432Node\CLSID\{5BDE3F24-D7B3-40D9-BD31-D1CFF12C47B4} => key not found. 
     
    ========= for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1" =========
     
     
    ========= End of CMD: =========
     
     
    =========== EmptyTemp: ==========
     
    BITS transfer queue => 0 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 299521567 B
    Java, Flash, Steam htmlcache => 615539789 B
    Windows/system/drivers => 647474 B
    Edge => 1747080 B
    Chrome => 1196025290 B
    Firefox => 43632067 B
    Opera => 0 B
     
    Temp, IE cache, history, cookies, recent:
    Default => 7680 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 128 B
    systemprofile32 => 3255842 B
    LocalService => 377276 B
    NetworkService => 4202374 B
    Eskew => 273388109 B
     
    RecycleBin => 0 B
    EmptyTemp: => 2.3 GB temporary data Removed.
     
    ================================
     
    Result of scheduled files to move (Boot Mode: Safe Mode (with Networking)) (Date&Time: 23-02-2017 10:35:52)
     
    "C:\WINDOWS\System32\drivers\drmkpro64.sys" => Could not move
    "C:\Program Files (x86)\dataup" => Could not move
    "C:\Program Files (x86)\svcvmx\svcvmx.exe" => Could not move
    "C:\Program Files (x86)\svcvmx" => Could not move
     
    Result of scheduled keys to remove after reboot:
     
    HKLM\System\CurrentControlSet\Services\drmkpro64 => key could not remove, key could be protected
    HKLM\System\CurrentControlSet\Services\qdcomsvc => key could not remove, key could be protected
    HKLM\System\CurrentControlSet\Services\windowsmanagementservice => key could not remove, key could be protected
    HKLM\System\CurrentControlSet\Services\Dataup => key could not remove, key could be protected
     
    ==== End of Fixlog 10:36:00 ====
     
    Addition.txt
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2017
    Ran by Eskew (23-02-2017 10:41:49)
    Running from C:\Users\Eskew\Desktop\New folder (5)
    Windows 10 Home Version 1607 (X64) (2016-10-17 13:33:36)
    Boot Mode: Safe Mode (with Networking)
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-105371738-2419289027-4122941235-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-105371738-2419289027-4122941235-1004 - Limited - Enabled)
    DefaultAccount (S-1-5-21-105371738-2419289027-4122941235-503 - Limited - Disabled)
    Eskew (S-1-5-21-105371738-2419289027-4122941235-1001 - Administrator - Enabled) => C:\Users\Eskew
    Guest (S-1-5-21-105371738-2419289027-4122941235-501 - Limited - Disabled)
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
     (HKLM\...\UDK-04d245e5-f683-46e7-8173-d68ff31ec8e7) (Version:  - RuneStorm
    @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
    µTorrent (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\uTorrent) (Version: 3.4.6.42178 - BitTorrent Inc.)
    7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.0.2.189 - Adobe Systems Incorporated)
    Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.19) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
    AMD Catalyst Install Manager (HKLM\...\{DA9FFDE7-5474-DE51-8729-76A31DB5682B}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
    ASTRONEER (HKLM\...\Steam App 361420) (Version:  - System Era Softworks)
    Atlas Reactor (HKLM\...\Steam App 402570) (Version:  - Trion Worlds)
    Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
    AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
    Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - )
    Battle for Wesnoth 1.12.5 (HKLM-x32\...\Battle for Wesnoth 1.12.5) (Version: 1.12.5 - )
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
    bl (x32 Version: 1.0.0 - Your Company Name) Hidden
    Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Bloons TD5 (HKLM\...\Steam App 306020) (Version:  - Ninja Kiwi)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    BYOND (HKLM-x32\...\BYOND) (Version: 511.1363 - BYOND)
    Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
    Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‎Canon Inc.‬)
    Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
    Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
    Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
    Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
    Canon MG3200 series User Registration (HKLM-x32\...\Canon MG3200 series User Registration) (Version:  - Canon Inc.‎)
    Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
    Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
    Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
    Castle Crashers (HKLM\...\Steam App 204360) (Version:  - The Behemoth)
    Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Chronicle: RuneScape Legends (HKLM\...\Steam App 205890) (Version:  - Jagex)
    Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
    Clicker Guild (HKLM\...\Steam App 557810) (Version:  - Fox Dawn)
    Clicker Heroes (HKLM\...\Steam App 363970) (Version:  - Playsaurus)
    Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
    Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
    Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
    CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
    CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
    CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Darkest Dungeon (HKLM\...\Steam App 262060) (Version:  - Red Hook Studios)
    Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
    Discord (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
    Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
    Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
    DOOM 3: BFG Edition (HKLM-x32\...\Steam App 208200) (Version:  - id Software)
    Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
    Dragon's Dogma: Dark Arisen (HKLM\...\Steam App 367500) (Version:  - Capcom)
    Dungeon Defenders II (HKLM\...\Steam App 236110) (Version:  - Trendy Entertainment)
    Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
    Easy Tune 6 B14.0508.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
    Easy Tune 6 B14.0508.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
    Empyrion - Galactic Survival (HKLM\...\Steam App 383120) (Version:  - Eleon Game Studios)
    Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
    Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
    Factorio (HKLM\...\Steam App 427520) (Version:  - Wube Software LTD.)
    FLV2PC v5.9.0 (HKLM-x32\...\FLV2PC_is1) (Version: 5.9.0 - )
    FMW 1 (Version: 1.163.1 - AVG Technologies) Hidden
    Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
    Free Mahjong Games (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Free Mahjong Games) (Version: 1.0 - )
    Free Screen To Video V 2.0 (HKLM-x32\...\Free Screen To Video_is1) (Version: 2.0.0.0 - Koyote Soft)
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
    Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
    Google Chrome (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
    Guild of Dungeoneering (HKLM-x32\...\Steam App 317820) (Version:  - Gambrinous)
    Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
    HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.4.4 - Hi-Rez Studios)
    Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
    HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
    HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
    HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
    IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
    IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
    InfiniteCrisis_410193F41CAE (HKLM-x32\...\InfiniteCrisis_410193F41CAE) (Version:  - Turbine, Inc)
    iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
    Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
    Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
    King Arthur's Gold (HKLM-x32\...\{AC34F03B-B4C8-4892-8BD3-34DC1C7E8DE5}) (Version: 0.95.590.0 - THD)
    League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
    League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
    Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
    LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
    LEGO® Worlds (HKLM\...\Steam App 332310) (Version:  - TT Games)
    LibreOffice 4.0.2.2 (HKLM-x32\...\{1062AD6C-80F4-4BC6-AB7C-A28892B497B8}) (Version: 4.0.2.2 - The Document Foundation)
    LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
    LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
    LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
    LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
    Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)
    Magicka 2 (HKLM\...\Steam App 238370) (Version:  - Pieces Interactive)
    Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
    Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
    Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{17c2e197-cf26-443b-8beb-53151940df3f}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
    Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
    Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Microsoft Zoo Tycoon (HKLM-x32\...\Zoo Tycoon 1.0) (Version:  - )
    Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
    Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
    Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
    Multimedia Fusion 2 (HKLM-x32\...\Multimedia Fusion 2) (Version:  - )
    Mumble 1.2.5 (HKLM-x32\...\{C7BC557D-8C8B-4F5F-83AB-D20C58CF4575}) (Version: 1.2.5 - Thorvald Natvig)
    NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
    NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
    OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.3 - OBS Project)
    Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
    Oracle VM VirtualBox 4.2.6 (HKLM\...\{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}) (Version: 4.2.6 - Oracle Corporation)
    ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
    Osiris: New Dawn (HKLM\...\Steam App 402710) (Version:  - Fenix Fire Entertainment)
    Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
    PakkISO 0.4 (HKLM-x32\...\PakkISO_is1) (Version: PakkISO 0.4 by zorted, installer by BitLooter - )
    Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
    Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
    PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
    ph (x32 Version: 1.0.0 - Your Company Name) Hidden
    Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
    Pixelmon Launcher (Beta) (HKLM-x32\...\Pixelmon Launcher (Beta) 2.0.26) (Version: 2.0.26 - Ikara Software Limited)
    Pixelmon Launcher (Beta) (x32 Version: 2.0.26 - Ikara Software Limited) Hidden
    PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Daybreak Game Company)
    PlanetSide 2 (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Project Zomboid (HKLM\...\Steam App 108600) (Version:  - The Indie Stone)
    Project Zomboid Dedicated Server (HKLM\...\Steam App 380870) (Version:  - )
    PULSAR: Lost Colony (HKLM\...\Steam App 252870) (Version:  - Leafy Games)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
    Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27599 - Razer Inc.)
    Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
    ROBLOX Player for Eskew (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
    ROBLOX Studio for Eskew (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
    Robocraft version 0.3.274 (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.274 - Freejam)
    RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
    RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd)
    Security Task Manager 2.1i (HKLM-x32\...\Security Task Manager) (Version: 2.1i - Neuber Software)
    SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
    Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
    Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
    SMITE (HKLM\...\Steam App 386360) (Version:  - Hi-Rez Studios)
    Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
    SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
    Spotify (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Spotify) (Version: 1.0.42.151.g19de0aa6 - Spotify AB)
    Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
    STAR WARS™ Battlefront™ II (HKLM\...\Steam App 6060) (Version:  - Pandemic Studios)
    STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
    Starbound (HKLM\...\Steam App 211820) (Version:  - )
    StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
    Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    SteamVR (HKLM-x32\...\Steam App 250820) (Version:  - )
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Tabletop Simulator (HKLM\...\Steam App 286160) (Version:  - Berserk Games)
    Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
    TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
    TeamSpeak 3 Client (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
    Techne (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\244a1e8693fd9c7e) (Version: 1.3.0.15 - ZeuX and r4wk)
    Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
    The Jackbox Party Pack 3 (HKLM\...\Steam App 434170) (Version:  - Jackbox Games, Inc.)
    The Witcher 2: Assassins of Kings Enhanced Edition (HKLM\...\Steam App 20920) (Version:  - CD PROJEKT RED)
    The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version:  - CD PROJEKT RED)
    The Witcher: Enhanced Edition (HKLM\...\Steam App 20900) (Version:  - CD PROJEKT RED)
    Trove (HKLM-x32\...\Glyph Trove) (Version:  - Trion Worlds, Inc.)
    Tt eSPORTS VENTUS Mouse (HKLM-x32\...\{766BD494-B1C8-4491-BBA7-1AABF9BF0660}) (Version: 1.0.0 - Tt eSPORTS)
    Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
    Unity Web Player (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\UnityWebPlayer) (Version: 5.2.3f1 - Unity Technologies ApS)
    univcredist (HKLM-x32\...\{2d9d4a60-1d22-46c1-84bb-1de04b4715d7}) (Version: 1.0.0.0 - Motiga)
    Unturned (HKLM\...\Steam App 304930) (Version:  - Smartly Dressed Games)
    Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
    VIO Player version 1.0.1 (HKLM-x32\...\{C8A17598-7F89-41EA-9876-0F89DA0B24F1}_is1) (Version: 1.0.1 - VIO)
    Viscera Cleanup Detail (HKLM-x32\...\Steam App 246900) (Version:  - RuneStorm)
    Viscera Cleanup Detail: alpha v0.25
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
    Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
    Warhammer: End Times - Vermintide (HKLM\...\Steam App 235540) (Version:  - Fatshark)
    Waste Walkers (HKLM\...\Steam App 371100) (Version:  - Corrosive Studios LLC)
    WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
    XSplit Broadcaster (HKLM-x32\...\{4202CAFA-F8F9-4311-8A13-19DB48AAF5F7}) (Version: 2.2.1502.1633 - SplitmediaLabs)
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{66131700-2ee5-4034-a67a-9f28774368e3}\InprocServer32 -> C:\Windows\SysWOW64\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Roblox\Versions\version-8756646edb404aaf\RobloxProxy64.dll (ROBLOX Corporation)
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {26E636BA-44CD-4450-8C94-067074443D37} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-22] (Microsoft Corporation)
    Task: {2E1AD61C-9923-4505-A94D-D2EFA9C12430} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe 
    Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
    Task: {3CB8C14F-58BC-4B18-B360-3255709C654C} - \Online Application v209 Guard -> No File <==== ATTENTION
    Task: {4C8BE195-6011-48A1-98C0-1AA1935C5EBA} - \Online Application v209 Guardian -> No File <==== ATTENTION
    Task: {4CA5593B-CDC2-4663-A1E0-275A25429E4C} - System32\Tasks\{88A2001F-FBC4-477A-99DF-0C91444C63AD} => pcalua.exe -a "C:\Users\Eskew\Downloads\dotnetfx (1).exe" -d C:\Users\Eskew\Downloads
    Task: {50D9217A-46C1-44E6-90A1-A7129039CE3B} - System32\Tasks\{7397805F-4A56-4686-977E-8CBC53A081AF} => pcalua.exe -a "C:\Program Files (x86)\Glyph\GlyphClient.exe" -c -uninstall  -game 131
    Task: {6038FBF3-3629-488B-8FC1-DB73A95AE455} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001UA1d257fbdc135398 => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {6F5B6BC8-EA96-4091-9C6D-89D881882B06} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001Core => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {7ADBD0EE-0CDE-4CD8-820B-E188292104EA} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [2016-07-16] (Microsoft Corporation)
    Task: {7B225396-9243-4EA4-9E43-BFE678D480FA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
    Task: {80C0B092-4558-4A88-A385-065AD6F1D107} - System32\Tasks\HPCeeScheduleForEskew => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
    Task: {81093AC7-C134-463E-A18D-F9D029CF3722} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-16] (Adobe Systems Incorporated)
    Task: {BD6D1757-FE32-4B78-869D-A93012C21857} - System32\Tasks\{D01AF756-DFFD-4359-8D62-4BA2DA949F2F} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/en/abandoninstall?page=tsProgressBar
    Task: {C171877A-DEE5-4A45-B5FD-1D3DAD79E1BD} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Eskew\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
    Task: {D487CBE6-87CC-4D3D-859D-901F09733C72} - System32\Tasks\{9683697A-7CBF-4F87-96C3-1F514C197363} => pcalua.exe -a C:\Users\Eskew\AppData\Local\Roblox\Versions\version-1600d28b04c54698\RobloxPlayerLauncher.exe -c -uninstall
    Task: {D4DAB5AA-64FA-4200-A100-0DD4C6D8B2A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001UA => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {DFF0F439-CE45-4D3B-B802-17589BA6D15C} - System32\Tasks\AdobeAAMUpdater-1.0-EskewPC-Eskew => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
    Task: {E1EB435A-B19B-490C-8D07-E641ADC9BB97} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {EA2E1BBB-507B-42EE-BAE2-6DB71C9AE74B} - System32\Tasks\{8F7B53BB-88C5-41E2-A80D-64960DF2106B} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/en/abandoninstall?page=tsProgressBar
    Task: {EB0C046F-147E-496A-8498-A908EC345523} - System32\Tasks\{85C1A459-4CC3-41EF-8702-6EAA011491A5} => pcalua.exe -a C:\Users\Eskew\AppData\Local\uninstallro.exe
    Task: {F63D0CAD-069D-4C96-B0F0-18E7372DD452} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001Core1d257fbdbfad668 => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    ==================== Loaded Modules (Whitelisted) ==============
     
    2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2016-12-14 07:57 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2016-12-14 07:57 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
    2013-06-19 23:45 - 2013-06-19 23:45 - 03317616 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
    2016-10-17 11:35 - 2016-10-17 11:35 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
    2017-01-10 16:50 - 2016-12-21 02:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
    2017-01-10 16:50 - 2016-12-21 01:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2017-01-10 16:50 - 2016-12-21 01:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2017-01-10 16:50 - 2016-12-21 01:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
    2017-01-10 16:50 - 2016-12-21 01:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
    2017-01-10 16:50 - 2016-12-21 01:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2017-01-10 16:50 - 2016-12-21 01:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
     
    ==================== Alternate Data Streams (Whitelisted) =========
     
    (If an entry is included in the fixlist, only the ADS will be removed.)
     
