Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My Computer Is Infected - Please help


  • Please log in to reply

#1
snowfox217

snowfox217

    New Member

  • Member
  • Pip
  • 1 posts

Hello!

 

My computer has somehow become infected with a very mean virus. It's so mean, that it will not allow me to run any antivirus software to help get rid of it. I've tried using malware bytes, bitdefender, and avast!. And every time I try to use them (even in safe mode) they won't run. What I mean is when I try to run a scan, the antivirus will start scanning, but then it'll freeze up and a notification will pop up saying that the service is unresponsive, please try again. And when I try again, it still doesn't work. Also the computer will just randomly shut off for no reason. Please help! If you need any more information, please let me know. Below are the FRST.txt and Addition.txt copied and pasted one after the other.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2017
Ran by Hayes 2 (administrator) on HAYES2-PC (17-10-2017 21:34:12)
Running from C:\Users\Hayes 2\Downloads
Loaded Profiles: Hayes 2 (Available Profiles: Hayes 2)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [242192 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-08] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15120504 2016-02-17] (Logitech Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-17] (AVAST Software)
HKLM-x32\...\Run: [LedKey] => C:\Windows\CNYHKey.exe [339968 2008-04-23] (Creative)
HKLM-x32\...\Run: [LchDrvKey] => C:\Windows\LchDrvKey.exe [36864 2007-03-28] ()
HKLM-x32\...\Run: [Conime] => C:\Windows\SysWOW64\conime.exe [69120 2009-04-11] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Hayes 2\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2017-06-04] (Glarysoft Ltd)
HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\MountPoints2: {99d0025a-cba0-11e2-8e5d-0022684d9600} - I:\setup.exe -a
HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\MountPoints2: {c06f1c69-77bc-11e2-bf16-0022684d9600} - I:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\MountPoints2: {d35e0ec0-b893-11dc-b94a-0022684d9600} - I:\KODAK_Camera_Setup_App.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartCopy.lnk [2009-04-07]
ShortcutTarget: SmartCopy.lnk -> C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartLauncher.lnk [2009-04-07]
ShortcutTarget: SmartLauncher.lnk -> C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe (North Star com.)
BootExecute: autocheck autochk *  BootDefrag.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52680;https=127.0.0.1:52680
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{9712E214-2095-4240-BE72-812D046DB980}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{DB72EBFF-D75A-4BC8-B63D-E898BA946843}: [DhcpNameServer] 64.13.74.12 64.13.115.12

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1094520485-351602351-698667415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL =
SearchScopes: HKLM-x32 -> DefaultScope {047C5C97-290A-4AF7-9439-266C08770795} URL =
SearchScopes: HKU\S-1-5-21-1094520485-351602351-698667415-1000 -> {6281C22D-CF32-4CDE-B498-51832E86A8BE} URL = hxxp://isearch.shopathome.com?user_id={090a07b7-1599-43e5-b988-8c29ad526194}&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1094520485-351602351-698667415-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-10-17] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-22] (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-17] (AVAST Software)
Toolbar: HKU\S-1-5-21-1094520485-351602351-698667415-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-1094520485-351602351-698667415-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKU\S-1-5-21-1094520485-351602351-698667415-1000 -> No Name - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} -  No File
Toolbar: HKU\S-1-5-21-1094520485-351602351-698667415-1000 -> No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Toolbar: HKU\S-1-5-21-1094520485-351602351-698667415-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab

FireFox:
========
FF ProfilePath: C:\Users\Hayes 2\AppData\Roaming\Mozilla\Firefox\Profiles\yrs7xynt.default-1454300189287 [2017-10-17]
FF Extension: (Youtube Downloader mp3) - C:\Users\Hayes 2\AppData\Roaming\Mozilla\Firefox\Profiles\yrs7xynt.default-1454300189287\Extensions\@youtube_downloader.xpi [2017-10-15]
FF Extension: (Avast Online Security) - C:\Users\Hayes 2\AppData\Roaming\Mozilla\Firefox\Profiles\yrs7xynt.default-1454300189287\Extensions\[email protected] [2017-10-17]
FF Extension: (Save Button for Pinterest) - C:\Users\Hayes 2\AppData\Roaming\Mozilla\Firefox\Profiles\yrs7xynt.default-1454300189287\Extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi [2017-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (DivX Plus Web Player HTML5 <video>) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-06-07] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-17] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files\I - Tunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2009-05-26] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer -> C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll [2008-01-04] (Unity Technologies ApS)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll [2007-04-16] ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\8\NP_wtapp.dll [2013-09-27] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1094520485-351602351-698667415-1000: @doubletwist.com/NPPodcast -> C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll [2012-05-01] (doubleTwist Corporation)
FF Plugin HKU\S-1-5-21-1094520485-351602351-698667415-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Hayes 2\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll [2009-10-19] ()
FF Plugin HKU\S-1-5-21-1094520485-351602351-698667415-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Hayes 2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1094520485-351602351-698667415-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-10-18] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Hayes 2\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "chrome://apps/"
CHR Profile: C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default [2017-10-17]
CHR Extension: (hxxps://www.youtube.com/results?search_query=) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapfpinekdpglppiajnjacjabcbaoloa [2017-06-29]
CHR Extension: (Entanglement Web App) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-09-16]
CHR Extension: (Google Drive) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-04]
CHR Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2017-07-04]
CHR Extension: (Savings Button: Deals + Cash Back) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc [2008-01-01]
CHR Extension: (Pandora) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2014-09-16]
CHR Extension: (Google Docs Offline) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-04]
CHR Extension: (Private Search) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\innpkjmckmjjpejjanemggpbhlnbbgcf [2017-01-25]
CHR Extension: (Chess Parlour) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlajmljkfdollkblobinchlijmficpof [2014-09-16]
CHR Extension: (Poppit!) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-09-16]
CHR Extension: (God is Love - 1920x1200) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\miifebnaijmglpekagcclomafchejlpk [2014-09-16]
CHR Extension: (Fantasy on Yahoo! Sports) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchojkpkbofjpjiahnabhbofpeaipjpo [2014-09-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (TypingClub) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah [2014-09-16]
CHR Profile: C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-10-15]
CHR Profile: C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-10-15]
CHR Extension: (Google Slides) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-26]
CHR Extension: (Google Docs) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-26]
CHR Extension: (Google Drive) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-26]
CHR Extension: (YouTube) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-26]
CHR Extension: (Google Search) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-26]
CHR Extension: (Google Sheets) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-26]
CHR Extension: (Google Docs Offline) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-02]
CHR Extension: (Gmail) - C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-26]
CHR Profile: C:\Users\Hayes 2\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-15]
CHR HKU\S-1-5-21-1094520485-351602351-698667415-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1094520485-351602351-698667415-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [knhpkjjdbjjchglnophlnghcdefpanlc] - <no Path/update_url>
CHR HKU\S-1-5-21-1094520485-351602351-698667415-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - <no Path/update_url>
CHR crx: C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\default_apps\search.crx [2015-07-31]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2008-01-01] (SUPERAntiSpyware.com)
S3 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [7084784 2016-01-16] (Emsisoft Ltd)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-06-17] (Adobe Systems Incorporated) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-17] (AVAST Software s.r.o.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-17] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-04-02] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-10-25] (BitRaider, LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-07-26] (EasyAntiCheat Ltd) [File not signed]
S2 ETService; C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [24576 2008-06-11] () [File not signed]
S2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [726016 2008-09-08] () [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-09-05] (WildTangent)
S3 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [67360 2009-12-17] (NOS Microsystems Ltd.)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-08] (NVIDIA Corporation)
S3 gupdate1c9e7c4d856c020; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2014-10-22] (Google Inc.)
S4 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
S3 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-15] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 LBTServ; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [160272 2008-05-02] (Logitech, Inc.)
S2 Live Updater Service; C:\Program Files\GATEWAY\Gateway Updater\UpdaterService.exe [257440 2016-06-08] (Acer Incorporated) [File not signed]
S3 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2904864 2015-06-02] (IObit)
S2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-02-17] (Logitech Inc.)
S3 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [121144 2013-03-25] (Motorola Mobility LLC)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 nosGetPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll [53248 2011-03-29] (NOS Microsystems Ltd.)
S2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [221696 2008-09-08] () [File not signed]
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-08] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-10-02] (Electronic Arts)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-09-29] ()
S3 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [215160 2017-01-15] ()
S3 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [241734 2008-06-29] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
S3 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [650560 2017-05-03] (WiseCleaner.com)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [321032 2017-10-17] (AVAST Software s.r.o.)
S0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-10-17] (AVAST Software s.r.o.)
S0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-10-17] (AVAST Software s.r.o.)
S0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-10-17] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [105128 2017-10-17] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47008 2017-10-17] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147776 2017-10-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [79232 2017-10-17] (AVAST Software)
S0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-10-17] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1020536 2017-10-17] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [587168 2017-10-17] (AVAST Software)
S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [245416 2017-10-17] (AVAST Software)
S0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [363440 2017-10-17] (AVAST Software)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-10-09] ()
S3 AVer88xHD; C:\Windows\System32\drivers\AVer88xHD64.sys [432256 2007-04-10] (AVerMedia TECHNOLOGIES, Inc.)
S3 bcm; C:\Windows\System32\DRIVERS\drxvi314_64.sys [318336 2009-11-03] (Beceem communications pvt ltd.)
S3 bcmbusctr; C:\Windows\System32\DRIVERS\BcmBusCtr_64.sys [62976 2009-11-03] (Beceem communications pvt ltd.)
S1 bdftdif; C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys [138920 2013-04-17] (Bitdefender SRL)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-07-18] (Glarysoft Ltd)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows ® Win 7 DDK provider)
S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [21704 2012-03-22] (Cambridge Silicon Radio Limited)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [22200 2016-01-09] () [File not signed]
S1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2012-08-02] (EldoS Corporation)
S1 epp64; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp64.sys [138504 2016-01-16] (Emsisoft GmbH)
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-06-29] (Glarysoft Ltd)
S1 Hmonitor45; C:\Windows\SysWOW64\drivers\hmonitor45.sys [14544 2011-07-28] (OpenLibSys.org)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-08-01] (AnchorFree Inc.)
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-29] (REALiX™)
S3 ladfGSS; C:\Windows\System32\drivers\ladfGSS.sys [45200 2016-02-15] (Logitech Inc.)
S2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-10-09] ()
S3 LTXMD_VAC; C:\Windows\System32\drivers\lmvac.sys [28944 2011-05-06] (Windows ® Win 7 DDK provider)
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [28192 2005-08-27] (NVIDIA Corporation)
R0 nvrd64; C:\Windows\System32\drivers\nvrd64.sys [166944 2008-08-18] (NVIDIA Corporation)
S0 qhpbzs; no ImagePath
S0 raeehd; no ImagePath
R3 RSUSBSTOR; C:\Windows\System32\Drivers\RTS5121.sys [204288 2008-06-04] (Realtek Semiconductor Corporation)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [28400 2016-04-23] () [File not signed]
S3 WiseRegNotify; C:\Windows\WiseRegNotify.sys [29616 2016-10-01] (WiseCleaner.com) [File not signed]
S1 360FsFlt; system32\DRIVERS\360FsFlt.sys [X]
S0 avc3; system32\DRIVERS\avc3.sys [X]
S3 avckf; system32\DRIVERS\avckf.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 CsrBthAudioHF; system32\DRIVERS\CsrBthAudioHF.sys [X]
S3 CsrBtPort; system32\DRIVERS\CsrBtPort.sys [X]
S3 csrhfgcc; system32\DRIVERS\csrhfgcc.sys [X]
S3 csrpan; system32\DRIVERS\csrpan.sys [X]
S3 csrserial; system32\DRIVERS\csrserial.sys [X]
S3 csrusb; System32\Drivers\csrusb.sys [X]
S3 csr_bthav; system32\drivers\csrbthav.sys [X]
S4 gzflt; system32\DRIVERS\gzflt.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 Rts516xIR; system32\DRIVERS\Rts516xIR.sys [X]
S0 trufos; system32\DRIVERS\trufos.sys [X]
S3 USBCCID; system32\DRIVERS\Rts5161ccid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-17 21:34 - 2017-10-17 21:35 - 000027394 _____ C:\Users\Hayes 2\Downloads\FRST.txt
2017-10-17 21:31 - 2017-10-17 21:34 - 000000000 ____D C:\FRST
2017-10-17 21:31 - 2017-10-17 21:31 - 002401792 _____ (Farbar) C:\Users\Hayes 2\Downloads\FRST64.exe
2017-10-17 21:31 - 2017-10-17 21:31 - 000007836 _____ C:\Windows\system32\PerfStringBackup.TMP
2017-10-17 20:21 - 2017-10-17 20:10 - 000105128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2017-10-17 20:04 - 2017-10-17 20:04 - 000439744 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-17 20:02 - 2017-10-17 20:02 - 000125032 _____ C:\Users\Hayes 2\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-17 19:57 - 2017-10-17 19:57 - 000000000 ____D C:\Users\Hayes 2\AppData\Roaming\AVAST Software
2017-10-17 19:56 - 2017-10-17 19:56 - 001020536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-10-17 19:56 - 2017-10-17 19:56 - 000587168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-10-17 19:56 - 2017-10-17 19:56 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-10-17 19:56 - 2017-10-17 19:56 - 000363440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-10-17 19:56 - 2017-10-17 19:56 - 000245416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2017-10-17 19:56 - 2017-10-17 19:56 - 000147776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-10-17 19:56 - 2017-10-17 19:56 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-10-17 19:56 - 2017-10-17 19:56 - 000079232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2017-10-17 19:56 - 2017-10-17 19:56 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-10-17 19:56 - 2017-10-17 19:56 - 000001787 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-10-17 19:56 - 2017-10-17 19:56 - 000000342 ____H C:\Windows\Tasks\Avast Emergency Update.job
2017-10-17 19:56 - 2017-10-17 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-10-17 19:56 - 2017-10-17 19:55 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-10-17 19:56 - 2017-10-17 19:55 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-10-17 19:56 - 2017-10-17 19:55 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-10-17 19:56 - 2017-10-17 19:55 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-10-17 19:54 - 2017-10-17 19:56 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-17 19:54 - 2017-10-17 19:54 - 006654960 _____ (AVAST Software) C:\Users\Hayes 2\Downloads\avast_free_antivirus_setup_online_cnet2.exe
2017-10-17 19:54 - 2017-10-17 19:54 - 000000000 ____D C:\Program Files\AVAST Software
2017-10-17 19:48 - 2017-10-17 19:48 - 000044477 _____ C:\ProgramData\1508287719.1908.bin
2017-10-17 19:48 - 2017-10-17 19:48 - 000038421 _____ C:\ProgramData\1508287719.2036.bin
2017-10-17 19:48 - 2017-10-17 19:48 - 000037602 _____ C:\ProgramData\1508287714.bdinstall.bin
2017-10-17 19:48 - 2017-10-17 19:48 - 000004488 _____ C:\ProgramData\1508287719.1976.bin
2017-10-17 19:48 - 2017-10-17 19:48 - 000003945 _____ C:\ProgramData\1508287719.1972.bin
2017-10-17 19:47 - 2017-10-17 21:32 - 000965522 _____ C:\Windows\ntbtlog.txt
2017-10-15 22:19 - 2017-10-15 22:21 - 000000000 ____D C:\EEK
2017-10-15 22:03 - 2017-10-15 22:03 - 000000000 ____D C:\ProgramData\MB2Migration
2017-10-15 22:03 - 2017-10-15 22:03 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-26 08:04 - 2017-09-26 08:04 - 000079027 _____ C:\Users\Hayes 2\Downloads\Paystub_ACH_172124_from_CIS_OF_BRAZORIA_COUNTY_INC._3400.pdf
2017-09-25 15:37 - 2017-09-25 15:37 - 000000222 _____ C:\Users\Hayes 2\Desktop\ORION Prelude.url
2017-09-23 10:07 - 2017-09-23 10:07 - 000000000 ____D C:\Users\Hayes 2\AppData\LocalLow\Blizzard Entertainment
2017-09-23 10:05 - 2017-09-23 10:05 - 000000801 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2017-09-23 10:05 - 2017-09-23 10:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2017-09-23 10:01 - 2017-09-23 10:06 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2017-09-17 01:02 - 2017-09-17 01:02 - 000010769 _____ C:\Users\Hayes 2\Documents\Renfest 2017.odt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-17 21:25 - 2010-05-17 14:13 - 000000732 _____ C:\Users\Hayes 2\AppData\Local\d3d9caps64.dat
2017-10-17 21:20 - 2016-11-19 10:24 - 000000000 ____D C:\Users\Hayes 2\AppData\LocalLow\Mozilla
2017-10-17 21:16 - 2009-04-07 14:34 - 000000000 _____ C:\Windows\system32\LogConfigTemp.xml
2017-10-17 21:16 - 2006-11-02 10:42 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-17 21:16 - 2006-11-02 10:22 - 000004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-17 21:16 - 2006-11-02 10:22 - 000004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-17 20:41 - 2006-11-02 10:42 - 000032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-10-17 20:40 - 2011-10-29 15:59 - 000000000 ____D C:\Users\Hayes 2\AppData\Local\CrashDumps
2017-10-17 20:30 - 2006-11-02 07:46 - 000900728 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-17 19:59 - 2009-08-24 18:04 - 000000000 ____D C:\Windows\Minidump
2017-10-17 19:57 - 2009-08-21 00:28 - 000002032 _____ C:\Users\Hayes 2\AppData\Local\d3d9caps.dat
2017-10-17 13:46 - 2006-11-02 07:33 - 110886912 _____ C:\Windows\system32\config\software_previous
2017-10-17 13:45 - 2016-10-01 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-10-17 13:45 - 2016-10-01 16:02 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-10-17 13:45 - 2016-07-23 16:14 - 000000000 ____D C:\Users\Hayes 2\Desktop\AV's and Cleaners
2017-10-17 13:45 - 2016-01-02 11:45 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2017-10-17 13:45 - 2013-03-19 15:30 - 000000000 ____D C:\Users\Hayes 2\AppData\Roaming\Wise Care 365
2017-10-17 13:45 - 2013-03-19 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2017-10-17 13:45 - 2012-09-12 01:37 - 000000000 ____D C:\ProgramData\iolo
2017-10-17 13:45 - 2012-09-12 01:37 - 000000000 ____D C:\Program Files (x86)\iolo
2017-10-17 13:45 - 2011-12-24 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-10-17 13:45 - 2011-12-05 12:48 - 000000000 ____D C:\Users\Hayes 2\AppData\Local\Akamai
2017-10-17 13:45 - 2009-05-28 21:42 - 000000000 ____D C:\Program Files (x86)\CCleaner
2017-10-17 13:45 - 2009-05-19 22:00 - 000000000 ____D C:\Program Files (x86)\Steam
2017-10-17 13:45 - 2006-11-02 08:34 - 000000000 ____D C:\Windows\system32\spool
2017-10-17 13:45 - 2006-11-02 08:33 - 000000000 ____D C:\Windows\registration
2017-10-17 13:45 - 2006-11-02 08:33 - 000000000 ____D C:\Windows\PolicyDefinitions
2017-10-17 13:45 - 2006-11-02 08:33 - 000000000 ____D C:\Windows\inf
2017-10-17 13:41 - 2006-11-02 07:33 - 048234496 _____ C:\Windows\system32\config\system_previous
2017-10-17 10:47 - 2009-05-19 18:22 - 000000000 ____D C:\Users\Hayes 2
2017-10-17 09:54 - 2006-11-02 07:33 - 076808192 _____ C:\Windows\system32\config\components_previous
2017-10-17 09:54 - 2006-11-02 07:33 - 000061440 _____ C:\Windows\system32\config\sam_previous
2017-10-17 06:46 - 2006-11-02 07:33 - 003932160 _____ C:\Windows\system32\config\default_previous
2017-10-17 06:46 - 2006-11-02 07:33 - 000028672 _____ C:\Windows\system32\config\security_previous
2017-10-16 14:37 - 2017-04-23 13:15 - 000001133 _____ C:\Users\Hayes 2\Desktop\nativelog.txt
2017-10-15 22:03 - 2016-10-01 16:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-06 09:27 - 2011-10-27 20:13 - 000000000 ____D C:\Users\Hayes 2\AppData\Roaming\SoftGrid Client
2017-10-06 01:05 - 2017-05-09 22:27 - 000000000 ____D C:\Users\Hayes 2\Documents\SeaBounty
2017-10-05 23:58 - 2012-05-31 23:54 - 000000000 ____D C:\ProgramData\AlawarWrapper
2017-10-04 18:49 - 2013-07-29 19:13 - 000000000 ____D C:\Users\Hayes 2\AppData\Roaming\.minecraft
2017-10-02 20:29 - 2014-04-13 20:59 - 000000000 ____D C:\Users\Hayes 2\AppData\Local\Daedalic Entertainment
2017-09-27 22:34 - 2017-05-07 00:02 - 000000000 ____D C:\Users\Hayes 2\AppData\Roaming\Alawar
2017-09-25 15:37 - 2009-11-04 13:24 - 000000000 ____D C:\Users\Hayes 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-09-23 12:31 - 2014-02-11 20:21 - 000000000 ____D C:\Users\Hayes 2\AppData\Local\Battle.net
2017-09-23 10:07 - 2012-01-10 15:02 - 000000000 ____D C:\Program Files (x86)\StarCraft
2017-09-23 10:00 - 2014-02-11 20:21 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-09-21 18:14 - 2014-09-10 14:03 - 000000000 ____D C:\Users\Hayes 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-09-20 22:12 - 2012-07-10 23:40 - 000000000 ____D C:\ProgramData\Alawar Stargaze