     
    ==================== Safe Mode (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
    iver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
     
    ==================== Association (Whitelisted) ===============
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
     
     
    ==================== Internet Explorer trusted/restricted ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry.)
     
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\clonewarsadventures.com -> clonewarsadventures.com
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\freerealms.com -> freerealms.com
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\genieo.com -> hxxp://search.genieo.com
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\soe.com -> soe.com
    IE trusted site: HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\sony.com -> sony.com
     
    ==================== Hosts content: ===============================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
     
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Eskew\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\6926074-cool-backgrounds-desktop.jpg
    DNS Servers: 192.168.2.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
    HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
    HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
    HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
    HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
    HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
    HKLM\...\StartupApproved\Run32: => "APSDaemon"
    HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
    HKLM\...\StartupApproved\Run32: => "Razer Synapse"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Spotify"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Spotify Web Helper"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Steam"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "EvolveClient"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Pando Media Booster"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "uTorrent"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Free Mahjong Games"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\StartupApproved\Run: => "Discord"
     
    ==================== FirewallRules (Whitelisted) ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{C5652AC9-C68E-45B3-9595-0136D8FEE61C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
    FirewallRules: [{E3C34B49-ED3F-423C-A3B4-FBE5EA357807}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
    FirewallRules: [UDP Query User{53DF9442-EFF3-496F-9589-F3B3BF796535}C:\users\eskew\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eskew\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [TCP Query User{789B1715-4EAD-4486-B0CA-C25736F3DC5D}C:\users\eskew\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eskew\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [{08F163C6-5B28-4089-ABB5-FFDAEA27CA6E}] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
    FirewallRules: [{43D4B8EA-424C-44A2-B662-2DD9889D437E}] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
    FirewallRules: [UDP Query User{443B0FA0-7448-4F41-88B8-AFF91FD282A4}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
    FirewallRules: [TCP Query User{7F798589-9D79-4E55-B200-A62F5F5E06EE}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
    FirewallRules: [{F727C66F-6B67-4C50-9EEC-39B2FA9EA516}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Paladins\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{A76B1AB0-EF9E-41B7-BF49-68AF08965644}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Paladins\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{689219CB-51E4-49D0-842F-60D6EDF9EE38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
    FirewallRules: [{9AE8F4DB-B112-4EC3-8C1B-62A146F5942B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
    FirewallRules: [{DC6C3319-9BD7-498E-AF1D-528F9994076F}] => (Block) C:\program files\java\jre1.8.0_101\bin\javaw.exe
    FirewallRules: [{9F83F63A-2EBE-4F23-931B-849B41BB312C}] => (Block) C:\program files\java\jre1.8.0_101\bin\javaw.exe
    FirewallRules: [UDP Query User{4FA2DA4B-9C72-4E6F-A865-225D3E29EB0E}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
    FirewallRules: [TCP Query User{A18FFF3B-A695-4CE6-9880-F5B90F4EF80A}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
    FirewallRules: [{759A6D99-A4BE-4AE8-A1B5-B48C6FA632E9}] => (Block) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
    FirewallRules: [{DC4939D8-9347-4108-806A-4D96052D2130}] => (Block) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{F6EF9304-C3BB-4CA6-AD4A-323515B199E8}C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{808ED691-7B4A-4884-8F6E-50795EFF4419}C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
    FirewallRules: [{0ECD3F9F-6920-4648-8563-33D61471BD64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
    FirewallRules: [{C404A64D-4816-4FD1-BB2C-75EF6FFA0F54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
    FirewallRules: [{9A7E3A3F-348D-4C76-989F-FE8A686ED5A8}] => (Block) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [{CD750997-7273-48F2-8CA1-81CAC47E0B40}] => (Block) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{4AB01451-7B36-4FC6-9FFC-EF63D2055A2A}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{28A5F0AE-36BA-4D85-8B59-21BF61F762BA}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
    FirewallRules: [{29F39C1C-8700-4351-B74F-EE32BEB0A80C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{60754CC7-2671-4C21-AEB1-390BFC232435}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{DFC70AC3-12EB-4D7A-8876-65822C86C64F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{5247466D-4DDC-4127-9512-08BC3B1CCDA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{2D2A8444-A5F1-405A-90E3-0795CBAE949B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{49A6075A-BC38-4762-8805-67BBA59BB1F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{2D2EA61F-F4F8-4E59-B1F2-09ED6F0D940A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{D542E109-6B0A-4027-A579-EA9E51322B78}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{B9FD509F-542D-48AA-B960-0B3634D1B1B3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{D6CD9F7B-6F14-426A-9B4E-3289A63B4E69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka 2\engine\Magicka2.exe
    FirewallRules: [{BE6F2DF3-933C-4C81-811D-428BCE328393}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka 2\engine\Magicka2.exe
    FirewallRules: [UDP Query User{188442E6-91AB-4FD6-9FBF-CE31D6996C6C}C:\program files\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_92\bin\javaw.exe
    FirewallRules: [TCP Query User{359C51DA-7834-4FCB-81D2-F8B588778C62}C:\program files\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_92\bin\javaw.exe
    FirewallRules: [UDP Query User{59720194-978E-4C8F-BF83-62C4F0946683}C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
    FirewallRules: [TCP Query User{F56A6D76-B3E2-4B5F-8475-989BFF0C3777}C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
    FirewallRules: [{24C91BDA-5DF3-4E29-8ABA-295C33BBDBE4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chronicle\Chronicle.exe
    FirewallRules: [{FF7F79D0-0F1B-45C9-966E-1469CEF1B155}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chronicle\Chronicle.exe
    FirewallRules: [UDP Query User{BCC43D6A-1C9B-43E6-B2C7-D8421FB125AE}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
    FirewallRules: [TCP Query User{ED0291AF-E1EE-4684-A183-7B1A27D6B643}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
    FirewallRules: [UDP Query User{46681C6E-7546-4B52-9881-DFD7CD62C13C}C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{26898491-322A-4021-A5CB-5B68E66D527C}C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe
    FirewallRules: [{E46F1158-D4F7-4661-B8E4-7F82EB339AED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Instant Dungeon!\bin\instantdungeon.exe
    FirewallRules: [{6A4094A5-7975-42FB-ABAE-A9B901BED62C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Instant Dungeon!\bin\instantdungeon.exe
    FirewallRules: [{4D6F1C54-98D1-4244-8FE9-C8B3450FEA17}] => (Block) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
    FirewallRules: [{EBD60850-2F12-4A3F-8851-6E6023FC3533}] => (Block) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{52AD9C15-A3FA-4A6F-AD22-5AB5AD78ED1B}C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{ADFCA11F-2BAD-4186-8B08-C23937F2AD68}C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
    FirewallRules: [{A2658393-E8F5-43A2-B9C8-E4F488D9ECD8}] => (Block) C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe
    FirewallRules: [{41BCD1F8-E3D2-46D6-B537-DA31A59765BE}] => (Block) C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe
    FirewallRules: [UDP Query User{6CEDB2A2-B395-4FB5-A541-D251F86790D4}C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe] => (Allow) C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe
    FirewallRules: [TCP Query User{E0F566F5-A9FB-4653-8204-DB4204997963}C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe] => (Allow) C:\users\eskew\downloads\igg-empyriongalacticsurvival543\empyrion.exe
    FirewallRules: [{494A8809-FF61-4B6A-A791-88C34A947BE5}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{B83D9B01-F72E-4BF2-8F68-D7432F3C39DC}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{D545C17C-5402-493E-935B-AC64AB4D52B8}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{9480CDA7-FCCA-442F-B64F-7A26353822DD}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{AA448F59-2A6E-4B72-88E6-DCDAD5D93C96}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{BE9B94E6-1C8B-4AE6-AEF2-93AF6A1E7DDF}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{269D48B0-D1F5-49EC-8A33-B1451EAE405A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{816FBEFF-133D-44BE-B774-5EA783E12338}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{51DB5B1F-4FA2-430B-B950-ABFF94497918}] => (Block) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
    FirewallRules: [{674D7293-C5B3-4F41-B0B6-0F4EB035369F}] => (Block) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{95CBE8EC-B639-4D1E-9D18-93A14255D4B6}C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{A07818E0-E64C-4E2E-9C34-338B497263DB}C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
    FirewallRules: [{F3B1EA0F-4E33-41BD-BCD5-7CE2F7E57C5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{912A511B-5519-4638-8882-FDD307526D99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{F2478B16-823C-4695-A153-605CA44DE3F2}] => (Block) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
    FirewallRules: [{71EE9503-AC48-4AFE-8925-5C6AD3796D2B}] => (Block) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{081322BB-BB0E-44A5-88D5-8E9D19FBEBF0}C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{8ADC0EEE-C5C2-4C4A-8A74-79D021EF61EB}C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
    FirewallRules: [{352BE075-7FD9-4527-827F-E2EE783DF1C7}] => (Block) C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe
    FirewallRules: [{CB6FC3CC-BD50-4FB4-861B-3B24B8ACD07E}] => (Block) C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe
    FirewallRules: [UDP Query User{6ADC5327-3C73-4276-8B6D-D53992B89050}C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe
    FirewallRules: [TCP Query User{7925AC55-E7CF-4B89-BF00-CD995D07FBA8}C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\project zomboid dedicated server\jre\bin\java.exe
    FirewallRules: [{F54E3BA1-977F-47A3-841E-F1DDD2C75182}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Project Zomboid Dedicated Server\ProjectZomboid64.exe
    FirewallRules: [{73B047D1-17F7-4C37-9483-C76F5D068079}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Project Zomboid Dedicated Server\ProjectZomboid64.exe
    FirewallRules: [{65D6F146-C366-46B6-BAD0-DDE08AF3DE1E}] => (Block) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [{D9322CBA-8D58-465E-8B5F-05FA60B33771}] => (Block) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [UDP Query User{F9C986AE-486B-41DE-8F6A-A8348D2C0928}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [TCP Query User{00FA93B1-E68C-4973-9F4D-B5C173A6A2B6}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [{3F295F88-8B08-47E6-83FC-F2575163C25F}] => (Block) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
    FirewallRules: [{BD8E1259-078B-4975-AD7E-F969E51D63D6}] => (Block) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
    FirewallRules: [UDP Query User{8455F34D-B2CC-4D6D-8B19-29108D2BFDB6}C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
    FirewallRules: [TCP Query User{F31558B0-C735-4AD6-B43D-A615C935DAC4}C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
    FirewallRules: [{E342A7CE-03FF-4A79-9595-D53277A0CA61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
    FirewallRules: [{6348AD98-9D24-4CCD-A6FA-30C2DB5719B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
    FirewallRules: [{017255D7-371F-447E-98EC-B31BCBF27F10}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid32.exe
    FirewallRules: [{A2BB8799-0C5E-4D3F-AAFD-EE2D3096F390}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid32.exe
    FirewallRules: [{1CBCAEAF-B9A0-4DEA-AFE9-105CA90D5CA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win64\UDK.exe
    FirewallRules: [{B7F79E19-6AAB-48E1-A110-572E700FF9E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win64\UDK.exe
    FirewallRules: [{A4B5A2B4-6B6E-41CE-9CDF-D1003D5F086B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win32\UDK.exe
    FirewallRules: [{6496FE8F-E784-4821-A737-903618217E73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win32\UDK.exe
    FirewallRules: [{59874DFF-6F70-410E-8D5A-A9810FCFC380}] => (Block) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
    FirewallRules: [{1AA9AA47-E317-41BF-BB36-1BA3728CEC37}] => (Block) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{81FC4DD7-08C9-42BE-80E5-CB7DC04E3BDA}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{A23E57CA-D3CD-4BA4-AF9E-C9F0B2E1B2AC}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
    FirewallRules: [{96EA9B7F-37E6-4782-8CA8-BAA1AF9F48AC}] => (Block) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
    FirewallRules: [{807DA272-445C-431C-BC8E-634FC7612603}] => (Block) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{13AABE66-5512-4930-BDEA-B848773EAB8C}C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{AD8E3720-CBF6-4D0F-A75F-2995C206DABA}C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{1377C921-1551-41D0-A0E3-8455F8E5D82A}C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{944E90ED-69C5-4D81-809A-D90ADBFDEC1A}C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
    FirewallRules: [{8675C87C-B63C-4192-A4CB-D13B9CBB0C26}] => (Block) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
    FirewallRules: [{EA989A95-E165-4470-AB22-FD3FF12A0CA6}] => (Block) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{FDC982AB-D698-4E02-A968-1BB314FA19FF}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{524C20EB-D0CF-48BF-AABC-02C5B02FD43D}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{8656E366-401C-4BF8-9F5D-C6DDBDB652B5}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
    FirewallRules: [TCP Query User{BF5163AA-8F7B-4A8F-B164-F05E0D9F4325}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
    FirewallRules: [{976BB0F0-2C25-4219-8CC1-AC87AFAB4BD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
    FirewallRules: [{8FAB2DE4-1381-46C8-AB53-5231A79CD049}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
    FirewallRules: [{2522A6C2-24F5-4BC2-B689-72F34F42DEB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exe
    FirewallRules: [{65E0B3F6-53F9-49A1-BB09-ABC6E7BB2572}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exe
    FirewallRules: [{F1151460-4146-4DA8-9BEB-8A0F9A8D3EB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
    FirewallRules: [{2FA8444E-8EAC-4022-8B2D-83C0252A50AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
    FirewallRules: [{8DFCC7B1-11BE-42C3-9181-405BEF2E59BB}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{2C17D8D6-BD18-448A-9881-B5C98BEEA43F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{049D419A-5EE0-43CD-8B30-D64DBD4DC913}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{04E47672-E680-4B25-8FE7-4A04B0173351}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{8B7B1417-D1E6-4090-BF96-26DD21B827C5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{F6F21453-4FCC-44E4-A913-A437198DB298}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guild of Dungeoneering\dungeoneering.exe
    FirewallRules: [{1E20A117-C8FF-4D38-84AA-28FA1446DB3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guild of Dungeoneering\dungeoneering.exe
    FirewallRules: [UDP Query User{772C82F0-4B50-486D-90C7-AD79BE648CEC}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
    FirewallRules: [TCP Query User{967A207F-DF38-497D-A895-192552EAAD6F}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
    FirewallRules: [{D77DAA36-B60F-4A8B-B657-C48998D0C874}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
    FirewallRules: [{E0D978CE-DE8F-447D-A57C-1E39DA268050}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
    FirewallRules: [UDP Query User{01C7274E-0635-4208-9FCC-3F63E2E1A206}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{CACBCDF0-CD76-4343-BD4F-F2E2448F19B0}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{ED7ABC0D-1986-4344-944D-6CD80A5F7D2A}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
    FirewallRules: [TCP Query User{8BD62EB2-2767-4E85-BD5B-E1C503C8D26F}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
    FirewallRules: [{AAFEAE83-176B-4DAE-BAAF-3669CFCDE641}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
    FirewallRules: [{B7E68FD3-4B05-4FB4-A1C7-224D5F68E659}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
    FirewallRules: [UDP Query User{5A68E45B-EA81-42E3-B1E0-58F3B6687A32}C:\users\eskew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eskew\appdata\roaming\spotify\spotify.exe
    FirewallRules: [TCP Query User{F825687C-606F-4337-8168-8ED6B8B26215}C:\users\eskew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eskew\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{B84C352C-B84B-4D2B-8016-1020298093F7}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
    FirewallRules: [{67BA0047-F06F-40FB-A906-E5906FC95491}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{87AF74AA-98E1-4353-A586-6D587C6F007A}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{4B6E2F9E-E771-4D5B-8A94-BFFE2FC34EF8}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
    FirewallRules: [{4FCF659D-0841-4328-BEC6-35ED3C97B573}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [{629607DD-9943-4E04-B2E2-A08995B48806}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{DA340BD8-E5FA-4B41-AF89-6B0253C3170B}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{D8164110-2C99-4764-AF41-672530A922CF}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [{46C46BD3-3F59-4A7F-9F90-1602B16816B8}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
    FirewallRules: [{AC1D6983-7F93-4927-A845-ECAF176743F0}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{34C7F983-1357-402C-9974-3D865609407F}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{1D63E604-3DA5-43DA-AECF-341C4EC891BC}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
    FirewallRules: [{F721C625-7474-4BB8-8B5F-A0EE4691FA73}] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [{6B5AEF11-CC9A-41A1-ABB2-848AC93F6122}] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [UDP Query User{C80D652A-E93E-4A41-9411-157BF4ABCE90}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [TCP Query User{2B8E5443-6653-4545-B270-2B51D2869EA7}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [{1BA8A699-5B88-4978-8AF3-FCF1F9BDB76D}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [{53D157D0-26F1-4E94-9257-19E4FA19E473}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [UDP Query User{F2B2638D-94E1-4CC4-AF09-7E709D2E2389}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [TCP Query User{00BC6A53-4242-4729-AA2D-1D7BABCAD5C3}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [{27D79B84-02C7-4437-AE15-CBE082E434EE}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
    FirewallRules: [{E4290456-2BC2-4788-9088-C018AD3D1BE2}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{F0D85276-DF98-4F6E-9E69-D4AEB2E5BF61}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{A5444306-1310-46EA-A7C3-0646570DAF84}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
    FirewallRules: [{158F2EA5-0CAA-4FE4-A7FD-E3935B9AB210}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
    FirewallRules: [{488C75C1-CEF0-4C31-BB23-38EFE3E30A19}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{6250938F-B39B-4D6F-93F2-A26254172F13}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{DCA7BC27-A9E3-494B-9407-6D9646E6853E}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
    FirewallRules: [{29299EB9-772E-4AA0-B7B3-CF0BBBFBC6F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [{E8BC3962-FF3A-4C29-8E8C-A647457395EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{5B5BE4D9-49C9-460C-955D-04D16E32A449}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{B32BA7DB-F950-408D-85E8-8BB49A0FD449}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{8690A699-7D5D-43DE-A6C7-8AC0594D15D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{D1962BC6-CC32-4E29-B34E-7A86FC506C43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{7CA8FE1E-467B-46ED-8E3A-AC021D68AB5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [{2B7B1E43-57CB-4430-8AAD-50D8C7C8864F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{ACDDDED2-BC66-4815-8161-061FCC1DF6A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{5BD6366A-3229-4030-B19A-123547EA5A80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{729F005F-EAF5-4FBB-96BA-3F00DB9851AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{3650BB56-943A-4CF2-A240-EB93BC8ECE5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [UDP Query User{65366372-1E9B-4539-B442-FC49320C638F}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{45751F75-4EDA-4C6C-BB13-AB717EE0FAE7}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
    FirewallRules: [{A5BAE59E-379B-4B80-9B03-2C3767478350}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [{4C6E0365-8C02-4E15-88AD-BA95DB934FDD}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [{27CFACCD-EB72-42A5-BEFC-6D989DC093FF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    FirewallRules: [{1500E4C5-F476-4CE0-B883-2EA6DBE4DBB5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    FirewallRules: [{6779208D-6A39-4499-8659-2B0E1498D37C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
    FirewallRules: [{D3F1C6F7-0111-4C06-8C3E-AFC1CA6D6158}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
    FirewallRules: [{66D10DB5-63FB-4D50-A008-B7327054331C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    FirewallRules: [{56FD8CF5-8094-465B-87C4-FA75C0150560}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    FirewallRules: [{79A96380-F239-4CEE-ABD0-1C89E79F0221}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