==================== Files in the root of some directories =======

2012-10-23 23:01 - 2012-10-23 23:01 - 000062205 _____ () C:\Users\Hayes 2\AppData\Roaming\asdf turbo.csa
2012-10-24 01:21 - 2012-10-25 10:36 - 000061163 _____ () C:\Users\Hayes 2\AppData\Roaming\asdf.csa
2012-10-23 22:27 - 2002-08-08 15:31 - 000065690 _____ () C:\Users\Hayes 2\AppData\Roaming\Big Thunder.csa
2010-12-22 01:05 - 2010-12-22 01:05 - 000000002 _____ () C:\Users\Hayes 2\AppData\Roaming\ceville_console_history.txt
2012-10-22 20:54 - 2012-10-22 22:57 - 000059187 _____ () C:\Users\Hayes 2\AppData\Roaming\Corkscew.csa
2009-06-19 00:03 - 2009-06-19 00:03 - 000066780 _____ () C:\Users\Hayes 2\AppData\Roaming\CRAZY 1.csa
2009-06-19 00:30 - 2009-06-19 00:30 - 000059259 _____ () C:\Users\Hayes 2\AppData\Roaming\crazy 2.csa
2012-10-23 22:27 - 2002-08-14 21:06 - 000074886 _____ () C:\Users\Hayes 2\AppData\Roaming\Depth Charge.csa
2012-10-22 23:15 - 2012-10-22 23:15 - 000066781 _____ () C:\Users\Hayes 2\AppData\Roaming\Dizzy yet 1.csa
2012-10-23 22:27 - 2002-08-08 15:31 - 000065591 _____ () C:\Users\Hayes 2\AppData\Roaming\Fall Ratio.csa
2003-11-02 22:00 - 2012-10-23 22:15 - 000080658 _____ () C:\Users\Hayes 2\AppData\Roaming\Golden Rush.csa
2012-10-24 00:04 - 2012-10-24 00:46 - 000063543 _____ () C:\Users\Hayes 2\AppData\Roaming\I will rise.csa
2015-09-23 21:35 - 2015-09-23 21:35 - 000084926 _____ () C:\Users\Hayes 2\AppData\Roaming\icarus-dxdiag.xml
2010-11-07 14:34 - 2012-10-29 20:00 - 000002150 _____ () C:\Users\Hayes 2\AppData\Roaming\LoadCach.bin
2012-10-23 22:27 - 2002-08-08 15:31 - 000065019 _____ () C:\Users\Hayes 2\AppData\Roaming\Park Night.csa
2012-10-23 22:27 - 2002-08-08 15:31 - 000065359 _____ () C:\Users\Hayes 2\AppData\Roaming\Phire Werx.csa
2012-10-23 22:27 - 2002-08-08 15:31 - 000070501 _____ () C:\Users\Hayes 2\AppData\Roaming\Plum Crazy.csa
2009-06-18 23:39 - 2012-10-25 18:01 - 000000335 _____ () C:\Users\Hayes 2\AppData\Roaming\prefs.bin
2010-10-13 09:21 - 2010-10-13 09:21 - 000000760 _____ () C:\Users\Hayes 2\AppData\Roaming\setup_ldm.iss
2012-10-23 22:27 - 2002-08-08 15:31 - 000065239 _____ () C:\Users\Hayes 2\AppData\Roaming\Space Mountain Paris.csa
2015-10-03 08:54 - 2015-10-03 08:54 - 000001588 _____ () C:\Users\Hayes 2\AppData\Roaming\SpeedRunnersLog.txt
2012-10-25 18:11 - 2012-10-25 18:11 - 000060878 _____ () C:\Users\Hayes 2\AppData\Roaming\steele.csa
2012-10-23 22:27 - 2002-08-08 15:31 - 000063043 _____ () C:\Users\Hayes 2\AppData\Roaming\Tapeworm.csa
2015-12-27 17:35 - 2016-01-09 11:08 - 000000098 _____ () C:\Users\Hayes 2\AppData\Roaming\theHunterPrimal_LauncherSettings_live.cfg
2012-10-23 22:27 - 2002-08-08 15:31 - 000064872 _____ () C:\Users\Hayes 2\AppData\Roaming\Toontown Twister.csa
2012-10-24 00:52 - 2012-10-24 00:52 - 000059025 _____ () C:\Users\Hayes 2\AppData\Roaming\tunnel.csa
2014-05-18 13:59 - 2014-05-18 13:59 - 000000043 _____ () C:\Users\Hayes 2\AppData\Roaming\WB.CFG
2009-11-18 10:15 - 2014-10-12 21:55 - 000000694 _____ () C:\Users\Hayes 2\AppData\Roaming\wklnhst.dat
2012-10-23 22:27 - 2002-08-08 15:31 - 000063863 _____ () C:\Users\Hayes 2\AppData\Roaming\X 25s.csa
2009-09-25 23:24 - 2009-09-25 23:24 - 000000552 _____ () C:\Users\Hayes 2\AppData\Local\d3d8caps.dat
2009-08-21 00:28 - 2017-10-17 19:57 - 000002032 _____ () C:\Users\Hayes 2\AppData\Local\d3d9caps.dat
2010-05-17 14:13 - 2017-10-17 21:25 - 000000732 _____ () C:\Users\Hayes 2\AppData\Local\d3d9caps64.dat
2009-05-26 01:59 - 2012-06-07 17:59 - 000198656 _____ () C:\Users\Hayes 2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-12-22 19:23 - 2009-12-22 19:24 - 000014214 _____ () C:\Users\Hayes 2\AppData\Local\dd_depcheck_NETFX20_EXP_35.txt
2010-05-03 23:18 - 2015-02-16 11:01 - 002342398 _____ () C:\Users\Hayes 2\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
2009-12-22 19:23 - 2009-12-22 19:24 - 000001506 _____ () C:\Users\Hayes 2\AppData\Local\dd_dotnetfx20error.txt
2009-12-22 19:23 - 2009-12-22 19:24 - 000055010 _____ () C:\Users\Hayes 2\AppData\Local\dd_dotnetfx20install.txt
2010-05-03 23:17 - 2010-05-03 23:17 - 000000002 _____ () C:\Users\Hayes 2\AppData\Local\dd_dotnetfx35error.txt
2010-05-03 23:17 - 2015-02-16 11:02 - 003724860 _____ () C:\Users\Hayes 2\AppData\Local\dd_dotnetfx35install.txt
2013-12-24 00:49 - 2013-12-24 00:49 - 002843734 _____ () C:\Users\Hayes 2\AppData\Local\dd_NET_Framework35_x64_MSI159D.txt
2014-04-27 21:55 - 2014-04-27 21:56 - 002840706 _____ () C:\Users\Hayes 2\AppData\Local\dd_NET_Framework35_x64_MSI3748.txt
2014-07-30 20:59 - 2014-07-30 21:00 - 002849892 _____ () C:\Users\Hayes 2\AppData\Local\dd_NET_Framework35_x64_MSI3D4A.txt
2015-02-16 11:01 - 2015-02-16 11:02 - 002845846 _____ () C:\Users\Hayes 2\AppData\Local\dd_NET_Framework35_x64_MSI4C27.txt
2010-11-24 20:04 - 2010-11-24 20:04 - 002320836 _____ () C:\Users\Hayes 2\AppData\Local\dd_NET_Framework35_x64_MSI5FD9.txt
2013-01-05 01:40 - 2013-01-05 01:40 - 000411530 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI0019.txt
2010-12-12 01:18 - 2010-12-12 01:18 - 000364890 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI006C.txt
2013-04-22 06:24 - 2013-04-22 06:24 - 000370474 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI01C2.txt
2014-06-28 07:16 - 2014-06-28 07:16 - 000369356 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI0269.txt
2012-11-23 02:27 - 2012-11-23 02:27 - 000369416 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI03CB.txt
2010-01-15 12:40 - 2010-01-15 12:40 - 000440300 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI0452.txt
2013-12-30 01:26 - 2013-12-30 01:27 - 000415216 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI06CF.txt
2015-07-22 20:08 - 2015-07-22 20:08 - 000423980 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI0B50.txt
2012-11-22 23:51 - 2012-11-22 23:51 - 000367006 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI0C65.txt
2013-08-21 12:38 - 2013-08-21 12:38 - 000387510 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI0D79.txt
2013-08-21 12:38 - 2013-08-21 12:38 - 000377894 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI0D8D.txt
2013-02-14 17:37 - 2013-02-14 17:37 - 000372202 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI11D7.txt
2014-10-24 18:41 - 2014-10-24 18:41 - 000377170 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI12E4.txt
2013-07-22 02:29 - 2013-07-22 02:29 - 000370460 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI13D5.txt
2013-03-23 10:29 - 2013-03-23 10:29 - 000371248 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI14BC.txt
2012-12-13 16:12 - 2012-12-13 16:12 - 000371528 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI167F.txt
2012-12-13 16:12 - 2012-12-13 16:12 - 000361352 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI1699.txt
2012-06-28 01:02 - 2012-06-28 01:02 - 000367112 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI173F.txt
2013-07-15 08:58 - 2013-07-15 08:58 - 000368702 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI1ACC.txt
2011-01-17 21:30 - 2011-01-17 21:30 - 000366992 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI1D22.txt
2013-06-22 09:12 - 2013-06-22 09:12 - 000412862 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI1FE4.txt
2013-12-03 22:52 - 2013-12-03 22:52 - 000418474 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI2141.txt
2011-07-27 11:52 - 2011-07-27 11:53 - 000367376 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI2E77.txt
2013-11-09 22:11 - 2013-11-09 22:11 - 000386868 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI2EBF.txt
2013-03-23 11:05 - 2013-03-23 11:05 - 000370094 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI3067.txt
2011-07-29 11:24 - 2011-07-29 11:24 - 000367098 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI34F2.txt
2013-07-16 21:48 - 2013-07-16 21:48 - 000349926 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI35E5.txt
2015-10-30 20:58 - 2015-10-30 20:58 - 000371774 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI36D4.txt
2015-10-30 20:58 - 2015-10-30 20:58 - 000360662 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI36EE.txt
2012-07-18 20:42 - 2012-07-18 20:43 - 000464870 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI397D.txt
2015-04-29 16:27 - 2015-04-29 16:27 - 000379464 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI3EBA.txt
2011-09-16 11:55 - 2011-09-16 11:55 - 000367098 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI40FC.txt
2012-11-25 14:20 - 2012-11-25 14:20 - 000422980 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI4257.txt
2014-06-27 18:45 - 2014-06-27 18:45 - 000377540 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI440D.txt
2011-11-19 17:28 - 2011-11-19 17:28 - 000365692 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI4895.txt
2013-07-16 22:13 - 2013-07-16 22:13 - 000369334 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI4976.txt
2015-01-22 22:51 - 2015-01-22 22:51 - 000384178 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI4A20.txt
2014-06-22 21:50 - 2014-06-22 21:50 - 000370274 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI4AC6.txt
2015-02-16 11:02 - 2015-02-16 11:02 - 000369676 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI4CD4.txt
2013-11-28 15:36 - 2013-11-28 15:36 - 000376236 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI4D01.txt
2011-04-27 00:11 - 2011-04-27 00:11 - 000421250 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI4F2D.txt
2011-10-10 13:17 - 2011-10-10 13:17 - 000363094 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI5345.txt
2012-12-22 02:18 - 2012-12-22 02:18 - 000413420 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI56C6.txt
2011-06-24 13:09 - 2011-06-24 13:10 - 000366452 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI56F6.txt
2013-07-20 01:48 - 2013-07-20 01:48 - 000371484 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI57CE.txt
2015-01-01 11:36 - 2015-01-01 11:36 - 000380608 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI5C74.txt
2009-11-23 23:55 - 2009-11-23 23:56 - 000427070 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI5C90.txt
2011-10-19 12:09 - 2011-10-19 12:09 - 000367022 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI5E00.txt
2010-11-24 20:02 - 2010-11-24 20:02 - 000368116 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI5E6E.txt
2010-11-24 20:02 - 2010-11-24 20:02 - 000353234 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI5E7B.txt
2012-12-28 20:08 - 2012-12-28 20:08 - 000368926 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI5EAF.txt
2011-10-19 12:11 - 2011-10-19 12:11 - 000418480 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI6007.txt
2012-11-22 14:32 - 2012-11-22 14:32 - 000369452 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI60D2.txt
2015-01-01 11:42 - 2015-01-01 11:42 - 000379144 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI6149.txt
2015-01-01 11:42 - 2015-01-01 11:42 - 000531090 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI616A.txt
2016-12-03 13:19 - 2016-12-03 13:19 - 000379296 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI6CD9.txt
2013-07-16 23:03 - 2013-07-16 23:03 - 000368944 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI6F7A.txt
2012-04-26 15:25 - 2012-04-26 15:25 - 000365796 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI7196.txt
2015-11-27 19:12 - 2015-11-27 19:13 - 000380566 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI71D2.txt
2012-04-26 12:38 - 2012-04-26 12:38 - 000366784 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI71F6.txt
2012-12-21 18:35 - 2012-12-21 18:35 - 000368214 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI746F.txt
2014-12-30 18:22 - 2014-12-30 18:22 - 000401200 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI76C9.txt
2012-11-24 14:27 - 2012-11-24 14:27 - 000367674 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI7946.txt
2012-10-27 12:03 - 2012-10-27 12:03 - 000367094 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistMSI7FA7.txt
2013-01-05 01:40 - 2013-01-05 01:40 - 000092312 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI0019.txt
2010-12-12 01:18 - 2010-12-12 01:18 - 000015530 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI006C.txt
2013-04-22 06:24 - 2013-04-22 06:24 - 000019726 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI01C2.txt
2014-06-28 07:16 - 2014-06-28 07:16 - 000012846 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI0269.txt
2012-11-23 02:27 - 2012-11-23 02:27 - 000014038 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI03CB.txt
2010-01-15 12:40 - 2010-01-15 12:40 - 000011376 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI0452.txt
2013-12-30 01:26 - 2013-12-30 01:27 - 000011248 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI06CF.txt
2015-07-22 20:08 - 2015-07-22 20:08 - 000020280 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI0B50.txt
2012-11-22 23:51 - 2012-11-22 23:51 - 000013934 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI0C65.txt
2013-08-21 12:38 - 2013-08-21 12:38 - 000074178 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI0D79.txt
2013-08-21 12:38 - 2013-08-21 12:38 - 000074226 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI0D8D.txt
2013-02-14 17:37 - 2013-02-14 17:37 - 000014126 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI11D7.txt
2014-10-24 18:41 - 2014-10-24 18:41 - 000012566 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI12E4.txt
2013-07-22 02:29 - 2013-07-22 02:29 - 000012894 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI13D5.txt
2013-03-23 10:29 - 2013-03-23 10:29 - 000229102 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI14BC.txt
2012-12-13 16:12 - 2012-12-13 16:12 - 000011450 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI167F.txt
2012-12-13 16:12 - 2012-12-13 16:12 - 000011434 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI1699.txt
2012-06-28 01:02 - 2012-06-28 01:02 - 000022470 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI173F.txt
2013-07-15 08:58 - 2013-07-15 08:58 - 000011170 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI1ACC.txt
2011-01-17 21:30 - 2011-01-17 21:30 - 000011218 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI1D22.txt
2013-06-22 09:12 - 2013-06-22 09:12 - 000054576 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI1FE4.txt
2013-12-03 22:52 - 2013-12-03 22:52 - 000011184 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI2141.txt
2011-07-27 11:52 - 2011-07-27 11:53 - 000011234 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI2E77.txt
2013-11-09 22:11 - 2013-11-09 22:11 - 000023526 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI2EBF.txt
2013-03-23 11:05 - 2013-03-23 11:05 - 000229054 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI3067.txt
2011-07-29 11:24 - 2011-07-29 11:24 - 000011234 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI34F2.txt
2013-07-16 21:48 - 2013-07-16 21:48 - 000024770 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI35E5.txt
2015-10-30 20:58 - 2015-10-30 20:58 - 000011482 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI36D4.txt
2015-10-30 20:58 - 2015-10-30 20:58 - 000011402 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI36EE.txt
2012-07-18 20:42 - 2012-07-18 20:43 - 000011478 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI397D.txt
2015-04-29 16:27 - 2015-04-29 16:27 - 000011218 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI3EBA.txt
2011-09-16 11:55 - 2011-09-16 11:55 - 000011234 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI40FC.txt
2012-11-25 14:20 - 2012-11-25 14:20 - 000061072 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI4257.txt
2014-06-27 18:45 - 2014-06-27 18:45 - 000011218 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI440D.txt
2011-11-19 17:28 - 2011-11-19 17:28 - 000011170 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI4895.txt
2013-07-16 22:13 - 2013-07-16 22:13 - 000024754 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI4976.txt
2015-01-22 22:51 - 2015-01-22 22:51 - 000042926 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI4A20.txt
2014-06-22 21:50 - 2014-06-22 21:50 - 000011450 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI4AC6.txt
2015-02-16 11:02 - 2015-02-16 11:02 - 000011402 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI4CD4.txt
2013-11-28 15:36 - 2013-11-28 15:36 - 000011170 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI4D01.txt
2011-04-27 00:11 - 2011-04-27 00:11 - 000014124 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI4F2D.txt
2011-10-10 13:17 - 2011-10-10 13:17 - 000011392 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI5345.txt
2012-12-22 02:18 - 2012-12-22 02:18 - 000076480 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI56C6.txt
2011-06-24 13:09 - 2011-06-24 13:10 - 000012846 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI56F6.txt
2013-07-20 01:48 - 2013-07-20 01:48 - 000023206 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI57CE.txt
2015-01-01 11:36 - 2015-01-01 11:36 - 000019950 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI5C74.txt
2009-11-23 23:55 - 2009-11-23 23:56 - 000011658 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI5C90.txt
2011-10-19 12:09 - 2011-10-19 12:09 - 000023058 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI5E00.txt
2010-11-24 20:02 - 2010-11-24 20:02 - 000015554 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI5E6E.txt
2010-11-24 20:02 - 2010-11-24 20:02 - 000015234 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI5E7B.txt
2012-12-28 20:08 - 2012-12-28 20:08 - 000035802 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI5EAF.txt
2011-10-19 12:11 - 2011-10-19 12:11 - 000023056 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI6007.txt
2012-11-22 14:32 - 2012-11-22 14:32 - 000011250 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI60D2.txt
2015-01-01 11:42 - 2015-01-01 11:42 - 000019940 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI6149.txt
2015-01-01 11:42 - 2015-01-01 11:43 - 000021252 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI616A.txt
2011-02-24 19:51 - 2011-02-24 19:51 - 000018194 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI6A6D.txt
2016-12-03 13:19 - 2016-12-03 13:19 - 000013862 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI6CD9.txt
2013-07-16 23:03 - 2013-07-16 23:03 - 000024738 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI6F7A.txt
2012-04-26 15:25 - 2012-04-26 15:25 - 000027910 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI7196.txt
2015-11-27 19:12 - 2015-11-27 19:13 - 000029726 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI71D2.txt
2012-04-26 12:38 - 2012-04-26 12:38 - 000027710 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI71F6.txt
2012-12-21 18:35 - 2012-12-21 18:35 - 000076754 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI746F.txt
2014-12-30 18:22 - 2014-12-30 18:22 - 000014248 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI76C9.txt
2012-11-24 14:27 - 2012-11-24 14:27 - 000015602 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI7946.txt
2012-10-27 12:03 - 2012-10-27 12:03 - 000015922 _____ () C:\Users\Hayes 2\AppData\Local\dd_vcredistUI7FA7.txt
2010-02-22 08:29 - 2010-02-23 12:38 - 000008842 ___SH () C:\Users\Hayes 2\AppData\Local\e1wnOl
2009-08-20 21:10 - 2009-08-20 21:10 - 000000095 _____ () C:\Users\Hayes 2\AppData\Local\fusioncache.dat
2010-02-07 00:45 - 2010-02-07 00:45 - 000000036 _____ () C:\Users\Hayes 2\AppData\Local\housecall.guid.cache
2009-06-13 09:04 - 2009-06-13 09:30 - 000113116 _____ () C:\Users\Hayes 2\AppData\Local\installer.log
2012-10-04 17:28 - 2012-10-04 17:28 - 001145382 _____ () C:\Users\Hayes 2\AppData\Local\Tempmusic.ogg
2009-12-22 19:23 - 2015-02-16 11:02 - 000820556 _____ () C:\Users\Hayes 2\AppData\Local\uxeventlog.txt
2014-05-26 10:20 - 2014-05-26 10:20 - 000045310 _____ () C:\ProgramData\1401117604.bdinstall.bin
2014-05-26 10:21 - 2014-05-26 10:21 - 000002061 _____ () C:\ProgramData\1401117673.3724.bin
2014-05-26 10:21 - 2014-05-26 10:21 - 000041598 _____ () C:\ProgramData\1401117673.4676.bin
2014-05-26 10:34 - 2014-05-26 10:34 - 000202495 _____ () C:\ProgramData\1401118297.bdinstall.bin
2014-11-08 13:04 - 2014-11-08 13:04 - 000037602 _____ () C:\ProgramData\1415469871.bdinstall.bin
2014-11-08 13:06 - 2014-11-08 13:06 - 000095585 _____ () C:\ProgramData\1415469873.bdinstall.bin
2016-10-01 22:06 - 2016-10-01 22:06 - 000202696 _____ () C:\ProgramData\1475377497.bdinstall.bin
2017-10-17 19:48 - 2017-10-17 19:48 - 000037602 _____ () C:\ProgramData\1508287714.bdinstall.bin
2017-10-17 19:48 - 2017-10-17 19:48 - 000044477 _____ () C:\ProgramData\1508287719.1908.bin
2017-10-17 19:48 - 2017-10-17 19:48 - 000003945 _____ () C:\ProgramData\1508287719.1972.bin
2017-10-17 19:48 - 2017-10-17 19:48 - 000004488 _____ () C:\ProgramData\1508287719.1976.bin
2017-10-17 19:48 - 2017-10-17 19:48 - 000038421 _____ () C:\ProgramData\1508287719.2036.bin
2009-11-12 21:39 - 2013-07-22 16:29 - 000000088 __RSH () C:\ProgramData\CCBA285129.sys
2014-09-16 12:51 - 2014-09-16 12:53 - 000000320 _____ () C:\ProgramData\high.txt
2009-11-12 17:11 - 2013-07-22 16:30 - 000003350 ___SH () C:\ProgramData\KGyGaAvL.sys
2009-09-25 17:48 - 2009-09-25 17:48 - 000005184 _____ () C:\ProgramData\N360BUOptions.ini
2013-01-10 16:24 - 2013-01-10 16:24 - 000033958 _____ () C:\ProgramData\uninstaller.exe

Files to move or delete:
====================
C:\ProgramData\uninstaller.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-17 20:14

==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2017
Ran by Hayes 2 (17-10-2017 21:36:37)
Running from C:\Users\Hayes 2\Downloads
Windows Vista ™ Home Premium Service Pack 2 (X64) (2009-04-07 19:28:06)
Boot Mode: Safe Mode (with Networking)
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1094520485-351602351-698667415-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1094520485-351602351-698667415-1005 - Limited - Enabled)
Guest (S-1-5-21-1094520485-351602351-698667415-501 - Limited - Enabled)
Hayes 2 (S-1-5-21-1094520485-351602351-698667415-1000 - Administrator - Enabled) => C:\Users\Hayes 2

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Edition (Disabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1001 Nights: The Adventures Of Sindbad (HKLM-x32\...\1001 Nights: The Adventures Of Sindbad) (Version:  - Alawar Entertainment Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Download Manager (HKLM-x32\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.102 - NOS Microsystems Ltd.)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.17) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.)
Age of Enigma (HKLM-x32\...\{CDCE9215-CFB4-45A2-B4E1-7B95F87B0416}) (Version: 1.00.0000 - Valusoft)
Age of Mahjong (HKLM-x32\...\Age of Mahjong) (Version: 1.0 - Viva Media, LLC)
Agere Systems PCI-SV92PP Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
AIM 6 (HKLM-x32\...\AIM_6) (Version:  - )
Aimersoft DRM Media Converter(Build 1.5.3.0) (HKLM-x32\...\Aimersoft DRM Media Converter_is1) (Version:  - Aimersoft Software)
aioprnt (HKLM-x32\...\{59B73DDC-593A-4D02-B9CA-1D8C9F912324}) (Version: 4.00.0000.0000 - Eastman Kodak Company) Hidden
aioscnnr (HKLM-x32\...\{074AED0D-DD1C-432A-B38D-F8733604033F}) (Version: 4.00.0000.0000 - Eastman Kodak Company) Hidden
aioscnnr (HKLM-x32\...\{EF53BFAB-4C10-40DB-A82D-9B07111715C6}) (Version: 7.6.13.10 - Your Company Name) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alabama Smith - Escape from Pompeii (HKLM-x32\...\Alabama Smith - Escape from Pompeii) (Version: 1.0 - Viva Media, LLC)
Alabama Smith - Quest of Fate (HKLM-x32\...\Alabama Smith - Quest of Fate) (Version: 1.0 - Viva Media, LLC)
Alexandra Fortune - Mystery of the Lunar Archipelago (HKLM-x32\...\Alexandra Fortune - Mystery of the Lunar Archipelago) (Version: 1.0 - Viva Media, LLC)
Amanda Rose Game of Time (HKLM-x32\...\Amanda Rose Game of Time) (Version: 1.0 - Viva Media, LLC)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
AVerMedia M791 PCIe Combo NTSC/ATSC 6.104.64.5 (HKLM-x32\...\AVerMedia M791 PCIe Combo NTSC/ATSC) (Version: 6.104.64.5 - AVerMedia TECHNOLOGIES, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Behind the Reflection (HKLM-x32\...\Behind the Reflection) (Version:  - Alawar Entertainment Inc.)
Bejeweled 2 Deluxe (remove only) (HKLM-x32\...\Bejeweled 2 Deluxe) (Version:  - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1109 - Bitdefender)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Burnout™ Paradise The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.0.0.0 - Electronic Arts)
Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\{B32C4059-6E7A-41EF-AD20-56DF1872B923}) (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Cabela's Outdoor Adventures (HKLM-x32\...\{2FB82D0D-D118-41A6-A616-E8DC16358E03}) (Version: 1.00.0000 - Activision)
Cabela's Outdoor Adventures (HKLM-x32\...\{D0B2AA8F-CC52-4298-A48E-A9BA169546B6}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (HKLM-x32\...\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: 1.6 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (HKLM-x32\...\{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: 1.7 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version:  - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
CCScore (HKLM-x32\...\{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}) (Version: 7.00.0000.0001 - EASTMAN KODAK Company) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6321 - CDBurnerXP)
center (HKLM-x32\...\{56BA241F-580C-43D2-8403-947241AAE633}) (Version: 7.8.0.0 - Eastman Kodak Company) Hidden
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Clive Barker's Undying (HKLM-x32\...\{631A0B87-B0B7-4B47-00A2-119A4B942EB6}) (Version:  - )
Clive Barker's Undying (HKLM-x32\...\GOGPACKUNDYING_is1) (Version: 2.0.0.5 - GOG.com)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel WordPerfect Office - iFilter 64 Bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.01.000 - Corel Corporation)
CPUID HWMonitor 1.31 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crimson Editor (remove only) (HKLM-x32\...\Crimson Editor) (Version:  - )
Crimson Editor SVN263 (HKLM-x32\...\Crimson Editor SVN263) (Version: SVN263 - Emerald Editor Community)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0.5415 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.2019 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2115 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2103a - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Derrick (HKLM-x32\...\Derrick) (Version:  - )
Desktop Icon Position Saver (64-bit) (HKLM-x32\...\dips64) (Version:  - )
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dolby Control Center (HKLM\...\{20387B45-18A4-4D48-ABD9-A23D2CBE42B3}) (Version: 2.2.3 - Dolby)
Dolby Control Center (HKLM\...\{70E8EBD5-78C9-4258-B20A-5098CCA000F0}) (Version: 1.1.0601 - Dolby)
doubleTwist (HKLM-x32\...\doubleTwist) (Version: 3.2.1.14961 - doubleTwist Corporation)
Dreamwoods 2 (HKLM-x32\...\Dreamwoods 2) (Version: 1.0 - Viva Media, LLC)
Dungeons & Dragons Online v2600.0045.9717.4070 (HKLM-x32\...\bc8a6440-918f-11dd-ad8b-0800200c9a66_is1) (Version: 2600.0045.9717.4070 - Standing Stone Games, LLC)
Echoes of Sorrow (HKLM-x32\...\Echoes of Sorrow) (Version: 1.0 - Alawar Entertainment Inc.)
Echoes of Sorrow 2 (HKLM-x32\...\Echoes of Sorrow 2) (Version: 1.0 - Viva Media, LLC)
Elementary My Dear Majesty! (HKLM-x32\...\Elementary My Dear Majesty! ) (Version: 1.0 - Alawar Entertainment Inc.)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 6.0 - Emsi Software GmbH)
Enchanted Cavern (HKLM-x32\...\Enchanted Cavern) (Version: 1.0 - Alawar Entertainment Inc.)
Enchanted Cavern 2 (HKLM-x32\...\Enchanted Cavern 2 ) (Version: 1.0 - Alawar Entertainment Inc.)
Epic Escapes Dark Seas (HKLM-x32\...\Epic Escapes Dark Seas) (Version: 1.0 - Viva Media, LLC)
ESSBrwr (HKLM-x32\...\{643EAE81-920C-4931-9F0B-4B343B225CA6}) (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (HKLM-x32\...\{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}) (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (HKLM-x32\...\{42938595-0D83-404D-9F73-F8177FDD531A}) (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
essentials (HKLM-x32\...\{BE94C681-68E2-4561-8ABC-8D2E799168B4}) (Version: 7.8.0.0 - Eastman Kodak Company) Hidden
ESSgui (HKLM-x32\...\{91517631-A9F3-4B7C-B482-43E0068FD55A}) (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSini (HKLM-x32\...\{8E92D746-CD9F-4B90-9668-42B74C14F765}) (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPCD (HKLM-x32\...\{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}) (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
ESSTOOLS (HKLM-x32\...\{8A502E38-29C9-49FA-BCFA-D727CA062589}) (Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (HKLM-x32\...\{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}) (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
Fable - The Lost Chapters (HKLM-x32\...\{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Fable - The Lost Chapters (HKLM-x32\...\InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}) (Version: 1.00.0000 - Microsoft Game Studios)
Fallout (HKLM-x32\...\Fallout) (Version:  - )
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
FileZilla Client 3.25.1 (HKLM-x32\...\FileZilla Client) (Version: 3.25.1 - Tim Kosse)
Finding Doggy (HKLM-x32\...\Finding Doggy) (Version: 1.0 - Alawar Entertainment Inc.)
Fishing Craze (HKLM-x32\...\WTA-05ee1757-16ac-4048-96d2-0495778f15e4) (Version: 2.2.0.97 - WildTangent) Hidden
FrostWire 5.5.1 (HKLM-x32\...\FrostWire 5) (Version: 5.5.1.0 - FrostWire Team)
Frozen Kingdom (HKLM-x32\...\Frozen Kingdom ) (Version: 1.0 - Alawar Entertainment Inc.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.0.0.0 - Futuremark Corporation)
Gateway Games (HKLM-x32\...\WildTangent gateway Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.1.3003 - Acer Incorporated)
Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3503 - Gateway Incorporated)
getPlus® Download Manager for Corel (HKLM-x32\...\{459E93B6-150E-45d5-8D4B-45C66FC035FE}) (Version: 1.5.0.56 - NOS Microsystems Ltd.)
Glary Utilities 5.77 (HKLM-x32\...\Glary Utilities 5) (Version: 5.77.0.98 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.1 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.5 - Google Inc.) Hidden
Gourmania (HKLM-x32\...\Gourmania) (Version:  - Alawar Entertainment Inc.)
Gourmania 2 Kitchen Confidential (HKLM-x32\...\Gourmania 2 Kitchen Confidential) (Version: 1.0 - Viva Media, LLC)
Gourmania 3: Zoo Zoom (HKLM-x32\...\Gourmania 3: Zoo Zoom) (Version: 1.0 - Alawar Entertainment Inc.)
Governor of Poker (HKLM-x32\...\{6972FD5E-01D0-4742-8EB0-A0D351CF28FF}) (Version: 1.0.0 - Youdagames)
Governor of Poker 2 SE (HKLM-x32\...\{394CD66F-A978-4F75-BFFB-1F0A0CAA8AE5}) (Version: 1.0.0 - Youdagames)
Grace's Quest: To Catch An Art Thief (HKLM-x32\...\Grace's Quest: To Catch An Art Thief) (Version:  - Alawar Entertainment Inc.)
Hamlet (HKLM-x32\...\Hamlet) (Version:  - Alawar Entertainment Inc.)
Haunted Domains (HKLM-x32\...\Haunted Domains) (Version: 1.0 - Alawar Entertainment Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes Of Hellas (HKLM-x32\...\Heroes Of Hellas) (Version:  - Alawar Entertainment Inc.)
Heroes of Hellas 2: Olympia (HKLM-x32\...\Heroes of Hellas 2: Olympia) (Version:  - Alawar Entertainment Inc.)
Hidden World (HKLM-x32\...\Hidden World) (Version: 1.0 - Alawar Entertainment Inc.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Holly 2 - Magic Land (HKLM-x32\...\Holly 2 - Magic Land) (Version:  - Alawar Entertainment Inc.)
Holly. A Christmas Tale Deluxe (HKLM-x32\...\Holly. A Christmas Tale Deluxe) (Version: 1.0 - Alawar Entertainment Inc.)
Hunting Unlimited 2010 (HKLM-x32\...\WTA-d0fdda43-d4d3-474d-b373-59ddfe15c247) (Version: 2.2.0.95 - WildTangent) Hidden
Hunting Unlimited 2011 (HKLM-x32\...\WTA-d2d44924-fec9-43d8-8514-2432fffea385) (Version: 2.2.0.95 - WildTangent) Hidden
IL-2 Sturmovik 1946 (HKLM-x32\...\{79438F1E-DEC3-443D-9DCD-FECE2D68C605}) (Version: 1.00.0000 - Ubisoft) Hidden
IL-2 Sturmovik 1946 (HKLM-x32\...\InstallShield_{79438F1E-DEC3-443D-9DCD-FECE2D68C605}) (Version: 1.00.0000 - Ubisoft)
Impulse (HKLM-x32\...\{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}) (Version: 1.0 - Stardock Corporation) Hidden
Impulse (HKLM-x32\...\Impulse) (Version: 1.0 - Stardock)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
JetClean (HKLM-x32\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig)
Joan Jade and the Gates of Xibalba (HKLM-x32\...\Joan Jade and the Gates of Xibalba) (Version:  - Alawar Entertainment Inc.)
Journey of Hope (HKLM-x32\...\Journey of Hope) (Version:  - Alawar Entertainment Inc.)
Juniper Networks Network Connect 7.3.0 (HKLM-x32\...\Juniper Network Connect 7.3.0) (Version: 7.3.0.23377 - Juniper Networks)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KB0817 Keyboard Driver (HKLM-x32\...\{ED5DCA6F-5FEA-47CB-83DB-210A468C298B}) (Version: 1.30.0000 - Gateway)
kgcbaby (HKLM-x32\...\{E18B549C-5D15-45DA-8D8F-8FD2BD946344}) (Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgchday (HKLM-x32\...\{11F3F858-4131-4FFA-A560-3FE282933B6E}) (Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgchlwn (HKLM-x32\...\{03EDED24-8375-407D-A721-4643D9768BE1}) (Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgcinvt (HKLM-x32\...\{9BD54685-1496-46A5-AB62-357CD140ED8B}) (Version: 5.03.0000.0003 - EASTMAN KODAK Company) Hidden
kgckids (HKLM-x32\...\{693C08A7-9E76-43FF-B11E-9A58175474C4}) (Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgcmove (HKLM-x32\...\{A1588373-1D86-4D44-86C9-78ABD190F9CC}) (Version: 5.03.0000.0003 - EASTMAN KODAK Company) Hidden
kgcvday (HKLM-x32\...\{8A8664E1-84C8-4936-891C-BC1F07797549}) (Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
KhalInstallWrapper (HKLM\...\{F3F18612-7B5D-4C05-86C9-AB50F6F71727}) (Version: 4.60.122 - Logitech) Hidden
Kidnapped in the City (HKLM-x32\...\Kidnapped in the City) (Version: 1.0 - Viva Media, LLC)
Kodak AIO Printer (HKLM\...\{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}) (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
Kodak EasyShare software (HKLM-x32\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version:  - Eastman Kodak Company)
League of Legends (HKLM-x32\...\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\{95C5F81D-0779-4932-BE83-32AAF814F4B9}) (Version: 1.0020 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Legends of Eternity (HKLM-x32\...\{AD1D5DEA-63C8-4AA6-B29A-12B4D413F9B2}) (Version: 1.0.0 - On Hand Software)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.81 (HKLM\...\Logitech Gaming Software) (Version: 8.81.15 - Logitech Inc.)
Loki ActiveX Control (HKLM-x32\...\Loki ActiveX Control) (Version: 3.1.0.05 - SkyhookWireless)
LSI PCI-SV92PP Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Magic Encyclopedia - Moon Light (HKLM-x32\...\Magic Encyclopedia - Moon Light) (Version:  - Alawar Entertainment Inc.)
Magic Encyclopedia 3: Illusions (HKLM-x32\...\Magic Encyclopedia 3: Illusions) (Version:  - Alawar Entertainment Inc.)
Magic Encyclopedia. First Story (HKLM-x32\...\Magic Encyclopedia. First Story) (Version:  - Alawar Entertainment Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Meridian 59 (HKLM-x32\...\Meridian 59) (Version:  - )
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version:  - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Money Essentials (HKLM-x32\...\Money2007b) (Version: 16 - Microsoft)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 - English (HKLM-x32\...\{90140011-0061-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minds Eye - Secrets of the Forgotten (HKLM-x32\...\Minds Eye - Secrets of the Forgotten) (Version: 1.0 - Viva Media, LLC)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Monopoly (HKLM-x32\...\{6517CFDF-B7A4-77B6-2371-C76608D3C976}) (Version: 3.4.7.22 - Yahoo) Hidden
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.3.9 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{DEAD13D3-BC70-4AAE-AEF9-BE6297E106D1}) (Version: 13.02.1402 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.0.0 (HKLM\...\{C5A22A98-AC82-4404-BFB0-1E9F654EB176}) (Version: 6.0.0 - Motorola Inc.) Hidden
Mozilla Firefox 52.1.1 ESR (x86 en-US) (HKLM-x32\...\Mozilla Firefox 52.1.1 ESR (x86 en-US)) (Version: 52.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.1.1.6333 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mysteries of Ancient Inventors - Atlantis (HKLM-x32\...\Mysteries of Ancient Inventors - Atlantis) (Version: 1.0 - Viva Media, LLC)
Mysteries of Horus (HKLM-x32\...\Mysteries of Horus) (Version: 1.0 - Viva Media, LLC)
Mystery 101 (HKLM-x32\...\Mystery 101) (Version: 2.00.14.01.27 - Selectsoft Publishing)
Mystery Cookbook (HKLM-x32\...\Mystery Cookbook) (Version:  - Alawar Entertainment Inc.)
Mystery Cruise (HKLM-x32\...\Mystery Cruise) (Version:  - Alawar Entertainment Inc.)
Natalie Brooks - Mystery at Hillcrest High (HKLM-x32\...\Natalie Brooks - Mystery at Hillcrest High) (Version:  - Alawar Entertainment Inc.)
Natalie Brooks - Secrets of Treasure House (HKLM-x32\...\Natalie Brooks - Secrets of Treasure House) (Version:  - Alawar Entertainment Inc.)
Natalie Brooks - The Treasures of the Lost Kingdom (HKLM-x32\...\Natalie Brooks - The Treasures of the Lost Kingdom ) (Version: 1.0 - Alawar Entertainment Inc.)
National Geographic Plan It Green (HKLM-x32\...\{A20A8B9F-12CD-4E5A-8CB1-65964C1937DB}) (Version: 1.0.0 - Masque Publishing)
netbrdg (HKLM-x32\...\{4537EA4B-F603-4181-89FB-2953FC695AB1}) (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
nProtect Security Platform (HKLM-x32\...\{660906E9-B965-4678-88D6-B6AE237FE41D}) (Version: 3.00.0000 - INCAInternet) Hidden
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version:  - )
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OfotoXMI (HKLM-x32\...\{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}) (Version: 7.02.0000.0001 - EASTMAN KODAK Company) Hidden