    FirewallRules: [{433084C9-E939-476F-ABF6-2D0583E79677}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
    FirewallRules: [{2CB9C27D-2DEB-4A43-A342-2DC801CA7735}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{07EEE626-4104-4676-9436-F9E7BB37E923}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{2C1189AB-CD11-48AC-87CF-74E5E01C89EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
    FirewallRules: [{8F864BDF-864A-4684-BEE4-3D09CCB5CB9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
    FirewallRules: [UDP Query User{D2C756D5-3562-4E6B-918B-9E479E20FAA7}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
    FirewallRules: [TCP Query User{AABE563C-446A-496E-8929-9221C958C93B}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
    FirewallRules: [{FEA6925D-AFA8-49B0-ABB4-D9E4794A6164}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{3507BE52-5C14-49D0-A909-EE32B3C3E977}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{A277961D-320F-472E-B36B-3EC2F31CC8D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe
    FirewallRules: [{432A7438-1581-4137-8538-91E0327AF46D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe
    FirewallRules: [{D82CB721-3898-4FB9-810F-B45B4DF998DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pixel Piracy\PixelPiracy.exe
    FirewallRules: [{F0DDD9ED-4E46-4307-BFD1-080283040E1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pixel Piracy\PixelPiracy.exe
    FirewallRules: [{3F343D5E-B008-475B-9821-131ADF2D6A35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{9CC51CC6-9DC3-4703-A0D7-9C04692A7AF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{4309C819-29CF-4B4C-80E7-63C3009FB764}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
    FirewallRules: [{DED4B7DD-1D85-4D1E-AC6D-EF98E2346F2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
    FirewallRules: [UDP Query User{F798A0DF-0B91-47F7-94D8-E84C1042086F}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
    FirewallRules: [TCP Query User{488043AD-4F39-424C-94D4-1C019D8304DD}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
    FirewallRules: [UDP Query User{2FAD617D-53CE-44FA-925D-E9C95D1CDBBB}C:\users\eskew\appdata\local\roblox\versions\version-690117d1a88742de\robloxstudiobeta.exe] => (Allow) C:\users\eskew\appdata\local\roblox\versions\version-690117d1a88742de\robloxstudiobeta.exe
    FirewallRules: [TCP Query User{F76C0655-DAD5-4364-B571-3997BDB347AC}C:\users\eskew\appdata\local\roblox\versions\version-690117d1a88742de\robloxstudiobeta.exe] => (Allow) C:\users\eskew\appdata\local\roblox\versions\version-690117d1a88742de\robloxstudiobeta.exe
    FirewallRules: [{462EF32A-E6BF-4950-A180-2E09CD5A6FFA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
    FirewallRules: [{C939007C-0BB0-444A-804B-2D95F7F4C4FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
    FirewallRules: [UDP Query User{D33D09A6-5F14-4AA7-BD31-F617857BDDF3}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{B8814D91-C19A-4F4F-B2CD-58A9F8B841D8}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{0286963B-A98A-4472-826A-CB6369C2D57E}C:\users\eskew\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\eskew\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
    FirewallRules: [TCP Query User{CDC8D4F5-881E-4AD4-B065-025FBDE2A9F7}C:\users\eskew\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\eskew\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
    FirewallRules: [{882F7DE9-1497-4072-A3B5-16EB65D0B829}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
    FirewallRules: [{CF840A47-0F05-4B12-A778-ADC1DF4FB0AF}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
    FirewallRules: [{727D7F74-91DA-4FF8-97AF-BADA1180BDE2}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
    FirewallRules: [{7CAAF848-F6EE-4258-8FFB-6ECCA7F4B507}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
    FirewallRules: [{6F94D2BD-B45F-4583-A572-0AF2554ACC01}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
    FirewallRules: [{7F088BD1-9B29-4A58-92CA-F03E7276E7F8}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
    FirewallRules: [{5D656651-A5F4-4DD5-828A-177F9F6A1B5F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
    FirewallRules: [{4DF20550-9CC7-448E-9B74-BF585DCAFF97}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
    FirewallRules: [{4EF1DFA3-FFCE-428A-91AD-5E053536590C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{D6617688-08F1-4418-BE3C-189FA444ECAF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{D193AB41-BEDC-4A4F-9FBB-4DFCF9CA5B3E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
    FirewallRules: [{24AE5643-3A77-4A25-BBE3-59DDC27381BD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
    FirewallRules: [UDP Query User{77A80E8D-D61E-4B30-8A99-98DADBE175CA}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
    FirewallRules: [TCP Query User{C63926D2-9E37-4A28-86D7-0978E8B10407}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
    FirewallRules: [UDP Query User{3C77E4B7-A7E6-4830-9D1A-ED7DBDC08F99}C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
    FirewallRules: [TCP Query User{C3748463-D552-4DDA-B96B-9341DDDD68FF}C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
    FirewallRules: [{66ADD3EA-8898-45A7-8C4A-37D220A2493C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{39E9DAA7-CA0D-46F7-82F9-52C87EADFC52}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [UDP Query User{39E0FA79-E8CD-458C-8465-501D7E1CC57C}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
    FirewallRules: [TCP Query User{28A2EE4A-BACA-4CB1-BDCF-34E05BBC903B}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
    FirewallRules: [{D0DE57AA-49BE-4D79-87E8-0D454849E613}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
    FirewallRules: [{9FAFCB57-0466-4B12-98AF-4D75DFC786FB}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
    FirewallRules: [{18E91F99-ADE6-4911-AF6D-68FBD305C95F}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
    FirewallRules: [{AE970FF9-00D9-4A7D-A6DD-577AF4C674AD}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
    FirewallRules: [{AD8284F2-1465-4FF1-9183-5A8DAE3D21D7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [{904805D9-1590-409F-B5E4-DC34F955CEF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [UDP Query User{2EF22253-4F41-423E-9ADD-5228B3DEE986}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
    FirewallRules: [TCP Query User{E6CEF907-F362-4DEF-B0AE-4084F2ACFDF4}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
    FirewallRules: [UDP Query User{2889BC7D-3D7D-4DF4-847C-6E3240862F9C}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [TCP Query User{C79B9B61-7D90-4315-AF0A-EA145431ADD4}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
    FirewallRules: [{E085033A-29D8-4044-B9E4-D8DF3A8F5EF4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [{28F48236-2208-4DA7-A341-E92FD61276E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [UDP Query User{BAC210B7-3E2B-43E6-A250-04D8C239DFE8}C:\users\eskew\kag-beta\kag.exe] => (Allow) C:\users\eskew\kag-beta\kag.exe
    FirewallRules: [TCP Query User{0680FB6D-6A62-4D26-9A12-136CCA085BCA}C:\users\eskew\kag-beta\kag.exe] => (Allow) C:\users\eskew\kag-beta\kag.exe
    FirewallRules: [{C6904E55-EFE8-4D2C-9FD9-5E1B5C042FC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
    FirewallRules: [{BF130B46-151A-4DC0-B392-2EB7AE3DBFC2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
    FirewallRules: [{BC82BB4D-A707-4F7D-BE6E-B9EA8ED115A2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [{6ABC15CC-2EB5-4D08-AA67-CE42220BC680}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [{E6912596-3290-445E-8081-B3EE26A2C166}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{BEEC0F47-12EA-4686-BD92-244E61561063}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{9040F65D-DDB4-4A49-9E62-CF2169B038ED}] => (Allow) C:\Windows\SysWOW64\javaws.exe
    FirewallRules: [{2342D790-2291-4C84-AADA-4600B996237B}] => (Allow) C:\Windows\SysWOW64\javaws.exe
    FirewallRules: [{4ED38164-8E3A-4476-9749-EC99E02116E9}] => (Allow) C:\Windows\SysWOW64\javaws.exe
    FirewallRules: [{D058ED8A-EA75-4572-BA8E-A62AA63D1094}] => (Allow) C:\Windows\SysWOW64\javaws.exe
    FirewallRules: [{97BBAA5D-0269-4B91-ACBA-BBEAB69C2329}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
    FirewallRules: [{33C85BAF-A7B1-4C87-90AE-698F2B615A2D}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
    FirewallRules: [{11AD28E4-D36A-4376-85EC-BCF766AD8D0B}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
    FirewallRules: [{31B102E3-3AE7-413E-A4C9-DC0F172F2481}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
    FirewallRules: [{CD9B8F7D-7219-47AC-9BF9-858D2694796F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
    FirewallRules: [{64494BDA-DA5F-4748-8A72-B6A6DFAB236C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
    FirewallRules: [{E4350CED-0E8F-401E-90BB-F6ADA010E7A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{C94CEC50-5384-4DC9-B591-D1CA5BF899A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [UDP Query User{9DEBCF8E-CB10-4E1C-A945-9B42914445DF}C:\program files (x86)\infinitecrisis\infinitecrisis.exe] => (Allow) C:\program files (x86)\infinitecrisis\infinitecrisis.exe
    FirewallRules: [TCP Query User{D270D2FE-0A71-47DA-86A3-158AE2D62A69}C:\program files (x86)\infinitecrisis\infinitecrisis.exe] => (Allow) C:\program files (x86)\infinitecrisis\infinitecrisis.exe
    FirewallRules: [{02A55193-E5EE-47A2-AD1C-5DD374A6CB92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{37EBD480-83EF-4726-89B4-53399C462615}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{FF9E5B5E-BC43-4973-ABBD-57806AC0E585}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{71F225AD-A723-4E86-860A-E4321EF912B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{359F67E8-20E4-4FA8-844B-48F160AD2ED0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
    FirewallRules: [{73977880-CBB6-49D8-AEB4-70073C700CF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
    FirewallRules: [{C8A6C7F9-121F-4CB5-9004-5072EBBE8A06}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{29C5D8D9-E872-4ABD-89F7-3C0B681FB7A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{29B60F48-08E2-4EEB-BCA3-582840880D34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
    FirewallRules: [{9F4E5BFB-647E-4D69-855E-F5480E9DC3E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
    FirewallRules: [{70D5AA57-7468-4358-A7AF-486E39963D04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{F49F843E-74EF-4EFF-8A96-D2502B328762}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [UDP Query User{CB59A18A-514C-460F-BDB9-C1DE251886D9}C:\users\eskew\desktop\new folder\7 days to die alpha 4 x86 cracked\7daystodie.exe] => (Block) C:\users\eskew\desktop\new folder\7 days to die alpha 4 x86 cracked\7daystodie.exe
    FirewallRules: [TCP Query User{1502BABB-ACFF-4CC7-BD17-58F9B6B0A994}C:\users\eskew\desktop\new folder\7 days to die alpha 4 x86 cracked\7daystodie.exe] => (Block) C:\users\eskew\desktop\new folder\7 days to die alpha 4 x86 cracked\7daystodie.exe
    FirewallRules: [{51AAC650-7E08-465C-8A0F-A05F410DE9EF}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{B2090C5B-884C-4524-9100-590098663059}] => (Allow) C:\Users\Eskew\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{51F3D22E-20A8-43E6-BC71-C17CFA6F2C7C}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{6FC1C550-C981-455E-9FF9-50B9C5A50702}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{CBB40C8D-B530-4778-BBD2-64EB2FB82ED3}] => (Allow) LPort=2869
    FirewallRules: [{FF47D2AC-0BAA-4867-A12D-80A78EC37C62}] => (Allow) LPort=1900
    FirewallRules: [{129D72B3-0F31-468A-80E0-5EA1CC86329F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{93FF6E1B-342B-4E62-BB25-B86A00B67734}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{4D92535A-1C04-41B4-86DD-246E237CCE60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DC Universe Online\LaunchPad.exe
    FirewallRules: [{71FCEEF0-CCB1-4803-9964-C54391C8A33E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DC Universe Online\LaunchPad.exe
    FirewallRules: [{5A6E21B4-6E1D-419B-84C7-37004433CACF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\ameskew\garrysmod\hl2.exe
    FirewallRules: [{8753C357-7DAC-4B01-8C16-2EF867425495}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\ameskew\garrysmod\hl2.exe
    FirewallRules: [{640DF447-7CF4-48B2-A8CE-136C7BBF167F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Home\home-win-eng.exe
    FirewallRules: [{AF3D6A11-6D36-4C03-B0B1-BE6733031AD2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Home\home-win-eng.exe
    FirewallRules: [{9687C0E9-F850-4769-885B-9B33BDB84787}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
    FirewallRules: [{BC5091A9-1BDD-493C-B12C-4D6A55E7F0A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
    FirewallRules: [{C28C3756-0EC9-4EDF-9A93-8CF13B3288EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
    FirewallRules: [{A2784F60-B248-4325-A22C-838E8E2C97C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
    FirewallRules: [{993FD205-6FF2-4E8F-AE95-DB4C62B57262}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
    FirewallRules: [{01F9C409-73DD-47E3-BE35-55401391B2CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
    FirewallRules: [{0BE90592-5C08-4185-A7BC-66C69A50FA18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
    FirewallRules: [{300544C8-A45F-473C-BF6E-B69106BBD518}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
    FirewallRules: [TCP Query User{7C9DBE65-76D8-4D25-B19D-4E0DA12E989E}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe
    FirewallRules: [UDP Query User{57CAD985-C0DA-4602-B307-2FA8ECB1FEFB}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe
    FirewallRules: [{083275FC-DF56-4BF0-B8F6-5B3295282F65}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{3727DC60-5123-4E27-9B81-B811DA5827D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{377DC8E0-99F1-450D-95DC-A1553B82A764}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{6396D7ED-D40E-4F8C-93D7-225ADDB1B822}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{2BDD0805-B813-49E8-8E94-690694F6F5B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeons and Dragons Online\TurbineInvoker.exe
    FirewallRules: [{1DC97F4B-75B6-4B01-89A6-4A3269CDF404}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeons and Dragons Online\TurbineInvoker.exe
    FirewallRules: [TCP Query User{8DC8EB89-D591-42C6-9028-549F66ABAA96}C:\users\eskew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eskew\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{A962C5C5-5160-45B6-84C4-CC9F2E1EDD87}C:\users\eskew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eskew\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{9FEFA130-AB38-4007-B567-B490FE298519}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\zanarisfate\garrysmod\hl2.exe
    FirewallRules: [{936DCAD8-D74E-48B4-95C7-49D68FFE5871}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\zanarisfate\garrysmod\hl2.exe
    FirewallRules: [{95088223-0492-4E09-9E66-5889E0CD9F98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MapleStory\nxsteam.exe
    FirewallRules: [{47B7A179-1C07-4B43-BCAD-96C16405A7F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MapleStory\nxsteam.exe
    FirewallRules: [TCP Query User{9D9C0F06-C16E-454F-A09F-2E0968EF1035}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{C696358D-8365-4F73-A157-117132A21691}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{15BA5031-0EE7-4A51-8E30-9ED70C2311FD}] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{1EB996D9-290A-41D4-9B6C-DDAE52609207}] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{B3B02E27-19A0-4D92-86B0-93BA62E08CCC}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{EF42FCEB-0A56-4D0D-BEAC-D500887EC822}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{CD219F44-BE23-408F-900A-9115E87CBA45}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
    FirewallRules: [{96EDE56A-911A-4F91-A032-87845EB91380}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
    FirewallRules: [{0CD0A5BA-26F9-4638-9CFA-F03A45B84F15}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{47CBF0FC-517B-4924-9A74-DE2EEC586D90}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{C764C2F2-16D8-4FB2-87C9-295876EBF6B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
    FirewallRules: [{2E48FB1D-D9CB-471E-9D18-E388E2A598B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
    FirewallRules: [{6EAB85AA-CA27-42BC-9191-22106EDA37B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
    FirewallRules: [{321ECD84-8543-40C8-8F55-15CD066F8421}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
    FirewallRules: [TCP Query User{82070E4A-4BCB-4769-959F-B8BF5948BAB4}C:\program files (x86)\steam\steamapps\zanarisfate\garrysmod\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\zanarisfate\garrysmod\hl2.exe
    FirewallRules: [UDP Query User{B6542556-E585-44B3-9DF4-85F55400BA1D}C:\program files (x86)\steam\steamapps\zanarisfate\garrysmod\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\zanarisfate\garrysmod\hl2.exe
    FirewallRules: [{F7954F26-32D2-4584-9FF3-25CDEF9E8DE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
    FirewallRules: [{767E7EA8-F930-480F-A4CD-EB530BB5055F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
    FirewallRules: [TCP Query User{A4C152BC-420C-404B-8829-B398C76BCA76}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{D7080420-50A9-487C-85DF-DFC60308863B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
    FirewallRules: [TCP Query User{046BEE4B-CA80-4EB5-ABCF-970030F376B7}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
    FirewallRules: [UDP Query User{53AF9705-1AAF-4974-B4C7-F2B2F52A8FF4}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
    FirewallRules: [{6F2FF07B-F3B5-4A0C-9EB7-63D4FD087684}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
    FirewallRules: [{AD6FFDF5-033A-48B0-A836-469824A8B338}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
    FirewallRules: [TCP Query User{E2C52AB1-8542-4A96-A3AC-FC3F03944A00}C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
    FirewallRules: [UDP Query User{FC211E3A-F862-4C68-8259-27557F111AFB}C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
    FirewallRules: [{CD6FDFD1-96E4-40A8-B2B2-8B032EAF5AA4}] => (Block) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
    FirewallRules: [{E441DB00-E00C-4923-B88C-35738BA3F3ED}] => (Block) C:\program files (x86)\steam\steamapps\common\magic the gathering tactics\mtgtactics.exe
    FirewallRules: [TCP Query User{D4B16E9D-FF24-41B5-846A-AC99347D4E68}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
    FirewallRules: [UDP Query User{1D9CBAD3-8477-4942-A73B-1FF6901C1CF0}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
    FirewallRules: [{3918B90C-99CA-4628-9484-C169043639AD}] => (Block) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
    FirewallRules: [{5C5CD840-490C-4C67-B883-1DB3778C4531}] => (Block) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
    FirewallRules: [TCP Query User{47E45C5A-FCB5-4B73-84A8-C5EB0DD971A9}C:\users\eskew\kag\kag.exe] => (Allow) C:\users\eskew\kag\kag.exe
    FirewallRules: [UDP Query User{7F0E2DF6-2F6B-41F8-AFB6-D42631E20861}C:\users\eskew\kag\kag.exe] => (Allow) C:\users\eskew\kag\kag.exe
    FirewallRules: [{110EDBBB-525D-4468-814B-6B0B00772DA0}] => (Block) C:\users\eskew\kag\kag.exe
    FirewallRules: [{F75C98CF-7E5F-4FFD-A505-94F1C490C0C8}] => (Block) C:\users\eskew\kag\kag.exe
    FirewallRules: [TCP Query User{777DE7FB-0F6F-4F84-93DC-AC58E79EEF75}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [UDP Query User{E32A2249-BCAE-4A1C-827E-F9E1820CED1F}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [{D96E8E8B-22F0-440B-9B89-909BB88390C6}] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [{A5CE8234-D717-4139-AE85-C5A216B242CD}] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [{1A109CF0-C1CF-4BE1-B517-13F1649BC3D0}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
    FirewallRules: [{FDA8BD91-761F-4781-9E30-083A725A9298}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
    FirewallRules: [{BC9ECEFB-42A5-40DA-87DB-DF5902E378E5}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
    FirewallRules: [{52304CCC-6D43-418E-8EEA-97187E7F0BD1}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
    FirewallRules: [{E512AB59-EF58-4107-90F9-E5113CC1CA06}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
    FirewallRules: [{F06EFD6C-40F0-45E1-8CD6-01B44670C6DF}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
    FirewallRules: [{6DE3B1AE-7E58-4C88-98C2-37D8F77B28C3}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
    FirewallRules: [{E5DAB6BD-8C91-4244-A06B-6357B33E0113}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
    FirewallRules: [{83FD3ADD-55AF-4231-AAB0-FE797016898B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{806B84E3-BDCC-447E-854C-43D815F14C0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{6C2DD3D1-7358-42FC-AFBC-B4F1098AFD02}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
    FirewallRules: [{2F482D6E-6530-4002-9A8C-495541F63D19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
    FirewallRules: [{2D175AD6-54C0-49C8-9853-8452FCC8C7FC}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe
    FirewallRules: [{73E103A8-4C47-4FEC-9B2C-69832C502F5B}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
    FirewallRules: [{9B5D6FC9-C1DE-4F53-ADCB-500161E895C3}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
    FirewallRules: [{C0D80DD9-23EF-428F-B54D-8135D23DB234}] => (Allow) LPort=26675
    FirewallRules: [{31430884-622E-4F15-862A-D4FD0E59D381}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
    FirewallRules: [{C1AE8BC7-AC94-4D7F-8CED-F742E79218F4}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
    FirewallRules: [{213E4368-D6D1-4513-AA0A-469899180459}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
    FirewallRules: [{E3DB1464-5CC6-447C-9E03-CA33847D412C}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
    FirewallRules: [TCP Query User{D28447DF-6261-4EC3-95E5-89DA95681564}C:\users\eskew\desktop\survivers_beta_3.exe] => (Allow) C:\users\eskew\desktop\survivers_beta_3.exe
    FirewallRules: [UDP Query User{310A90A6-C50E-4F2B-9027-F6951B655402}C:\users\eskew\desktop\survivers_beta_3.exe] => (Allow) C:\users\eskew\desktop\survivers_beta_3.exe
    FirewallRules: [{E39CC0DD-AA06-4CEB-8450-846B1A4036C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
    FirewallRules: [{37B52915-69F5-44F5-ABFD-3F37D434B467}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
    FirewallRules: [{093C521F-CFE7-4C88-BD14-D680D7339E82}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
    FirewallRules: [{7DBADAFE-67A0-4998-A6FA-CE40540BE374}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
    FirewallRules: [TCP Query User{C8AF1959-9DA9-4939-8115-0485E35E7BB7}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
    FirewallRules: [UDP Query User{5E0C3FA3-52B0-4A86-AAA5-45ECC89A67CB}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
    FirewallRules: [{328496CF-BC92-47B8-A144-B5DF314FE6A6}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
    FirewallRules: [TCP Query User{4B43DE08-66D7-416D-B426-C778CFAA08B8}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
    FirewallRules: [UDP Query User{78285864-8AA8-4209-B8D8-43C8CA8912BE}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
    FirewallRules: [{5DDA64F1-C0FD-420A-B5BE-1EDB6DF57BB4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
    FirewallRules: [{1BF002F2-DA63-4280-A638-A172917A30C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
    FirewallRules: [{611835FA-5AC0-4112-8FBD-448C7C490847}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{F0B0B6C7-285D-4FD0-BBFF-0D6BB0D27ABA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{4DE1DD98-CC2E-4580-A2FA-3D8B682F4830}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\Support\EA Help\Electronic_Arts_Technical_Support.htm
    FirewallRules: [{8269D734-8C8C-4046-9E5D-73F621E6063B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\Support\EA Help\Electronic_Arts_Technical_Support.htm
    FirewallRules: [{F92511A4-2E20-4112-9901-E2C7B9031D2B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{C6022C15-594E-495E-821E-1157BEABE48B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{BF861A46-2CBD-4B97-A9C2-E01FC2F9F243}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{DF077FEF-4869-432D-9FDD-B9736B2DF8EB}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{61A07A10-1EBB-488F-B3D2-69CE6AB7F4F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVR\tools\bin\win32\vrmonitor.exe
    FirewallRules: [{3799B790-F732-4A49-A1AA-3A50B797D6DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVR\tools\bin\win32\vrmonitor.exe
    FirewallRules: [{CCAD66F7-A59A-41F3-8E10-7B12A5673A3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
    FirewallRules: [{3E2C9F2B-C3D2-476F-9DAC-8027BEE0DBC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
    FirewallRules: [TCP Query User{1B47E641-47BA-499D-BAFF-53DD031CA322}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{02379281-1F29-4308-B3E5-8C2EA930DE43}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{CEAC703F-D40B-4020-AD40-43DC8F31456C}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{A762FE3A-E748-4E8F-A98F-E9C554F52C09}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{924DD697-036B-4728-B608-3681C5BD759F}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{3012E076-7E16-4CC6-AE99-21AEED75287D}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
    FirewallRules: [{3E0C1AB2-408A-4113-8731-C3EE85B6669F}] => (Block) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
    FirewallRules: [{6495C69E-4EA2-4A69-A562-CD30B2373EF1}] => (Block) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
    FirewallRules: [{3CE3A341-CE20-4FB5-9DD2-C85A526F4C45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
    FirewallRules: [{FBF7281B-9B4C-43DC-86A5-345EAEAFD4F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
    FirewallRules: [TCP Query User{A08CF092-B184-4E9E-AE43-BD1DC728D816}C:\users\eskew\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eskew\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [UDP Query User{FE90E4CA-D4DE-4967-9364-53B71C5CA7A4}C:\users\eskew\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eskew\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [TCP Query User{A6C80422-1FCC-49D9-8839-75324392D386}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{0185A545-410D-418E-AFF2-487D0FE7EB84}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
    FirewallRules: [{A936083E-A622-4E34-88B2-3C13425C8E6A}] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
    FirewallRules: [{13D4AFEE-153A-4311-877A-8EAF5B7E42F7}] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{9530A9FE-C412-45E2-B702-EC17FF2B3B2C}C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe] => (Allow) C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe
    FirewallRules: [UDP Query User{7B481E2E-44A0-44E0-ABEB-D78FE954DE15}C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe] => (Allow) C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe
    FirewallRules: [{0EA9F534-5B93-47B5-AE38-2F926FA9CFB0}] => (Block) C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe
    FirewallRules: [{8AA3277B-1624-40BB-90E2-228E9F34FB32}] => (Block) C:\users\eskew\appdata\local\roblox\versions\version-67ed345037f34a32\robloxstudiobeta.exe
    FirewallRules: [TCP Query User{1A13436D-371A-459F-842E-4A598E20EB96}C:\program files (x86)\byond\bin\byond.exe] => (Block) C:\program files (x86)\byond\bin\byond.exe
    FirewallRules: [UDP Query User{9FD3A9F0-8115-42EB-803C-D611D9134C4F}C:\program files (x86)\byond\bin\byond.exe] => (Block) C:\program files (x86)\byond\bin\byond.exe
    FirewallRules: [TCP Query User{76BFE78F-D568-4CD6-BFE5-50AAD968924D}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{FD1D51C9-F83C-474D-A63C-CAB983167A46}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{16D0F0C7-6BCD-4914-944E-24D95467AFBE}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [UDP Query User{7BC23BB1-63A9-4D55-9702-F5F80932A4BE}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
    FirewallRules: [TCP Query User{5ACDF0F1-5F15-4592-8C7B-E236C95CEAEB}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{C55DB5CE-69EA-401C-838E-B28B80567369}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{8BE2B8EA-3340-4779-88F0-612727485676}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{6433ADF4-9B68-477B-81F6-37DC1733696D}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
    FirewallRules: [{6BC1FEF1-BA47-42B3-8A52-4095930A5933}] => (Block) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
    FirewallRules: [{77D257B5-3FC8-42C8-84BC-C4EF41497423}] => (Block) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
    FirewallRules: [{7F6B48A8-EF36-46B1-BEF4-3726EA54E549}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [{D661BF6A-E758-410B-9944-FCDBD7488B3C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [TCP Query User{28CBD98A-36BA-4DA2-8CD8-07C3D5A905BE}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
    FirewallRules: [UDP Query User{F6183F2D-26BF-4A62-A1D1-4B66E7DDC310}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
    FirewallRules: [{83C119E7-D9E7-4A8D-856D-8BBC6D092B4F}] => (Block) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
    FirewallRules: [{C6696BCF-8CB6-401E-BD20-E2F8880638C2}] => (Block) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
    FirewallRules: [TCP Query User{03B2B9A9-6FED-41C6-98D8-D69B89C88492}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{C20ACDD2-1CA4-4F52-95AB-F12E13118EEE}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
    FirewallRules: [{1E3057F5-5F42-4A50-BDBE-AA809D8F54C7}] => (Block) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
    FirewallRules: [{6B1DB875-BC7D-48D7-8019-D30FEFD92F3E}] => (Block) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{034FCA97-A6E8-4A7F-804E-6EEA00994CAC}C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
    FirewallRules: [UDP Query User{A58DE83D-0845-4EC9-B742-40C4EEBAE269}C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
    FirewallRules: [{9F138F0A-89C3-41B0-B034-3690769F1F5E}] => (Block) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
    FirewallRules: [{7E66B2DC-872A-475D-A95D-FB720C8BFF65}] => (Block) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
    FirewallRules: [{B7894C23-2B3D-4880-ADCA-3F6FCA06CF92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\launcher\launcher.exe
    FirewallRules: [{5D566D00-8D6A-454C-BDA2-7871469A75E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\launcher\launcher.exe
    FirewallRules: [{FF1994C2-A54A-40DB-ACCD-1C80D543ED60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
    FirewallRules: [{8711C185-5CA7-4A61-923A-8938ED44A268}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
    FirewallRules: [{124830E5-34BB-4774-ADEC-8FF810184F04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
    FirewallRules: [{BC911937-3D8F-4B9D-B50C-84DC62C6B311}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
    FirewallRules: [TCP Query User{E2960BA0-DD73-49B0-BC8E-7620904C6D9F}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
    FirewallRules: [UDP Query User{8CFA3EF6-4F36-41E1-834B-0CD2599F20EA}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
    FirewallRules: [{C9B81486-F4B0-4A08-B84B-61985E25A0E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BloonsTD5\BTD5-Win.exe
    FirewallRules: [{C7F50363-F863-403A-BB6B-56D998F41DC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BloonsTD5\BTD5-Win.exe
    FirewallRules: [{73F2F37D-AE2F-42BD-8B93-359065102788}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned_BE.exe
    FirewallRules: [{7039607E-2151-4471-A793-7605E713B9C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned_BE.exe
    FirewallRules: [TCP Query User{0D309EFF-B512-4318-A9F2-C7DEB29A160E}C:\program files (x86)\byond\bin\dreamdaemon.exe] => (Allow) C:\program files (x86)\byond\bin\dreamdaemon.exe
    FirewallRules: [UDP Query User{DF03DCBB-B6EF-46A3-B2B7-8FEEEBFD462C}C:\program files (x86)\byond\bin\dreamdaemon.exe] => (Allow) C:\program files (x86)\byond\bin\dreamdaemon.exe
    FirewallRules: [{6F34D1E9-7DE4-4953-8B8D-3BAD36CCC1EF}] => (Block) C:\program files (x86)\byond\bin\dreamdaemon.exe
    FirewallRules: [{81108999-338E-45F8-B960-60379E87F9DD}] => (Block) C:\program files (x86)\byond\bin\dreamdaemon.exe
    FirewallRules: [{CA302790-6816-4039-B578-4280A1A3D427}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{2D0B1A92-D53E-441A-8EE4-6685D5C273B0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{5901C9E2-5C8C-440B-937B-897D7C7B7868}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TigerKnight_EW\frontend\bin\frontend.exe
    FirewallRules: [{7B4198B6-9C7A-4E17-B8A8-87B6051E306E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TigerKnight_EW\frontend\bin\frontend.exe
    FirewallRules: [{DCC09FAB-831D-4382-ABDD-1E96EB3DD99A}] => (Allow) %ProgramFiles% (x86)\BYOND\bin\byond.exe
    FirewallRules: [TCP Query User{630969BC-F554-432A-8915-454CF03BD6BF}C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{BD7EC8E3-3DFC-4FBD-86DB-0E8D1A89F03A}C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
    FirewallRules: [{6144D13C-D27F-4277-BDC0-74B421864ADE}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
    FirewallRules: [{A5A993E5-0833-46AD-B4FB-7E7A3FAA4473}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
    FirewallRules: [{C9915D56-EB44-4A36-8296-B5974775FEC6}] => (Allow) %ProgramFiles% (x86)\BYOND\bin\byond.exe
    FirewallRules: [TCP Query User{68F9479C-8ECE-47A4-872B-326A4F6C41D6}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
    FirewallRules: [UDP Query User{876F8F83-B114-4111-80D3-C6EF62AB704E}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
    FirewallRules: [{68807056-81EA-4751-B251-E1C9B7872B7F}] => (Block) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
    FirewallRules: [{C4CEAD7A-FDCB-4C4A-9FA3-F267D8699577}] => (Block) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
    FirewallRules: [TCP Query User{B462CF9E-F158-4651-B7A2-00E66EA1401F}C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe] => (Allow) C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe
    FirewallRules: [UDP Query User{316532B7-D328-40EA-BC18-E1C2B02ED040}C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe] => (Allow) C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe
    FirewallRules: [{F69029A8-B35D-4F16-B445-61A7AE89FB63}] => (Block) C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe
    FirewallRules: [{D2A789B9-52BF-4D81-AFE2-657AC3397518}] => (Block) C:\program files (x86)\gigantic_en\binaries\win64\rxgame-win64-shipping.exe
    FirewallRules: [TCP Query User{8F52D76F-B5B8-4E78-9E60-1AD65794A563}C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
    FirewallRules: [UDP Query User{CF27E9E1-E5B2-4A26-9831-E1D3EAF2F66C}C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
    FirewallRules: [{04CC1249-03F4-4A96-BD65-0078EBD1B2AF}] => (Block) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
    FirewallRules: [{3B541542-D4C4-4156-9274-BB613B82B02A}] => (Block) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
    FirewallRules: [{8505BB30-6615-42D6-851F-C2E78D3CBBE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
    FirewallRules: [{F46C1EFC-38F5-4826-8943-2F19087B4FE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
    FirewallRules: [TCP Query User{6DC022F6-439D-47DA-A425-5DAC9EB28B1B}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
    FirewallRules: [UDP Query User{24738233-C2F3-483E-A4A8-67929771E3B9}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
    FirewallRules: [{7B5CCD4C-60C8-4432-8A35-190366325241}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
    FirewallRules: [{42524318-0C4C-4E9D-84C0-527755A25965}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
    FirewallRules: [{7DDFC4C7-680F-4E2C-919A-8C38991FA4FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
    FirewallRules: [{F82552C4-937F-4547-86B9-9813CFD18D88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
    FirewallRules: [{D28FDF49-9D72-476F-B05A-937B6A907A96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
    FirewallRules: [{1F08E3D6-A3F2-4041-B67F-2D29EF2A0016}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
    FirewallRules: [{2BDDADFB-5712-446F-BF70-3D5A3556297D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DDDA\DDDA.exe
    FirewallRules: [{2C5B4878-D54A-4534-AB68-F8B85326A4F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DDDA\DDDA.exe
    FirewallRules: [{B7E2E8B9-429C-4EA9-A929-528790B78C37}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{0EAAFF90-D1FC-45F6-A9DF-DF3551F7A467}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{34F96366-62A8-4427-9A70-4F476662DA96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Waste Walkers\Game.exe
    FirewallRules: [{961270B8-9EA1-4338-9878-F0B1923CE962}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Waste Walkers\Game.exe
    FirewallRules: [{E936EBED-EB53-4E42-89D5-3FBCA2E73BE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
    FirewallRules: [{ED27A468-02C6-47DA-8EE9-C127A99F76ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
    FirewallRules: [{EA562D70-AA24-4836-85FD-4CD94C0FC945}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Interstellar Rift\Build\IR.exe
    FirewallRules: [{8DF3ABA3-AC57-4B0F-86B7-7935F7BC88D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Interstellar Rift\Build\IR.exe
    FirewallRules: [{6A00FB8F-9AE9-4CE0-B565-C4C064BF7DEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
    FirewallRules: [{252F0AB3-F305-45CA-87CA-76B1C40C5E78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
    FirewallRules: [{AFBE26DE-19C7-44AB-A600-1ACD81EEE0D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
    FirewallRules: [{06C22F12-028B-4CB5-9AF5-B80995CA0BFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
    FirewallRules: [TCP Query User{4CF5A4CA-F41C-4CF1-89F4-045A8E577B83}C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
    FirewallRules: [UDP Query User{F980D522-DC21-4033-843B-B292468981F4}C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
    FirewallRules: [{0ECA90B2-7664-496B-AE1E-7E662EF65F4C}] => (Block) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
    FirewallRules: [{16F787BA-D62E-4C0F-B1C7-3627E871E54F}] => (Block) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
    FirewallRules: [{19299D7C-7A9E-4A26-A4B2-39D8C8799F77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win32\UDK.exe
    FirewallRules: [{BEA5DE29-27EF-40D7-97E5-8F5D86BC73C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win32\UDK.exe
    FirewallRules: [{E611FC9D-5B0C-48ED-BCC9-E179080860EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win64\UDK.exe
    FirewallRules: [{183E4FAD-4760-4561-980A-2273AA54838F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\Win64\UDK.exe
    FirewallRules: [{9C1E133D-980E-4D7D-B8DC-ACB619C912C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
    FirewallRules: [{7537E661-B6E4-4E56-B6F6-EE638FFC878C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
    FirewallRules: [{374B0F5E-3260-4456-9E2A-39DFC96E3373}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Guild\guild.exe
    FirewallRules: [{BD7012FB-DF7B-4278-98E0-E59197239D4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Guild\guild.exe
    FirewallRules: [{C482EA72-8E2B-450F-9A13-BD1BF22ACA29}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
    FirewallRules: [{7431F277-B541-4F69-B7D8-460ADC435268}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
    FirewallRules: [{8B0BC301-124C-4BCC-9C4B-C63BE70B5F0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ASTRONEER Early Access\Astro.exe
    FirewallRules: [{6BAEF279-D0F4-423E-B3B6-CEE53C45C8CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ASTRONEER Early Access\Astro.exe
    FirewallRules: [TCP Query User{8EB2F3A4-0080-41FA-A1CB-077A9BBC93B5}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe
    FirewallRules: [UDP Query User{2AECA291-47C4-4E7C-B063-0F7F0F71483C}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe
    FirewallRules: [{FB7C0963-F8A8-4616-AB66-272E7EAF55EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe
    FirewallRules: [{16BFC85B-70E1-4177-BE41-E41C27690402}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe
    FirewallRules: [TCP Query User{BEB708A8-8BFF-4B52-AB83-1A56AD6D5699}C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe
    FirewallRules: [UDP Query User{2EBC3C13-1C7B-41C4-88E4-6DCCC6C2D2D0}C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe
    FirewallRules: [{7EF99EF8-B5D5-41BE-A66C-64E3F1154870}] => (Block) C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe
    FirewallRules: [{303AB1FB-8A2B-492B-B12A-B30129A1045D}] => (Block) C:\program files (x86)\steam\steamapps\common\lego worlds\lego_worlds_dx11.exe
    FirewallRules: [{074C2BDA-493D-49C0-BCCA-4582929F85E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Osiris\OsirisNewDawn.exe
    FirewallRules: [{731959A4-2953-4417-8356-F31F7A7D3251}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Osiris\OsirisNewDawn.exe
    FirewallRules: [TCP Query User{B2FD3F3D-05DD-4C52-8B5C-2BD97258555D}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [UDP Query User{700AD650-D8C0-4413-8268-4D58310E1C5F}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [{041734AD-28A2-4C21-8043-EE877EE31FBB}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [{7CF4B58F-3BB2-4DDB-A3C6-BB715DA9A6BD}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [{29FDDCAF-5B64-4A19-BBCC-472F52288182}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
    FirewallRules: [{A0D5AD22-FFE7-4174-9BFC-EA135EC15BB2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
    FirewallRules: [{6E120739-EF3D-45D0-89B1-D49B8EB61F71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
    FirewallRules: [{B714F92F-9757-4A2F-B4F9-474D3E6FAE6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
    FirewallRules: [{9F96FF1D-7414-4C46-9A93-4382EAF86A0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
    FirewallRules: [{08696AA0-45F7-4F9C-A811-41FCE092835F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
    FirewallRules: [{AA350F8C-580B-4A56-A09D-5C3DB98D8313}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
    FirewallRules: [{ACC8ADF2-D516-4941-90ED-2295FE48CC04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
    FirewallRules: [{6E107C1C-4128-43AB-AE75-09E18624628A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{B59F700F-03CF-418C-8E6B-0F6A9D65C225}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{F7035469-47C4-4AF6-ACBE-571E94E279C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Atlas Reactor\GlyphClient.exe
    FirewallRules: [{5C55D716-4F12-4112-A7FD-0073CC3E9C16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Atlas Reactor\GlyphClient.exe
    FirewallRules: [{D32AFE17-0DA8-4137-B1A3-C1C9F82E38DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe
    FirewallRules: [{A2BA9716-7848-4945-BA18-6A45DDC1FD07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe
    FirewallRules: [{DBFFB1FA-CC21-4313-A9E6-418FFC32B793}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{58E11E3D-EEF3-4963-9072-07D405533555}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{E8FBFF4C-0648-4222-89F9-25FBA6E8A548}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [{65FD705D-EF2F-4F85-BD64-08B170B822F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [{C3128996-66B1-4AC5-BDD9-007C82DDC81E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{CB290AA9-E0C4-48B9-958E-0028DE4CEB10}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{DD297620-EFC2-4499-AEFE-FED6B4F581A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [{242B5F55-95ED-456E-8B6E-9D3AECBF96C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [{AD230024-5504-4556-B293-725338646A7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
    FirewallRules: [{29E7BC81-A461-4315-9854-F9353B2205CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
    FirewallRules: [TCP Query User{80728A35-4F73-4D36-9A45-A40DDD93A664}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [UDP Query User{0B077690-6F69-48B0-BFF0-292538207D29}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [{4EC4DA67-CC20-477E-8569-CDD2651D5721}] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [{67F1CB20-6A51-479F-A01C-718C3DC5C0B2}] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [{4F33B127-7D52-41FC-A21E-B1DD9E68F0AF}] => (Allow) C:\WINDOWS\system32\rundll32.exe
    FirewallRules: [{A33ACC3B-E559-450F-A274-97113ACED80C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chronicle\WorkshopTool\WorkshopManager.exe
    FirewallRules: [{3703CE89-EEB1-414A-8C5A-C17A9A1E9828}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chronicle\WorkshopTool\WorkshopManager.exe
    FirewallRules: [{A6C0F87A-54C3-449C-995D-D0B40FD683FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\starbound.exe
    FirewallRules: [{CB86612A-D7E5-42A2-B677-00D96F259838}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\starbound.exe
    FirewallRules: [{F388882D-4F10-41FC-B729-BC280D73ED25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
    FirewallRules: [{B83126A5-69F9-4075-985A-5BB21DC25F27}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
    FirewallRules: [{4DFEF511-42E3-4B35-92B4-CF29E6B998C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
    FirewallRules: [{F2817B3E-7225-4C34-8DAC-C26897559322}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
    FirewallRules: [{3382F0CD-8DEE-4B7F-AB1B-8878FC441169}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win32\starbound.exe
    FirewallRules: [{58447B36-BEED-455A-A5B0-DDA19A02C547}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound\win32\starbound.exe
    FirewallRules: [{FBDF3CED-0F40-4568-A905-0A2DF5728A58}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{C0E1D93F-0FD9-4461-9876-414FAB482D6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
     