OLYMPUS CAMEDIA Master 2.0 (HKLM-x32\...\OLYMPUS CAMEDIA Master 2.0) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4 (HKLM-x32\...\{51071D66-D034-4239-94E0-723FCA10B6FE}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
Pet Show Craze (HKLM-x32\...\Pet Show Craze) (Version:  - Alawar Entertainment Inc.)
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
Pokémon Trading Card Game Online (HKLM-x32\...\{0A1F8721-8B7C-4100-9E9E-30A2CC597996}) (Version: 2.38.0 - The Pokémon Company International)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Port Royale 3 (HKLM-x32\...\{E07A21E5-1C16-41E7-9617-2D38CF3A642C}) (Version: 1.2.1.0 - Gaming Minds Studios GmbH)
PreReq (HKLM-x32\...\{DA5BDB2A-12F0-4343-8351-21AAEB293990}) (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Pulse Secure Setup Client (HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\Juniper_Setup_Client) (Version: 8.1.6.61491 - Pulse Secure, LLC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PVSonyDll (HKLM\...\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}) (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Quake - The Offering (HKLM-x32\...\1435828198_is1) (Version: 2.0.0.6 - GOG.com)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{EFC1B3CA-9B90-458D-AD7A-A0F2CD6F4A84}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Resonance (HKLM-x32\...\GOGPACKRESONANCE_is1) (Version: 2.0.0.8 - GOG.com)
Respondus LockDown Browser (HKLM-x32\...\{C0E5147E-C9F3-4360-9ED0-2E875F11766C}) (Version: 1.02.0001 - Respondus, Inc.)
RivalGaming (HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\RivalGaming) (Version:  - RivalGaming)
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Roblox Player for Hayes 2 (HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - Roblox Corporation)
ROBLOX Studio 2013 for Hayes 2 (HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Sable Maze: Norwich Caves (HKLM-x32\...\BFG-Sable Maze - Norwich Caves) (Version:  - )
Sable Maze: Sullivan River (HKLM-x32\...\BFG-Sable Maze - Sullivan River) (Version:  - )
Sea Bounty - Dead Man's Chest (HKLM-x32\...\Sea Bounty - Dead Man's Chest) (Version:  - Alawar Entertainment Inc.)
Segoe UI (HKLM-x32\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Settlement: Colossus (HKLM-x32\...\Settlement: Colossus) (Version:  - Alawar Entertainment Inc.)
SFR (HKLM-x32\...\{DB02F716-6275-42E9-B8D2-83BA2BF5100B}) (Version: 7.01.0000.0003 - Eastman Kodak Company) Hidden
SHASTA (HKLM-x32\...\{605A4E39-613C-4A12-B56F-DEFBE6757237}) (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
skin0001 (HKLM-x32\...\{5316DFC9-CE99-4458-9AB3-E8726EDE0210}) (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
SKINXSDK (HKLM-x32\...\{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}) (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
Sky Kingdoms (HKLM-x32\...\Sky Kingdoms) (Version:  - Alawar Entertainment Inc.)
SmartCopy (HKLM-x32\...\{B7BD291B-D415-4484-89A4-82077504BE93}_is1) (Version:  - Northstar Systems Corp.)
SmartLauncher (HKLM-x32\...\{57634571-FD82-4BEC-B822-A1ED7765474F}_is1) (Version:  - Northstar Systems Corp.)
Soul Journey (HKLM-x32\...\Soul Journey) (Version: 1.0 - Alawar Entertainment Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spelling Dictionaries Support For Adobe Reader 8 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
Sprill - The Mystery of The Bermuda Triangle (HKLM-x32\...\Sprill - The Mystery of The Bermuda Triangle) (Version:  - Alawar Entertainment Inc.)
Sprill and Ritchie - Adventures In Time (HKLM-x32\...\Sprill and Ritchie - Adventures In Time) (Version:  - Alawar Entertainment Inc.)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 12.0.0.15 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
staticcr (HKLM-x32\...\{8943CE61-53BD-475E-90E1-A580869E98A2}) (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Summer Resort Mogul 1.0 (HKLM-x32\...\Summer Resort Mogul) (Version: 1.0 - Viva Media, LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1210 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Checkup 3.3 (HKLM-x32\...\{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1) (Version: 3.3.2.9 - iolo technologies, LLC)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
The Curse Of Montezuma (HKLM-x32\...\The Curse Of Montezuma) (Version:  - Alawar Entertainment Inc.)
The Enchanting Islands (HKLM-x32\...\The Enchanting Islands) (Version:  - Alawar Entertainment Inc.)
The Jolly Gang's Misadventures in Africa (HKLM-x32\...\The Jolly Gang's Misadventures in Africa) (Version: 1.0 - Alawar Entertainment Inc.)
The Lost Cases of Sherlock Holmes (HKLM-x32\...\The Lost Cases of Sherlock Holmes) (Version:  - )
The Saboteur (HKLM-x32\...\1403000599_is1) (Version: 2.1.0.4 - GOG.com)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Treasures Of Montezuma (HKLM-x32\...\The Treasures Of Montezuma) (Version:  - Alawar Entertainment Inc.)
The Treasures Of Montezuma 2 (HKLM-x32\...\The Treasures Of Montezuma 2) (Version:  - Alawar Entertainment Inc.)
The Treasures Of Mystery Island (HKLM-x32\...\The Treasures Of Mystery Island) (Version:  - Alawar Entertainment Inc.)
The Trouble With Robots (HKLM-x32\...\The Trouble With Robots) (Version: 1.0 - Viva Media, LLC)
The Ultimate DOOM (HKLM-x32\...\1435827232_is1) (Version: 2.0.0.3 - GOG.com)
Towers of Oz (HKLM-x32\...\Towers of Oz) (Version: 1.0 - Viva Media, LLC)
Treasure Masters, Inc. (HKLM-x32\...\Treasure Masters, Inc.) (Version:  - Alawar Entertainment Inc.)
Treasures of Mystery Island 2 Gates of Fate (HKLM-x32\...\Treasures of Mystery Island 2 Gates of Fate) (Version: 1.0 - Viva Media, LLC)
Typing Instructor Deluxe 17 (HKLM-x32\...\{849F666B-0C95-49AC-8E9B-90DDE2127D74}) (Version: 2.0 - Individual Software Inc.)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UE3Redist (HKLM-x32\...\{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games) Hidden
UE3Redist (HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games)
Ultima (HKLM-x32\...\1207662593_is1) (Version: 2.1.0.8 - GOG.com)
Undercover PI (HKLM-x32\...\Undercover PI) (Version:  - Alawar Entertainment Inc.)
Unity Web Player (HKLM-x32\...\UnityWebPlayer) (Version: 2.5.4b5_38 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Vampire Mansion (HKLM-x32\...\Vampire Mansion) (Version: 1.0 - Viva Media, LLC)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Video Converter (HKLM-x32\...\Video Converter) (Version: 1 - SweetPacks) Hidden <==== ATTENTION
Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version:  - )
Village Mage Spellbinder (HKLM-x32\...\Village Mage Spellbinder) (Version: 1.0 - Viva Media, LLC)
Visual Basic 5.0 (HKLM-x32\...\ST5UNST #1) (Version:  - )
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
VPRINTOL (HKLM-x32\...\{999D43F4-9709-4887-9B1A-83EBB15A8370}) (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\Warcraft III) (Version:  - )
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-gateway) (Version: 4.0.10.5 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation)
WIRELESS (HKLM-x32\...\{F9593CFB-D836-49BC-BFF1-0E669A411D9F}) (Version: 7.02.0000.0001 - EASTMAN KODAK Company) Hidden
Wise Care 365 4.64 (HKLM-x32\...\Wise Care 365_is1) (Version: 4.64 - WiseCleaner.com, Inc.)
Wise Care 365 version 2.87 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.87 - WiseCleaner.com, Inc.)
Witch Hunters: Stolen Beauty (HKLM-x32\...\BFG-Witch Hunters - Stolen Beauty) (Version:  - )
WordPerfect Lightning - EN (HKLM-x32\...\{4873CC58-69D8-490D-9E5C-001DC2EE2100}) (Version: 1.0 - Corel Corporation) Hidden
WordPerfect Lightning - IPM (HKLM-x32\...\{4873CC58-69D8-490D-9E5C-001DC2EE2020}) (Version: 1.0 - Corel Corporation) Hidden
WordPerfect Lightning - Messages (HKLM-x32\...\{4873CC58-69D8-490D-9E5C-001DC2EE2010}) (Version: 1.0 - Corel Corporation) Hidden
WordPerfect Lightning - MSOM (HKLM-x32\...\{F6EE49FD-B736-4888-A05A-115F3B1160FA}) (Version: 1.1 - Corel Corporation) Hidden
WordPerfect Lightning (HKLM-x32\...\{4873CC58-69D8-490D-9E5C-001DC2EE2000}) (Version: 1.0 - Corel Corporation) Hidden
WordPerfect Office X4 - Common (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529010}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - Content (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529014}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - EN (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529100}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - Filters (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529017}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - Graphics (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529018}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - ICA (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529001}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - IPM (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529040}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - IPM T EN (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529046}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - MAIL (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529080}) (Version: 14.1 - Corel Corporation) Hidden
WordPerfect Office X4 - Migration Manager (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529030}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - PerfectExperts (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529050}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - PR (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529013}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - QP (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529012}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - Skins (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529016}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - System (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529023}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 - WP (HKLM-x32\...\{DCDAB2ED-5741-4C30-A1A4-0FCB8A529011}) (Version: 14.2 - Corel Corporation) Hidden
WordPerfect Office X4 (HKLM-x32\...\_{DCDAB2ED-5741-4C30-A1A4-0FCB8A529001}) (Version:  - Corel Corporation)
WordPerfect Office X4 (HKLM-x32\...\{000AB2ED-5741-4C30-A1A4-0FCB8A529000}) (Version: 14.2 - Corel Corporation) Hidden
WORLD of JOYSTICKS Emulator Extreme Edition (HKLM-x32\...\{845D7EFF-9CC8-41F1-A055-D2CBD041F47C}) (Version: 1.6.3 - Timur Terekhov)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Youda Fairy (HKLM-x32\...\{566124BE-D9C3-47F5-89C2-186AFE183A85}) (Version: 1.0.0 - Youdagames)
Youda Farmer (HKLM-x32\...\{CA256FA1-4CF9-492C-98A6-6E451F83AEC3}) (Version: 1.0.0 - Youdagames)
Youda Farmer 2 - Save the village (HKLM-x32\...\{0767C3F2-6BB7-41BC-82FB-5E59AA0A6B37}) (Version: 1.0.0 - Youdagames)
Youda Legend The Curse of the Amsterdam Diamond (HKLM-x32\...\{43F1F130-66ED-4D50-8475-393312149C5D}) (Version: 1.0.0 - Youdagames)
Youda Legend The Golden Bird of Paradise (HKLM-x32\...\{463BAA5A-E934-4D21-90D8-862D72A8E5F9}) (Version: 1.0.0 - Youdagames)
Youda Marina (HKLM-x32\...\{5411B815-2958-4F4F-B985-AFF0C38A15B2}) (Version: 1.0.0 - Youdagames)
Youda Safari (HKLM-x32\...\{03E148A0-D333-4E49-9F39-EE19900E0642}) (Version: 1.0.0 - Youdagames)
Youda Survivor (HKLM-x32\...\{7CCA1187-B1A5-44F1-BB26-2DAD6B6061C2}) (Version: 1.0.0 - Youdagames)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-17] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-17] (AVAST Software)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers1: [Gonzales] -> {A50F8401-953F-4C11-8B77-1278C6C7C3F4} => C:\Program Files\Bitdefender\Antivirus Free Edition\GzShellIntegration.dll [2016-03-02] (Bitdefender)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> No File
ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> No File
ContextMenuHandlers2-x32: [a-squared Anti-Malware Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files (x86)\Emsisoft Anti-Malware\a2contmenu.dll [2015-03-20] (Emsisoft GmbH)
ContextMenuHandlers2-x32: [a-squared Anti-Malware Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files (x86)\Emsisoft Anti-Malware\a2contmenu64.dll [2015-03-20] (Emsisoft GmbH)
ContextMenuHandlers2-x32: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers2-x32-x32: [QuickFinderMenu] -> {fa5934ef-b87c-4e63-b33c-30d066cac810} => c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\PFSE140.DLL [2009-06-22] (Corel Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-17] (AVAST Software)
ContextMenuHandlers3-x32: [a-squared Anti-Malware Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files (x86)\Emsisoft Anti-Malware\a2contmenu.dll [2015-03-20] (Emsisoft GmbH)
ContextMenuHandlers3-x32: [a-squared Anti-Malware Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files (x86)\Emsisoft Anti-Malware\a2contmenu64.dll [2015-03-20] (Emsisoft GmbH)
ContextMenuHandlers3-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers4-x32: [QuickFinderMenu] -> {fa5934ef-b87c-4e63-b33c-30d066cac810} => c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\PFSE140.DLL [2009-06-22] (Corel Corporation)
ContextMenuHandlers4-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-01-22] (NVIDIA Corporation)
ContextMenuHandlers6-x32: [a-squared Anti-Malware Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files (x86)\Emsisoft Anti-Malware\a2contmenu.dll [2015-03-20] (Emsisoft GmbH)
ContextMenuHandlers6-x32: [a-squared Anti-Malware Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files (x86)\Emsisoft Anti-Malware\a2contmenu64.dll [2015-03-20] (Emsisoft GmbH)
ContextMenuHandlers6-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-17] (AVAST Software)
ContextMenuHandlers6-x32: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers6-x32: [Gonzales] -> {A50F8401-953F-4C11-8B77-1278C6C7C3F4} => C:\Program Files\Bitdefender\Antivirus Free Edition\GzShellIntegration.dll [2016-03-02] (Bitdefender)
ContextMenuHandlers6-x32: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4F80DEFD-9D40-4818-8A95-07CB3AB4B35A} - \StormFall W2 -> No File <==== ATTENTION
Task: {520E53B0-E31A-4925-9D49-AA065419B9A7} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] ()
Task: {75A5A8EE-3536-40D3-9EC1-CC899A2D9762} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7771D528-CF1C-4266-A422-9A905914B4DB} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] ()
Task: {85495B00-F837-48AC-AD86-5CC11129FB5A} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {97DCF4CE-02C4-4793-8AE3-287729078C12} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-22] (Adobe Systems Incorporated)
Task: {A0CD9CC2-2C2F-4D08-9BD1-F1429B75E9C0} - System32\Tasks\MHotkey => C:\Windows\MHotKey.exe [2008-05-30] ()
Task: {A4C2E3C8-4351-4411-B0B7-1381A99EE5A6} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe [2013-05-14] (BlueSprig)
Task: {B8005F37-64D6-49CB-B81D-63413A9734DE} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2017-06-04] (Glarysoft Ltd)
Task: {B979B860-A2A3-4121-8223-7C6B1E277EA7} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] ()
Task: {BDAC6DAA-9E45-4904-BFFE-5D34C5A5B1A5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {C36E3838-A250-47FF-8135-1E7CE3AF8A46} - \StormFall TW2 -> No File <==== ATTENTION
Task: {CB2AECD0-3EA4-4C34-83AA-658ECE2D21C0} - System32\Tasks\{AE739225-3A1A-4EE9-B9FE-A37AF684E8C5} => C:\Windows\system32\pcalua.exe -a "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" -c --lang=enUS --uid=wow_enus --displayname="World of Warcraft"
Task: {CF9186A2-B942-4279-A284-CD08CE7A5072} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {D07003D1-EF00-4670-B7FC-33DB43736D87} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2017-06-04] (Glarysoft Ltd)
Task: {F724D2C7-9320-43E8-B4C0-4624A8384F10} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17] (Adobe Systems Incorporated)
Task: {F7CB2C4B-2A30-40DC-9350-9DBDE088EB6E} - System32\Tasks\Microsoft\Windows\RestartManager\{64CE0BC8-106E-484a-8EF6-01340BDC1C43} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {FB1EF333-43DA-4F18-A89D-68396503C936} - \StormFall TW1 -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Hayes 2\Desktop\Jessica - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Hayes 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall\GetPose.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://plarium.com/play/en/stormfall/dragon04?adCampaign=23634&clickID=tDtD0F0F0DtDtDtCtC0EtD0CtCyC0BtD&publisherID=1_0_7_9_15_16_42_46_57_58 --app-window-size=1920,1080

==================== Loaded Modules (Whitelisted) ==============

2017-03-20 10:44 - 2017-03-20 10:44 - 000052392 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerInstaller.exe:BDU [0]
AlternateDataStreams: C:\ProgramData\Temp:0B174FAE [141]
AlternateDataStreams: C:\ProgramData\Temp:1322DDBD [358]
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [238]
AlternateDataStreams: C:\ProgramData\Temp:59540531 [228]
AlternateDataStreams: C:\ProgramData\Temp:A13B696A [328]
AlternateDataStreams: C:\ProgramData\Temp:D24294C1 [147]
AlternateDataStreams: C:\ProgramData\Temp:D346F792 [294]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\AdobeAIRInstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\adobe_flash_setup_2132936387.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\Adobe_Shockwave_Player_v12.2.9.199.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\Battle.net-Setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\ccsetup530(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\ccsetup530.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\ccsetup531.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\CyberLink_LabelPrint_v2.5.0.6603(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\CyberLink_LabelPrint_v2.5.0.6603.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\FileZilla_Client_(64bit)_v3.25.2(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\FileZilla_Client_(64bit)_v3.25.2.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\FileZilla_Client_(64bit)_v3.26.2.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\flashplayer25_ga_install.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\Glary_Utilities_v5.75.0.96.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\Glary_Utilities_v5.76.0.97.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\Glary_Utilities_v5.77.0.98.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\install_flash_player.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\setup_quake_the_offering_2.0.0.6.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\setup_the_ultimate_doom_2.0.0.3.exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\WiseCare365(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Hayes 2\Downloads\WiseCare365.exe:BDU [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.