    ==================== Restore Points =========================
     
    21-02-2017 12:05:20 Move file to quarantine: winvmx client
    21-02-2017 12:08:54 Move file to quarantine: winscr
    23-02-2017 07:42:46 Removed Online.io Application
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (02/23/2017 10:36:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/23/2017 10:28:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/23/2017 10:26:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/23/2017 10:21:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/23/2017 10:21:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/23/2017 10:21:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/23/2017 10:21:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/23/2017 10:18:44 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819bf85
    Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.594, time stamp: 0x5850ccd3
    Exception code: 0xc000027b
    Fault offset: 0x00000000006d682b
    Faulting process id: 0x14f4
    Faulting application start time: 0x01d28de7e84dde62
    Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
    Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
    Report Id: a00d5ab8-77e7-4523-9fad-3571dffb912a
    Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy
    Faulting package-relative application ID: App
     
    Error: (02/23/2017 10:17:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ESKEWPC)
    Description: Activation of app Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (02/23/2017 08:08:57 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819bf85
    Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.594, time stamp: 0x5850ccd3
    Exception code: 0xc000027b
    Fault offset: 0x00000000006d682b
    Faulting process id: 0x50c
    Faulting application start time: 0x01d28dd18bf7a0de
    Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
    Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
    Report Id: 5efde801-e239-4e3e-8d20-1597fa8dae35
    Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy
    Faulting package-relative application ID: App
     
     
    System errors:
    =============
    Error: (02/23/2017 10:44:13 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
    Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}
     
    Error: (02/23/2017 10:44:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
    The dependency service or group failed to start.
     
    Error: (02/23/2017 10:44:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
    The dependency service or group failed to start.
     
    Error: (02/23/2017 10:44:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
    The dependency service or group failed to start.
     
    Error: (02/23/2017 10:44:01 AM) (Source: DCOM) (EventID: 10005) (User: ESKEWPC)
    Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
    {DD522ACC-F821-461A-A407-50B198B896DC}
     
    Error: (02/23/2017 10:41:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
    The dependency service or group failed to start.
     
    Error: (02/23/2017 10:41:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
    The dependency service or group failed to start.
     
    Error: (02/23/2017 10:41:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
    The dependency service or group failed to start.
     
    Error: (02/23/2017 10:41:51 AM) (Source: DCOM) (EventID: 10005) (User: ESKEWPC)
    Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
    {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
     
    Error: (02/23/2017 10:41:51 AM) (Source: DCOM) (EventID: 10005) (User: ESKEWPC)
    Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
    {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
     
     
    ==================== Memory info =========================== 
     
    Processor: AMD A10-7850K Radeon R7, 12 Compute Cores 4C+8G
    Percentage of memory in use: 7%
    Total physical RAM: 21443.7 MB
    Available physical RAM: 19809.88 MB
    Total Virtual: 24643.7 MB
    Available Virtual: 23199.15 MB
     
    ==================== Drives ================================
     
    Drive c: (OS) (Fixed) (Total:912.18 GB) (Free:217.79 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (Recovery Image) (Fixed) (Total:17.07 GB) (Free:2.08 GB) NTFS ==>[system with boot components (obtained from drive)]
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: ABF53763)
     
    Partition: GPT.
     
    ==================== End of Addition.txt ============================
     
    Process explorer file:
     
    Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
    System Idle Process 92.77 0 K 4 K 0
    procexp64.exe 3.01 23,788 K 57,228 K 2848 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
    csrss.exe 1.54 1,396 K 5,428 K 556
    Interrupts 1.23 0 K 0 K n/a Hardware Interrupts and DPCs
    dwm.exe 1.20 27,964 K 53,544 K 84 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
    System 0.20 128 K 932 K 4
    explorer.exe 0.02 41,572 K 103,752 K 1808 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
    hamachi-2.exe 0.01 2,916 K 13,244 K 1508 Hamachi Client Tunneling Engine LogMeIn Inc. (Verified) LogMeIn
    chrome.exe 0.01 79,960 K 125,340 K 2120 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 0.01 98,488 K 120,092 K 3344 Google Chrome Google Inc. (Verified) Google Inc
    services.exe < 0.01 3,852 K 6,824 K 684
    svchost.exe < 0.01 3,364 K 8,736 K 852 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe < 0.01 6,724 K 16,296 K 468 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    LMIGuardianSvc.exe < 0.01 1,704 K 8,448 K 1680 LMIGuardianSvc LogMeIn, Inc. (Verified) LogMeIn
    WmiPrvSE.exe 1,988 K 8,408 K 4076 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
    winlogon.exe 2,164 K 9,260 K 612 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
    wininit.exe 1,248 K 5,304 K 548
    svchost.exe 6,604 K 20,496 K 784 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 10,404 K 14,724 K 952 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 15,880 K 26,088 K 1164 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 3,432 K 9,328 K 408 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 10,144 K 23,248 K 1000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 5,412 K 17,476 K 1424 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 1,188 K 5,480 K 396 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 1,292 K 5,640 K 896 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    svchost.exe 1,644 K 7,072 K 1756 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
    smss.exe 424 K 1,224 K 372
    smartscreen.exe 8,356 K 14,712 K 3596 SmartScreen Microsoft Corporation (Verified) Microsoft Windows
    sihost.exe 4,604 K 20,992 K 1460 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
    ShellExperienceHost.exe Suspended 28,336 K 62,984 K 2548 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
    SearchUI.exe Suspended 41,464 K 88,436 K 2804 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
    procexp.exe 2,712 K 9,736 K 580 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
    notepad.exe 2,908 K 16,764 K 2932 Notepad Microsoft Corporation (Verified) Microsoft Windows
    MsMpEng.exe 81,112 K 50,368 K 1452
    lsass.exe 4,560 K 12,960 K 700 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
    HelpPane.exe 3,632 K 20,796 K 2880 Microsoft Help and Support Microsoft Corporation (Verified) Microsoft Windows
    dllhost.exe 6,468 K 15,068 K 2064 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
    ctfmon.exe 2,112 K 10,804 K 2104 CTF Loader Microsoft Corporation (Verified) Microsoft Windows
    csrss.exe 1,188 K 3,828 K 476
    chrome.exe 112,976 K 113,416 K 3188 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 3,284 K 8,536 K 1436 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 2,904 K 9,344 K 2296 Google Chrome Google Inc. (Verified) Google Inc
     

    • 0

    #10
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,017 posts
    • MVP

    The virus is not active in Safe Mode with Networking but it still won't let FRST remove it.  I see you are familiar with msconfig so let's see if it lets us uncheck the entries.

     

    Search for

     

    msconfig

     

    hit Enter.

     

    Under Startup uncheck:

    cpx
    svcvmx
     
    Apply.  Does it say it can't do it?
     
    Under Services
     
    uncheck: 
     
    drmkpro64
    Dataup
     
    Apply.
     
    If you don't find one or both of the above then Search for:
     
    device manager
    hit Enter
    View, Show Hidden Devices
     
    Click on the arrow in front of Non-Plug & Play Devices.
     
    See if you find either there.  Right click and Disable.
     
    Reboot back into Safe Mode with Networking.
     
    search for:
     
    task scheduler
    hit Enter
     
    This will bring up the task scheduler.  Click on Task Scheduler Library and look in the middle pane.  You should see a list of tasks.  See if you can find one that looks like:
     
     {3CB8C14F-58BC-4B18-B360-3255709C654C} or Online Application v209 Guard 
     {4C8BE195-6011-48A1-98C0-1AA1935C5EBA} or Online Application v209 Guardian
     
    If you find them right click on each and Disable.
     
    If you were able to uncheck any of the virus entries in msconfig then give me another FRST scan.
     
    How are you at working with the registry?  Have you ever used regedit?  I think we may have to go in to the registry and take ownership of some of the keys in order to delete the virus.
     
     

    • 0

    Advertisements


    #11
    Zanarisfate

    Zanarisfate

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts

    I wasn't able to disable startup for cpx and svcvmx.

    I was only able to find dataup under services and it is unchecked now.

    I could not find non plug and play devices in device manager.

    In task scheduler I found the task but when I tried to disable them it told me they no longer exist.

    I don't not have any experience with working with my registry or regedit.

     

    FRST.txt:

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2017 01
    Ran by Eskew (administrator) on ESKEWPC (23-02-2017 14:15:03)
    Running from C:\Users\Eskew\Desktop\New folder (5)
    Loaded Profiles: Eskew (Available Profiles: Eskew)
    Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    () C:\Program Files (x86)\dataup\dataup.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
    (Thermaltake) C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS VENTUS Mouse\VentusMonitor.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    () C:\Program Files (x86)\svcvmx\svcvmx.exe
    () C:\Program Files (x86)\svcvmx\vmxclient.exe
    () C:\Program Files (x86)\svcvmx\vmxclient.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    () C:\Program Files (x86)\svcvmx\vmxclient.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Eskew\AppData\Local\Google\Chrome\Application\chrome.exe
    () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    () C:\Program Files (x86)\svcvmx\vmxclient.exe
     
    ==================== Registry (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
    HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-03] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-17] (Microsoft Corporation)
    HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
    HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-20] (AVG Technologies CZ, s.r.o.)
    HKLM\...\Run: [Malwarebytes TrayApp] => C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
    HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
    HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-07-12] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
    HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Tt eSPORTS VENTUS Gaming Mouse] => C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS VENTUS Mouse\VentusMonitor.exe [135976 2014-10-07] (Thermaltake)
    HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
    HKLM-x32\...\Run: [cpx] => "C:\Program Files (x86)\cpx\cpx.exe" -starup <===== ATTENTION
    HKLM-x32\...\Run: [svcvmx] => C:\Program Files (x86)\svcvmx\svcvmx.exe [896512 2017-01-13] ()
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Spotify Web Helper] => C:\Users\Eskew\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2017-02-02] (Spotify Ltd)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3018528 2017-02-22] (Valve Corporation)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Free Mahjong Games] => C:\Users\Eskew\AppData\Local\WebPlayer\Free Mahjong Games\WebPlayer.exe
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Google Update] => C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-16] (Google Inc.)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [Discord] => C:\Users\Eskew\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334528 2016-12-24] (Echobit LLC)
    HKU\S-1-5-18\...\Run: [] => [X]
    HKLM\...\Providers\Internet Print Provider: inetpp.dll
    HKLM\...\Providers\LanMan Print Services: win32spl.dll
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-19] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-19] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-19] ()
    Startup: C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2014-05-02]
    ShortcutTarget: Curse.lnk -> C:\Users\Eskew\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Tcpip\..\Interfaces\{ac6afb3d-8517-44c6-9431-c73322cdde42}: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{f773b07c-b721-4cce-a715-00099922e7cf}: [DhcpNameServer] 192.168.137.1
     
    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK13/1
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1
    HKU\S-1-5-21-105371738-2419289027-4122941235-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
    SearchScopes: HKLM -> {8270C55B-56AB-4326-AAFF-BA98AB9618B0} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    SearchScopes: HKLM-x32 -> {8270C55B-56AB-4326-AAFF-BA98AB9618B0} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {8270C55B-56AB-4326-AAFF-BA98AB9618B0} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKU\S-1-5-21-105371738-2419289027-4122941235-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-19] (Oracle Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-19] (Oracle Corporation)
    BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
    BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2015-05-04] (PasswordBox, Inc.)
    BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2016-10-21] (Perfect World Entertainment Inc)
    Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Eskew\AppData\Roaming\Mozilla\Firefox\Profiles\w9d9e7sw.default [2017-02-23]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\PasswordBox\Firefox
    FF Extension: (PasswordBox) - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-21] [not signed]
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-16] ()
    FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-19] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-19] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-07-12] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-16] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2016-10-21] (Perfect World Entertainment Inc)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-07-12] (Adobe Systems)
    FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [2008-07-08] (BYOND)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Eskew\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-04] (Citrix Online)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @nsroblox.roblox.com/launcher -> C:\Users\Eskew\AppData\Local\Roblox\Versions\version-8756646edb404aaf\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Eskew\AppData\Local\Roblox\Versions\version-8756646edb404aaf\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-105371738-2419289027-4122941235-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Eskew\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-15] (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll [2008-07-08] (BYOND)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
     
    Chrome: 
    =======
    CHR DefaultProfile: Profile 1
    CHR HomePage: Profile 1 -> hxxps://www.google.com/webhp?hl=en&tab=ww
    CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/"
    CHR Plugin: (Shockwave Flash) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => No File
    CHR Plugin: (Native Client) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\Eskew\AppData\Local\Google\Chrome\Application\56.0.2924.87\pdf.dll => No File
    CHR Plugin: (Norton Confidential) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll => No File
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
    CHR Plugin: (Java™ Platform SE 7 U10) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
    CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => No File
    CHR Plugin: (Windows LiveÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll => No File
    CHR Plugin: (Java Deployment Toolkit 7.0.100.18) - C:\windows\SysWOW64\npDeployJava1.dll => No File
    CHR Profile: C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default [2017-02-23]
    CHR Extension: (Video Deck for YouTube™) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpoakikepagdiphlmfaeifpojdmbnegj [2014-06-20]
    CHR Extension: (AVG SafeGuard) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-05-08]
    CHR Extension: (Google Wallet) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-18]
    CHR Profile: C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-02-23]
    CHR Extension: (AdBlock) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-16]
    CHR Extension: (TweetDeck by Twitter) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-11-15]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
    CHR Extension: (Chrome Media Router) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
    CHR Extension: (Space Planet) - C:\Users\Eskew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppcocpoeoiajndepaaimnnglicichmbb [2016-05-04]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
     
    ==================== Services (Whitelisted) ====================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
    S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88024 2016-10-21] (Perfect World Entertainment Inc)
    S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1256872 2017-02-20] (AVG Technologies CZ, s.r.o.)
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-21] ()
    R2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
    S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395024 2016-12-07] (EasyAntiCheat Ltd)
    S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2016-12-24] (Echobit LLC)
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-03] (NVIDIA Corporation)
    R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
    U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-10] (Hi-Rez Studios) [File not signed]
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
    S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
    R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-03] (NVIDIA Corporation)
    R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-03] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-03] (NVIDIA Corporation)
    R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
    R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
    S2 qdcomsvc; "C:\Program Files (x86)\qdcomsvc\qdcomsvc.exe" /svc [X]
    S2 windowsmanagementservice; C:\Users\Eskew\AppData\Local\Temp\20170220\ct.exe [X] <==== ATTENTION <==== ATTENTION
     
    ===================== Drivers (Whitelisted) ======================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.)
    R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.)
    S2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
    R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
    R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
    S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3778592 2015-11-26] (C-MEDIA)
    R1 drmkpro64; C:\WINDOWS\System32\drivers\drmkpro64.sys [53832 2017-02-20] () [File not signed]
    R3 EvolveVirtualAdapter; C:\WINDOWS\system32\DRIVERS\evolve.sys [21656 2013-02-13] (Echobit, LLC)
    S3 GVTDrv64; C:\WINDOWS\GVTDrv64.sys [30528 2015-07-30] ()
    R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
    S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-03] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-06-03] (NVIDIA Corporation)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
    R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
    R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
    R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
    S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
    R3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
    R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2017-02-23 14:12 - 2017-02-23 14:12 - 00002718 _____ C:\WINDOWS\System32\Tasks\Online Application v209 Guardian
    2017-02-23 14:12 - 2017-02-23 14:12 - 00002712 _____ C:\WINDOWS\System32\Tasks\Online Application v209 Guard
    2017-02-23 10:47 - 2017-02-23 10:47 - 00004250 _____ C:\Users\Eskew\Desktop\System Idle Process.txt
    2017-02-23 10:28 - 2017-02-23 14:04 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
    2017-02-23 10:12 - 2017-02-23 10:12 - 00004578 _____ C:\Users\Eskew\Downloads\fixlist (1).txt
    2017-02-23 07:45 - 2017-02-23 07:45 - 00000000 ____D C:\Users\Eskew\AppData\Local\AdvinstAnalytics
    2017-02-23 07:44 - 2017-02-23 07:44 - 00000000 ____D C:\Users\Eskew\Desktop\Process Explorer
    2017-02-22 18:53 - 2017-02-22 18:56 - 00161162 _____ C:\Users\Eskew\Desktop\Addition.txt
    2017-02-22 18:50 - 2017-02-22 18:56 - 00049634 _____ C:\Users\Eskew\Desktop\FRST.txt
    2017-02-22 18:44 - 2017-02-23 07:38 - 00000000 ____D C:\Users\Eskew\AppData\Local\llssoft
    2017-02-22 18:35 - 2017-02-22 18:43 - 00035517 _____ C:\Users\Eskew\Desktop\Fixlog.txt
    2017-02-22 18:34 - 2017-02-23 14:15 - 00000000 ____D C:\Users\Eskew\Desktop\New folder (5)
    2017-02-22 18:34 - 2017-02-22 18:34 - 00028300 _____ C:\Users\Eskew\Downloads\fixlist.txt
    2017-02-22 16:30 - 2017-02-22 16:30 - 00115244 _____ C:\Users\Eskew\Downloads\Shortcut.txt
    2017-02-22 16:26 - 2017-02-22 16:30 - 00173134 _____ C:\Users\Eskew\Downloads\Addition.txt
    2017-02-22 16:22 - 2017-02-22 16:30 - 00140036 _____ C:\Users\Eskew\Downloads\FRST.txt
    2017-02-22 16:21 - 2017-02-23 14:15 - 00000000 ____D C:\FRST
    2017-02-22 16:20 - 2017-02-22 16:20 - 01663040 _____ (Malwarebytes) C:\Users\Eskew\Downloads\JRT.exe
    2017-02-22 14:53 - 2017-02-22 14:53 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Eskew\Downloads\rkill64.com
    2017-02-22 14:49 - 2017-02-22 14:49 - 01663040 _____ (Malwarebytes) C:\Users\Eskew\Downloads\4.exe
    2017-02-22 14:48 - 2017-02-22 14:49 - 05659775 _____ (Swearware) C:\Users\Eskew\Downloads\5.exe
    2017-02-22 14:09 - 2017-02-22 16:57 - 00000000 ____D C:\AdwCleaner
    2017-02-22 14:09 - 2017-02-22 14:09 - 04015056 _____ C:\Users\Eskew\Downloads\AdwCleaner.exe
    2017-02-22 14:07 - 2017-02-22 14:07 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Eskew\Downloads\rkill.com
    2017-02-22 14:01 - 2017-02-22 14:01 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Eskew\Downloads\spybot-2.4-1.exe
    2017-02-21 15:34 - 2017-02-21 15:34 - 55566792 _____ (Malwarebytes ) C:\Users\Eskew\Downloads\mb3-setup-consumer-3.0.6.1469 (1).exe
    2017-02-21 15:34 - 2017-02-21 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-02-21 15:34 - 2017-02-21 15:34 - 00000000 ____D C:\ProgramData\Malwarebytes
    2017-02-21 15:34 - 2017-02-21 15:34 - 00000000 ____D C:\Program Files\Malwarebytes
    2017-02-21 15:34 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
    2017-02-21 15:18 - 2017-02-21 15:18 - 00000000 ____D C:\WINDOWS\Panther
    2017-02-21 12:49 - 2017-02-21 12:49 - 00003232 _____ C:\WINDOWS\System32\Tasks\{85C1A459-4CC3-41EF-8702-6EAA011491A5}
    2017-02-21 12:29 - 2017-02-23 14:09 - 00000000 ____D C:\Program Files (x86)\svcvmx
    2017-02-21 12:29 - 2017-02-21 12:29 - 00000000 ____D C:\Program Files (x86)\winscr
    2017-02-21 11:58 - 2017-02-21 12:56 - 00000000 ____D C:\ProgramData\SecTaskMan
    2017-02-21 11:58 - 2017-02-21 11:58 - 02967592 _____ C:\Users\Eskew\Downloads\SecurityTaskManager_Setup.exe
    2017-02-21 11:58 - 2017-02-21 11:58 - 00001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
    2017-02-21 11:58 - 2017-02-21 11:58 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
    2017-02-21 11:58 - 2017-02-21 11:58 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
    2017-02-21 11:50 - 2017-02-21 11:50 - 00000000 ____D C:\ProgramData\LHService
    2017-02-21 11:49 - 2017-02-21 11:49 - 00000000 ____D C:\ProgramData\LockHunter
    2017-02-21 11:47 - 2017-02-21 12:47 - 00000000 ____D C:\Program Files\LockHunter
    2017-02-21 11:47 - 2017-02-21 11:47 - 03029032 _____ (Crystal Rich Ltd ) C:\Users\Eskew\Downloads\lockhuntersetup_3-1-1.exe
    2017-02-21 11:47 - 2017-02-21 11:47 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\LockHunter
    2017-02-21 11:37 - 2017-02-21 11:37 - 04615856 _____ (Enigma Software Group USA, LLC.) C:\Users\Eskew\Downloads\SpyHunter-Installer.exe
    2017-02-21 11:29 - 2017-02-21 11:29 - 00346112 _____ C:\Users\Eskew\Downloads\Unlocker 1.9.2.msi
    2017-02-21 11:11 - 2017-02-21 11:11 - 00000000 ____D C:\WINDOWS\pss
    2017-02-21 10:38 - 2017-02-21 10:39 - 55566792 _____ (Malwarebytes ) C:\Users\Eskew\Downloads\mb3-setup-consumer-3.0.6.1469.exe
    2017-02-21 10:35 - 2017-02-21 10:35 - 01920725 _____ C:\Users\Eskew\Downloads\ProcessExplorer.zip
    2017-02-21 10:26 - 2017-02-21 11:43 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
    2017-02-21 10:25 - 2017-02-21 10:25 - 03449304 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Eskew\Downloads\AVG_Protection_Free_1606.exe
    2017-02-21 10:24 - 2017-02-21 10:25 - 09261616 _____ (Piriform Ltd) C:\Users\Eskew\Downloads\ccsetup527.exe
    2017-02-20 14:55 - 2017-02-20 14:55 - 00053832 _____ C:\WINDOWS\system32\Drivers\drmkpro64.sys
    2017-02-20 14:40 - 2017-02-21 10:25 - 00000000 ____D C:\Users\Eskew\AppData\Local\cpx
    2017-02-20 12:34 - 2017-02-20 12:34 - 00006549 _____ C:\WINDOWS\TEMPcoral.vbs
    2017-02-20 12:34 - 2017-02-20 12:34 - 00000000 ____D C:\Program Files (x86)\dataup
    2017-02-18 17:14 - 2017-02-18 17:14 - 00004627 _____ C:\Users\Eskew\Downloads\download.jpeg
    2017-02-17 11:58 - 2017-02-17 11:58 - 00921656 _____ C:\Users\Eskew\Downloads\PSOGL2_003.bmp
    2017-02-16 19:28 - 2017-02-16 19:28 - 20359768 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
    2017-02-16 15:29 - 2017-02-16 15:30 - 00000000 ____D C:\Users\Eskew\Desktop\New folder (4)
    2017-02-16 15:29 - 2017-02-16 15:29 - 00902799 _____ C:\Users\Eskew\Downloads\ePSXe1925.zip
    2017-02-16 15:27 - 2017-02-16 15:28 - 04198111 _____ C:\Users\Eskew\Downloads\ePSXe PACK.7z
    2017-02-16 15:18 - 2017-02-16 15:18 - 01381554 _____ C:\Users\Eskew\Downloads\ePSXe205 (1).zip
    2017-02-16 15:13 - 2017-02-16 15:13 - 00081186 _____ C:\Users\Eskew\Downloads\zlib123-dll.zip
    2017-02-16 15:11 - 2017-02-16 15:11 - 00034093 _____ C:\Users\Eskew\Downloads\spupeopsdsound109.zip
    2017-02-16 15:10 - 2017-02-16 15:10 - 00173093 _____ C:\Users\Eskew\Downloads\gpupeteogl208.zip
    2017-02-16 15:10 - 2017-02-16 15:10 - 00060490 _____ C:\Users\Eskew\Downloads\cdrpeops104.zip
    2017-02-16 15:07 - 2017-02-16 15:07 - 00241658 _____ C:\Users\Eskew\Downloads\SCPH1001 (1).zip
    2017-02-16 15:06 - 2017-02-16 15:06 - 00529265 _____ C:\Users\Eskew\Downloads\epsxe170.zip
    2017-02-16 15:01 - 2017-02-16 15:01 - 08142173 _____ C:\Users\Eskew\Downloads\ePSXe 1.7.0(Best One Yet)-776.rar
    2017-02-16 14:56 - 2017-02-16 14:56 - 00169473 _____ C:\Users\Eskew\Downloads\Pcsx-1.5-218.zip
    2017-02-16 14:47 - 2017-02-16 14:47 - 154415677 _____ C:\Users\Eskew\Downloads\Digimon World (E) [SLES-02914].7z
    2017-02-16 14:39 - 2017-02-16 14:40 - 00241658 _____ C:\Users\Eskew\Downloads\SCPH1001.zip
    2017-02-16 14:36 - 2017-02-16 14:36 - 01381554 _____ C:\Users\Eskew\Downloads\ePSXe205.zip
    2017-02-08 17:23 - 2017-02-08 17:23 - 00000000 ____D C:\Program Files (x86)\VulkanRT
    2017-02-08 17:23 - 2016-12-29 07:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
    2017-02-08 17:23 - 2016-09-09 13:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
    2017-02-08 17:23 - 2016-09-09 13:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
    2017-02-08 17:23 - 2016-09-09 13:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
    2017-02-08 17:23 - 2016-09-09 13:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
    2017-02-08 17:22 - 2016-12-29 08:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
    2017-01-31 19:37 - 2017-01-31 19:37 - 01431746 _____ C:\Users\Eskew\Downloads\SMAPI-1.7 (1).zip
    2017-01-31 19:36 - 2017-01-31 19:36 - 00165868 _____ C:\Users\Eskew\Downloads\1.11-MakeshiftMultiplyer-0.2.10.zip-501-0-2-10.zip
    2017-01-31 19:30 - 2017-01-31 19:30 - 00000000 ____D C:\Users\Eskew\Desktop\New folder (3)
    2017-01-31 19:29 - 2017-01-31 19:29 - 01431746 _____ C:\Users\Eskew\Downloads\SMAPI-1.7.zip
    2017-01-29 08:02 - 2017-01-29 08:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
    2017-01-26 09:44 - 2017-01-26 09:44 - 00262144 ____N C:\WINDOWS\Minidump\012617-34921-01.dmp
    2017-01-26 09:44 - 2017-01-26 09:44 - 00000000 ____D C:\WINDOWS\Minidump
    2017-01-25 16:25 - 2016-12-21 02:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
    2017-01-25 16:25 - 2016-12-20 23:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
    2017-01-25 01:29 - 2017-01-25 01:29 - 09405464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 02463256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00768024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00476696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00420376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
    2017-01-25 01:29 - 2017-01-25 01:29 - 00266256 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00158336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00121368 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00118800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00100888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00077848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
    2017-01-25 01:29 - 2017-01-25 01:29 - 00038416 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00488496 _____ C:\WINDOWS\system32\amdmiracast.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00166408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00162216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
    2017-01-25 01:28 - 2017-01-25 01:28 - 00130224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2017-02-23 14:08 - 2016-10-17 08:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-02-23 14:08 - 2016-10-17 07:45 - 00000000 ____D C:\ProgramData\NVIDIA
    2017-02-23 14:08 - 2014-11-02 09:09 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
    2017-02-23 14:07 - 2016-07-16 01:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
    2017-02-23 14:03 - 2016-10-17 07:43 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
    2017-02-23 13:52 - 2012-12-23 18:03 - 00000000 ____D C:\Program Files (x86)\Steam
    2017-02-23 13:05 - 2016-10-17 07:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-02-23 10:33 - 2012-12-23 17:42 - 00000000 ____D C:\Users\Eskew\AppData\LocalLow\Temp
    2017-02-23 10:19 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2017-02-23 10:18 - 2013-01-17 19:19 - 00000000 ____D C:\Users\Eskew\AppData\Local\CrashDumps
    2017-02-23 10:15 - 2016-10-17 07:48 - 00000000 ____D C:\Users\Eskew
    2017-02-23 10:13 - 2014-03-29 10:34 - 00000000 ____D C:\Users\Eskew\AppData\Local\Battle.net
    2017-02-23 09:30 - 2015-02-27 21:11 - 00000000 ____D C:\Program Files (x86)\Diablo III
    2017-02-23 08:49 - 2015-12-14 16:01 - 00562216 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
    2017-02-23 08:29 - 2014-09-03 13:24 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2017-02-23 07:44 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
    2017-02-23 07:43 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
    2017-02-23 07:40 - 2013-02-02 22:13 - 00000000 ____D C:\Users\Eskew\AppData\Local\Adobe
    2017-02-22 18:42 - 2013-07-30 19:46 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecontrol for Minecraft
    2017-02-22 17:19 - 2013-07-12 09:57 - 00000000 ____D C:\WINDOWS\system32\MRT
    2017-02-22 17:15 - 2012-12-26 07:48 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2017-02-22 14:26 - 2013-06-21 12:09 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Mahjong Games
    2017-02-22 13:59 - 2015-02-27 20:51 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
    2017-02-22 12:14 - 2016-09-05 06:32 - 00000000 ____D C:\Users\Eskew\AppData\Local\ftblauncher
    2017-02-22 11:02 - 2016-09-05 06:32 - 00000000 ____D C:\ftb
    2017-02-21 17:45 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
    2017-02-21 15:01 - 2013-11-18 18:45 - 00000000 __RDO C:\Users\Eskew\SkyDrive
    2017-02-21 12:52 - 2016-08-04 18:55 - 00000000 ____D C:\Users\Eskew\AppData\Local\Citrix
    2017-02-21 12:52 - 2013-06-25 09:49 - 00000000 ____D C:\ProgramData\HappyCloud
    2017-02-21 12:31 - 2015-10-30 06:06 - 00000000 ____D C:\ProgramData\Avg
    2017-02-21 12:31 - 2014-10-04 17:01 - 00000000 ____D C:\Program Files (x86)\AVG
    2017-02-21 12:29 - 2015-10-30 06:05 - 00000000 ____D C:\Users\Eskew\AppData\Local\AvgSetupLog
    2017-02-21 08:11 - 2016-10-17 08:28 - 00003240 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForEskew
    2017-02-20 12:34 - 2015-04-16 08:23 - 00000000 ____D C:\Program Files (x86)\Minecraft
    2017-02-20 12:32 - 2013-10-31 08:11 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\CyberLink
    2017-02-17 13:53 - 2016-09-05 06:32 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\ftblauncher
    2017-02-17 13:53 - 2015-06-16 16:40 - 00000000 ___RD C:\Users\Eskew\Desktop\Games
    2017-02-16 19:28 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2017-02-16 19:28 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
    2017-02-16 07:49 - 2013-01-19 12:07 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Skype
    2017-02-15 09:51 - 2016-05-06 15:15 - 00000000 ____D C:\Program Files (x86)\Overwatch
    2017-02-12 15:36 - 2015-04-16 08:24 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\.minecraft
    2017-02-08 17:24 - 2016-10-17 07:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-02-08 17:24 - 2016-07-05 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2017-02-08 17:23 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
    2017-02-08 17:22 - 2016-10-17 07:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2017-02-08 17:22 - 2016-10-17 07:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-02-08 17:22 - 2016-07-05 07:09 - 00000000 ____D C:\Users\Eskew\AppData\Local\NVIDIA Corporation
    2017-02-08 06:39 - 2015-12-22 07:51 - 00000000 ____D C:\ProgramData\AMD
    2017-02-06 17:23 - 2013-08-21 17:10 - 00002494 _____ C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-02-06 14:48 - 2016-07-16 06:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2017-02-06 14:48 - 2016-07-16 06:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2017-02-04 19:27 - 2015-03-18 08:29 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\OBS
    2017-02-03 17:57 - 2014-08-29 14:03 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
    2017-02-02 16:46 - 2013-05-03 14:34 - 00000000 ____D C:\Users\Eskew\AppData\Local\Spotify
    2017-02-02 16:44 - 2013-05-03 14:32 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\Spotify
    2017-02-02 08:44 - 2014-06-23 10:50 - 00000000 ____D C:\Program Files (x86)\StarCraft II
    2017-02-02 08:18 - 2016-09-27 15:29 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\discord
    2017-01-31 19:50 - 2016-03-16 07:22 - 00000000 ____D C:\Users\Eskew\AppData\Roaming\StardewValley
    2017-01-29 08:01 - 2016-10-17 07:43 - 00000000 ____D C:\Program Files\AMD
    2017-01-28 11:36 - 2014-03-22 12:55 - 00000000 ____D C:\AMD
    2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\SET5280.tmp
    2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\coinst_16.40.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00643096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00310808 _____ C:\WINDOWS\system32\dgtrayicon.exe
    2017-01-25 01:29 - 2016-10-26 00:04 - 00293400 _____ C:\WINDOWS\system32\GameManager64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00287248 _____ C:\WINDOWS\system32\clinfo.exe
    2017-01-25 01:29 - 2016-10-26 00:04 - 00285720 _____ C:\WINDOWS\system32\hsa-thunk64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00248344 _____ C:\WINDOWS\system32\atieah64.exe
    2017-01-25 01:29 - 2016-10-26 00:04 - 00239128 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00178200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00154648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00147480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00128536 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
    2017-01-25 01:29 - 2016-10-26 00:04 - 00084504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 07589400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 02150928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\SET4C27.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00541208 _____ (AMD) C:\WINDOWS\system32\SET45E2.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00541208 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
    2017-01-25 01:29 - 2016-09-13 21:08 - 00305176 _____ (AMD) C:\WINDOWS\system32\SET46DE.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00305176 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
    2017-01-25 01:29 - 2016-09-13 21:08 - 00258072 _____ C:\WINDOWS\SysWOW64\SET5071.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00258072 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00251416 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00226328 _____ C:\WINDOWS\SysWOW64\atieah32.exe
    2017-01-25 01:29 - 2016-09-13 21:08 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET4740.tmp
    2017-01-25 01:29 - 2016-09-13 21:08 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00193560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00153112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00145952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00135704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00130584 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00126488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00107544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
    2017-01-25 01:29 - 2016-09-13 21:08 - 00038424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
    2017-01-25 01:28 - 2016-10-26 00:05 - 00145872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
    2017-01-25 01:28 - 2016-10-26 00:05 - 00145360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
    2017-01-25 01:28 - 2016-10-26 00:05 - 00130216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
    2017-01-25 01:28 - 2016-09-13 21:08 - 00112336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
    2017-01-25 01:28 - 2016-09-13 21:08 - 00112328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
     
    ==================== Files in the root of some directories =======
     
    2013-04-21 13:34 - 2013-04-21 13:34 - 0000093 _____ () C:\Users\Eskew\AppData\Local\fusioncache.dat
    2013-05-31 12:21 - 2013-05-31 12:21 - 0007598 _____ () C:\Users\Eskew\AppData\Local\Resmon.ResmonCfg
    2016-11-04 14:15 - 2016-11-04 14:15 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
     
    ==================== Bamital & volsnap ======================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    ATTENTION: ==> Could not access BCD. 
     
    LastRegBack: 2017-02-13 12:19
     
    ==================== End of FRST.txt ============================
     
     
    Here is Addition.txt if you need it too
     
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2017 01
    Ran by Eskew (23-02-2017 14:17:57)
    Running from C:\Users\Eskew\Desktop\New folder (5)
    Windows 10 Home Version 1607 (X64) (2016-10-17 13:33:36)
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-105371738-2419289027-4122941235-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-105371738-2419289027-4122941235-1004 - Limited - Enabled)
    DefaultAccount (S-1-5-21-105371738-2419289027-4122941235-503 - Limited - Disabled)
    Eskew (S-1-5-21-105371738-2419289027-4122941235-1001 - Administrator - Enabled) => C:\Users\Eskew
    Guest (S-1-5-21-105371738-2419289027-4122941235-501 - Limited - Disabled)
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
     (HKLM\...\UDK-04d245e5-f683-46e7-8173-d68ff31ec8e7) (Version:  - RuneStorm
    @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
    µTorrent (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\uTorrent) (Version: 3.4.6.42178 - BitTorrent Inc.)
    7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.0.2.189 - Adobe Systems Incorporated)
    Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.19) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
    AMD Catalyst Install Manager (HKLM\...\{DA9FFDE7-5474-DE51-8729-76A31DB5682B}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
    ASTRONEER (HKLM\...\Steam App 361420) (Version:  - System Era Softworks)
    Atlas Reactor (HKLM\...\Steam App 402570) (Version:  - Trion Worlds)
    Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
    AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
    Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - )
    Battle for Wesnoth 1.12.5 (HKLM-x32\...\Battle for Wesnoth 1.12.5) (Version: 1.12.5 - )
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
    bl (x32 Version: 1.0.0 - Your Company Name) Hidden
    Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Bloons TD5 (HKLM\...\Steam App 306020) (Version:  - Ninja Kiwi)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    BYOND (HKLM-x32\...\BYOND) (Version: 511.1363 - BYOND)
    Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
    Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‎Canon Inc.‬)
    Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
    Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
    Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
    Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
    Canon MG3200 series User Registration (HKLM-x32\...\Canon MG3200 series User Registration) (Version:  - Canon Inc.‎)
    Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
    Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
    Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
    Castle Crashers (HKLM\...\Steam App 204360) (Version:  - The Behemoth)
    Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
    Chronicle: RuneScape Legends (HKLM\...\Steam App 205890) (Version:  - Jagex)
    Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
    Clicker Guild (HKLM\...\Steam App 557810) (Version:  - Fox Dawn)
    Clicker Heroes (HKLM\...\Steam App 363970) (Version:  - Playsaurus)
    Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
    Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
    Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
    CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
    CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
    CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Darkest Dungeon (HKLM\...\Steam App 262060) (Version:  - Red Hook Studios)
    Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
    Discord (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
    Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
    Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
    DOOM 3: BFG Edition (HKLM-x32\...\Steam App 208200) (Version:  - id Software)
    Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
    Dragon's Dogma: Dark Arisen (HKLM\...\Steam App 367500) (Version:  - Capcom)
    Dungeon Defenders II (HKLM\...\Steam App 236110) (Version:  - Trendy Entertainment)
    Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
    Easy Tune 6 B14.0508.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
    Easy Tune 6 B14.0508.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
    Empyrion - Galactic Survival (HKLM\...\Steam App 383120) (Version:  - Eleon Game Studios)
    Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
    Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
    Factorio (HKLM\...\Steam App 427520) (Version:  - Wube Software LTD.)
    FLV2PC v5.9.0 (HKLM-x32\...\FLV2PC_is1) (Version: 5.9.0 - )
    FMW 1 (Version: 1.163.1 - AVG Technologies) Hidden
    Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
    Free Mahjong Games (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Free Mahjong Games) (Version: 1.0 - )
    Free Screen To Video V 2.0 (HKLM-x32\...\Free Screen To Video_is1) (Version: 2.0.0.0 - Koyote Soft)
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
    Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
    Google Chrome (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
    Guild of Dungeoneering (HKLM-x32\...\Steam App 317820) (Version:  - Gambrinous)
    Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
    HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.4.4 - Hi-Rez Studios)
    Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
    HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
    HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
    HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
    IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
    IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
    InfiniteCrisis_410193F41CAE (HKLM-x32\...\InfiniteCrisis_410193F41CAE) (Version:  - Turbine, Inc)
    iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
    Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
    Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
    King Arthur's Gold (HKLM-x32\...\{AC34F03B-B4C8-4892-8BD3-34DC1C7E8DE5}) (Version: 0.95.590.0 - THD)
    League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
    League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
    Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
    LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
    LEGO® Worlds (HKLM\...\Steam App 332310) (Version:  - TT Games)
    LibreOffice 4.0.2.2 (HKLM-x32\...\{1062AD6C-80F4-4BC6-AB7C-A28892B497B8}) (Version: 4.0.2.2 - The Document Foundation)
    LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
    LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
    LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
    LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
    Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)
    Magicka 2 (HKLM\...\Steam App 238370) (Version:  - Pieces Interactive)
    Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
    Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
    Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{17c2e197-cf26-443b-8beb-53151940df3f}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
    Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
    Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Microsoft Zoo Tycoon (HKLM-x32\...\Zoo Tycoon 1.0) (Version:  - )
    Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
    Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
    Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
    Multimedia Fusion 2 (HKLM-x32\...\Multimedia Fusion 2) (Version:  - )
    Mumble 1.2.5 (HKLM-x32\...\{C7BC557D-8C8B-4F5F-83AB-D20C58CF4575}) (Version: 1.2.5 - Thorvald Natvig)
    NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
    NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
    OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.3 - OBS Project)
    Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
    Oracle VM VirtualBox 4.2.6 (HKLM\...\{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}) (Version: 4.2.6 - Oracle Corporation)
    ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
    Osiris: New Dawn (HKLM\...\Steam App 402710) (Version:  - Fenix Fire Entertainment)
    Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
    PakkISO 0.4 (HKLM-x32\...\PakkISO_is1) (Version: PakkISO 0.4 by zorted, installer by BitLooter - )
    Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
    Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
    PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
    ph (x32 Version: 1.0.0 - Your Company Name) Hidden
    Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
    Pixelmon Launcher (Beta) (HKLM-x32\...\Pixelmon Launcher (Beta) 2.0.26) (Version: 2.0.26 - Ikara Software Limited)
    Pixelmon Launcher (Beta) (x32 Version: 2.0.26 - Ikara Software Limited) Hidden
    PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Daybreak Game Company)
    PlanetSide 2 (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Project Zomboid (HKLM\...\Steam App 108600) (Version:  - The Indie Stone)
    Project Zomboid Dedicated Server (HKLM\...\Steam App 380870) (Version:  - )
    PULSAR: Lost Colony (HKLM\...\Steam App 252870) (Version:  - Leafy Games)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
    Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27599 - Razer Inc.)
    Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
    ROBLOX Player for Eskew (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
    ROBLOX Studio for Eskew (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
    Robocraft version 0.3.274 (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.274 - Freejam)
    RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
    RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd)
    Security Task Manager 2.1i (HKLM-x32\...\Security Task Manager) (Version: 2.1i - Neuber Software)
    SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
    Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
    Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
    SMITE (HKLM\...\Steam App 386360) (Version:  - Hi-Rez Studios)
    Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
    SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
    Spotify (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\Spotify) (Version: 1.0.42.151.g19de0aa6 - Spotify AB)
    Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
    STAR WARS™ Battlefront™ II (HKLM\...\Steam App 6060) (Version:  - Pandemic Studios)
    STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
    Starbound (HKLM\...\Steam App 211820) (Version:  - )
    StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
    Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    SteamVR (HKLM-x32\...\Steam App 250820) (Version:  - )
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Tabletop Simulator (HKLM\...\Steam App 286160) (Version:  - Berserk Games)
    Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
    TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
    TeamSpeak 3 Client (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
    Techne (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\244a1e8693fd9c7e) (Version: 1.3.0.15 - ZeuX and r4wk)
    Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
    The Jackbox Party Pack 3 (HKLM\...\Steam App 434170) (Version:  - Jackbox Games, Inc.)
    The Witcher 2: Assassins of Kings Enhanced Edition (HKLM\...\Steam App 20920) (Version:  - CD PROJEKT RED)
    The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version:  - CD PROJEKT RED)
    The Witcher: Enhanced Edition (HKLM\...\Steam App 20900) (Version:  - CD PROJEKT RED)
    Trove (HKLM-x32\...\Glyph Trove) (Version:  - Trion Worlds, Inc.)
    Tt eSPORTS VENTUS Mouse (HKLM-x32\...\{766BD494-B1C8-4491-BBA7-1AABF9BF0660}) (Version: 1.0.0 - Tt eSPORTS)
    Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
    Unity Web Player (HKU\S-1-5-21-105371738-2419289027-4122941235-1001\...\UnityWebPlayer) (Version: 5.2.3f1 - Unity Technologies ApS)
    univcredist (HKLM-x32\...\{2d9d4a60-1d22-46c1-84bb-1de04b4715d7}) (Version: 1.0.0.0 - Motiga)
    Unturned (HKLM\...\Steam App 304930) (Version:  - Smartly Dressed Games)
    Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
    VIO Player version 1.0.1 (HKLM-x32\...\{C8A17598-7F89-41EA-9876-0F89DA0B24F1}_is1) (Version: 1.0.1 - VIO)
    Viscera Cleanup Detail (HKLM-x32\...\Steam App 246900) (Version:  - RuneStorm)
    Viscera Cleanup Detail: alpha v0.25
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
    Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
    Warhammer: End Times - Vermintide (HKLM\...\Steam App 235540) (Version:  - Fatshark)
    Waste Walkers (HKLM\...\Steam App 371100) (Version:  - Corrosive Studios LLC)
    WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
    XSplit Broadcaster (HKLM-x32\...\{4202CAFA-F8F9-4311-8A13-19DB48AAF5F7}) (Version: 2.2.1502.1633 - SplitmediaLabs)
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{66131700-2ee5-4034-a67a-9f28774368e3}\InprocServer32 -> C:\Windows\SysWOW64\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Roblox\Versions\version-8756646edb404aaf\RobloxProxy64.dll (ROBLOX Corporation)
    CustomCLSID: HKU\S-1-5-21-105371738-2419289027-4122941235-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Eskew\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {26E636BA-44CD-4450-8C94-067074443D37} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-22] (Microsoft Corporation)
    Task: {2E1AD61C-9923-4505-A94D-D2EFA9C12430} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe 
    Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
    Task: {3CB8C14F-58BC-4B18-B360-3255709C654C} - System32\Tasks\Online Application v209 Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ATTENTION
    Task: {4C8BE195-6011-48A1-98C0-1AA1935C5EBA} - System32\Tasks\Online Application v209 Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ATTENTION
    Task: {4CA5593B-CDC2-4663-A1E0-275A25429E4C} - System32\Tasks\{88A2001F-FBC4-477A-99DF-0C91444C63AD} => pcalua.exe -a "C:\Users\Eskew\Downloads\dotnetfx (1).exe" -d C:\Users\Eskew\Downloads
    Task: {50D9217A-46C1-44E6-90A1-A7129039CE3B} - System32\Tasks\{7397805F-4A56-4686-977E-8CBC53A081AF} => pcalua.exe -a "C:\Program Files (x86)\Glyph\GlyphClient.exe" -c -uninstall  -game 131
    Task: {6038FBF3-3629-488B-8FC1-DB73A95AE455} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001UA1d257fbdc135398 => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {6F5B6BC8-EA96-4091-9C6D-89D881882B06} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001Core => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {7ADBD0EE-0CDE-4CD8-820B-E188292104EA} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [2016-07-16] (Microsoft Corporation)
    Task: {7B225396-9243-4EA4-9E43-BFE678D480FA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
    Task: {80C0B092-4558-4A88-A385-065AD6F1D107} - System32\Tasks\HPCeeScheduleForEskew => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
    Task: {81093AC7-C134-463E-A18D-F9D029CF3722} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-16] (Adobe Systems Incorporated)
    Task: {BD6D1757-FE32-4B78-869D-A93012C21857} - System32\Tasks\{D01AF756-DFFD-4359-8D62-4BA2DA949F2F} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/en/abandoninstall?page=tsProgressBar
    Task: {C171877A-DEE5-4A45-B5FD-1D3DAD79E1BD} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Eskew\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
    Task: {D487CBE6-87CC-4D3D-859D-901F09733C72} - System32\Tasks\{9683697A-7CBF-4F87-96C3-1F514C197363} => pcalua.exe -a C:\Users\Eskew\AppData\Local\Roblox\Versions\version-1600d28b04c54698\RobloxPlayerLauncher.exe -c -uninstall
    Task: {D4DAB5AA-64FA-4200-A100-0DD4C6D8B2A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001UA => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {DFF0F439-CE45-4D3B-B802-17589BA6D15C} - System32\Tasks\AdobeAAMUpdater-1.0-EskewPC-Eskew => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
    Task: {E1EB435A-B19B-490C-8D07-E641ADC9BB97} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {EA2E1BBB-507B-42EE-BAE2-6DB71C9AE74B} - System32\Tasks\{8F7B53BB-88C5-41E2-A80D-64960DF2106B} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/en/abandoninstall?page=tsProgressBar
    Task: {EB0C046F-147E-496A-8498-A908EC345523} - System32\Tasks\{85C1A459-4CC3-41EF-8702-6EAA011491A5} => pcalua.exe -a C:\Users\Eskew\AppData\Local\uninstallro.exe
    Task: {F63D0CAD-069D-4C96-B0F0-18E7372DD452} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-105371738-2419289027-4122941235-1001Core1d257fbdbfad668 => C:\Users\Eskew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    ==================== Load