IE trusted site: HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1094520485-351602351-698667415-1000\...\aeriagames.com -> hxxp://aeriagames.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 07:34 - 2010-03-01 00:42 - 000000875 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1094520485-351602351-698667415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hayes 2\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 75.75.76.76 - 75.75.75.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Users^Hayes 2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FrostWire On Startup.lnk => C:\Windows\pss\FrostWire On Startup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Hayes 2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe"
MSCONFIG\startupreg: Advanced SystemCare 5 => "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
MSCONFIG\startupreg: Aim6 => "C:\Program Files (x86)\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => c:\program files (x86)\common files\aimersoft\aimersoft helper compact\ashelper.exe
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
MSCONFIG\startupreg: AVG9_TRAY => C:\PROGRA~2\AVG\AVG9\avgtray.exe
MSCONFIG\startupreg: Clearwire Connection Manager => "C:\Program Files (x86)\Clearwire\Connection Manager\ClearwireCM.exe" -a
MSCONFIG\startupreg: Comrade.exe => C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
MSCONFIG\startupreg: ConduitFloatingPlugin_banjjklfojcdbofbhbgiedekefohoaff => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Conduit\CT3310511\plugins\TBVerifier.dll",RunConduitFloatingPlugin banjjklfojcdbofbhbgiedekefohoaff
MSCONFIG\startupreg: Conime =>
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: Easy Dock => c:\users\hayes 2\desktop\documents\rca easyrip\ezdock.exe
MSCONFIG\startupreg: GameTracker => C:\Program Files (x86)\GameTracker\GTLite.exe
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: HarmonyUserStartup => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
MSCONFIG\startupreg: igndlm.exe => C:\Program Files (x86)\Download Manager\dlm.exe /windowsstart /startifwork
MSCONFIG\startupreg: Iminent => "C:\Program Files (x86)\Iminent\Iminent.exe" /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => "C:\Program Files (x86)\Iminent\Iminent.Messengers.exe" 7F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: InnoSetupRegFile.0000000001 => "C:\Windows\is-11LI5.exe" /REG
MSCONFIG\startupreg: iTunesHelper => c:\program files\i - tunes\ituneshelper.exe
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer =>
MSCONFIG\startupreg: Malwarebytes Anti-Malware (cleanup) => "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NVRaidService => c:\windows\system32\nvraidservice.exe
MSCONFIG\startupreg: QuickFinder Scheduler => "c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\QFSCHD140.EXE"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Retrogamer_2z Browser Plugin Loader => C:\PROGRA~2\RETROG~2\bar\1.bin\2zbrmon.exe
MSCONFIG\startupreg: SearchProtect => C:\Users\Hayes 2\AppData\Roaming\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => "C:\Program Files (x86)\SearchProtect\bin\cltmng.exe"
MSCONFIG\startupreg: Shockwave Updater => C:\Windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64; Trident/4.0; GTB6; FBSMTWB; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 1.1.4322; .NET CLR 3.0.30729; .NET4.0C)" -"http://www.shockwave...-grand-prix.jsp"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: WebCake Desktop => "C:\Users\Hayes 2\AppData\Roaming\Web Cake\WebCakeDesktop.exe"
MSCONFIG\startupreg: Windows Defender => %programFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WindowsWelcomeCenter => rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{1B42F944-37D0-4489-BD8D-B48BEA9B315D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4104AA77-862A-4930-8044-BB2521DFCFFE}] => (Allow) svchost.exe
FirewallRules: [{FC53E6EB-19E6-4867-BA34-8B33A3833C39}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{99162B7A-5D42-4799-8233-91CAEE626A92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{66A12E47-3514-403C-A65C-1BB2D135FF7B}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{B650E539-3537-42AC-A402-21D053F475BD}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{74FFCFD9-EC65-4B56-94D9-BD3C0D9A54CF}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{1052E6DF-75AA-4416-8119-5DC57ABBAA39}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{A95450C9-E679-4AA6-8ABF-7DA251CF65BB}] => (Allow) C:\Program Files (x86)\AIM6\aim6.exe
FirewallRules: [{D0E004CE-FB8D-43A6-9467-C9FF53AEAF11}] => (Allow) C:\Program Files (x86)\AIM6\aim6.exe
FirewallRules: [{D81C2374-BE25-44B5-BE96-0946F61CC686}] => (Allow) LPort=9322
FirewallRules: [{FA01B357-F9F3-4D6A-8CBD-A3F82DEC6DD6}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{3C6DDB8B-B4E1-4CBE-8905-AB77D351E93C}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{C64B0F47-164D-4F98-9457-652D2DDC17A5}] => (Allow) LPort=9323
FirewallRules: [{6ADF4F9A-90F7-400E-8F02-A82F911913F0}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{0BA554CD-5F08-4D3D-ACC7-FB0B9635E7C1}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{032E82AC-904E-4899-A8EE-907D5AF8E000}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout™ Paradise The Ultimate Box\BurnoutLauncher.exe
FirewallRules: [{3DC0E6EF-4B94-4023-8163-21B266F6AB85}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout™ Paradise The Ultimate Box\BurnoutLauncher.exe
FirewallRules: [{7DCC8559-42C6-4756-A3B9-BE22AD7BE29A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout™ Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{ABD3C284-F702-4DA9-A0BF-3316DD274BDA}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout™ Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{066BE634-79D8-4B37-AEB2-FE4CF5A3288A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout™ Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{4D14173E-9F08-4890-90A7-3330B7A4BFB4}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout™ Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [TCP Query User{B0F2AA06-BA56-4D13-AFD2-B6710F3521CD}C:\program files (x86)\steam\steamapps\[email protected]\half-life blue shift\hl.exe] => (Block) C:\program files (x86)\steam\steamapps\[email protected]\half-life blue shift\hl.exe
FirewallRules: [UDP Query User{4722280E-F4DF-4C94-9026-A6342638B098}C:\program files (x86)\steam\steamapps\[email protected]\half-life blue shift\hl.exe] => (Block) C:\program files (x86)\steam\steamapps\mi[email protected]\half-life blue shift\hl.exe
FirewallRules: [TCP Query User{8B2383D8-C0D3-42A8-88C7-EC832465C0FC}C:\program files (x86)\steam\steamapps\[email protected]\condition zero deleted scenes\hl.exe] => (Block) C:\program files (x86)\steam\steamapps\[email protected]\condition zero deleted scenes\hl.exe
FirewallRules: [UDP Query User{78158DF1-AB3B-47A2-9A87-2BEB79D642B9}C:\program files (x86)\steam\steamapps\[email protected]\condition zero deleted scenes\hl.exe] => (Block) C:\program files (x86)\steam\steamapps\[email protected]\condition zero deleted scenes\hl.exe
FirewallRules: [{9D5EA4A9-DA68-4776-9A64-1F6DC10ADDF8}] => (Allow) LPort=8377
FirewallRules: [{8FB8750D-2FC6-46CE-B97E-A0E3F860FD45}] => (Allow) LPort=8377
FirewallRules: [{2D7CE884-9567-43CA-A113-CD53C66F238F}] => (Allow) LPort=8378
FirewallRules: [{801577DC-A693-45FA-A0D6-DA4BA96EA66E}] => (Allow) LPort=8378
FirewallRules: [TCP Query User{F4ACB6B1-55DD-4A0C-A6CA-ECC10AC3C461}C:\program files (x86)\steam\steamapps\[email protected]\half-life blue shift\hl.exe] => (Block) C:\program files (x86)\steam\steamapps\[email protected]\half-life blue shift\hl.exe
FirewallRules: [UDP Query User{975C9C3A-EC20-46F8-BF78-3CEB0A99289C}C:\program files (x86)\steam\steamapps\[email protected]\half-life blue shift\hl.exe] => (Block) C:\program files (x86)\steam\steamapps\[email protected]\half-life blue shift\hl.exe
FirewallRules: [{23C2F604-817C-4E38-9952-A72D3B4103CA}] => (Allow) LPort=9323
FirewallRules: [{E8B98290-C9BC-4C10-8B4E-B46D9061AB5C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4744DC9C-B265-401D-BE30-7AE78E81DFBD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C7005ABF-24D2-4AF3-A634-07E0F472E000}] => (Allow) LPort=80
FirewallRules: [{FC70F993-9CAC-4D02-BF0C-945158472739}] => (Allow) LPort=80
FirewallRules: [{AD238692-69D7-4DE3-A0AF-855B826ADC27}] => (Allow) LPort=80
FirewallRules: [{2527064D-885C-4AC9-AF9B-444CD5646C3F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9AA109B0-3E43-4971-B39B-4F376F2F6727}] => (Allow) LPort=2869
FirewallRules: [{9E68AFB1-8C6E-4072-9CA2-9DB1D3F723AE}] => (Allow) LPort=1900
FirewallRules: [{8A875709-62EF-46D2-986A-DC476199D843}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{D5154013-3725-48BC-B4F6-26CF58120872}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{766D03CC-D352-484C-BFF4-89DDD7DEBE21}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6AE862AD-C6E3-43AD-8657-2052F169E09F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5CEC2842-775E-430A-B219-443BEB2895D5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A686AA5D-675C-46EF-825F-D7F115981349}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EB2274A3-E768-4670-9490-F52B63368946}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\half-life source\hl2.exe
FirewallRules: [{E3369916-1E2E-4147-8ACF-ED7EE6995729}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\half-life source\hl2.exe
FirewallRules: [{6800AA4E-EA38-40BE-A592-14D5661CF25B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{2EC208A4-2A82-4DE7-8289-0BB55679C534}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{A6EDAD51-8ADD-475F-80B6-448D62ECCF33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{F5B5539F-EEF3-4AB7-9EF6-140249A76228}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{6D4C3D96-B43B-4B0D-AD4F-731BDCDE9592}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\opposing force\hl.exe
FirewallRules: [{5791C69C-A202-49F5-96A9-8BF00AD621AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\opposing force\hl.exe
FirewallRules: [{47C218C1-B2E2-4ACE-AA5B-1168EEF28D84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\counterstrike source beta\hl2.exe
FirewallRules: [{1B74D38E-5DE1-4E02-9A1B-D848E8F19EFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\counterstrike source beta\hl2.exe
FirewallRules: [TCP Query User{C5305C1B-4358-4798-802B-492930B3B11C}C:\users\hayes 2\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hayes 2\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{8F998088-C863-4DDE-A115-96931A1A6019}C:\users\hayes 2\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hayes 2\appdata\local\akamai\netsession_win.exe
FirewallRules: [{58520047-41B6-4FA4-A736-7B11632549BC}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{4F836038-BB2A-4FF4-9758-6416BE57F6BD}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{76D0BEC9-3D67-40A6-8D8B-FF30424B7F61}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{C3206D20-7A1D-42A6-8C69-1CB3C02747BF}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{A078D584-7A31-40A2-8D35-F8AD9D520E7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\ricochet\hl.exe
FirewallRules: [{78E80CFB-DBAE-4702-B45B-950A7F2AF39F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\ricochet\hl.exe
FirewallRules: [{CA4329FD-D520-4BE4-B5C3-6A33B6F2D1BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\condition zero\hl.exe
FirewallRules: [{9DE809C5-17EE-49E4-8F26-F732D613201E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\condition zero\hl.exe
FirewallRules: [TCP Query User{0709318B-933A-4CD0-9584-34CDA19DFBF3}C:\users\hayes 2\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hayes 2\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{6480875C-19E6-4396-BBEE-FA8B1226EA9B}C:\users\hayes 2\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hayes 2\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{2E30B959-9C3E-4284-8AE7-113F5352A78E}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{FE5B969E-7788-4F54-AE8B-A2CC9CDD9BBE}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{27C54891-8A10-44BC-9D82-CF6814F8146B}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Block) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{921D06CD-4961-41FB-8597-6927C1EB535D}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Block) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{05BB095F-CB37-4645-BB7F-9896658C452A}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{BE52FC83-9802-465E-99D0-CD974359DADD}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{389A9988-1748-4589-8005-BC9833D49959}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{EE814E0C-0992-4D02-9B73-3EAA261F398F}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{A76850AD-B602-42B4-B694-4DD8F276E926}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{AA1E2F4F-BBB7-401D-93C2-5B131BE52B76}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F53F1E32-BD6E-43F7-B66F-528A7EA6DA15}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E2467523-3418-44EA-B9F5-928958BF9526}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D7B027F-E312-4AFE-830B-AF0435B12945}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9729E7E7-0A3C-4E90-B326-83AA4AE5487F}] => (Allow) C:\Program Files\I - Tunes\iTunes.exe
FirewallRules: [TCP Query User{B6E69A96-7DD8-4022-9824-438E942E6744}C:\program files (x86)\steam\steamapps\[email protected]\condition zero deleted scenes\hl.exe] => (Allow) C:\program files (x86)\steam\steamapps\[email protected]\condition zero deleted scenes\hl.exe
FirewallRules: [UDP Query User{9FC5932C-B0DF-4218-BF5D-CDDC80700288}C:\program files (x86)\steam\steamapps\[email protected]\condition zero deleted scenes\hl.exe] => (Allow) C:\program files (x86)\steam\steamapps\[email protected]\condition zero deleted scenes\hl.exe
FirewallRules: [TCP Query User{7AE1B071-5245-45D0-88FD-909154F5ECD5}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{B05E281A-8414-4F6A-9911-BB2A2772A7F1}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [{1892A1FD-BED4-4A34-9DD6-D7E0B69D5322}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{95D4860D-4742-4637-80F4-A74C691AD117}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{FC038489-3C75-4BB1-8AE9-CF54079C9C08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{A2AC9C18-160F-48EE-AAB1-AEBF9F85306E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{96B95969-0269-44F5-967C-BC8C294F5FCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broken Sword 2\BrokenSword2.exe
FirewallRules: [{FCBE6C23-FDF7-4B53-91C3-41A426820CE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broken Sword 2\BrokenSword2.exe
FirewallRules: [{3659BCA1-B28E-44FA-93F6-698C2D0B3EF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broken Sword 3\BSTSD.exe
FirewallRules: [{FA7A8206-37E1-402D-A205-3BFA1EFA76F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broken Sword 3\BSTSD.exe
FirewallRules: [{2BACD5C3-F7C9-493E-9D9E-83D2E6AAA548}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\half-life source\hl2.exe
FirewallRules: [{C52255A2-14E1-4450-8F76-7FBCB77D6BF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\half-life source\hl2.exe
FirewallRules: [{3DD39A93-9A84-4CED-AAFA-04901CAD7485}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlatOut2\FlatOut2.exe
FirewallRules: [{84DDF972-5A85-4D62-931B-0F5C6B247D5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlatOut2\FlatOut2.exe
FirewallRules: [{193B7AE0-8786-49E1-B860-1460CD783ED7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{5281EDD1-9E7B-4B48-819F-913BDC7EC33A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{E30967D7-0346-4504-9981-5695E4B031CA}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{45748957-D739-4D4F-A098-7E8119432556}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{AB231274-F53D-4450-83E9-445D5C09FA7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{84860E9C-A4A9-473A-9250-F66BE944585B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{4853FC25-480F-4650-B34B-F9BEC46E73C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7AE8BA4C-04E2-43A3-9D00-1C91E650C4C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{100EDDBE-8D0C-4D9A-A261-F32CA4F61E14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{362DBFD4-8CD0-4116-BA7E-75F6F9C5793F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E0E722E7-DA47-415E-B4B3-8D4B22A332EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B5232E3D-1956-4619-8DAA-5EFFB251F36C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{08317177-96F7-4823-B3CE-99516B495F5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{621CF600-0299-4DB8-B622-158A35F0DA08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7E02173B-8D67-4894-8409-51D5DEF16188}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Secret of the Magic Crystal\Secret of the Magic Crystal.exe
FirewallRules: [{C0E1A9D5-6FA9-428D-B026-70C00C2E9E08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Secret of the Magic Crystal\Secret of the Magic Crystal.exe
FirewallRules: [{9D504DA1-C509-45FD-9D52-A0EE94539510}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{50E33A09-6640-4282-A02B-8BCB23C7ACC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A4EF7B37-F963-419E-B1DF-E3FF41E58710}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A0BB338D-905D-4300-A765-DAB18538E87A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6C7F180F-71D7-4761-A5EF-4F65C5BD6EFA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{BDEE52F5-1B07-4590-A87C-ED03468B9498}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{36225618-0AF3-4EE6-BA35-F03DA1D7D030}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{4DC735C5-2C32-4E02-B996-51F4FBB9E61A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{1F1B9AA0-5711-4C90-A995-F749B93542B8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EC00C7EB-829C-45A0-B63A-B736461DE947}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F78ABA53-D904-4B54-AD98-311807AE633D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DeadHungryDiner\DHDSteam.exe
FirewallRules: [{176482B6-1B33-4E98-93BC-0CDD60D26C47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DeadHungryDiner\DHDSteam.exe
FirewallRules: [{63A29328-9D35-42AE-B202-7BB374DFD2D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Floras Fruit Farm\FlorasFruitFarm.exe
FirewallRules: [{03436203-1387-4E04-9AD0-C73C99790AB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Floras Fruit Farm\FlorasFruitFarm.exe
FirewallRules: [{2C31C47B-D33F-4DD1-9F15-1A109BC16EA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{B8100C45-AF8A-41E9-8E4B-F55F2086C196}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{46A8B40A-21DC-43EB-A537-E7CA0EBD39EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe
FirewallRules: [{AE3F06AA-CD81-435E-B1D3-27FCE115D510}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe
FirewallRules: [{80D8EDB4-3093-42E5-A9D4-0051322C8CF5}] => (Allow) C:\Program Files (x86)\Kalypso Media\Port Royale 3\PortRoyale3.exe
FirewallRules: [{781F6616-7521-4DAA-83E6-E38FC01EDF3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\counter-strike\hl.exe
FirewallRules: [{3DDA3ECA-BB38-4F73-92DE-9597415ACE25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\[email protected]\counter-strike\hl.exe
FirewallRules: [{D5D73634-BF52-49F3-826E-AC0B98E95A41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{3BEF56E0-201F-4108-BB20-6209B6998878}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{B207C966-D8D8-4554-B079-72E4793853D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{BE5BB13A-4B41-47BF-8165-84565DB0FCEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{711E5ADE-4D6E-4136-BC49-94FE06DBC37C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{6823F67B-5066-4CE2-A7D0-A9BFF0249B43}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{F632B2FA-4834-41A5-8879-DB9A1F4E525E}] => (Allow) LPort=9322
FirewallRules: [{4020C7BD-29E8-462F-92BC-1F837983A70F}] => (Allow) LPort=5353
FirewallRules: [{A08DA14E-A081-474C-8B2A-C6365A30972D}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{287E98AC-5E76-4E5D-AB0D-E1113583B09A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{99A9DB9C-8E81-4FE6-88C0-E8AF5A56B905}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{4F8B32BD-3EE0-46A5-B6E1-5F15BAA72098}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{6E3B738E-8723-4D6C-942D-3FD6DD871138}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{6D2F3664-3480-410F-9328-0A02D25CC8FF}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{ED29654D-801C-4B61-84A6-10428F7CB7BD}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{302DD01F-E55F-4BF6-B5B9-DFFF9EE43F2A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{67BAC4B3-C568-4B33-A123-F81415AC2E3F}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{788E652A-09D0-42D1-A818-0D083B697409}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{46D17544-AB41-42B7-93C4-C3FC60467C94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mirror Mysteries\mm.exe
FirewallRules: [{65C62ED6-D9BC-4C52-A939-9B830FE339D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mirror Mysteries\mm.exe
FirewallRules: [{BD54B948-A013-49E0-9954-033FEB4103A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Millionaire Manor\THOS3.exe
FirewallRules: [{0F476507-B3D1-4E55-82DC-F7D4A50516B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Millionaire Manor\THOS3.exe
FirewallRules: [{78A837CB-968A-4307-93B9-347959A8E54E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empress Of The Deep 2 Song Of The Blue Whale\EmpressoftheDeep2_SongoftheBlueWhale.exe
FirewallRules: [{EDDEA16E-6397-457E-A80F-6F4C0332B352}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empress Of The Deep 2 Song Of The Blue Whale\EmpressoftheDeep2_SongoftheBlueWhale.exe
FirewallRules: [{58527CEB-0C3C-4258-98B1-73C1DC3992B4}] => (Allow) C:\MyGames\steamapps\common\White Haven Mysteries\WhiteHaven.exe
FirewallRules: [{318CAD3F-4FA7-46C6-AB63-AFE88CD55346}] => (Allow) C:\MyGames\steamapps\common\White Haven Mysteries\WhiteHaven.exe
FirewallRules: [{2FBFCB95-DE5E-4CD5-826F-CE3DCB00BE14}] => (Allow) C:\MyGames\steamapps\common\Princess Isabella - Rise of an Heir\PrincessIsabella_TheRiseOfAnHeir.exe
FirewallRules: [{4B8A5B1E-BC37-4CA2-835A-A120952A6854}] => (Allow) C:\MyGames\steamapps\common\Princess Isabella - Rise of an Heir\PrincessIsabella_TheRiseOfAnHeir.exe
FirewallRules: [{A922DB4B-5C53-4C26-83EB-E6F018DC7184}] => (Allow) C:\MyGames\steamapps\common\Haunted Past Realm of Ghosts\HP-RealmofGhosts.exe
FirewallRules: [{CFC23563-C0BD-44CE-B62B-8B382C903968}] => (Allow) C:\MyGames\steamapps\common\Haunted Past Realm of Ghosts\HP-RealmofGhosts.exe
FirewallRules: [{AD52B1A0-3893-414F-92DE-C0C570C9C7F2}] => (Allow) C:\MyGames\steamapps\common\Escape The Museum\Museum.exe
FirewallRules: [{4B669F0E-32E2-4C28-B8AA-8F846BDD3A16}] => (Allow) C:\MyGames\steamapps\common\Escape The Museum\Museum.exe
FirewallRules: [{684ED7F1-F7DA-4CDD-A51E-7224804FF61C}] => (Allow) C:\MyGames\steamapps\common\Crystals of Time\Crystals of Time.exe
FirewallRules: [{35B5DD73-0F5D-4D20-A45F-5367D3A1D05C}] => (Allow) C:\MyGames\steamapps\common\Crystals of Time\Crystals of Time.exe
FirewallRules: [{82A49C39-8E29-4BB9-AEA6-7D3CE1EB56FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Isabella - Return of the Curse\PrincessIsabella_ReturnoftheCurse.exe
FirewallRules: [{3897E809-3CC2-43BD-A819-A2E463954004}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Isabella - Return of the Curse\PrincessIsabella_ReturnoftheCurse.exe
FirewallRules: [{D3305A25-A60B-44E8-BCAB-F256FDB9F71A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{38BFCD1E-4266-4A7E-A19C-9A4039AEF352}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{8B0D3F45-F1F7-452A-BB1E-7250A574027A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ys I\ys1plus.exe
FirewallRules: [{8CE063A8-4B74-4D5B-9A3B-09BFA91677D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ys I\ys1plus.exe
FirewallRules: [{6349F9B7-7A22-419E-9132-10BDC01EA1F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ys I\config.exe
FirewallRules: [{5F338F58-75E9-4814-B5EB-EA8AAC3604DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ys I\config.exe
FirewallRules: [TCP Query User{AFA77D48-C0CE-42C4-A633-35BDC072F9A0}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{A8DBABBD-07E1-47A1-98E9-A3336C7A2D6F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{8EE29E0B-FAEA-4539-AF97-AFB48CC32AD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{01F31B74-3025-4BD4-BB00-5722B086AE45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{20632F59-B361-4953-BFAD-C789AA3C0549}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{65C88493-F027-4F61-85D7-BE191C9D16FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{8381DB31-1FCA-4F3B-B49D-CA808186D2CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{C87A0C31-361F-49D1-BD7F-EAE96F75011F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{630E01AE-5F83-4829-A5AB-28953E854D6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{C18B10A3-06EF-4EEB-AE44-C5484412D29B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{67C93C41-65B0-4013-8F6D-93542020FA33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{7B6172CD-4B51-4827-BB86-92B975980017}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{B599409A-068E-4BEE-8298-9C90A9A14E5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rock of Ages\Binaries\Win32\RoA.exe
FirewallRules: [{95D18A4D-E345-4383-9B39-2D7884E57308}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rock of Ages\Binaries\Win32\RoA.exe
FirewallRules: [{5F26F3D1-AA64-4E38-B0DA-BB52E56E1564}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E03439FB-975E-4EF9-9714-15E7F8CB9591}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{8BC057FB-A5AE-419D-88EE-05705FFD13DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{67E31BB6-B448-47C6-AF85-D0FAD8A8C67F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{F88983F6-6787-42AD-8405-4D700509E56A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Happy Hereafter\TheHappyHereafter.exe
FirewallRules: [{2EA90567-FD84-4200-B9A4-D2F873E0ACB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Happy Hereafter\TheHappyHereafter.exe
FirewallRules: [{25D57C0F-6391-442C-842B-BD44E7ACE873}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{76B2C249-BFA1-49CD-9DFD-FA4AC22CEFF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C350D5D7-5550-4FB1-9628-59454BCD8C04}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{642915C1-888C-4494-BBFA-19AC9361E42A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0B467F75-C8E5-447E-A5AD-58D88D4F097F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{868BFA4F-8AF8-4EEE-BCC8-29BFE67B0D42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [TCP Query User{92CD1E76-2CBE-49C1-8A65-A57B01DA61CF}C:\program files (x86)\woj emulator extreme edition\wojemulatorextreme.exe] => (Allow) C:\program files (x86)\woj emulator extreme edition\wojemulatorextreme.exe
FirewallRules: [UDP Query User{1CDAFD97-B254-484D-BA66-401188B48B28}C:\program files (x86)\woj emulator extreme edition\wojemulatorextreme.exe] => (Allow) C:\program files (x86)\woj emulator extreme edition\wojemulatorextreme.exe
FirewallRules: [{6CC7448C-1467-4EAF-8A4A-CD8A969CF212}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Escapists\TheEscapists.exe
FirewallRules: [{AA79DFDF-4013-48E6-BBB0-9CD06D38DBF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Escapists\TheEscapists.exe
FirewallRules: [{DB8703FD-F9B2-457C-8773-F910BAA0818D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robin's Quest\RobinsQuest.exe
FirewallRules: [{809B4EEE-55DE-4B5F-9838-580FDA38FC7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robin's Quest\RobinsQuest.exe
FirewallRules: [{21DC435E-ACB1-401F-9D18-9E74E6D3B9E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{624BF076-1E8F-4E07-B2FC-2A2231D0C9D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{51BC62FB-BC6B-4FAA-BDA0-5F216B6DC561}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{A24666F6-E990-42CD-BF98-A314A38226FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{5A2A2F06-ECAD-48AC-BA32-B13E20169CE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TerraTech Beta\TerraTechWin64.exe
FirewallRules: [{D78F7B30-D6CF-4FFD-B5B0-F8CF72CAFC99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TerraTech Beta\TerraTechWin64.exe
FirewallRules: [{6B9CB950-0BBC-451F-A8A4-2CF12F064569}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{958FF362-0F82-4873-89DD-833974D8A242}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{A7F569D7-9228-43BD-BD4B-4B4C2D374788}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5FCDDB06-0E01-41C8-914A-CFC9398B01CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7C088461-6858-4081-A5B1-CDC0972DDAF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{3ADA1B80-5A99-49A6-9C18-D191F17CFA9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{BF26D34B-4E17-416D-BD94-83311BE800A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sister’s Secrecy\SistersSecrecy_ArcanumBloodlines_Premium.exe
FirewallRules: [{CB82D88C-218B-4B37-AC45-F3C5FD0A2E68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sister’s Secrecy\SistersSecrecy_ArcanumBloodlines_Premium.exe
FirewallRules: [{E5E63362-9C4B-40D9-B86E-1567F2CFAF79}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{BD600C19-B093-4D36-8B57-621C79FA283E}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{6415ADF1-5497-46B1-817A-5AF104649889}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{CF5C3985-412D-4F9A-AC98-BD802CA6DD16}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{8BD0F658-A9C3-4731-8A90-D5CD34674F3C}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{E1CC4765-7A7D-4B6A-9F66-44B162402ED7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dino D-Day\dinodday.exe
FirewallRules: [{57032B29-8057-4652-A5F5-4B773C70151D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dino D-Day\dinodday.exe
FirewallRules: [{0C076193-3554-4B09-80FC-1F5489A83CC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Burnout™ Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{EF8D102D-2F66-414C-A737-24E19FEF1CBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Burnout™ Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{9B9F67FB-502E-42A7-9C2E-D39142BF6012}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Burnout™ Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{B882DC0F-F49E-4B55-A49E-51647A455107}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Burnout™ Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{332A19C4-E790-4BCF-A2B1-CF98EE2E7070}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FirewallRules: [{CE160321-275B-4BA2-85DD-EDBAC53618AB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FirewallRules: [{AEEAC0E1-A6DB-49F6-8EE6-B5183FE4D990}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{EDB0DE18-F8EB-49D2-9C57-7FFF745EDE90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{216FAEBA-0B7D-4271-A8DC-CD043A450675}] => (Allow) C:\MyGames\steamapps\common\AWalkInTheDark\AWalkInTheDark.exe
FirewallRules: [{90D1C2B1-CF40-406D-947F-459F42661E80}] => (Allow) C:\MyGames\steamapps\common\AWalkInTheDark\AWalkInTheDark.exe
FirewallRules: [{1576935F-F52A-4F32-B984-D3FEE42A463F}] => (Allow) C:\MyGames\steamapps\common\CookServeDelicious\CSDSteamBuild.exe
FirewallRules: [{2E07477D-6FC4-4380-BEBE-6FBA2E3AD960}] => (Allow) C:\MyGames\steamapps\common\CookServeDelicious\CSDSteamBuild.exe
FirewallRules: [{ACB9D2D9-DD19-40EC-B9F5-A992E966903A}] => (Allow) C:\MyGames\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{801D23B8-00FD-4500-B631-1D531799AAF6}] => (Allow) C:\MyGames\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{4D957FE9-412F-4D43-9CC2-938DCDC42E43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{990B17E4-03B5-4E37-AAF0-10D8A4A5B28B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{C5119668-5C46-41BB-8A1B-598B24577051}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3111EB74-CC64-4C9C-B319-576DEFC2AB14}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{3A8BD383-F1AA-4F89-9122-16D05F246AE7}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{D0BCF183-7E77-4D9E-875A-94056B09EBD5}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{C6EBF593-3826-465E-B526-D98340812099}] => (Allow) C:\MyGames\steamapps\common\Age of Mythology\aomx.exe
FirewallRules: [{F8A602FE-0E46-4880-9A83-D3776CC2A60C}] => (Allow) C:\MyGames\steamapps\common\Age of Mythology\aomx.exe
FirewallRules: [{4EED53BA-0976-43A3-9E80-852BECB3AEF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe
FirewallRules: [{5C0D0557-83E8-46CC-87F3-1D1AD573C4B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe
FirewallRules: [{10689B64-5BA9-4338-AC48-BD86EBF384F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia\Game.exe
FirewallRules: [{1B88367C-F6BB-4A71-98DF-3AE537CFB81E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia\Game.exe
FirewallRules: [{D6FC207A-7744-494B-9490-A2F1B85B8846}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [{5D027F43-AB31-4535-BD12-4DE683EB9AF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [TCP Query User{FD003AC7-6242-4497-95A3-8D8CDD30B5DA}C:\mygames\steamapps\common\guardians of ember\exedir\ruplatform.exe] => (Allow) C:\mygames\steamapps\common\guardians of ember\exedir\ruplatform.exe
FirewallRules: [UDP Query User{4B178EAF-008B-499F-A88F-B440E5CC05AB}C:\mygames\steamapps\common\guardians of ember\exedir\ruplatform.exe] => (Allow) C:\mygames\steamapps\common\guardians of ember\exedir\ruplatform.exe
FirewallRules: [TCP Query User{9C25882E-DAB4-4E5C-85DE-D82A4A48251D}C:\mygames\steamapps\common\guardians of ember\client_x86.exe] => (Block) C:\mygames\steamapps\common\guardians of ember\client_x86.exe
FirewallRules: [UDP Query User{AAFA26B7-20E3-4469-89F7-9DAA7878790F}C:\mygames\steamapps\common\guardians of ember\client_x86.exe] => (Block) C:\mygames\steamapps\common\guardians of ember\client_x86.exe
FirewallRules: [{9264D49D-81D3-4E02-AEE4-02B5F63E6E77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{20E34B84-ECF1-4992-A7F2-D62BE058A3BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{EA8BD9F1-48A6-4003-BDE2-0B832206469B}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{FCCEB72B-3B52-4380-B460-3A01D60C32C3}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{A9AFD583-6F55-4E8F-BE38-2E5F89EEF6E5}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{6853BE0D-58CC-4C39-B242-C035804A785F}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{CA420FD2-AAE2-464F-90F1-CE77AE6642FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{E49E1346-EF72-45EF-B4D2-823843B975E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{B97994DA-7C9B-4C76-B12D-63582FAD0DC1}] => (Allow) C:\Program Files (x86)\StarCraft\StarCraft.exe
FirewallRules: [{9AD8098E-21DD-435A-9FF8-D156ECAF41DE}] => (Allow) C:\Program Files (x86)\StarCraft\StarCraft.exe
FirewallRules: [{274ED66E-5981-47CF-A205-DC48D5A5E394}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{1E283065-BD6B-4DE7-8EF7-D7CB815B3218}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{955DBFC8-79BF-4D8F-ABD1-917921597CED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [{D71FA36C-6D3D-434D-B3F5-D941CEE3C2AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [TCP Query User{D3B2AF72-7426-49A2-A5A6-FFA0146F2C2F}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{3698D09B-B8D2-4606-B572-BBFE87359371}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{C6CED57E-D369-4AAD-AA3B-F32C8C5B7ABE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{C50D806F-3619-4126-87EE-12A3215A0D32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{D324BE3F-22C9-4991-984B-146CE4C63568}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight\Torchlight.exe
FirewallRules: [{C597F414-04F0-4798-915E-CFEE2581C4EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight\Torchlight.exe
FirewallRules: [{AFEF5478-3CC4-408F-BADB-63CC685C46FB}] => (Allow) C:\MyGames\steamapps\common\TheDarkEye Cos\satinav.exe
FirewallRules: [{D9893A14-773A-4532-8FEB-9563F6E2F2C6}] => (Allow) C:\MyGames\steamapps\common\TheDarkEye Cos\satinav.exe
FirewallRules: [{4CB769F7-7CFD-4748-95B9-D4C577232F2B}] => (Allow) C:\MyGames\steamapps\common\TheDarkEye Cos\VisionaireConfigurationTool.exe
FirewallRules: [{0E955ECB-83BC-4A70-B8A0-065DB9658FBC}] => (Allow) C:\MyGames\steamapps\common\TheDarkEye Cos\VisionaireConfigurationTool.exe
FirewallRules: [{7BD2B415-A91F-45CF-9919-2AA2B68D5757}] => (Allow) C:\MyGames\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{C04C212D-9DAE-4B98-82D5-AA1008862D6D}] => (Allow) C:\MyGames\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{91408490-A80F-4E67-BC71-9C8028172844}] => (Allow) C:\MyGames\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{F991B1BB-814C-47FB-BFAF-16DD1AEA0E2E}] => (Allow) C:\MyGames\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{D48ABB11-3A59-4864-B8DD-43099C25C2CE}] => (Allow) C:\MyGames\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{22946170-6822-49FB-8A5E-EF9FDE94C7EF}] => (Allow) C:\MyGames\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{5079D2DB-5A23-46E6-8FD7-8026D3E97F14}] => (Allow) C:\MyGames\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{34995DC3-4893-4E2D-BEED-88C19AB54F13}] => (Allow) C:\MyGames\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{23B0C37C-F45B-4BF8-8061-E1F116446119}] => (Allow) C:\MyGames\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{5BE18D23-50C7-4B07-8C68-0F34DFEB5D26}] => (Allow) C:\MyGames\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{128233F3-610C-432C-B44D-A8A9887926CE}] => (Allow) C:\MyGames\steamapps\common\DeadCore\DeadCore.exe
FirewallRules: [{4F981811-9448-4530-9019-8BBDD0241F7C}] => (Allow) C:\MyGames\steamapps\common\DeadCore\DeadCore.exe

==================== Restore Points =========================

11-10-2017 03:00:16 Windows Update
15-10-2017 03:00:11 Windows Update

==================== Faulty Device Manager Devices =============

Name: PS/2 Keyboard
Description: PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: Logitech
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: PS/2 Mouse
Description: PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Logitech
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: eHome Infrared Receiver (USBCIR)
Description: eHome Infrared Receiver (USBCIR)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbcir
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Consumer IR Devices
Description: Consumer IR Devices
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: circlass
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (10/17/2017 09:38:26 PM) (Source: LoadPerf) (EventID: 3001) (User: )
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 70002. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (10/17/2017 09:38:23 PM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (10/17/2017 09:38:23 PM) (Source: LoadPerf) (EventID: 3001) (User: )
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 70002. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (10/17/2017 09:34:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/17/2017 09:33:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/17/2017 09:33:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/17/2017 09:33:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/17/2017 09:33:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/17/2017 09:33:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/17/2017 09:33:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

System errors:
=============
Error: (10/17/2017 09:34:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswbidsdriver
aswbidsh
aswblog
aswbuniv
aswRvrt
aswSnx
aswSP
aswVmm
avc3
bdftdif
cdrom
ElRawDisk
epp64
GUBootStartup
Hmonitor45
HWiNFO32
i8042prt
qhpbzs
raeehd
SASDIFSV
SASKUTIL
spldr
trufos
Wanarpv6

Error: (10/17/2017 09:34:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (10/17/2017 09:34:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (10/17/2017 09:33:15 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/17/2017 09:33:14 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/17/2017 09:33:13 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server:
{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (10/17/2017 09:33:12 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/17/2017 09:33:05 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/17/2017 09:32:40 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (10/17/2017 09:32:36 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

CodeIntegrity:
===================================
  Date: 2017-10-17 21:17:16.383
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-17 21:17:15.197
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-17 20:36:11.598
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-17 20:36:09.742
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-17 20:05:45.198
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-17 20:05:44.013
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-17 19:37:48.616
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-17 19:37:47.664
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-17 10:47:53.235
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-17 10:47:52.283
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 13%
Total physical RAM: 8190.32 MB
Available physical RAM: 7045.9 MB
Total Virtual: 16433.61 MB
Available Virtual: 15573.63 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:581.52 GB) (Free:11.35 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: F4DCAE3E)
Partition 1: (Not Active) - (Size=14.7 GB) - (Type=27)
Partition 2: (Active) - (Size=581.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

Thank you for any help you can give! :)

 


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP