Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows hanging on processes, freezing, but not in safe mode


  • Please log in to reply

#1
zestron

zestron

    Member

  • Member
  • PipPipPip
  • 334 posts

Hello!  :spoton:

 

Problem: When I open a program (Google Chrome, for example), it comes to a halt. After waiting or trying to close the program / open Task Manager, the program is totally crashed and a Windows Explorer dialog box pops up and asks me to end it. I can't really interact with anything or do anything useful.

 

Also, sometimes it doesn't happen. I just booted in safe mode then went back to regular boot, and it's totally fine.

 

In safe mode, none of this happens and everything is working 100% smooth. That's why I figure it might be a spyware / virus / malware problem!

 

I've run Malwarebytes, JRT, Emsisoft Emergency Kit.

 

 

____________________________

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by JohnDoe (administrator) on ANDROID-MC3IPDQ (07-11-2017 19:17:22)
Running from C:\Users\JohnDoe\Desktop
Loaded Profiles: JohnDoe (Available Profiles: JohnDoe & Visitor)
Platform: Windows 10 Pro 10240.17354 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\MB3Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-12] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [6153128 2017-05-22] (LogMeIn Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Run: [f.lux] => C:\Users\JohnDoe\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\MountPoints2: D - "D:\setup\autorun.exe" 
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{09c7a648-8223-45eb-bd0d-35af2ede0422}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{4f1c6091-4e81-436c-b5c8-a0d8e1805d09}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{591e90c2-32c8-420e-94d4-28b956bcd8d5}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{c37a50aa-f7ab-4830-b36f-6aef28eb3c0a}: [DhcpNameServer] 192.168.0.1 0.0.0.0
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ca.msn.com/?ocid=iehp
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-09-05] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-15] (Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-01-15] (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2017-09-05] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-09-05] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-15] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-08-15] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-15] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-01-15] (LastPass)
BHO-x32: No Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-09-05] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-15] (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-01-15] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-01-15] (LastPass)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\JohnDoe\AppData\Roaming\Mozilla\Firefox\Profiles\88xq2klu.default [2017-06-09]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\88xq2klu.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\88xq2klu.default -> hxxps://www.malwarebytes.org/restorebrowser/_ir_16_02&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dca%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0B0C0C0F0D0EtAyCyBtCtN0D0Tzu0StCyEyByEtN1L2XzutAtFtCyBtFtBtFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyBtByCzyyDyD0CyBtGtD0AzyzztG0AtAzztDtGyB0C0AyCtGtCyEyDtByE0CyDtCtAtCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytCyDyE0AzyzyyBtGyE0DyEzztGyE0EtDtBtG0BzytBzztGyCtDyDyB0EyCzytCyE0DyCyE2QtN0A0LzutB%26cr%3D595026009%26a%3Dwncy_ir_16_02%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> backup.ftp", "118.97.30.165"
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> backup.ftp_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> backup.socks", "118.97.30.165"
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> backup.socks_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> backup.ssl", "118.97.30.165"
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> backup.ssl_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> ftp", "140.0.237.238 "
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> ftp_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> http", "140.0.237.238 "
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> http_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> share_proxy_settings", true
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> socks", "140.0.237.238 "
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> socks_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> ssl", "140.0.237.238 "
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> ssl_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> type", 0
FF Extension: (Mozilla WebVR Plus) - C:\Users\JohnDoe\AppData\Roaming\Mozilla\Firefox\Profiles\88xq2klu.default\Extensions\@mozillawebvrenabler.xpi [2016-09-12]
FF Extension: (LastPass) - C:\Users\JohnDoe\AppData\Roaming\Mozilla\Firefox\Profiles\88xq2klu.default\Extensions\[email protected] [2017-06-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-15] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-01-15] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-15] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-01-15] (LastPass)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-2118853541-1488753588-3094647493-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\JohnDoe\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-15] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2118853541-1488753588-3094647493-1000: SkypePlugin -> C:\Users\JohnDoe\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2118853541-1488753588-3094647493-1000: SkypePlugin64 -> C:\Users\JohnDoe\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2118853541-1488753588-3094647493-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR DefaultSearchKeyword: Profile 1 -> lp
CHR Profile: C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default [2017-11-05]
CHR Extension: (Duolingo on the Web) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-06-26]
CHR Extension: (Adblock for Youtube™) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-10-16]
CHR Extension: (Google Calendar) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-05-20]
CHR Extension: (Facebook™ Chat Privacy) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfpgaanechfneiboempkfjghninbibjn [2017-01-02]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-05-20]
CHR Extension: (Facebook - Delete All Messages) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgiidlnejdlfoacoeleopkljhbckmlko [2017-01-02]
CHR Extension: (Google Maps) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-01-15]
CHR Extension: (Click&Clean App) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2017-05-20]
CHR Extension: (Chrome Media Router) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-20]
CHR Extension: (Privacy Badger) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2017-05-20]
CHR Profile: C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-05-20]
CHR Profile: C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-11-07]
CHR Extension: (Google Drive) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-15]
CHR Extension: (YouTube) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-15]
CHR Extension: (Chrome IG Story) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bojgejgifofondahckoaahkilneffhmf [2017-10-09]
CHR Extension: (Adblock Plus) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-27]
CHR Extension: (Google Search) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-15]
CHR Extension: (Video Downloader professional) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-08-03]
CHR Extension: (WebM Options (Premium)) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fhgjcfedjhkachipnckecjckmdllpgjh [2016-02-08]
CHR Extension: (WebM Inline Player) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fnaeemmlglafkapofhhgfhnhddaboeig [2016-01-27]
CHR Extension: (Web Page to PDF Converter) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdlncamcmchghcemgocofijkhkklijbj [2016-08-11]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-10-21]
CHR Extension: (Facebook - Delete All Messages) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hgiidlnejdlfoacoeleopkljhbckmlko [2017-10-29]
CHR Extension: (Kill News Feed) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjobfcedfgohjkaieocljfcppjbkglfd [2016-02-16]
CHR Extension: (Google Keep - notes and lists) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-11-06]
CHR Extension: (Social Fixer for Facebook) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2017-10-03]
CHR Extension: (InstaG Downloader) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jnkdcmgmnegofdddphijckfagibepdlb [2017-10-28]
CHR Extension: (Signup Block) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\joiaigcocfbhjbgeajdmmgchlbepelco [2016-11-11]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-09-22]
CHR Extension: (Ghostery) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-10-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-21]
CHR Extension: (Unseen) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oclokcfejikeggpnhgakanfbdnlafaon [2017-08-08]
CHR Extension: (Gmail) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-15]
CHR Extension: (Chrome Media Router) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-07]
CHR Profile: C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\System Profile [2017-05-20]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [File not signed]
S4 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-05-12] ()
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2017-01-08] (Microsoft Corporation)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [528424 2017-10-23] (EasyAntiCheat Ltd)
S4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3760040 2017-05-22] (LogMeIn Inc.)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 MB3Service; C:\Program Files\Malwarebytes\Anti-Ransomware\mb3service.exe [6054352 2017-07-25] (Malwarebytes)
S2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
S2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2091496 2017-10-05] (Plex, Inc.)
S2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.) [File not signed]
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.) [File not signed]
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 VeeamEndpointBackupSvc; C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe [101888 2016-03-10] (Veeam Software AG) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-03-28] (Microsoft Corporation)
S4 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3778592 2017-01-08] (C-MEDIA)
S3 DFX12; C:\WINDOWS\System32\drivers\dfx12x64.sys [28344 2015-10-12] (Windows ® Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-05-27] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2017-07-30] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2017-07-30] (Windows ® Win 7 DDK provider)
R3 DRTWlanE; C:\WINDOWS\System32\drivers\Drtwlane.sys [4619520 2015-07-21] (Realtek Semiconductor Corporation )
S1 epp; C:\EEK\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2017-02-02] (LogMeIn Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-04-21] ()
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2017-08-04] (Microsoft Corporation)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
R3 MB3SwissArmy; C:\WINDOWS\system32\drivers\MB3SwissArmy.sys [253888 2017-11-07] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [107960 2017-11-07] (Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
S2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2013-12-20] (CACE Technologies, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-05-27] (Samsung Electronics Co., Ltd.)
S3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] ()
S3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] ()
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2014-12-04] (Acronis International GmbH)
R0 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [183224 2014-12-04] (Acronis)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-01-02] (Windows ® Win 7 DDK provider)
S2 VeeamFSR; C:\Program Files\Veeam\Endpoint Backup\VeeamFSR.sys [114120 2016-03-10] (Veeam Software AG)
R0 vidsflt; C:\WINDOWS\System32\DRIVERS\vidsflt.sys [117024 2014-12-04] (Acronis International GmbH)
S3 VirtualDK; C:\Program Files\Veeam\Endpoint Backup\vdk.sys [36808 2016-03-10] (Ken Kato)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 XSplit_Dummy; C:\WINDOWS\System32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
U3 idsvc; no ImagePath
S3 VBAudioVACMME; \SystemRoot\system32\DRIVERS\vbaudio_cable64_win7.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-07 19:17 - 2017-11-07 19:18 - 000028071 _____ C:\Users\JohnDoe\Desktop\FRST.txt
2017-11-07 19:12 - 2017-11-07 19:12 - 000016148 _____ C:\WINDOWS\system32\ANDROID-MC3IPDQ_JohnDoe_HistoryPrediction.bin
2017-11-06 22:31 - 2017-11-06 22:31 - 000000717 _____ C:\Users\JohnDoe\AppData\Local\recently-used.xbel
2017-11-05 15:21 - 2017-11-05 15:21 - 000000000 ____D C:\ProgramData\Emsisoft
2017-11-05 15:20 - 2017-11-05 15:45 - 000000000 ____D C:\EEK
2017-11-05 15:16 - 2017-11-05 15:19 - 340674888 _____ C:\Users\JohnDoe\Downloads\EmsisoftEmergencyKit.exe
2017-11-05 15:11 - 2017-11-05 15:11 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\30251D42.sys
2017-11-05 15:07 - 2017-11-05 15:07 - 008261584 _____ (Malwarebytes) C:\Users\JohnDoe\Downloads\adwcleaner_7.0.4.0.exe
2017-11-05 15:06 - 2017-11-05 15:06 - 000000923 _____ C:\Users\JohnDoe\Desktop\JRT.txt
2017-11-05 15:03 - 2017-11-05 15:03 - 001790024 _____ (Malwarebytes) C:\Users\JohnDoe\Downloads\JRT.exe
2017-11-05 15:03 - 2017-11-05 15:03 - 000048425 _____ C:\Users\JohnDoe\Downloads\Addition.txt
2017-11-05 15:01 - 2017-11-05 15:03 - 000042389 _____ C:\Users\JohnDoe\Downloads\FRST.txt
2017-11-05 15:01 - 2017-11-05 15:01 - 002403328 _____ (Farbar) C:\Users\JohnDoe\Desktop\FRST64.exe
2017-11-05 14:06 - 2017-11-07 19:12 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-11-05 14:05 - 2017-11-07 19:11 - 000659364 _____ C:\WINDOWS\ntbtlog.txt
2017-11-04 08:37 - 2017-11-05 11:15 - 000000000 ____D C:\Users\JohnDoe\Desktop\order
2017-11-03 19:31 - 2017-11-03 19:31 - 000000000 ____D C:\Users\JohnDoe\Desktop\print
2017-11-03 19:20 - 2017-11-03 19:20 - 002118430 _____ C:\Users\JohnDoe\Downloads\Photos (1).zip
2017-11-03 19:20 - 2017-11-03 19:20 - 001435730 _____ C:\Users\JohnDoe\Downloads\Photos.zip
2017-11-03 19:17 - 2017-11-03 19:17 - 004088898 _____ C:\Users\JohnDoe\Downloads\WEB_LRT01_AW-PW-PWAIR.dwg
2017-10-28 22:41 - 2017-10-28 22:42 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\Trine1
2017-10-28 20:04 - 2017-10-28 20:04 - 000000000 ____D C:\Users\JohnDoe\Documents\Penumbra
2017-10-26 19:26 - 2017-10-26 19:27 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\discordsdk
2017-10-26 19:26 - 2017-10-26 19:26 - 000000000 ____D C:\Users\JohnDoe\Documents\SavedGames
2017-10-26 19:26 - 2007-04-04 17:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-10-26 18:14 - 2017-10-26 18:14 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\ParadoxInteractive
2017-10-25 21:16 - 2017-11-06 20:16 - 000000000 ____D C:\Users\JohnDoe\Streaming Media
2017-10-25 21:13 - 2017-10-25 21:18 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\Plex Media Server
2017-10-25 21:12 - 2017-10-25 21:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2017-10-25 21:11 - 2017-10-25 21:11 - 000000000 ____D C:\Program Files (x86)\Plex
2017-10-25 21:09 - 2017-10-25 21:10 - 075658992 _____ (Plex, Inc.) C:\Users\JohnDoe\Downloads\Plex-Media-Server-1.9.4.4325-1bf240a65.exe
2017-10-25 17:31 - 2017-10-25 17:31 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\EasyAntiCheat
2017-10-25 17:31 - 2017-10-25 17:31 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2017-10-24 20:11 - 2017-10-24 20:11 - 000000021 _____ C:\Users\JohnDoe\Documents\rbc_account.txt
2017-10-21 07:34 - 2017-10-21 07:59 - 000000000 ____D C:\Users\JohnDoe\Documents\Overwatch
2017-10-21 00:10 - 2017-10-21 00:10 - 000000892 _____ C:\Users\Public\Desktop\Overwatch.lnk
2017-10-21 00:10 - 2017-10-21 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2017-10-20 22:30 - 2017-10-23 17:12 - 000000000 ____D C:\Program Files (x86)\Overwatch
2017-10-20 22:25 - 2017-10-20 22:25 - 003251696 _____ (Blizzard Entertainment) C:\Users\JohnDoe\Downloads\Overwatch-Setup.exe
2017-10-19 17:03 - 2017-10-19 17:03 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-10-18 18:28 - 2017-10-18 18:28 - 000002205 _____ C:\Users\JohnDoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2017-10-17 21:53 - 2017-10-17 22:08 - 048414273 _____ C:\Users\JohnDoe\Downloads\Unconfirmed 658321.crdownload
2017-10-14 09:39 - 2017-10-14 09:39 - 000062665 _____ C:\Users\JohnDoe\Downloads\02383462.pdf
2017-10-14 09:39 - 2017-10-14 09:39 - 000062137 _____ C:\Users\JohnDoe\Downloads\CR112377.pdf
2017-10-13 15:28 - 2017-10-13 15:28 - 000001364 _____ C:\Users\JohnDoe\Desktop\T107.txt
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-07 19:11 - 2017-05-15 17:53 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MB3SwissArmy.sys
2017-11-07 19:10 - 2015-07-10 07:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-07 19:10 - 2015-07-10 04:05 - 000786432 ___SH C:\WINDOWS\system32\config\BBI
2017-11-07 19:09 - 2017-05-15 17:53 - 000107960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-11-07 19:04 - 2016-10-01 09:16 - 000000000 ____D C:\Temp
2017-11-07 18:57 - 2017-01-08 18:25 - 000000000 ____D C:\Users\JohnDoe
2017-11-07 17:32 - 2015-05-03 23:11 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-07 17:19 - 2017-07-27 16:40 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2118853541-1488753588-3094647493-1000
2017-11-07 17:19 - 2017-01-08 19:22 - 000002412 _____ C:\Users\JohnDoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-07 17:19 - 2014-02-20 21:10 - 000000000 ___RD C:\Users\JohnDoe\OneDrive
2017-11-07 17:16 - 2017-01-08 10:15 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\deluge
2017-11-06 21:12 - 2013-09-09 17:33 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\vlc
2017-11-06 17:57 - 2017-01-08 18:24 - 001005598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-05 16:26 - 2015-07-10 06:02 - 000000000 ____D C:\WINDOWS\INF
2017-11-05 15:12 - 2015-07-10 06:04 - 000000000 __RSD C:\WINDOWS\Media
2017-11-05 15:11 - 2015-04-21 12:27 - 000000000 ____D C:\AdwCleaner
2017-11-05 15:01 - 2015-04-30 16:59 - 000000000 ____D C:\FRST
2017-11-05 14:28 - 2013-12-19 09:35 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\ElevatedDiagnostics
2017-11-05 14:12 - 2014-08-30 11:31 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-11-05 12:34 - 2013-09-06 18:15 - 000000000 ____D C:\Program Files (x86)\Steam
2017-11-04 14:09 - 2013-09-06 18:35 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\Skype
2017-11-03 17:43 - 2015-07-10 07:20 - 005093816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-02 17:15 - 2015-07-10 06:04 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-02 17:15 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-01 21:28 - 2017-03-11 16:41 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\foobar2000
2017-10-31 20:04 - 2017-10-02 05:59 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-10-31 20:02 - 2014-03-08 22:05 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\Packages
2017-10-26 23:01 - 2015-11-07 15:52 - 000000000 ____D C:\Program Files\pia_manager
2017-10-26 22:37 - 2016-06-19 11:42 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\Battle.net
2017-10-26 22:27 - 2016-06-19 11:41 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-10-26 17:34 - 2015-02-05 20:34 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\Steam
2017-10-26 16:44 - 2017-03-25 21:08 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\ZenBound2
2017-10-26 16:26 - 2017-01-08 20:19 - 000000000 ____D C:\Users\JohnDoe\Documents\My Games
2017-10-25 21:11 - 2014-08-29 14:59 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-24 21:11 - 2015-04-26 18:37 - 000109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2017-10-24 21:11 - 2013-12-19 17:09 - 000466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2017-10-24 21:11 - 2013-12-19 17:09 - 000444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2017-10-24 21:11 - 2013-12-19 17:09 - 000122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2017-10-21 12:43 - 2014-02-11 22:31 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\OBS
2017-10-21 07:58 - 2016-06-19 11:42 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\Blizzard Entertainment
2017-10-21 00:21 - 2016-06-19 11:43 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2017-10-17 21:16 - 2015-07-10 06:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-17 21:14 - 2015-09-08 14:03 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-10-14 18:22 - 2016-08-28 08:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
 
==================== Files in the root of some directories =======
 
2016-01-15 15:47 - 2016-01-15 15:47 - 021403160 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-11-08 08:52 - 2015-06-26 12:23 - 000000132 _____ () C:\Users\JohnDoe\AppData\Roaming\Adobe AIFF Format CS6 Prefs
2015-01-21 19:44 - 2015-01-21 20:04 - 000000132 _____ () C:\Users\JohnDoe\AppData\Roaming\Adobe BMP Format CS6 Prefs
2014-12-22 13:11 - 2014-12-24 13:38 - 000000132 _____ () C:\Users\JohnDoe\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-12-08 10:53 - 2017-08-15 17:48 - 000000132 _____ () C:\Users\JohnDoe\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-09-02 20:48 - 2014-09-02 21:08 - 000000107 _____ () C:\Users\JohnDoe\AppData\Roaming\Camdata.ini
2014-09-02 20:48 - 2014-09-02 21:08 - 000000408 _____ () C:\Users\JohnDoe\AppData\Roaming\CamLayout.ini
2014-09-02 20:48 - 2014-09-02 21:08 - 000000408 _____ () C:\Users\JohnDoe\AppData\Roaming\CamShapes.ini
2014-09-02 20:48 - 2014-09-02 21:08 - 000004544 _____ () C:\Users\JohnDoe\AppData\Roaming\CamStudio.cfg
2015-08-24 23:54 - 2015-08-24 23:54 - 000000000 _____ () C:\Users\JohnDoe\AppData\Roaming\Exception Minidump (2015-08-25 04.54.01).mdmp
2014-12-24 15:03 - 2014-12-24 16:49 - 297506468 _____ () C:\Users\JohnDoe\AppData\Roaming\Install Quixel SUITE.exe
2014-09-22 13:47 - 2014-11-22 16:53 - 000000112 _____ () C:\Users\JohnDoe\AppData\Roaming\JP2K CS6 Prefs
2014-10-26 14:51 - 2014-10-26 14:56 - 000000125 _____ () C:\Users\JohnDoe\AppData\Roaming\licecap.ini
2014-01-03 23:00 - 2014-01-03 23:05 - 000001158 _____ () C:\Users\JohnDoe\AppData\Roaming\ShiftN.ini
2014-09-02 20:41 - 2014-09-02 21:04 - 000000096 _____ () C:\Users\JohnDoe\AppData\Roaming\version2.xml
2017-01-02 18:15 - 2017-04-14 15:42 - 000004031 _____ () C:\Users\JohnDoe\AppData\Roaming\VoiceMeeterDefault.xml
2014-08-30 10:55 - 2014-08-30 10:55 - 000000046 _____ () C:\Users\JohnDoe\AppData\Roaming\WB.CFG
2014-08-29 15:09 - 2014-08-29 15:11 - 174606558 _____ () C:\Users\JohnDoe\AppData\Local\ACCCx2_7_1_418.zip
2013-12-08 11:38 - 2017-07-23 20:38 - 000001456 _____ () C:\Users\JohnDoe\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-11-22 21:41 - 2015-11-22 21:41 - 000968942 _____ () C:\Users\JohnDoe\AppData\Local\Auto-Shutdown_1140.rar
2013-09-22 15:20 - 2015-08-20 19:46 - 000007168 _____ () C:\Users\JohnDoe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-18 20:05 - 2015-05-18 20:35 - 000027316 _____ () C:\Users\JohnDoe\AppData\Local\HDGraph.log
2017-11-06 22:31 - 2017-11-06 22:31 - 000000717 _____ () C:\Users\JohnDoe\AppData\Local\recently-used.xbel
 
Some files in TEMP:
====================
2017-07-01 10:10 - 2015-01-26 11:34 - 000015752 _____ (Autodesk, Inc.) C:\Users\JohnDoe\AppData\Local\Temp\AcDeltree.exe
2013-01-28 17:20 - 2013-01-28 17:20 - 000248008 _____ (Ask.com) C:\Users\JohnDoe\AppData\Local\Temp\AskSLib.dll
2017-06-27 19:51 - 2017-06-27 19:51 - 000192512 _____ () C:\Users\JohnDoe\AppData\Local\Temp\sfamcc00001.dll
2017-07-07 18:29 - 2017-07-07 18:30 - 058684896 _____ (Skype Technologies S.A.) C:\Users\JohnDoe\AppData\Local\Temp\SkypeSetup.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-10-20 17:35
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Ran by JohnDoe (07-11-2017 19:19:39)
Running from C:\Users\JohnDoe\Desktop
Windows 10 Pro 10240.17354 (X64) (2017-01-09 00:07:25)
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2118853541-1488753588-3094647493-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2118853541-1488753588-3094647493-503 - Limited - Disabled)
Guest (S-1-5-21-2118853541-1488753588-3094647493-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2118853541-1488753588-3094647493-1009 - Limited - Enabled)
JohnDoe (S-1-5-21-2118853541-1488753588-3094647493-1000 - Administrator - Enabled) => C:\Users\JohnDoe
Visitor (S-1-5-21-2118853541-1488753588-3094647493-1010 - Limited - Enabled) => C:\Users\Visitor
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Acronis True Image 2014 (HKLM-x32\...\{1F91344A-B963-4431-89E8-4F80DEE282BE}) (Version: 17.0.5560 - Acronis) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Any GIF Animator 2.0 (HKLM-x32\...\Any GIF Animator_is1) (Version:  - AnyGIF.org)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoCAD 2016 - English (HKLM\...\{5783F2D7-F001-0409-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.107.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (HKLM\...\{5783F2D7-F001-0409-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD 2016 SP 1 (HKLM\...\AutoCAD 2016 SP1) (Version: 20.1.107.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.7.8981 - )
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call Of Cthulhu DCoTE (HKLM-x32\...\{E4406ED3-B04C-44F1-ABB4-08775B74934F}) (Version: 1.00.000 - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
ControlMK 0.232 (HKLM-x32\...\ControlMK) (Version: 0.232 - Redcl0ud)
CrashPlan (HKLM\...\{08523B5C-3378-4631-8D11-EF5069716D6A}) (Version: 4.7.0.344 - Code 42 Software)
Crazybump (remove only) (HKLM-x32\...\Crazybump) (Version:  - )
Cute Video to GIF Converter 1.4.0.1 (HKLM-x32\...\Cute Video to GIF Converter_is1) (Version:  - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DebugMode Wax 2.0 (HKLM-x32\...\DebugMode Wax 2.0) (Version:  - )
Deluge 1.3.13 (HKLM-x32\...\Deluge) (Version:  - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
D-Link DWA-582 - V1.02b01 (HKLM-x32\...\{321C85DB-F528-4B49-B6AB-82547D03DAF6}) (Version:  - D-Link Corporation)
Drago 4.22.03 (HKLM-x32\...\Drago_is1) (Version:  - Gilles Arcas-Luque)
DropIt (v8.0) (HKLM\...\DropIt_is1) (Version: 8.0 - Lupo PenSuite Team)
Dxtory version 2.0.126 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.126 - ExKode Co. Ltd.)
DZLauncher version 0.1.1.9 (HKLM-x32\...\{1E299AE2-74C8-4CD8-6B17-A86E0ED3C4D2}_is1) (Version: 0.1.1.9 - Maca134)
eCabinet Systems 6.1.3 (HKLM-x32\...\{FA9E7926-041B-4057-833D-C0E7B9A3632F}) (Version: 6.0.116.0 - Thermwood Corporation)
Emscripten SDK 64-bit (HKLM\...\Emscripten) (Version:  - )
EPS Viewer (HKLM-x32\...\{32E05824-A0AC-4DFE-B965-5F52C28FBE9F}_is1) (Version:  - IdeaMK)
ESEA Client (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
f.lux (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Flux) (Version:  - f.lux Software LLC)
FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
foobar2000 v1.3.14 (HKLM-x32\...\foobar2000) (Version: 1.3.14 - JohnDoe Pawlowski)
GCFScape 1.8.6 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GitHub (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\5f7eb300e2ea4ebf) (Version: 2.6.6.2 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.89 - Google Inc.)
Google Drive (HKLM-x32\...\{AC117AF9-316B-4E1D-959E-F0EB85B0DC5F}) (Version: 2.34.7100.0000 - Google, Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoPanda2 (HKLM-x32\...\{2046C398-9DDB-4F75-A6A9-6A7CEB2A2CA5}) (Version: 2.5.0 - PANDANET Inc.)
GoPro VR Player 2.0 (HKLM\...\GoPro VR Player 2.0) (Version: V2.0.2 - GoPro)
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
GZ3Doom 1.8.10_e (HKLM-x32\...\GZ3Doom 1.8.10_e) (Version: 1.8.10_e - zdoom.org)
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
Happy Cloud Client (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
Instagiffer version 1.75 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.75 - Justin Todd)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jed's Half-Life Model Viewer 1.3.6 (HKLM-x32\...\Jed's Half-Life Model Viewer) (Version: 1.3.6 - wunderboy.org)
KB4023057 (HKLM\...\{ED06689A-33B7-4D35-8F76-36A82CD03406}) (Version: 2.3.0.0 - Microsoft Corporation)
K-Lite Codec Pack 10.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
LEGO Island (HKLM-x32\...\LEGOIsland) (Version:  - )
LG On-Screen Phone (HKLM-x32\...\LG On-Screen Phone) (Version: 4.2.001.140114 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.5.1 - Hermann Schinagl)
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\{E59194A0-A215-4C44-8B92-40780387EBE0}) (Version: 2.2.0.578 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.578 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Malwarebytes Anti-Ransomware version 0.9.18.797 (HKLM\...\{bebf7481-07c5-42f5-941e-2e9f78a76d56}_is1) (Version: 0.9.18.797 - Malwarebytes)
Media Player Codec Pack 4.2.4 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.2.4 - Media Player Codec Pack)
MeshLab_64b 1.3.2 (HKLM\...\MeshLab_64b) (Version: 1.3.2 - Paolo Cignoni - Guido Ranzuglia VCG - ISTI - CNR)
Meshmixer (HKLM\...\Meshmixer_x64) (Version:  - )
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{A6A4A258-0A48-4F76-B8F1-61F0514594DD}) (Version: 16.4.1970.0624 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4971.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{E4A1FDA3-689D-44DA-9B39-86BD2270F522}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MKVToolNix 7.2.0 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 7.2.0 - Moritz Bunkus)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
msxml4 (HKLM-x32\...\{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}) (Version: 1.0.0 - Default Company Name)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.10 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NSIS Example2 (HKLM-x32\...\ARC3D Webservice v2.2) (Version:  - )
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4971.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4971.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4971.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Outlast (HKLM-x32\...\Outlast_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PackBit Codec version 1.0.0.1Beta (HKLM-x32\...\{5AFD98DE-0AF5-497F-BE7E-F93DEDF74573}_is1) (Version: 1.0.0.1Beta - Dxtory Software)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plex Media Server (HKLM-x32\...\{56A684B4-7DF7-46A2-A28D-20FBC13C3FEB}) (Version: 1.9.4325 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{90e1b3d6-298c-4b85-907e-d78697e00393}) (Version: 1.9.4.4325 - Plex, Inc.)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.4 - Power Software Ltd)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Resident Evil 7: Biohazard (HKLM-x32\...\Resident Evil 7: Biohazard_is1) (Version:  - )
Riftcat (HKLM-x32\...\{8346dab5-9676-4878-9891-b24811bf4ce4}) (Version: 1.0.0 - Riftcat)
Riftcat Client (HKLM-x32\...\{B2C26ED3-33A6-4A0E-98EE-6ACEC22C5793}) (Version: 1.0.0.3 - Riftcat) Hidden
RoboBasket3 (HKLM\...\RoboBasket_is1) (Version: 3.6.8 - ETUS)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.04.00 - Samsung Electronics Co., Ltd.)
SharePoint Client Components (HKLM\...\{95150002-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (HKLM\...\{95160001-1163-0409-1000-0000000FF1CE}) (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
Simple Shutdown Timer (HKLM-x32\...\Simple Shutdown Timer1.1.2) (Version: 1.1.2 - PcWinTech.com)
SketchUp 2016 (HKLM\...\{E2B66CF6-ABA0-4E5F-B426-7478B18301AE}) (Version: 16.1.1449 - Trimble Navigation Limited)
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Skype Web Plugin (HKLM-x32\...\{EB96DF8B-65A7-4E72-BFB1-38DB36870D16}) (Version: 7.32.6.278 - Skype Technologies S.A.)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
SoulseekQt version 2017.2.20 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2017.2.20 - Soulseek LLC)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{44BBE2BA-A279-42A1-BD53-58C962E71F88}) (Version: 1.9.4325 - Plex, Inc.) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1032 - SUPERAntiSpyware.com)
Swiff Player 1.7.2 (HKLM-x32\...\Swiff Player_is1) (Version: 1.7.2 - GlobFX Technologies)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Witness (HKLM\...\dGhld2l0bmVzcw_is1) (Version: 1 - )
TriDef 3D 7.0 (HKLM-x32\...\essentials-bundle) (Version: 7.0 - Dynamic Digital Depth Australia Pty Ltd)
TrinusVR version 2.0.7 (HKLM-x32\...\{A66AD08F-FC5B-4583-9A7D-4636F5637B2C}_is1) (Version: 2.0.7 - Odd Sheep Ltd.)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Unity (HKLM-x32\...\Unity) (Version: 5.1.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\UnityWebPlayer) (Version: 5.1.1f1 - Unity Technologies ApS)
Unreal Development Kit: 2014-08 (HKLM\...\UDK-9c2d7d48-70d6-4b8d-8177-eed675927679) (Version:  - Epic Games, Inc.)
Unreal Engine (HKLM\...\{C5027D29-72B6-45F1-95C7-AAB98C31F69D}) (Version: 1.1.12.0 - Epic Games, Inc.)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Veeam Endpoint Backup (HKLM\...\{97BBA6CF-338C-4284-B605-5A5AC00132F8}) (Version: 1.5.0.306 - Veeam Software AG)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
VR Player (HKLM-x32\...\{31DDB528-67A7-415C-B218-B111B5FAF5DD}) (Version: 0.5.1 - StephaneLX)
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinDirStat 1.1.2 (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Worms Armageddon (HKLM-x32\...\Worms Armageddon) (Version:  - )
Worms W.M.D. (HKLM-x32\...\Worms W.M.D._is1) (Version:  - )
XSplit Gamecaster (HKLM-x32\...\{083E9AF8-1900-4D7A-AB08-0B4BB98D2848}) (Version: 2.7.1512.1839 - SplitmediaLabs)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{41052F6E-3662-4584-BCD3-77BCCAAE8470}\InprocServer32 -> C:\Users\JohnDoe\AppData\Local\SkypePlugin\7.32.6.278\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{60813F68-E9F7-4B3C-80B4-A76A66211660}\localserver32 -> C:\Users\JohnDoe\AppData\Local\SkypePlugin\7.32.6.278\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{C52B9871-E5E9-41FD-B84D-C5ACADBEC7AE}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\JohnDoe\AppData\Local\SkypePlugin\7.32.6.278\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> [CC]{2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} =>  -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-10-09] (Google)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2015-06-16] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2015-06-16] (Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-10-09] (Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2015-06-16] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2015-06-16] (Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {043ABB39-7149-431C-A81F-172B310A7E73} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {085F6E7A-CABE-4D03-9AB3-09E55B9851C8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {08F069B4-7CCF-44FA-B025-B8520AAE32FE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-07-09] (Adobe Systems Incorporated)
Task: {09221FF3-7AD7-43E6-9C8D-B9F821CEF5CA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BFD8BCD-46B0-4EB2-B2D7-BAA9ABB9FAB1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {10CFAE02-CE22-4E4C-A05C-54C4BE819A62} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B67756E-0F48-496B-BD07-C5067FA20EED} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {213E625D-F228-4F92-9D31-041763DD6ED1} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {215932AA-6835-474A-BA4A-9185B7E70C4D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {215AAD55-D1F5-4E84-BA1C-5F84FCBE6F67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2829A8E2-D3C5-4129-87E7-A61C3F0BCDF5} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2017-01-08] ()
Task: {2C1386B3-1B50-45CE-B67D-ABF510EF1268} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {315FF7C3-5435-4784-9BFD-88F6B0AEBAED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {343E87FA-C082-4C67-85A8-905F7ADBD75E} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {371CC41F-45D9-4A7D-B095-A1F41F8E4535} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2017-09-05] (Microsoft Corporation)
Task: {390B6383-B0BA-4532-BB92-8A8CCD706D21} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3A26E800-0D02-423E-831C-4FC5A2CE841B} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {3CADE8BA-3376-4CC5-9129-DF20CEC9386A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {3E83079D-5816-44DD-A1C5-035CBA2D8701} - System32\Tasks\{264AA82E-0D9F-491F-8F75-6AC88379EC64} => C:\Windows\system32\pcalua.exe -a C:\facetalk\vcredist_x86.exe -d C:\facetalk
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe generaltel.dll,RunTelemetryW
Task: {4824F5C2-CFF1-489B-9DD8-50867EF00A08} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4DF66FDD-56D1-4CC0-82FD-C23A43BC9FD1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {50B0E9E7-FB3B-48A5-AD9E-F60C224DEFA5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {56A416E1-CEA6-4C66-9B49-446CDF2A9322} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {653609D6-9972-490E-95F8-6655932A38D4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {6728FE67-22D3-45FD-B590-BA793D0845CC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {70BD27CD-43BC-4D7D-8CC0-A37C7DD5B5DE} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {71E7E9F7-D2F1-4425-A067-8DA7826EC65B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {7D8FACD2-560D-4F3F-849C-CE58FA6D8286} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {821FBBD1-F4F0-4D14-A496-C67DF82DDB40} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {82D2D90C-FC57-4662-8576-105906E7319C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-09] (Adobe Systems Incorporated)
Task: {82F255A8-9083-4D50-908F-6AE669801AAA} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {87FFBA8A-5C6C-40B3-8776-B7F4FFDBC42F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {88451E32-5273-48C4-84C3-5EC634EF6E74} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {8F42BC07-C2E6-4884-92D1-D62E0DCE1B98} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8F4C3A2F-D807-437E-BAA4-10DF9721ED47} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: {9FF2A908-33EA-42DE-BFA0-940693DF7D25} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2118853541-1488753588-3094647493-1000Core => C:\Users\JohnDoe\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {A20E378C-2EC1-485F-A033-4E56E69D4328} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {A510FD0F-C100-4861-A68C-3E5752FA7C6E} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A7B20046-C633-4354-A90C-5793CDC2F226} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B44D07F3-3569-4D03-AA2E-C9F2576304D2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {B56B7CF9-8765-49C8-842E-3D9C72245EDB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {B64791E3-1488-4590-A4EA-C2846AAF49C3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {C66F61DB-B81C-4BBB-84E5-699CFC921128} - System32\Tasks\{0712CEE4-6F21-4497-83F5-42D74A7817AB} => C:\Windows\system32\pcalua.exe -a C:\Users\JohnDoe\Downloads\forge-1.8-11.14.1.1375-installer-win.exe -d C:\Users\JohnDoe\Downloads
Task: {CCC7FE22-3409-4283-8E0D-C7015B12984F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D72F551A-6A6F-4425-8B05-DA317BC197FB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DDA1B7D1-095B-45E8-A877-1BB3A97DCF0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {EAC73821-25D2-4693-83E1-F0CED2F7181F} - System32\Tasks\{62DE4789-40F7-454A-88EC-924C65C24006} => C:\Windows\system32\pcalua.exe -a C:\Users\JohnDoe\Desktop\oculus\Perception\Perception\bin\VireioDLLInstaller.exe -d C:\Users\JohnDoe\Desktop\oculus\Perception\Perception\bin
Task: {EBD233ED-ACC8-4CDF-8404-B3BD20954E3B} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {F63B8181-B71E-49CD-8F32-04949325051C} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {F8BEDA55-0D01-4DB6-8C7A-62977D00839B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\JohnDoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Emscripten\Emscripten Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files\Emscripten\emsdk_env.bat"
ShortcutWithArgument: C:\Users\JohnDoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\JohnDoe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\JohnDoe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-01-08 20:07 - 2015-07-14 21:04 - 000032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2017-04-11 20:35 - 2017-03-28 05:15 - 002495768 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-21 18:50 - 2017-01-31 07:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2004-09-30 13:15 - 2004-09-30 13:15 - 000192000 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2017-01-08 20:14 - 2015-09-17 00:48 - 000429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2017-04-11 20:35 - 2017-03-28 00:57 - 006569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-08 20:12 - 2016-11-19 01:06 - 000471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-11 20:34 - 2017-03-28 00:55 - 001808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-08 20:17 - 2015-09-17 00:43 - 002274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 06:00 - 2015-07-10 08:14 - 000210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2017-11-07 17:32 - 2017-11-05 04:12 - 002871640 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\swiftshader\libglesv2.dll
2017-11-07 17:32 - 2017-11-05 04:12 - 000138072 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\swiftshader\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MB3Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MB3SwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MB3Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MB3SwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\Software\Classes\.scr: AutoCADScriptFile => 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2017-03-30 20:04 - 000501196 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 activation.acronis.com
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
0.0.0.0 banner.ad.nu
0.0.0.0 adadvisor.net
 
There are 13208 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\JohnDoe\Downloads\46900422-wallpaper-gray.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Autodesk Content Service => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: syncagentsrv => 2
MSCONFIG\Services: VeeamEndpointBackupSvc => 2
MSCONFIG\Services: WTabletServiceCon => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CrashPlan Tray.lnk => C:\Windows\pss\CrashPlan Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk => C:\Windows\pss\Install LastPass FF RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk => C:\Windows\pss\Install LastPass IE RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OculusConfigUtil.lnk => C:\Windows\pss\OculusConfigUtil.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^JohnDoe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^JohnDoe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\JohnDoe\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: AVG-Secure-Search-Update_0214c => C:\Users\JohnDoe\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=012d7d48095647d39ae281ac0f58262d-70393698b68259567fe90401a4c13bae881e40dd /CMPID=0214c
MSCONFIG\startupreg: AVG-Secure-Search-Update_1113a => C:\Users\JohnDoe\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=012d7d48095647d39ae281ac0f58262d-70393698b68259567fe90401a4c13bae881e40dd /CMPID=1113a
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: BackupAndRecoveryMonitor.exe => C:\Program Files (x86)\Acronis\BackupAndRecovery\BackupAndRecoveryMonitor.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CrashPlanService => C:\Users\JohnDoe\AppData\Local\Programs\CrashPlan\CrashPlanService.vbs
MSCONFIG\startupreg: CrashPlanTray => C:\Users\JohnDoe\AppData\Local\Programs\CrashPlan\CrashPlanTray.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
MSCONFIG\startupreg: f.lux => "C:\Users\JohnDoe\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: Facebook Update => "C:\Users\JohnDoe\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Fences => "C:\Program Files (x86)\Stardock\Fences\Fences.exe" /startup
MSCONFIG\startupreg: googletalk => C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: OutfoxTV => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TrayMonitor.exe => C:\Program Files (x86)\Acronis\TrayMonitor\TrayMonitor.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\JohnDoe\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Veeam.EndPoint.Tray.exe => C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe -NoControlPanel
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{75EFF93B-098D-465E-AF70-C6873E25ACCD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9C7E5216-7246-4528-8150-0FFE3335D0F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0BE48B47-1842-4C75-B520-2D736FBF1451}] => (Allow) C:\Program Files (x86)\Riftcat\VRidge.exe
FirewallRules: [{F81B3C48-1DAB-48BA-A151-7A486ACA21A0}] => (Allow) C:\Program Files (x86)\Riftcat\VRidge.exe
FirewallRules: [{8931F971-2510-419C-8561-66E8583E8595}] => (Allow) C:\Program Files (x86)\Riftcat\Riftcat.exe
FirewallRules: [{E481D2D3-FC9D-4FA9-BD95-A5ABFAEB9EE4}] => (Allow) C:\Program Files (x86)\Riftcat\Riftcat.exe
FirewallRules: [UDP Query User{334E95A5-E2D1-43DE-99CA-98E48DC68EE5}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{F54B39CC-F7C5-4DE0-995B-A6642AA23865}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{E3E9ED28-8066-4E36-B5CA-C46F4F148D39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F6A84C0E-FBD0-4CAF-B407-1B06957D4CDE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D121B62E-5B2A-4E66-A800-68664F6E4661}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{37E3A800-803F-4A73-B72E-9FD98E463A1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5A399ACA-D7A2-457D-BADD-487F542DDFF2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1889113A-2289-4DAE-99BA-D8753613E6AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7A628787-D70F-44E9-80D9-38806ED72DBF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6BDA842F-47B0-4DBA-9D33-87B95AD5E95E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0471FF3C-C44C-4C68-9A46-3DBA0A8FF54D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{98A1E580-C5AE-4192-84AB-D1560060FBE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{27955D3F-5717-49D3-8AD0-E8DEA6334BD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5044250B-D182-45D1-84B9-81DCC60E28FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7BA4CEA0-7440-4BA2-AB0A-934CFBBF5FD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1B548BB3-D5CC-4D5F-9D38-B35426A2D05C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8879323F-DBEB-4F66-992E-1AC6C2D2D6AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F357546F-BC60-4181-98B4-C2F57AD073C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5A421725-3FA5-4FA3-ACA0-92A7F2D5220B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0B8DF506-238B-4E76-85DD-E45AFAA49A3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C080184A-4EB1-42F4-8640-31127F0E9A5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{06D8837E-E83B-46D2-894D-962A183F1301}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7228A905-67B6-46BA-ADD1-37A2F4B32B1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{792973AA-B5D0-4B44-8D12-0EB98ED151D7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BC7DEB8A-DE4B-4558-8B9D-C27E0C1CA634}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5BB07D0C-6B22-4274-91B6-FD7947DB90D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B5BC6F77-13B5-4ED9-A507-15B3B1BED50F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F9E7398D-3EFF-40B3-B12E-F03B66786A05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0BF167CF-15F9-4737-9965-865C0D6321B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EB4D1600-0AE2-42A9-B874-48651630C9C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3199D023-6BFA-45E4-B721-D75FBC326964}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{04BF1E32-50DA-4559-B2A1-49B76EB4B638}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5400F224-ED0E-4D80-BC7B-322269023C91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FA8F5790-358C-4F2A-9984-C1F00C975B36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6927A104-0E3A-40F7-86D2-51A558DBB213}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A4B536E6-B8D8-43DD-A9DC-C3BB2C5FC733}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B6ABE096-3A9B-4521-B61B-A23BFA0A9A59}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AB76F7D-7735-4BA5-ACD6-A4E143326D1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{38C11767-E891-40DD-93B6-0D385E9C9C44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6174BB2B-CEED-450A-B238-B6DD9D617A12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A199A92F-EEB1-48CC-B60E-EB8B6D5A6D07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B1F3DFA6-F742-46E7-8DB5-2E99BF6D81DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CB553BBA-8C3E-4978-8B83-DF123EE8F28C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4752FBD5-F36A-4E3D-A108-CCF8C6EA67A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C296C17E-D9D1-46FF-967D-76DA4ECF7102}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B358125D-056E-47EB-AC42-B21783CC1F9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1CF8409-8EB9-4DB4-86D5-F72DDA6239E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EB4FFEAB-443B-4324-950F-AAC71F1132D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EB959F4E-710F-4CE9-98DB-011C396458C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C4EC1DBE-7C62-4B8C-BF04-F046005415AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2E02996E-3154-4610-A5D4-80027361955D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B3A3F6A3-35DF-44F6-AC50-2A306FDA08AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9BC67FB0-7767-4299-8CB6-A27376FCA58E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{60EA82B5-DED9-4FE7-8390-A2A505FA8E00}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{ED62CF6B-F640-4C0E-B0A1-3224767DD34B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4E4EB7DB-C878-4B9E-9224-FB610E867540}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{EB750A4D-18F6-4B03-A74C-CC608477E910}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{4C9EF861-E2E3-4C4D-94A1-29829C11F6D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{4625D4FA-F8F3-4641-A15A-49FDC679DBA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{7BEC35B6-6789-4B85-854A-AE8E529C2908}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{6807D6D9-2714-4377-97B6-DEEBE6718AED}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe
FirewallRules: [{57DB03E4-395E-44B2-A33E-55EC2E91B4A2}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe
FirewallRules: [{F64BFA1B-49E6-4331-A98B-81335811AA1F}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe
FirewallRules: [{8AC04E03-EF0E-4CC9-8334-0413E02586AF}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe
FirewallRules: [{F7CA07DE-DC4A-4442-85A3-11C266BE4AB2}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe
FirewallRules: [{97C8B878-283D-4785-B0AB-E824E050F158}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe
FirewallRules: [{DFA8F125-8120-4A86-ABCD-D7BD39FB9870}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
FirewallRules: [{3BFB2EEC-AC13-4B28-A17D-97A3F3CFAA95}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
FirewallRules: [{753C829F-AAF8-46BD-BD3A-3CB1EDACAD80}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe
FirewallRules: [UDP Query User{9E010019-C924-40F4-90B7-7E68AAC18F5D}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [TCP Query User{3B0E7986-E1E7-49B9-87CB-6228B3681EA2}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [{97F5B3D5-FBB2-42D0-865E-53C658581B85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVR\tools\bin\win32\vrmonitor.exe
FirewallRules: [{76A3B7AC-0DCD-4203-B265-DDD01BFAE72D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVR\tools\bin\win32\vrmonitor.exe
FirewallRules: [UDP Query User{5EB3E8DF-6AE7-46B5-9725-E78D104BE3ED}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [TCP Query User{00E5D80B-2D5E-4DE1-8428-386A2D6CAC35}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [{2FA4CE46-18FE-4086-92D4-1AC347E23F1E}] => (Allow) C:\Users\JohnDoe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3481AC93-4F43-4F29-8A7D-894227C96201}] => (Allow) C:\Users\JohnDoe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A720F494-AC19-43A4-B74D-2B94D68C96B3}] => (Allow) C:\Users\JohnDoe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{086628CB-CD16-4E65-9132-A82C3F839B8E}] => (Allow) C:\Users\JohnDoe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{695E2055-0738-4A4B-B619-FE9D3895A703}] => (Allow) C:\Users\JohnDoe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4CC1AB1E-308B-4EBE-AED2-881C795F188C}] => (Allow) C:\Users\JohnDoe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{103C5946-3F05-4BFD-BBC6-40D1099C42CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{34B01E4B-F143-440A-A59A-1AEE372EAF1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [UDP Query User{223C5775-E52B-4BCD-952F-D01632A73CAD}C:\users\JohnDoe\appdata\local\programs\crashplan\crashplanservice.exe] => (Allow) C:\users\JohnDoe\appdata\local\programs\crashplan\crashplanservice.exe
FirewallRules: [TCP Query User{8E72D0B3-A8F6-402E-AD22-C3AFC9AB2FF6}C:\users\JohnDoe\appdata\local\programs\crashplan\crashplanservice.exe] => (Allow) C:\users\JohnDoe\appdata\local\programs\crashplan\crashplanservice.exe
FirewallRules: [{38849EF8-BD16-498C-84D5-F337210558A4}] => (Allow) LPort=7575
FirewallRules: [{F6C56860-CA82-4224-B5D5-46C720F18A8D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{B50CC47A-193C-4A45-959D-A75DDE485389}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{687D1343-9F7E-4204-B53D-74EB32326A1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{C2270987-E8D4-4FBB-B40C-CA78E841C26A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [UDP Query User{35688CE3-AF66-4FF0-B22E-50B9EC596A62}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{C3F443B8-18D2-4BA2-8213-B50E3E5C352B}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{A1EC950A-785F-42A6-A6DE-CADCCEC3895F}] => (Block) %ProgramFiles% (x86)\R.G. Mechanics\Outlast\OutlastLauncher.exe
FirewallRules: [UDP Query User{DE58377F-8EFA-4999-BCC1-0462C086528E}C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe] => (Block) C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{97966721-E71E-43EA-A511-C53C7F219C58}C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe] => (Block) C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe
FirewallRules: [{F0404191-39A0-4526-BA1B-027E493EA615}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{90820F54-83BE-47CB-8F53-FB278E5260C4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EE4300FC-1BE1-46FA-95F8-E4B8BCAB0EC2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C1F1A368-F725-44C7-95D8-D65F0F339F28}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3A9091F7-788A-4DE5-8191-196E88BD4973}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{AC291F83-70BC-49DD-8123-138816007EEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [UDP Query User{BFB084F1-BABA-4D4C-AB16-40D414A9D041}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{679DDA69-471F-423F-A25E-5F3C6D3DC360}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [{3B9D85D4-D587-4A45-A46C-D8F95F87E81F}] => (Allow) %ProgramFiles%\pia_manager\pia_manager.exe
FirewallRules: [{EB876300-600A-4B9F-8DA4-856756EC7EED}] => (Allow) %ProgramFiles%\pia_manager\privateinternetaccess.exe
FirewallRules: [{CD530128-FBE0-4599-A77B-AC9C278992D4}] => (Allow) %ProgramFiles%\pia_manager\pia_manager.exe
FirewallRules: [{B66A3EAE-1BB1-40BE-AA78-7F509230BC5C}] => (Allow) %ProgramFiles%\pia_manager\privateinternetaccess.exe
FirewallRules: [{914725A8-9310-4172-90A6-9FF2684C2D18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Morrowind\Morrowind Launcher.exe
FirewallRules: [{D2F68AF1-B4F3-4A3A-8C3F-39FA7E294184}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Morrowind\Morrowind Launcher.exe
FirewallRules: [{0465A618-1646-4733-BDDC-8ED63FA94623}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{A21E6775-3F27-4204-8177-9B19B6205C58}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{28FC52EB-F6DE-4466-B0B6-A093734808B0}] => (Allow) LPort=50248
FirewallRules: [UDP Query User{B5E30494-B301-4B74-A681-33243E7C6A9D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{40A3AA9D-693D-4A48-AE33-23E9C2ADCA18}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{251DF70C-7415-4389-B0F0-00CCBF9ED12A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{7B82BBA7-53A1-459B-B0DB-9F09B0616196}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{557FA6B3-12B5-4BCE-ACCC-79BE7D017056}] => (Allow) %ProgramFiles%\pia_manager
FirewallRules: [{B0F1A8BF-F3AE-4B90-BB52-A647D7668098}] => (Allow) C:\program files\pia_manager\openvpn.exe
FirewallRules: [{5926E1D8-79BF-485E-B617-9C8A46079B47}] => (Allow) C:\program files\pia_manager\openvpn.exe
FirewallRules: [UDP Query User{D9C24520-0DC6-4733-877D-4AF8F3F70C97}C:\program files\pia_manager\openvpn.exe] => (Allow) C:\program files\pia_manager\openvpn.exe
FirewallRules: [TCP Query User{7E8567E2-7B68-49A6-AFEC-D2C7D596FB55}C:\program files\pia_manager\openvpn.exe] => (Allow) C:\program files\pia_manager\openvpn.exe
FirewallRules: [{689CFD95-B6B3-45BD-93F6-A925FFAAAEB2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4D91763D-87BC-404E-8D43-971FA1B66D97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BDA468C0-1D6A-4319-8085-EB328902BA1D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{6078D894-7692-42E4-A341-9EBABA5A3F4C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{4F35435A-2864-4DFF-A1F2-FDABB7E21366}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [UDP Query User{F4994A54-69F5-4F3B-B87A-14E31C4F93AC}C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [TCP Query User{D1101655-C058-424F-AA56-1B5AD6F3FA7C}C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [UDP Query User{D4EC0B55-69E8-4A5C-9F92-B49FDF478574}C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{11F7C029-262D-4ADA-9335-2C0502B83CC2}C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{0E00E11A-FC6F-452C-844A-F4FA2455648F}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [TCP Query User{7ABD9079-BB15-46F9-B993-81CE94262A93}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{F13BCE07-A029-4B65-AB99-394BA1174A0D}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{56D6E516-1C0D-45CC-863C-94E1D03A7DFA}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{BD3BD8C6-DE95-4799-904D-699D1B2B50FB}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{FB60E9E8-09AD-40BF-9741-5A27EA899BC5}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{BDCAEA99-6314-4F53-9A08-C74438D71D71}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
FirewallRules: [{304D728F-8450-45B4-B223-F669374AF7E7}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe
FirewallRules: [{4F1C0B00-3EA9-43F9-85FD-C95EB000204A}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe
FirewallRules: [{35248B8B-0468-4F3B-8B7F-07D48887F81E}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\sniffer_gpu.exe
FirewallRules: [{2FA9FE2A-47A0-4593-963D-DCFED39BE8AB}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\LogTransport2.exe
FirewallRules: [{8B0515E4-0E49-43B2-BF01-86CE7CBA52B0}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
FirewallRules: [{F2CBCE41-B49D-4E47-81BF-CB33C1A41BA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dear Esther\dearesther.exe
FirewallRules: [{1EB87F30-4AA1-4387-9A1C-D594B356FC51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dear Esther\dearesther.exe
FirewallRules: [{43BE26E7-965F-4EFD-9D05-EF9E5F005882}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{BB1BE65F-E880-4FF6-8227-B2268548ACF3}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{BCEC217F-4EF7-40D5-93E2-1987C9671215}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{E1DBBEB6-8AB7-4DB4-B37E-F1BB20F9310B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{AA0C4311-7C28-41E5-ADF8-257AFBB8978F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{D614BFF5-2C7D-4756-A4C8-98F8BF20DE85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{CC5E7AA1-A1D9-4683-A46A-2CBFC0DA5338}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{78DA62EC-9AD7-4C8A-8856-C870591C171E}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{70BC060B-FAA7-4814-AF0A-1979E3BF68FA}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{CFC16692-2CCD-4EE0-A203-88B536979279}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win64\UDK.exe
FirewallRules: [{D756C30A-7DC0-40B9-B4E0-E27B97B9ACA9}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win64\UDK.exe
FirewallRules: [{BD0F74E9-033F-41D6-99B1-EA009D003A05}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win32\UDK.exe
FirewallRules: [{6F33C7AF-E299-4E25-B864-6CEDFDC941E7}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win32\UDK.exe
FirewallRules: [{56AF8189-48C8-474A-BE17-1C756CDF0C4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{C0C17CE3-CF5D-488A-982A-67A5B012D068}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{B6CB86F2-75B2-48EB-8516-5504475D41D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\bin\SDKLauncher.exe
FirewallRules: [{A488BE73-CE02-4B06-8835-6B54A55133B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\bin\SDKLauncher.exe
FirewallRules: [{8C369261-2C9E-4AC6-96D3-74DF7904DB5A}] => (Allow) LPort=1900
FirewallRules: [{5BE45551-2216-46BE-B0D4-AB084ABF6B5E}] => (Allow) LPort=2869
FirewallRules: [{6C4B18EA-1923-4CE3-9816-38A32670250A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FA5672C5-79CA-4238-8542-B535C9C04AA3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9E1EF846-D980-44D5-B064-9DEFBC386BF0}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{8905A171-F954-4A06-8B10-A14EA7B23B55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [{998B5B86-6CD5-4237-A747-7E9B23370B7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [{1D032D33-B665-477B-B36D-9697627C0BFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Penumbra Black Plague\redist\Penumbra.exe
FirewallRules: [{F2C538D2-CDCB-4AA7-AC77-FF12EF32F3CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Penumbra Black Plague\redist\Penumbra.exe
FirewallRules: [{01B94D6C-BAB3-4CB6-A725-7963319B4E08}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\team fortress 2\hl2.exe
FirewallRules: [{5DF3193C-079D-4FBE-BDE9-9ED23CD96D21}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\team fortress 2\hl2.exe
FirewallRules: [{17A91EFC-AB92-4C4C-A03E-5861C19AB7B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{4A5E98D2-427F-42AE-A5F5-084EB39EB9C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{391658E2-5D00-48ED-9795-CE0435B6584B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{439846EA-C718-47AA-9E58-8FA7093FC2E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{6337E307-76D3-4D5E-BB42-AE9A424AED3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{C7B75A24-3A3B-4308-8CEF-EEB2541E7572}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{5CCED517-F47C-4127-B375-420F798744E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{BF9069EB-D6C3-4A0E-B432-4E246497E4EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{82A10E02-EECD-4CBF-959F-0BBDFAA80CBA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{B75AB411-522D-47C0-B206-6775A3C76913}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{365CF0E7-335E-497B-A6C2-9D0EF37E592F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life SDK\Hammer Editor\hammer.exe
FirewallRules: [{E7EA8D79-286C-41BB-823E-E1FB770461A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life SDK\Hammer Editor\hammer.exe
FirewallRules: [{0A05A12F-340B-4C99-8B02-E92ACE1681C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{6D4F103A-84B2-47FE-9C68-711D8069466A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{97BA6D3B-7F24-4BAF-86B0-56F154B4E62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{189AA99C-29B4-4787-BA4F-49038D0CD82C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{F4A1B8F6-5963-49F1-850A-64E9A6030020}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{14A3AE91-D91B-49E1-BD78-1BCAE910B511}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{1FF26D7B-6C36-44E2-B2AF-FBD98F3A1A68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7192F61F-A591-4E6F-87B9-3F3B1BE59F65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5BBADA0D-7A50-4B8A-BC75-5C28ED8002AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BF036E11-8E7F-4FC6-843B-FE13044BF492}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B6080E87-9741-4AB6-85B7-7EF9B69D0E09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E1B16B81-9E24-4DB7-B67B-2950CA0DA710}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{56FFB7E7-4121-47CC-9A22-DB02C79800C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{99D685FA-9458-4285-8048-802DD0CEB253}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F6CD971B-C6D3-4E6A-AB53-2BCFAB125A35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A29D69EE-9F74-45BB-9FBC-CBB8ED1BA890}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{6E5B2C30-AAD4-4339-9887-DCFB64B1B9B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ABFA9C35-5EC3-40A4-861F-82FC1B5C0FBC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A2FF888B-45F5-46B6-9374-104FB370FB0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{6A52E697-7BDE-4EEC-AE16-7FA55BA3741E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{2F8D325A-ED64-440C-96BA-040B56A04E56}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{679FE4AF-76D1-4B96-8216-401D8D646440}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{77A1F528-C305-47C4-9EE8-FADA0899565B}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{9A677C8A-4E4B-4317-BAE0-7D62A12D3F15}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{C1258AE8-D306-4DF3-BF51-C9FFEE03A10B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{B027A9F6-42CA-4757-B11C-3DFAD7B15B6C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{8A717357-2916-4FB5-8C6B-26CDD6F9D087}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{46FB3D3E-161E-46FC-B87A-5A76394739F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [UDP Query User{91331AFE-DC3D-4181-8407-FFFEF8BAD75A}C:\users\JohnDoe\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\JohnDoe\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F126D196-4670-4756-9A49-1ACED4807FAC}C:\users\JohnDoe\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\JohnDoe\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{AAC0578C-4252-4BED-B881-48392ACC689D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{66F89ED6-324E-46D2-BCD4-8B2457CC398E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5AEB9935-1FA6-452F-A1F6-EA7DCF686DAC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A63DE944-C8A1-4492-8BF9-5174DDF0F92F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6851E29B-4CED-4178-B2B4-C50CAD1DA965}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6A1B49D5-57F7-477B-BBBF-E94F3CBB314E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8577D211-94C7-445D-B102-4CC929B62453}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bigscreen\Bigscreen_Data\Bigscreen\win64\Bigscreen.exe
FirewallRules: [{EA344CE9-FC11-4172-9D95-7EA505E7D375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bigscreen\Bigscreen_Data\Bigscreen\win64\Bigscreen.exe
FirewallRules: [{D245C990-B511-4EB7-8DEF-0ABDDD285683}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2352082C-7BA2-4E5C-9602-B76CF40E1F67}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A7F66000-F97A-4487-AE3E-C74AF3BCA34F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA93DE08-08B7-49FF-B45C-1E56103C29F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{89608FAE-303D-4EB4-AA4A-1B7EF91B1385}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F39ACEC1-7F1E-4F51-B074-5C99CAB3C4BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BC36DD12-CAD9-4E29-A76B-4408E4CFBE9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6810EB91-A85A-43B1-9792-49A03464F634}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5A356A8C-54B2-4CF2-9761-895D399FBA78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8FE699A1-CC04-40AF-AB8D-1EF2BEE8AF67}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6473884F-B43E-462E-ADFF-EE1C0FA873F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{31B169E8-D8D3-4BA2-884B-796974DA8345}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{310462CE-870A-41DD-9DFD-20E092554186}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A09E818E-880B-4471-AB74-7F6F3DF33F25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9A16DE88-D587-46E5-BAE1-6CCD178A79F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6B74A00C-6984-4347-9B35-E1A6484CC026}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6DE9E0EE-5297-4536-AF2F-DA6D1388D14A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3C985F21-214E-4329-8135-B230B771CBB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E51D949F-B77D-4B4A-A3ED-1DB0D8B80E8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D7038E8F-2AB5-4568-8CC0-E487DFC4FE50}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{45381F00-51ED-48E7-B197-67A3FED0C0E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3331AE6D-DFC1-42D3-B24F-AD6BC217E9A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{89238998-161F-4BA7-8F28-34D61B0E7AA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9D31D3D7-B755-4104-BB39-F4ED796C4DB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C0CCBE55-0080-43AB-B52A-CE18CDC34FE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C8F229C2-5800-44C3-A584-3F00A449429C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{6AC8E5E5-0448-45A3-96A8-4004A36B416F}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe
FirewallRules: [UDP Query User{E427C6FA-5FC1-44FD-85B0-CB43A01CED92}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe
FirewallRules: [{E07D0991-7B06-437D-BA37-ADEC7371B7F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DF3B090F-AE9C-4666-9413-5BAE516BAF18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{97DB912B-A616-4180-B18C-D090E4D1EB8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{197AE5FD-D8F2-4887-8134-F6D7AA9EEC6C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7A5FC420-46BA-4F82-B923-2017DC25DD3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{35BAE388-A4E3-48C5-B80D-2866A0BD403D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F38EBDB9-B28C-42E7-AB84-E2CEB8364378}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{D969E3CE-7B6C-4DB4-A39E-384479D58877}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [TCP Query User{14F286DF-EB2D-46BB-9450-01A61EC91468}C:\program files\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\java.exe
FirewallRules: [UDP Query User{BAF747F1-449C-4811-A989-1A8F8D44A5FB}C:\program files\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\java.exe
FirewallRules: [{9B5EA3DB-8A1C-4BBC-AE4C-516EA4031043}] => (Block) C:\program files\java\jre1.8.0_51\bin\java.exe
FirewallRules: [{01090D46-F62D-4303-B9E5-938FF76B3C44}] => (Block) C:\program files\java\jre1.8.0_51\bin\java.exe
FirewallRules: [{EBA1F5DD-6F59-4DB4-AEAC-1CA9F17ED3E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{46E3BC1E-09A0-4EA9-A1A9-36200478C9C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{19EFA63D-3559-4814-B1DD-15449D2A8974}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{63586D1F-9657-4591-B56C-7AD2BDC8B474}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{91CF096F-B4CA-4A22-91DE-27210865081F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{432BF075-8886-4D6E-92A4-3B973A17A9D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FB8FDAED-D7C0-4D99-8EDE-3B8C9774A2FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{89564C33-0558-4FFE-88A9-7EEF9CB3C141}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9DC9AD5B-B134-4283-997F-47382AA74189}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{19914B29-4A43-4650-B88F-88DD1D86D97F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1D34DE84-1F26-490F-BABE-137ED7A0A1A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9ED6880B-04FB-4E3D-9001-70E87B046FD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3D129460-97B1-4FBD-8383-E9C245713CC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0AB58EC6-1B9C-4585-8233-087E8851A54C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FCB2A20E-799F-4AB1-9AB1-620FA84356ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{03E43FBA-EC84-4C22-BD73-CC1F77E00DE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C3BC89C5-2D9F-402B-93E9-294C3B0BC9E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C714E824-9BF6-4DE0-87C7-2290E7198067}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CA19EB25-71AB-4262-812B-B0812E6F4CEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BAE2A2EF-F936-4C89-987F-FC9BE942E522}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AFF11262-B606-4B80-80BD-3FE6C5B095F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AB49C8A-954B-4622-914A-BF96039BA046}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{832EA048-0277-43E3-B9FA-81E13FDE3BDA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E934A329-326F-4009-9C0B-58E68EC0A248}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{73E8F931-26A4-4E1F-98FE-5835493FE656}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2FA56D4A-DCC0-4620-9C21-77053B06BB70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{427DECFB-F758-4FF1-AD23-ED4A1F2592D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FC567421-FC77-4D2A-884A-5B850FB40FE6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E955E5BE-CA38-4345-9FD0-E2829CFFE0E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{71FA7563-269E-49E9-A574-CE765E5623DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{412FB76D-9FE0-4EE4-9654-D90DBCF1F8FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1417E540-990A-4249-A78C-957B5D61C047}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CCECC6EE-AA04-46E4-A7B6-5E183D52C860}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6C3343E6-27D3-451D-89BF-4062F2D83557}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0DC20C22-3D6F-4B0E-8EB3-0F4830C7E991}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5DD6DEA8-8D04-4C50-B84D-5243F4CC50A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EF88E3F1-8982-40A8-9262-31D2D42924FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5733C5D5-8F05-4C45-ADCD-E288184FD9D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{05FE21D2-FE4E-490C-A7DF-5C7821DE4680}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{23AE89FC-1122-4621-AE0D-2538E6B58C3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CDACAA4F-E9E5-432F-A4DB-0C19E7E5A37E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D31A4718-88C6-44DD-A94A-6C9877153FAB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D6185D9B-14D2-46A6-BCE9-EE87C48F2130}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EEFD1C3F-A753-4E91-8310-CC688A6C7610}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{576D2051-F324-4212-A363-237D3F51AB41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5866985D-2A12-4B6C-A0F1-E8644FC1FC91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{069997FD-A755-440C-AE17-BF9393580E40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C38C385F-EA6B-4AB1-A211-92AEF89EF9D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3925D0C6-7756-405F-BD92-20D720B2735E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{565860AF-A84E-46C4-91A7-B18F4A8E840B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6C096AB2-B689-48D0-A401-DF636F46C90A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zen Bound 2\ZenBound2.exe
FirewallRules: [{2800AF51-77DF-4675-AFAE-DD04FB48BFF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zen Bound 2\ZenBound2.exe
FirewallRules: [{EFA31CCC-04BD-4FCD-AFB0-BB06B5148E14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cortex Command\Cortex Command.exe
FirewallRules: [{3FD5A9E1-77AB-435C-8C8E-6B1667DAA5B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cortex Command\Cortex Command.exe
FirewallRules: [{02422E61-0025-4641-B1ED-072656C08F54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{1D9FB4B2-DB68-429B-891F-232E80B5B829}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{43772756-F942-4139-930D-229C12BCAEB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5FF900DC-81B2-48AD-B23B-0B5DCA19C471}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{640065B5-2295-4138-96E2-4B101A92D1DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{981DA163-C751-4946-9790-FDB51CCFF860}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{F4B2C88B-BC8E-4AC2-B6E2-5CA71BAB0A3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C136E98E-4828-495D-AD23-C7A1F9073B6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BF608A45-E705-4E4B-B16A-80D29EBFA52A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DF4E394B-1880-45ED-8053-2AE59832132D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EB7B7EFE-D6AE-44BA-A657-C72DD195D2E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D6492530-D995-44A3-8704-82ADE07EB2B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{79AF9884-BFA2-46F8-8DEC-B704AA0070BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{542E6284-4CB6-4563-9400-39CFD30C79CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BF698A63-E387-467B-92A9-6281715BEE93}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D64E53CF-71B9-4290-9DE1-0999BAE0389B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1D728E68-E85E-41DC-B8AD-D199D9895E94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E576337B-1D73-4502-8B2D-EBF5EB0DF769}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{623CFFC1-AE84-4615-B448-D9AC1D1D3F22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5DF44BFB-6A7D-47EF-96E3-0F9FF7DF7610}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{825933C6-259B-4786-B4AB-DDFEB0AEEFD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{65C82595-796A-45F6-9ADA-C60D6031CFFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4EBE22F9-D8A1-465E-BD1F-DE33A0799B5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{492826FD-B8D9-4B1D-A4CA-F9E0355D094E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0BF6A407-640D-4373-A826-39AF9389A922}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{77C392DC-EAE5-4127-8FFF-F8A5C953F369}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{7B276A94-FB50-48F6-B292-9FC51776B9B2}C:\users\JohnDoe\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\JohnDoe\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [UDP Query User{1EB6DD75-412A-4FFE-8682-AAB07DDF629E}C:\users\JohnDoe\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\JohnDoe\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [{B3E16C66-8057-4F43-BB7D-B6C6E14234CB}] => (Block) C:\users\JohnDoe\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [{7D55988B-71A5-461E-B315-E09AF86B9501}] => (Block) C:\users\JohnDoe\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [{F8208DB3-B161-4BA9-8A7F-16630E61C34B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F63F8DF5-C01D-4FAF-8F27-510DBF54CB19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{15D84A01-F110-4FDC-8B4B-084F74B60A20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B04D8C0D-AE14-4A7B-A5F6-A7EBA848F0CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7BABF8C7-1591-4E6D-8304-B8671454F32C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [{E52AC7D1-78D0-4C4B-95A2-BB5FEB018DC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [{0486B8D6-FA3F-413F-B65B-B13B7D4DD0B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{41F34609-39D8-4379-975E-83B2FEEA483A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{65F85B7B-5E0A-4A34-BA8A-8F9DF9379F6A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BAA3C76E-5912-40A4-B5EF-8447C22377AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6B3ED6D8-16E4-4286-AE70-9C355169A9E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EB58486A-41EF-42A9-96D8-4274C4DFF89D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C45C4B25-60DF-45AE-A5DB-8DD50AE4CA5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{19E27A4B-39F8-4005-A278-1F8CCB56EE3F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{507958FD-98C8-4FE3-8F93-657E400FDBCB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{54A41E38-A54E-4B32-855F-BEB3D136F096}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BE9B0D5E-3A07-4512-B2CC-4F24CBA568B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5485B733-5164-4538-910B-3BEE4C65D8A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{77AB9DE0-B3A4-43F4-9F80-4F3ABCC9FD14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Triennale Game Collection\TGC.exe
FirewallRules: [{676A7CDA-A46A-4496-92D7-F68FFC49F41A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Triennale Game Collection\TGC.exe
FirewallRules: [{C235C184-5A94-42BF-9E85-14EE77224B78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7EC2B399-65D5-4B73-AD68-E595BFF30B5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{510AF94E-A9A6-4A81-8ADD-42F189A77F53}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AE483A94-2D4F-4F54-8AF3-C4D5FA933903}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{87C50B97-179B-4167-B01A-432D556C9A36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E99827AF-1101-4E88-9165-507B1BEF9811}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{254A6799-03FB-404C-8940-063A42089224}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{FC3B87D6-A7D2-422F-BC70-C41EEFAF7D01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{167A9F00-3909-4C4D-AD34-AABAC3B12513}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{E4BD7796-64EB-4297-BDC1-F65A820AEA23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{E16C27F7-C59A-4EDB-B43F-8043B12AF54E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DFBA6168-F6EF-47E7-A58A-3A042151A66E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4C92C5CA-63DE-4A90-B4D2-9E7F7F5776D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA8E79E3-98EA-4F6A-AAF0-49B82DF5EC65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A417CF6B-07C2-4525-80E4-A6C7363879D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7B3FAC41-BF51-4279-A173-3E19790BA3C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3B47F452-87B4-4A4D-8984-3B5A20A52DFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7A1AFFB4-6342-408E-9662-78355A0DE6B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{15B3E56E-14DE-4026-9328-C807880A2C66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{606F94DF-9D74-44EF-AECC-73512F25B10C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1DB90217-2232-4FCF-9359-467C14C16327}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1C73ECC3-7383-462A-A3DC-771D654CA657}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B416E276-6AF4-4B77-8950-F03E4725948A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{315762FD-A671-4774-96EE-18446A82785C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{50E779EE-EC1D-4A4F-9C74-4A87C79FEAC8}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{7F8EDFFF-DD3B-44B8-A785-1EBE80B9E50E}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{E69DE465-861D-41EB-A63E-A86ABA70F293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{916F46A2-FAAE-4E01-A23E-57D66C21D8E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4AC4A855-5540-47DF-A7D5-FDA21823C7D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7A91B659-E7CF-4D1D-9E91-23E9E2000572}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2644EFC1-6167-454F-BB9A-30D75036F400}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C62FA5BC-EEED-4BD3-9AA4-03CB555FB11E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3422CCD2-01C2-4CFB-B827-FA954DEA2AE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9B967771-AAC4-41BE-8D4D-B65CFEC3BBFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DAB6C0DC-12D6-464F-B68C-9782EA4885B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5E4624F1-98C2-49EF-BA69-B2E9843704A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EAA30354-F07F-426A-9B2C-F8115F9314E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{56142DD9-BC39-45B3-91B6-9E6213D053BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7C263FBD-34B2-48A0-AEC3-92105F755173}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{99DCE7D5-BF18-467E-87AC-5FCD2DCAEDEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{78F62FD9-0796-4556-BC1C-933E47B11F2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7AC1DA79-3137-4001-8496-DC4E0DDE858A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A431190B-8412-4131-AE4C-4EB2FEAF1C97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{74418ACE-0D30-4D41-975C-E9BD60981C50}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AF62C180-0082-422C-BE04-646F804B15BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9DF0E91F-7AC6-441E-A109-3E01B399EFA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E516132C-40AB-4F01-9B81-D6AF9183E5E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{305B42DD-E1E5-4071-A2B7-69EF76452D79}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3F68097E-D5E7-4D27-98BF-45AB5B62A4C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{98343C88-E0C2-4B71-9CA3-A51E88FA7C55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{44CA5BFF-1EF0-4CAF-8242-57555D24441D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{9B682D37-DA92-4476-850F-D763F46D9BD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{2A148A49-C05F-492B-A0E5-8B034E502076}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3284D81D-5513-4551-9A77-968E7043F7A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01CF588F-84B1-4752-9C3D-5FF58E488E3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C673C64A-D1ED-4A0E-A4D0-B471183EE2A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{739F6C2D-AEF8-48C6-820C-613BE741703F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DC306C33-ECD2-4ECD-A001-26FFD865F636}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{29B3AD49-D643-4AC8-ABD8-B6D0CED2B441}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{0D679011-82BD-4F1E-B04C-97C0DDB1D934}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [{255E9145-EE3E-495E-B151-EFA65214E29E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7C89B1F5-CC4A-4F1B-BA02-D90E0B0EE52A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F1EB676A-7D30-4141-AA44-9D7059BB6928}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D9576BED-234D-4668-8495-B4DC5A837198}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CD0F42FD-88A3-49EB-94F4-13BC5406DDC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6968A33F-1EA2-421A-ACEE-4BBAABC6DDB8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A1F3BC9B-DFB9-4656-96CC-CBE6F0E67009}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1645735C-278C-4F8B-A430-8702193853BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{911AEA59-0961-4F08-A979-822F997BA7AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{09921F80-DFF8-4D97-A551-6C3D4F7A5CC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B40E7FD4-0927-48B0-BC17-DD9BFDA2B68B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{98DDC664-3564-478F-8DD0-289C58AAE70D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{43B87E0A-CFE5-4266-AD6A-6B09F1591C38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{76244D35-2524-462F-86D7-E013948C4316}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{83363C42-8C47-44D6-8412-84AF0C7CBEBA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1F4F6EE-2873-4B5C-AE8F-9666BF98CA1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2ABB588A-749D-4FA0-A6F8-E511FFD502F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{793EC73F-D8C3-477C-B8F8-81F93B14E99D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{1E9FAE70-7B73-4467-9F42-B5C1CF2DE7F8}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{A438AD74-1F12-4BB8-BC30-0A01E7E937D6}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{7EF1D59D-501B-4B6C-BADC-283A849AA655}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8C0EE9FA-11A0-4774-B16C-ECA5215AF15C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7456922B-CF5D-4D2E-A257-0F1056DBEC51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{FDB0C458-052B-4969-A633-AC774C4719B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{999587AA-D171-4756-B871-EB30050F54EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{E53C5683-F0A0-4380-9952-9F6B13C96E37}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{3DE45635-9A1F-4949-B55F-35B168040C49}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [{8D850CB9-C0D9-430D-849B-A3FF4D66DAEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [{E3A522E8-9DB3-4841-8F7B-1FCDD58F8BEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight\Torchlight.exe
FirewallRules: [{BBFE475D-C672-48B5-B39B-D790E9F63F3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight\Torchlight.exe
FirewallRules: [{80458BE4-992E-4FE3-808B-6843D2F79810}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{E983D5AF-ADE1-43A5-8F8E-3C01D9352CB2}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{20B63924-4DF1-4957-AE89-0D875BA97602}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
FirewallRules: [{D8D79ACF-9866-4E8A-A8CC-1FE827DE8FC0}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
FirewallRules: [{74A4F7C7-B64A-4D41-8D4F-0CEFBA921523}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Overcooked\Overcooked.exe
FirewallRules: [{C86FFC09-13FC-412E-90BC-AA4059446FE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Overcooked\Overcooked.exe
FirewallRules: [{A2B400F0-951F-42C2-926C-078ABB37638C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{8E41CDAD-9230-4026-A838-96D0EF8EFF13}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [TCP Query User{26F84D69-04FB-4401-8E81-A1E5A35C4320}C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{D876B31E-C18D-4377-8810-08FEF73E5C70}C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [{5C1B1890-8B2D-4BD5-B6B5-BE97AAC38F49}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{8E4923C5-F189-42FD-BBAE-65DFE3AEFB19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{DFC0B403-FD85-46CE-BC73-D84EFC12825D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SS2\SS2.exe
FirewallRules: [{C7FF41ED-9D63-413F-A84B-210735A4AE49}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SS2\SS2.exe
FirewallRules: [{7F04A63A-7FCD-48F7-8E9D-A59A34FDF58A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{54A4D2AF-7DFA-4F45-AAA9-DA918593486C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{4289BEF5-E30E-4FBE-BDF5-26DEF9F1312D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{2FDE973B-A82F-4771-85FC-C0443078B991}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{0BD12F7B-5679-4762-ACDF-8EF0BB347489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{050892EF-F145-4DE0-B64D-1725B440D7C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{127D96F1-B23E-4B56-A2E1-740977401BB5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{CCD87D99-7A79-4B0A-B6AE-A8D5E5C9085D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{052DE6E9-EB97-4948-A138-22C80CA858D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{B4ABE65D-FCF9-42D9-BB47-AF5B2807936C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{B98F4CB2-0DF5-4F32-B06B-ED6134A77573}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9B77AFFC-BFA0-451A-846B-A3931E54CB10}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{56638887-1DF3-442E-8860-010B98F032C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A2B413A8-F55D-4A6C-8535-8B283AD64668}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7AD2574A-84F1-489C-87F6-814630659005}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CD97A7CC-67AC-4C84-9FEB-D8A6ECD3C7EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9B67E367-AECF-42E0-918B-13946F4408B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C627F552-1792-4A32-9A88-33D25E70D4CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5AD70824-6505-4112-8ECF-7D623854179B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\TriDef\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
25-10-2017 21:10:41 Plex Media Server
25-10-2017 21:11:13 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
28-10-2017 22:38:19 Installed DirectX
05-11-2017 16:40:04 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/07/2017 07:06:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ANDROID-MC3IPDQ)
Description: Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.
 
Error: (11/07/2017 07:00:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ANDROID-MC3IPDQ)
Description: Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.
 
Error: (11/05/2017 09:50:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ANDROID-MC3IPDQ)
Description: Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.
 
Error: (11/05/2017 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location D:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (11/05/2017 04:40:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (11/05/2017 03:05:02 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Users\JohnDoe\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Description = JRT Pre-Junkware Removal; Error = 0x8007043c).
 
Error: (11/05/2017 02:11:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANDROID-MC3IPDQ)
Description: Activation of app windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy:microsoft.windows.immersivecontrolpanel failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/05/2017 02:07:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANDROID-MC3IPDQ)
Description: Activation of app Microsoft.MicrosoftEdge_20.10240.17146.0_neutral__8wekyb3d8bbwe:MicrosoftEdge.AppXeb42j1vh6rk395pm0vmcx57dxqjhej5d.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/05/2017 12:53:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ANDROID-MC3IPDQ)
Description: Package Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.
 
Error: (11/05/2017 08:05:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ANDROID-MC3IPDQ)
Description: Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.
 
 
System errors:
=============
Error: (11/07/2017 07:21:56 PM) (Source: DCOM) (EventID: 10005) (User: ANDROID-MC3IPDQ)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (11/07/2017 07:19:41 PM) (Source: DCOM) (EventID: 10005) (User: ANDROID-MC3IPDQ)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (11/07/2017 07:19:41 PM) (Source: DCOM) (EventID: 10005) (User: ANDROID-MC3IPDQ)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (11/07/2017 07:19:41 PM) (Source: DCOM) (EventID: 10005) (User: ANDROID-MC3IPDQ)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (11/07/2017 07:19:41 PM) (Source: DCOM) (EventID: 10005) (User: ANDROID-MC3IPDQ)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (11/07/2017 07:19:40 PM) (Source: DCOM) (EventID: 10005) (User: ANDROID-MC3IPDQ)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (11/07/2017 07:19:40 PM) (Source: DCOM) (EventID: 10005) (User: ANDROID-MC3IPDQ)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (11/07/2017 07:19:37 PM) (Source: DCOM) (EventID: 10005) (User: ANDROID-MC3IPDQ)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (11/07/2017 07:19:37 PM) (Source: DCOM) (EventID: 10005) (User: ANDROID-MC3IPDQ)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (11/07/2017 07:19:37 PM) (Source: DCOM) (EventID: 10005) (User: ANDROID-MC3IPDQ)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
 
CodeIntegrity:
===================================
  Date: 2017-10-18 20:13:39.660
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-18 20:13:39.588
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-18 20:13:39.540
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-18 20:13:39.454
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-18 20:13:39.313
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-18 20:13:39.181
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-18 20:13:35.417
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-18 20:13:32.129
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-03 06:55:31.303
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-03 06:55:31.199
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD Phenom™ II X4 955 Processor
Percentage of memory in use: 23%
Total physical RAM: 8189.24 MB
Available physical RAM: 6226.3 MB
Total Virtual: 20472.24 MB
Available Virtual: 18570.87 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:930.97 GB) (Free:138.41 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AEAA2C87)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
==================== End of Addition.txt ============================

Edited by zestron, 07 November 2017 - 08:07 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

You have a policy against running Windows Defender. 

 

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION

 

 

Usually these are set by an antivirus when you install it to prevent having two anti-viruses running at the same time.  Copy the quoted line, put it in the FRST search box and hit Fix.  Post the fixlog.

 

Uninstall:

 

Java 7 Update 67 -obsolete
Java 8 Update 51 -obsolete
Java 8 Update 51 -obsolete
LogMeIn - not working
Malwarebytes Anti-Ransomware - May interfere with fixes
Private Internet Access Support Files - Just don't want it confusing things
Spybot - Search & Destroy Not a good idea on Win 10.  Have it remove its immunizations on the way out
SUPERAntiSpyware - May interfere with fixes

 

I see you have Speedfan so assume temps are not a problem.  In Speedfan:
click on the S.M.A.R.T. tab.  Click on the down arrow to the right of the Hard Disk box.  Select your hard drive.  Click on Perform an In-depth Online Analysis of this hard disk.  Your browser will open.

At the bottom of the new page will be a line:  

The link to get back and see a new report about this hard disk in the future is this.

Right click on the underlined "this" and select Copy Link Address.  Move to a Reply and Paste (Ctrl + v).

 

Let's check your system files:
 

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/


If you open an elevated command prompt it will by default open in c:\Windows\system32  make sure it does!

Once you have an elevated command prompt:

Type:
 

 DISM  /Online  /Cleanup-Image  /RestoreHealth


 (I use two spaces so you can be sure to see where one space goes.)
Hit Enter.  This will take a while (10-20 minutes) to complete.  Once the prompt returns:

Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):
 

sfc  /scannow




This will also take a few minutes.  

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

Which does it say?

 

Type:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \junk.txt


Hit Enter.  Then type::
 

notepad  \junk.txt


Hit Enter.

 Copy the text from notepad and paste it into a reply.


Type:

 

sigverif

 

then hit Start.  Does it flag any drivers as not being signed?  What are they?


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 

Run a new FRST scan with addition.txt checked and post both logs.
 

 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:

win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.

 


  • 0

#3
zestron

zestron

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 334 posts
Update: I've since done a Windows Memory Diagnostics test and haven't had the issue since.
 
~~~
 
Farbar: Not doing anything when I try to fix that quoted line. Not sure where this fixlist.txt is. I saved 
 
FRST64 to my Desktop and that's where I rand it's scan.
 
"No fixlist.txt found. The fixlist.txt should be in the same folder/directory the tool is located."
 
~~~
 
 
I have been power cycling it because of the freezing and not being able to open the start menu to restart. But 
 
it's new of last year and seems to be okay.
 
~~~
 
The DISM /Online /Cleanup-Image /RestoreHealth thing just spurts out a message about "image version" and 
 
doesn't do anything
 
~~~
 
Windows did not find any integrity violations (a good thing)
 
 
~~~
 
2017-11-11 11:16:34, Info                  CSI    0000000a [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:16:34, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2017-11-11 11:16:37, Info                  CSI    00000070 [SR] Verify complete
2017-11-11 11:16:37, Info                  CSI    00000071 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:16:37, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2017-11-11 11:16:39, Info                  CSI    000000d7 [SR] Verify complete
2017-11-11 11:16:39, Info                  CSI    000000d8 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:16:39, Info                  CSI    000000d9 [SR] Beginning Verify and Repair transaction
2017-11-11 11:16:42, Info                  CSI    0000013e [SR] Verify complete
2017-11-11 11:16:42, Info                  CSI    0000013f [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:16:42, Info                  CSI    00000140 [SR] Beginning Verify and Repair transaction
2017-11-11 11:16:44, Info                  CSI    000001a5 [SR] Verify complete
2017-11-11 11:16:45, Info                  CSI    000001a6 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:16:45, Info                  CSI    000001a7 [SR] Beginning Verify and Repair transaction
2017-11-11 11:16:47, Info                  CSI    0000020c [SR] Verify complete
2017-11-11 11:16:47, Info                  CSI    0000020d [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:16:47, Info                  CSI    0000020e [SR] Beginning Verify and Repair transaction
2017-11-11 11:16:49, Info                  CSI    00000273 [SR] Verify complete
2017-11-11 11:16:49, Info                  CSI    00000274 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:16:49, Info                  CSI    00000275 [SR] Beginning Verify and Repair transaction
2017-11-11 11:16:52, Info                  CSI    000002da [SR] Verify complete
2017-11-11 11:16:52, Info                  CSI    000002db [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:16:52, Info                  CSI    000002dc [SR] Beginning Verify and Repair transaction
2017-11-11 11:16:54, Info                  CSI    00000341 [SR] Verify complete
2017-11-11 11:16:54, Info                  CSI    00000342 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:16:54, Info                  CSI    00000343 [SR] Beginning Verify and Repair transaction
2017-11-11 11:16:56, Info                  CSI    000003a8 [SR] Verify complete
2017-11-11 11:16:57, Info                  CSI    000003a9 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:16:57, Info                  CSI    000003aa [SR] Beginning Verify and Repair transaction
2017-11-11 11:16:59, Info                  CSI    0000040f [SR] Verify complete
2017-11-11 11:16:59, Info                  CSI    00000410 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:16:59, Info                  CSI    00000411 [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:01, Info                  CSI    00000476 [SR] Verify complete
2017-11-11 11:17:02, Info                  CSI    00000477 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:02, Info                  CSI    00000478 [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:05, Info                  CSI    000004de [SR] Verify complete
2017-11-11 11:17:05, Info                  CSI    000004df [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:05, Info                  CSI    000004e0 [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:08, Info                  CSI    00000545 [SR] Verify complete
2017-11-11 11:17:08, Info                  CSI    00000546 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:08, Info                  CSI    00000547 [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:10, Info                  CSI    000005ac [SR] Verify complete
2017-11-11 11:17:10, Info                  CSI    000005ad [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:10, Info                  CSI    000005ae [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:13, Info                  CSI    00000613 [SR] Verify complete
2017-11-11 11:17:13, Info                  CSI    00000614 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:13, Info                  CSI    00000615 [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:15, Info                  CSI    0000067a [SR] Verify complete
2017-11-11 11:17:15, Info                  CSI    0000067b [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:15, Info                  CSI    0000067c [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:18, Info                  CSI    000006e1 [SR] Verify complete
2017-11-11 11:17:18, Info                  CSI    000006e2 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:18, Info                  CSI    000006e3 [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:21, Info                  CSI    00000748 [SR] Verify complete
2017-11-11 11:17:21, Info                  CSI    00000749 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:21, Info                  CSI    0000074a [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:24, Info                  CSI    000007b1 [SR] Verify complete
2017-11-11 11:17:24, Info                  CSI    000007b2 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:24, Info                  CSI    000007b3 [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:27, Info                  CSI    00000818 [SR] Verify complete
2017-11-11 11:17:27, Info                  CSI    00000819 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:27, Info                  CSI    0000081a [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:30, Info                  CSI    00000881 [SR] Verify complete
2017-11-11 11:17:30, Info                  CSI    00000882 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:30, Info                  CSI    00000883 [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:32, Info                  CSI    000008e8 [SR] Verify complete
2017-11-11 11:17:32, Info                  CSI    000008e9 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:32, Info                  CSI    000008ea [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:35, Info                  CSI    0000094f [SR] Verify complete
2017-11-11 11:17:35, Info                  CSI    00000950 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:35, Info                  CSI    00000951 [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:37, Info                  CSI    000009b6 [SR] Verify complete
2017-11-11 11:17:37, Info                  CSI    000009b7 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:37, Info                  CSI    000009b8 [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:39, Info                  CSI    00000a1d [SR] Verify complete
2017-11-11 11:17:39, Info                  CSI    00000a1e [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:39, Info                  CSI    00000a1f [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:42, Info                  CSI    00000a84 [SR] Verify complete
2017-11-11 11:17:42, Info                  CSI    00000a85 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:42, Info                  CSI    00000a86 [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:45, Info                  CSI    00000aeb [SR] Verify complete
2017-11-11 11:17:45, Info                  CSI    00000aec [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:45, Info                  CSI    00000aed [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:48, Info                  CSI    00000b52 [SR] Verify complete
2017-11-11 11:17:48, Info                  CSI    00000b53 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:48, Info                  CSI    00000b54 [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:50, Info                  CSI    00000bb9 [SR] Verify complete
2017-11-11 11:17:51, Info                  CSI    00000bba [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:51, Info                  CSI    00000bbb [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:53, Info                  CSI    00000c21 [SR] Verify complete
2017-11-11 11:17:53, Info                  CSI    00000c22 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:53, Info                  CSI    00000c23 [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:57, Info                  CSI    00000c88 [SR] Verify complete
2017-11-11 11:17:57, Info                  CSI    00000c89 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:57, Info                  CSI    00000c8a [SR] Beginning Verify and Repair transaction
2017-11-11 11:17:59, Info                  CSI    00000cef [SR] Verify complete
2017-11-11 11:17:59, Info                  CSI    00000cf0 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:17:59, Info                  CSI    00000cf1 [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:01, Info                  CSI    00000d56 [SR] Verify complete
2017-11-11 11:18:01, Info                  CSI    00000d57 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:01, Info                  CSI    00000d58 [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:04, Info                  CSI    00000dbd [SR] Verify complete
2017-11-11 11:18:04, Info                  CSI    00000dbe [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:04, Info                  CSI    00000dbf [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:07, Info                  CSI    00000e2a [SR] Verify complete
2017-11-11 11:18:07, Info                  CSI    00000e2b [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:07, Info                  CSI    00000e2c [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:09, Info                  CSI    00000e91 [SR] Verify complete
2017-11-11 11:18:09, Info                  CSI    00000e92 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:09, Info                  CSI    00000e93 [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:11, Info                  CSI    00000ef8 [SR] Verify complete
2017-11-11 11:18:11, Info                  CSI    00000ef9 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:11, Info                  CSI    00000efa [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:13, Info                  CSI    00000f66 [SR] Verify complete
2017-11-11 11:18:13, Info                  CSI    00000f67 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:13, Info                  CSI    00000f68 [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:15, Info                  CSI    00000fd0 [SR] Verify complete
2017-11-11 11:18:15, Info                  CSI    00000fd1 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:15, Info                  CSI    00000fd2 [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:17, Info                  CSI    00001038 [SR] Verify complete
2017-11-11 11:18:17, Info                  CSI    00001039 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:17, Info                  CSI    0000103a [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:21, Info                  CSI    000010bd [SR] Verify complete
2017-11-11 11:18:21, Info                  CSI    000010be [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:21, Info                  CSI    000010bf [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:28, Info                  CSI    0000112d [SR] Verify complete
2017-11-11 11:18:28, Info                  CSI    0000112e [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:28, Info                  CSI    0000112f [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:35, Info                  CSI    000011a1 [SR] Verify complete
2017-11-11 11:18:35, Info                  CSI    000011a2 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:35, Info                  CSI    000011a3 [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:40, Info                  CSI    0000120b [SR] Verify complete
2017-11-11 11:18:40, Info                  CSI    0000120c [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:40, Info                  CSI    0000120d [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:44, Info                  CSI    0000127a [SR] Verify complete
2017-11-11 11:18:44, Info                  CSI    0000127b [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:44, Info                  CSI    0000127c [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:51, Info                  CSI    000012e6 [SR] Verify complete
2017-11-11 11:18:51, Info                  CSI    000012e7 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:51, Info                  CSI    000012e8 [SR] Beginning Verify and Repair transaction
2017-11-11 11:18:57, Info                  CSI    0000134e [SR] Verify complete
2017-11-11 11:18:57, Info                  CSI    0000134f [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:18:57, Info                  CSI    00001350 [SR] Beginning Verify and Repair transaction
2017-11-11 11:19:04, Info                  CSI    000013b5 [SR] Verify complete
2017-11-11 11:19:04, Info                  CSI    000013b6 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:19:04, Info                  CSI    000013b7 [SR] Beginning Verify and Repair transaction
2017-11-11 11:19:08, Info                  CSI    0000141f [SR] Verify complete
2017-11-11 11:19:08, Info                  CSI    00001420 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:19:08, Info                  CSI    00001421 [SR] Beginning Verify and Repair transaction
2017-11-11 11:19:18, Info                  CSI    0000148b [SR] Verify complete
2017-11-11 11:19:18, Info                  CSI    0000148c [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:19:18, Info                  CSI    0000148d [SR] Beginning Verify and Repair transaction
2017-11-11 11:19:26, Info                  CSI    0000153a [SR] Verify complete
2017-11-11 11:19:26, Info                  CSI    0000153b [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:19:26, Info                  CSI    0000153c [SR] Beginning Verify and Repair transaction
2017-11-11 11:19:32, Info                  CSI    000015d2 [SR] Verify complete
2017-11-11 11:19:32, Info                  CSI    000015d3 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:19:32, Info                  CSI    000015d4 [SR] Beginning Verify and Repair transaction
2017-11-11 11:19:40, Info                  CSI    00001682 [SR] Verify complete
2017-11-11 11:19:40, Info                  CSI    00001683 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:19:40, Info                  CSI    00001684 [SR] Beginning Verify and Repair transaction
2017-11-11 11:19:45, Info                  CSI    000016f6 [SR] Verify complete
2017-11-11 11:19:45, Info                  CSI    000016f7 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:19:45, Info                  CSI    000016f8 [SR] Beginning Verify and Repair transaction
2017-11-11 11:19:51, Info                  CSI    0000176c [SR] Verify complete
2017-11-11 11:19:51, Info                  CSI    0000176d [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:19:51, Info                  CSI    0000176e [SR] Beginning Verify and Repair transaction
2017-11-11 11:19:56, Info                  CSI    000017ea [SR] Verify complete
2017-11-11 11:19:56, Info                  CSI    000017eb [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:19:56, Info                  CSI    000017ec [SR] Beginning Verify and Repair transaction
2017-11-11 11:20:02, Info                  CSI    00001866 [SR] Verify complete
2017-11-11 11:20:02, Info                  CSI    00001867 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:20:02, Info                  CSI    00001868 [SR] Beginning Verify and Repair transaction
2017-11-11 11:20:08, Info                  CSI    000018d8 [SR] Verify complete
2017-11-11 11:20:08, Info                  CSI    000018d9 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:20:08, Info                  CSI    000018da [SR] Beginning Verify and Repair transaction
2017-11-11 11:20:13, Info                  CSI    00001940 [SR] Verify complete
2017-11-11 11:20:13, Info                  CSI    00001941 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:20:13, Info                  CSI    00001942 [SR] Beginning Verify and Repair transaction
2017-11-11 11:20:18, Info                  CSI    000019b1 [SR] Verify complete
2017-11-11 11:20:18, Info                  CSI    000019b2 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:20:18, Info                  CSI    000019b3 [SR] Beginning Verify and Repair transaction
2017-11-11 11:20:23, Info                  CSI    00001a31 [SR] Verify complete
2017-11-11 11:20:23, Info                  CSI    00001a32 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:20:23, Info                  CSI    00001a33 [SR] Beginning Verify and Repair transaction
2017-11-11 11:20:30, Info                  CSI    00001ad1 [SR] Verify complete
2017-11-11 11:20:30, Info                  CSI    00001ad2 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:20:30, Info                  CSI    00001ad3 [SR] Beginning Verify and Repair transaction
2017-11-11 11:20:36, Info                  CSI    00001b53 [SR] Verify complete
2017-11-11 11:20:36, Info                  CSI    00001b54 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:20:36, Info                  CSI    00001b55 [SR] Beginning Verify and Repair transaction
2017-11-11 11:20:46, Info                  CSI    00001beb [SR] Verify complete
2017-11-11 11:20:46, Info                  CSI    00001bec [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:20:46, Info                  CSI    00001bed [SR] Beginning Verify and Repair transaction
2017-11-11 11:20:50, Info                  CSI    00001c56 [SR] Verify complete
2017-11-11 11:20:50, Info                  CSI    00001c57 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:20:50, Info                  CSI    00001c58 [SR] Beginning Verify and Repair transaction
2017-11-11 11:20:55, Info                  CSI    00001cc8 [SR] Verify complete
2017-11-11 11:20:55, Info                  CSI    00001cc9 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:20:55, Info                  CSI    00001cca [SR] Beginning Verify and Repair transaction
2017-11-11 11:20:59, Info                  CSI    00001d35 [SR] Verify complete
2017-11-11 11:20:59, Info                  CSI    00001d36 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:20:59, Info                  CSI    00001d37 [SR] Beginning Verify and Repair transaction
2017-11-11 11:21:06, Info                  CSI    00001dbe [SR] Verify complete
2017-11-11 11:21:06, Info                  CSI    00001dbf [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:21:06, Info                  CSI    00001dc0 [SR] Beginning Verify and Repair transaction
2017-11-11 11:21:09, Info                  CSI    00001e28 [SR] Verify complete
2017-11-11 11:21:09, Info                  CSI    00001e29 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:21:09, Info                  CSI    00001e2a [SR] Beginning Verify and Repair transaction
2017-11-11 11:21:12, Info                  CSI    00001e8f [SR] Verify complete
2017-11-11 11:21:12, Info                  CSI    00001e90 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:21:12, Info                  CSI    00001e91 [SR] Beginning Verify and Repair transaction
2017-11-11 11:21:18, Info                  CSI    00001f07 [SR] Verify complete
2017-11-11 11:21:18, Info                  CSI    00001f08 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:21:18, Info                  CSI    00001f09 [SR] Beginning Verify and Repair transaction
2017-11-11 11:21:21, Info                  CSI    00001f71 [SR] Verify complete
2017-11-11 11:21:22, Info                  CSI    00001f72 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:21:22, Info                  CSI    00001f73 [SR] Beginning Verify and Repair transaction
2017-11-11 11:21:26, Info                  CSI    00002059 [SR] Verify complete
2017-11-11 11:21:26, Info                  CSI    0000205a [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:21:26, Info                  CSI    0000205b [SR] Beginning Verify and Repair transaction
2017-11-11 11:21:34, Info                  CSI    000020d2 [SR] Verify complete
2017-11-11 11:21:34, Info                  CSI    000020d3 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:21:34, Info                  CSI    000020d4 [SR] Beginning Verify and Repair transaction
2017-11-11 11:21:42, Info                  CSI    00002154 [SR] Verify complete
2017-11-11 11:21:42, Info                  CSI    00002155 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:21:42, Info                  CSI    00002156 [SR] Beginning Verify and Repair transaction
2017-11-11 11:21:47, Info                  CSI    000021c7 [SR] Verify complete
2017-11-11 11:21:47, Info                  CSI    000021c8 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:21:47, Info                  CSI    000021c9 [SR] Beginning Verify and Repair transaction
2017-11-11 11:21:55, Info                  CSI    00002262 [SR] Verify complete
2017-11-11 11:21:55, Info                  CSI    00002263 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:21:55, Info                  CSI    00002264 [SR] Beginning Verify and Repair transaction
2017-11-11 11:22:04, Info                  CSI    000022e5 [SR] Verify complete
2017-11-11 11:22:04, Info                  CSI    000022e6 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:22:04, Info                  CSI    000022e7 [SR] Beginning Verify and Repair transaction
2017-11-11 11:22:13, Info                  CSI    00002368 [SR] Verify complete
2017-11-11 11:22:13, Info                  CSI    00002369 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:22:13, Info                  CSI    0000236a [SR] Beginning Verify and Repair transaction
2017-11-11 11:22:19, Info                  CSI    000023d5 [SR] Verify complete
2017-11-11 11:22:19, Info                  CSI    000023d6 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:22:19, Info                  CSI    000023d7 [SR] Beginning Verify and Repair transaction
2017-11-11 11:22:29, Info                  CSI    00002448 [SR] Verify complete
2017-11-11 11:22:29, Info                  CSI    00002449 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:22:29, Info                  CSI    0000244a [SR] Beginning Verify and Repair transaction
2017-11-11 11:22:44, Info                  CSI    00002516 [SR] Verify complete
2017-11-11 11:22:44, Info                  CSI    00002517 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:22:44, Info                  CSI    00002518 [SR] Beginning Verify and Repair transaction
2017-11-11 11:22:50, Info                  CSI    00002585 [SR] Verify complete
2017-11-11 11:22:50, Info                  CSI    00002586 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:22:50, Info                  CSI    00002587 [SR] Beginning Verify and Repair transaction
2017-11-11 11:22:55, Info                  CSI    000025f3 [SR] Verify complete
2017-11-11 11:22:55, Info                  CSI    000025f4 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:22:55, Info                  CSI    000025f5 [SR] Beginning Verify and Repair transaction
2017-11-11 11:22:59, Info                  CSI    00002668 [SR] Verify complete
2017-11-11 11:22:59, Info                  CSI    00002669 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:22:59, Info                  CSI    0000266a [SR] Beginning Verify and Repair transaction
2017-11-11 11:23:06, Info                  CSI    0000270b [SR] Verify complete
2017-11-11 11:23:07, Info                  CSI    0000270c [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:23:07, Info                  CSI    0000270d [SR] Beginning Verify and Repair transaction
2017-11-11 11:23:12, Info                  CSI    00002775 [SR] Verify complete
2017-11-11 11:23:12, Info                  CSI    00002776 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:23:12, Info                  CSI    00002777 [SR] Beginning Verify and Repair transaction
2017-11-11 11:23:18, Info                  CSI    000027eb [SR] Verify complete
2017-11-11 11:23:18, Info                  CSI    000027ec [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:23:18, Info                  CSI    000027ed [SR] Beginning Verify and Repair transaction
2017-11-11 11:23:25, Info                  CSI    00002862 [SR] Verify complete
2017-11-11 11:23:25, Info                  CSI    00002863 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:23:25, Info                  CSI    00002864 [SR] Beginning Verify and Repair transaction
2017-11-11 11:23:30, Info                  CSI    000028db [SR] Verify complete
2017-11-11 11:23:30, Info                  CSI    000028dc [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:23:30, Info                  CSI    000028dd [SR] Beginning Verify and Repair transaction
2017-11-11 11:23:37, Info                  CSI    0000294d [SR] Verify complete
2017-11-11 11:23:37, Info                  CSI    0000294e [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:23:37, Info                  CSI    0000294f [SR] Beginning Verify and Repair transaction
2017-11-11 11:23:45, Info                  CSI    000029e2 [SR] Verify complete
2017-11-11 11:23:45, Info                  CSI    000029e3 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:23:45, Info                  CSI    000029e4 [SR] Beginning Verify and Repair transaction
2017-11-11 11:23:51, Info                  CSI    00002a5c [SR] Verify complete
2017-11-11 11:23:51, Info                  CSI    00002a5d [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:23:51, Info                  CSI    00002a5e [SR] Beginning Verify and Repair transaction
2017-11-11 11:23:56, Info                  CSI    00002aca [SR] Verify complete
2017-11-11 11:23:56, Info                  CSI    00002acb [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:23:56, Info                  CSI    00002acc [SR] Beginning Verify and Repair transaction
2017-11-11 11:24:01, Info                  CSI    00002b3a [SR] Verify complete
2017-11-11 11:24:01, Info                  CSI    00002b3b [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:24:01, Info                  CSI    00002b3c [SR] Beginning Verify and Repair transaction
2017-11-11 11:24:06, Info                  CSI    00002bb4 [SR] Verify complete
2017-11-11 11:24:06, Info                  CSI    00002bb5 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:24:06, Info                  CSI    00002bb6 [SR] Beginning Verify and Repair transaction
2017-11-11 11:24:11, Info                  CSI    00002c28 [SR] Verify complete
2017-11-11 11:24:11, Info                  CSI    00002c29 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:24:11, Info                  CSI    00002c2a [SR] Beginning Verify and Repair transaction
2017-11-11 11:24:17, Info                  CSI    00002c9c [SR] Verify complete
2017-11-11 11:24:17, Info                  CSI    00002c9d [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:24:17, Info                  CSI    00002c9e [SR] Beginning Verify and Repair transaction
2017-11-11 11:24:25, Info                  CSI    00002d09 [SR] Verify complete
2017-11-11 11:24:25, Info                  CSI    00002d0a [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:24:25, Info                  CSI    00002d0b [SR] Beginning Verify and Repair transaction
2017-11-11 11:24:31, Info                  CSI    00002d8d [SR] Verify complete
2017-11-11 11:24:31, Info                  CSI    00002d8e [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:24:31, Info                  CSI    00002d8f [SR] Beginning Verify and Repair transaction
2017-11-11 11:24:37, Info                  CSI    00002df9 [SR] Verify complete
2017-11-11 11:24:37, Info                  CSI    00002dfa [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:24:37, Info                  CSI    00002dfb [SR] Beginning Verify and Repair transaction
2017-11-11 11:24:45, Info                  CSI    00002e75 [SR] Verify complete
2017-11-11 11:24:45, Info                  CSI    00002e76 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:24:45, Info                  CSI    00002e77 [SR] Beginning Verify and Repair transaction
2017-11-11 11:24:54, Info                  CSI    00002f13 [SR] Verify complete
2017-11-11 11:24:54, Info                  CSI    00002f14 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:24:54, Info                  CSI    00002f15 [SR] Beginning Verify and Repair transaction
2017-11-11 11:25:03, Info                  CSI    00002f94 [SR] Verify complete
2017-11-11 11:25:03, Info                  CSI    00002f95 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:25:03, Info                  CSI    00002f96 [SR] Beginning Verify and Repair transaction
2017-11-11 11:25:08, Info                  CSI    00002fff [SR] Verify complete
2017-11-11 11:25:08, Info                  CSI    00003000 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:25:08, Info                  CSI    00003001 [SR] Beginning Verify and Repair transaction
2017-11-11 11:25:14, Info                  CSI    00003072 [SR] Verify complete
2017-11-11 11:25:14, Info                  CSI    00003073 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:25:14, Info                  CSI    00003074 [SR] Beginning Verify and Repair transaction
2017-11-11 11:25:21, Info                  CSI    000030e3 [SR] Verify complete
2017-11-11 11:25:21, Info                  CSI    000030e4 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:25:21, Info                  CSI    000030e5 [SR] Beginning Verify and Repair transaction
2017-11-11 11:25:27, Info                  CSI    00003153 [SR] Verify complete
2017-11-11 11:25:27, Info                  CSI    00003154 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:25:27, Info                  CSI    00003155 [SR] Beginning Verify and Repair transaction
2017-11-11 11:25:33, Info                  CSI    000031be [SR] Verify complete
2017-11-11 11:25:33, Info                  CSI    000031bf [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:25:33, Info                  CSI    000031c0 [SR] Beginning Verify and Repair transaction
2017-11-11 11:25:41, Info                  CSI    00003232 [SR] Verify complete
2017-11-11 11:25:41, Info                  CSI    00003233 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:25:41, Info                  CSI    00003234 [SR] Beginning Verify and Repair transaction
2017-11-11 11:25:47, Info                  CSI    000032af [SR] Verify complete
2017-11-11 11:25:47, Info                  CSI    000032b0 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:25:47, Info                  CSI    000032b1 [SR] Beginning Verify and Repair transaction
2017-11-11 11:25:51, Info                  CSI    00003320 [SR] Verify complete
2017-11-11 11:25:51, Info                  CSI    00003321 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:25:51, Info                  CSI    00003322 [SR] Beginning Verify and Repair transaction
2017-11-11 11:25:56, Info                  CSI    00003395 [SR] Verify complete
2017-11-11 11:25:56, Info                  CSI    00003396 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:25:56, Info                  CSI    00003397 [SR] Beginning Verify and Repair transaction
2017-11-11 11:26:00, Info                  CSI    00003405 [SR] Verify complete
2017-11-11 11:26:00, Info                  CSI    00003406 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:26:00, Info                  CSI    00003407 [SR] Beginning Verify and Repair transaction
2017-11-11 11:26:05, Info                  CSI    00003479 [SR] Verify complete
2017-11-11 11:26:05, Info                  CSI    0000347a [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:26:05, Info                  CSI    0000347b [SR] Beginning Verify and Repair transaction
2017-11-11 11:26:10, Info                  CSI    000034e5 [SR] Verify complete
2017-11-11 11:26:10, Info                  CSI    000034e6 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:26:10, Info                  CSI    000034e7 [SR] Beginning Verify and Repair transaction
2017-11-11 11:26:18, Info                  CSI    0000354c [SR] Verify complete
2017-11-11 11:26:18, Info                  CSI    0000354d [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:26:18, Info                  CSI    0000354e [SR] Beginning Verify and Repair transaction
2017-11-11 11:26:28, Info                  CSI    000035cc [SR] Verify complete
2017-11-11 11:26:28, Info                  CSI    000035cd [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:26:28, Info                  CSI    000035ce [SR] Beginning Verify and Repair transaction
2017-11-11 11:26:40, Info                  CSI    000036c7 [SR] Verify complete
2017-11-11 11:26:40, Info                  CSI    000036c8 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:26:40, Info                  CSI    000036c9 [SR] Beginning Verify and Repair transaction
2017-11-11 11:26:44, Info                  CSI    00003734 [SR] Verify complete
2017-11-11 11:26:44, Info                  CSI    00003735 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:26:44, Info                  CSI    00003736 [SR] Beginning Verify and Repair transaction
2017-11-11 11:26:51, Info                  CSI    000037b8 [SR] Verify complete
2017-11-11 11:26:51, Info                  CSI    000037b9 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:26:51, Info                  CSI    000037ba [SR] Beginning Verify and Repair transaction
2017-11-11 11:26:54, Info                  CSI    0000381f [SR] Verify complete
2017-11-11 11:26:54, Info                  CSI    00003820 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:26:54, Info                  CSI    00003821 [SR] Beginning Verify and Repair transaction
2017-11-11 11:27:00, Info                  CSI    00003886 [SR] Verify complete
2017-11-11 11:27:00, Info                  CSI    00003887 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:27:00, Info                  CSI    00003888 [SR] Beginning Verify and Repair transaction
2017-11-11 11:27:06, Info                  CSI    000038ef [SR] Verify complete
2017-11-11 11:27:06, Info                  CSI    000038f0 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:27:06, Info                  CSI    000038f1 [SR] Beginning Verify and Repair transaction
2017-11-11 11:27:12, Info                  CSI    00003956 [SR] Verify complete
2017-11-11 11:27:12, Info                  CSI    00003957 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:27:12, Info                  CSI    00003958 [SR] Beginning Verify and Repair transaction
2017-11-11 11:27:18, Info                  CSI    000039be [SR] Verify complete
2017-11-11 11:27:18, Info                  CSI    000039bf [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:27:18, Info                  CSI    000039c0 [SR] Beginning Verify and Repair transaction
2017-11-11 11:27:22, Info                  CSI    00003a25 [SR] Verify complete
2017-11-11 11:27:22, Info                  CSI    00003a26 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:27:22, Info                  CSI    00003a27 [SR] Beginning Verify and Repair transaction
2017-11-11 11:27:30, Info                  CSI    00003a8d [SR] Verify complete
2017-11-11 11:27:30, Info                  CSI    00003a8e [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:27:30, Info                  CSI    00003a8f [SR] Beginning Verify and Repair transaction
2017-11-11 11:27:35, Info                  CSI    00003af4 [SR] Verify complete
2017-11-11 11:27:35, Info                  CSI    00003af5 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:27:35, Info                  CSI    00003af6 [SR] Beginning Verify and Repair transaction
2017-11-11 11:27:40, Info                  CSI    00003b5b [SR] Verify complete
2017-11-11 11:27:40, Info                  CSI    00003b5c [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:27:40, Info                  CSI    00003b5d [SR] Beginning Verify and Repair transaction
2017-11-11 11:27:53, Info                  CSI    00003bc5 [SR] Verify complete
2017-11-11 11:27:53, Info                  CSI    00003bc6 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:27:53, Info                  CSI    00003bc7 [SR] Beginning Verify and Repair transaction
2017-11-11 11:27:59, Info                  CSI    00003c52 [SR] Verify complete
2017-11-11 11:27:59, Info                  CSI    00003c53 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:27:59, Info                  CSI    00003c54 [SR] Beginning Verify and Repair transaction
2017-11-11 11:28:03, Info                  CSI    00003cb9 [SR] Verify complete
2017-11-11 11:28:03, Info                  CSI    00003cba [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:28:03, Info                  CSI    00003cbb [SR] Beginning Verify and Repair transaction
2017-11-11 11:28:09, Info                  CSI    00003d28 [SR] Verify complete
2017-11-11 11:28:09, Info                  CSI    00003d29 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:28:09, Info                  CSI    00003d2a [SR] Beginning Verify and Repair transaction
2017-11-11 11:28:20, Info                  CSI    00003d8f [SR] Verify complete
2017-11-11 11:28:20, Info                  CSI    00003d90 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:28:20, Info                  CSI    00003d91 [SR] Beginning Verify and Repair transaction
2017-11-11 11:28:25, Info                  CSI    00003df6 [SR] Verify complete
2017-11-11 11:28:25, Info                  CSI    00003df7 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:28:25, Info                  CSI    00003df8 [SR] Beginning Verify and Repair transaction
2017-11-11 11:28:30, Info                  CSI    00003e5e [SR] Verify complete
2017-11-11 11:28:30, Info                  CSI    00003e5f [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:28:30, Info                  CSI    00003e60 [SR] Beginning Verify and Repair transaction
2017-11-11 11:28:34, Info                  CSI    00003ec5 [SR] Verify complete
2017-11-11 11:28:34, Info                  CSI    00003ec6 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:28:34, Info                  CSI    00003ec7 [SR] Beginning Verify and Repair transaction
2017-11-11 11:28:43, Info                  CSI    00003f2e [SR] Verify complete
2017-11-11 11:28:43, Info                  CSI    00003f2f [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:28:43, Info                  CSI    00003f30 [SR] Beginning Verify and Repair transaction
2017-11-11 11:28:50, Info                  CSI    00003fa6 [SR] Verify complete
2017-11-11 11:28:50, Info                  CSI    00003fa7 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:28:50, Info                  CSI    00003fa8 [SR] Beginning Verify and Repair transaction
2017-11-11 11:28:54, Info                  CSI    0000400d [SR] Verify complete
2017-11-11 11:28:55, Info                  CSI    0000400e [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:28:55, Info                  CSI    0000400f [SR] Beginning Verify and Repair transaction
2017-11-11 11:29:00, Info                  CSI    00004079 [SR] Verify complete
2017-11-11 11:29:00, Info                  CSI    0000407a [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:29:00, Info                  CSI    0000407b [SR] Beginning Verify and Repair transaction
2017-11-11 11:29:04, Info                  CSI    00004104 [SR] Verify complete
2017-11-11 11:29:04, Info                  CSI    00004105 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:29:04, Info                  CSI    00004106 [SR] Beginning Verify and Repair transaction
2017-11-11 11:29:09, Info                  CSI    00004178 [SR] Verify complete
2017-11-11 11:29:09, Info                  CSI    00004179 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:29:09, Info                  CSI    0000417a [SR] Beginning Verify and Repair transaction
2017-11-11 11:29:13, Info                  CSI    000041df [SR] Verify complete
2017-11-11 11:29:13, Info                  CSI    000041e0 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:29:13, Info                  CSI    000041e1 [SR] Beginning Verify and Repair transaction
2017-11-11 11:29:17, Info                  CSI    00004246 [SR] Verify complete
2017-11-11 11:29:17, Info                  CSI    00004247 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:29:17, Info                  CSI    00004248 [SR] Beginning Verify and Repair transaction
2017-11-11 11:29:20, Info                  CSI    000042ad [SR] Verify complete
2017-11-11 11:29:20, Info                  CSI    000042ae [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:29:20, Info                  CSI    000042af [SR] Beginning Verify and Repair transaction
2017-11-11 11:29:24, Info                  CSI    00004314 [SR] Verify complete
2017-11-11 11:29:24, Info                  CSI    00004315 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:29:24, Info                  CSI    00004316 [SR] Beginning Verify and Repair transaction
2017-11-11 11:29:30, Info                  CSI    00004382 [SR] Verify complete
2017-11-11 11:29:31, Info                  CSI    00004383 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:29:31, Info                  CSI    00004384 [SR] Beginning Verify and Repair transaction
2017-11-11 11:29:40, Info                  CSI    000043ff [SR] Verify complete
2017-11-11 11:29:41, Info                  CSI    00004400 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:29:41, Info                  CSI    00004401 [SR] Beginning Verify and Repair transaction
2017-11-11 11:29:50, Info                  CSI    0000447f [SR] Verify complete
2017-11-11 11:29:50, Info                  CSI    00004480 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:29:50, Info                  CSI    00004481 [SR] Beginning Verify and Repair transaction
2017-11-11 11:30:03, Info                  CSI    000044ff [SR] Verify complete
2017-11-11 11:30:03, Info                  CSI    00004500 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:30:03, Info                  CSI    00004501 [SR] Beginning Verify and Repair transaction
2017-11-11 11:30:18, Info                  CSI    0000456e [SR] Verify complete
2017-11-11 11:30:18, Info                  CSI    0000456f [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:30:18, Info                  CSI    00004570 [SR] Beginning Verify and Repair transaction
2017-11-11 11:30:31, Info                  CSI    00004612 [SR] Verify complete
2017-11-11 11:30:31, Info                  CSI    00004613 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:30:31, Info                  CSI    00004614 [SR] Beginning Verify and Repair transaction
2017-11-11 11:30:36, Info                  CSI    00004688 [SR] Verify complete
2017-11-11 11:30:36, Info                  CSI    00004689 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:30:36, Info                  CSI    0000468a [SR] Beginning Verify and Repair transaction
2017-11-11 11:30:41, Info                  CSI    000046f0 [SR] Verify complete
2017-11-11 11:30:41, Info                  CSI    000046f1 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:30:41, Info                  CSI    000046f2 [SR] Beginning Verify and Repair transaction
2017-11-11 11:30:49, Info                  CSI    00004762 [SR] Verify complete
2017-11-11 11:30:49, Info                  CSI    00004763 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:30:49, Info                  CSI    00004764 [SR] Beginning Verify and Repair transaction
2017-11-11 11:30:59, Info                  CSI    000047d6 [SR] Verify complete
2017-11-11 11:30:59, Info                  CSI    000047d7 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:30:59, Info                  CSI    000047d8 [SR] Beginning Verify and Repair transaction
2017-11-11 11:31:15, Info                  CSI    00004850 [SR] Verify complete
2017-11-11 11:31:15, Info                  CSI    00004851 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:31:15, Info                  CSI    00004852 [SR] Beginning Verify and Repair transaction
2017-11-11 11:31:33, Info                  CSI    000048c5 [SR] Verify complete
2017-11-11 11:31:33, Info                  CSI    000048c6 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:31:33, Info                  CSI    000048c7 [SR] Beginning Verify and Repair transaction
2017-11-11 11:31:44, Info                  CSI    0000494e [SR] Verify complete
2017-11-11 11:31:44, Info                  CSI    0000494f [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:31:44, Info                  CSI    00004950 [SR] Beginning Verify and Repair transaction
2017-11-11 11:31:50, Info                  CSI    000049c8 [SR] Verify complete
2017-11-11 11:31:50, Info                  CSI    000049c9 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:31:50, Info                  CSI    000049ca [SR] Beginning Verify and Repair transaction
2017-11-11 11:31:57, Info                  CSI    00004a3e [SR] Verify complete
2017-11-11 11:31:57, Info                  CSI    00004a3f [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:31:57, Info                  CSI    00004a40 [SR] Beginning Verify and Repair transaction
2017-11-11 11:32:05, Info                  CSI    00004ab8 [SR] Verify complete
2017-11-11 11:32:05, Info                  CSI    00004ab9 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:32:05, Info                  CSI    00004aba [SR] Beginning Verify and Repair transaction
2017-11-11 11:32:14, Info                  CSI    00004b3b [SR] Verify complete
2017-11-11 11:32:14, Info                  CSI    00004b3c [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:32:14, Info                  CSI    00004b3d [SR] Beginning Verify and Repair transaction
2017-11-11 11:32:23, Info                  CSI    00004bb6 [SR] Verify complete
2017-11-11 11:32:23, Info                  CSI    00004bb7 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:32:23, Info                  CSI    00004bb8 [SR] Beginning Verify and Repair transaction
2017-11-11 11:32:31, Info                  CSI    00004c3c [SR] Verify complete
2017-11-11 11:32:31, Info                  CSI    00004c3d [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:32:31, Info                  CSI    00004c3e [SR] Beginning Verify and Repair transaction
2017-11-11 11:32:41, Info                  CSI    00004ca9 [SR] Verify complete
2017-11-11 11:32:41, Info                  CSI    00004caa [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:32:41, Info                  CSI    00004cab [SR] Beginning Verify and Repair transaction
2017-11-11 11:32:53, Info                  CSI    00004d99 [SR] Verify complete
2017-11-11 11:32:54, Info                  CSI    00004d9a [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:32:54, Info                  CSI    00004d9b [SR] Beginning Verify and Repair transaction
2017-11-11 11:33:02, Info                  CSI    00004e44 [SR] Verify complete
2017-11-11 11:33:02, Info                  CSI    00004e45 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:33:02, Info                  CSI    00004e46 [SR] Beginning Verify and Repair transaction
2017-11-11 11:33:07, Info                  CSI    00004eab [SR] Verify complete
2017-11-11 11:33:07, Info                  CSI    00004eac [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:33:07, Info                  CSI    00004ead [SR] Beginning Verify and Repair transaction
2017-11-11 11:33:12, Info                  CSI    00004f14 [SR] Verify complete
2017-11-11 11:33:12, Info                  CSI    00004f15 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:33:12, Info                  CSI    00004f16 [SR] Beginning Verify and Repair transaction
2017-11-11 11:33:19, Info                  CSI    00004f9d [SR] Verify complete
2017-11-11 11:33:19, Info                  CSI    00004f9e [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:33:19, Info                  CSI    00004f9f [SR] Beginning Verify and Repair transaction
2017-11-11 11:33:26, Info                  CSI    0000503a [SR] Verify complete
2017-11-11 11:33:27, Info                  CSI    0000503b [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:33:27, Info                  CSI    0000503c [SR] Beginning Verify and Repair transaction
2017-11-11 11:33:32, Info                  CSI    000050a3 [SR] Verify complete
2017-11-11 11:33:32, Info                  CSI    000050a4 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:33:32, Info                  CSI    000050a5 [SR] Beginning Verify and Repair transaction
2017-11-11 11:33:38, Info                  CSI    0000511a [SR] Verify complete
2017-11-11 11:33:38, Info                  CSI    0000511b [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:33:38, Info                  CSI    0000511c [SR] Beginning Verify and Repair transaction
2017-11-11 11:33:43, Info                  CSI    00005183 [SR] Verify complete
2017-11-11 11:33:43, Info                  CSI    00005184 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:33:43, Info                  CSI    00005185 [SR] Beginning Verify and Repair transaction
2017-11-11 11:33:52, Info                  CSI    00005228 [SR] Verify complete
2017-11-11 11:33:52, Info                  CSI    00005229 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:33:52, Info                  CSI    0000522a [SR] Beginning Verify and Repair transaction
2017-11-11 11:33:57, Info                  CSI    0000529b [SR] Verify complete
2017-11-11 11:33:57, Info                  CSI    0000529c [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:33:57, Info                  CSI    0000529d [SR] Beginning Verify and Repair transaction
2017-11-11 11:34:03, Info                  CSI    0000530d [SR] Verify complete
2017-11-11 11:34:03, Info                  CSI    0000530e [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:34:03, Info                  CSI    0000530f [SR] Beginning Verify and Repair transaction
2017-11-11 11:34:09, Info                  CSI    00005380 [SR] Verify complete
2017-11-11 11:34:09, Info                  CSI    00005381 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:34:09, Info                  CSI    00005382 [SR] Beginning Verify and Repair transaction
2017-11-11 11:34:16, Info                  CSI    00005409 [SR] Verify complete
2017-11-11 11:34:16, Info                  CSI    0000540a [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:34:16, Info                  CSI    0000540b [SR] Beginning Verify and Repair transaction
2017-11-11 11:34:21, Info                  CSI    00005470 [SR] Verify complete
2017-11-11 11:34:21, Info                  CSI    00005471 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:34:21, Info                  CSI    00005472 [SR] Beginning Verify and Repair transaction
2017-11-11 11:34:27, Info                  CSI    000054e3 [SR] Verify complete
2017-11-11 11:34:27, Info                  CSI    000054e4 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:34:27, Info                  CSI    000054e5 [SR] Beginning Verify and Repair transaction
2017-11-11 11:34:34, Info                  CSI    00005571 [SR] Verify complete
2017-11-11 11:34:34, Info                  CSI    00005572 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:34:34, Info                  CSI    00005573 [SR] Beginning Verify and Repair transaction
2017-11-11 11:34:39, Info                  CSI    00005606 [SR] Verify complete
2017-11-11 11:34:39, Info                  CSI    00005607 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:34:39, Info                  CSI    00005608 [SR] Beginning Verify and Repair transaction
2017-11-11 11:34:44, Info                  CSI    0000566f [SR] Verify complete
2017-11-11 11:34:44, Info                  CSI    00005670 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:34:44, Info                  CSI    00005671 [SR] Beginning Verify and Repair transaction
2017-11-11 11:34:49, Info                  CSI    000056d8 [SR] Verify complete
2017-11-11 11:34:49, Info                  CSI    000056d9 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:34:49, Info                  CSI    000056da [SR] Beginning Verify and Repair transaction
2017-11-11 11:34:54, Info                  CSI    00005745 [SR] Verify complete
2017-11-11 11:34:54, Info                  CSI    00005746 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:34:54, Info                  CSI    00005747 [SR] Beginning Verify and Repair transaction
2017-11-11 11:35:00, Info                  CSI    000057b0 [SR] Verify complete
2017-11-11 11:35:00, Info                  CSI    000057b1 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:35:00, Info                  CSI    000057b2 [SR] Beginning Verify and Repair transaction
2017-11-11 11:35:04, Info                  CSI    0000581f [SR] Verify complete
2017-11-11 11:35:04, Info                  CSI    00005820 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:35:04, Info                  CSI    00005821 [SR] Beginning Verify and Repair transaction
2017-11-11 11:35:09, Info                  CSI    00005887 [SR] Verify complete
2017-11-11 11:35:09, Info                  CSI    00005888 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:35:09, Info                  CSI    00005889 [SR] Beginning Verify and Repair transaction
2017-11-11 11:35:13, Info                  CSI    000058f0 [SR] Verify complete
2017-11-11 11:35:13, Info                  CSI    000058f1 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:35:13, Info                  CSI    000058f2 [SR] Beginning Verify and Repair transaction
2017-11-11 11:35:17, Info                  CSI    00005959 [SR] Verify complete
2017-11-11 11:35:17, Info                  CSI    0000595a [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:35:17, Info                  CSI    0000595b [SR] Beginning Verify and Repair transaction
2017-11-11 11:35:25, Info                  CSI    000059ce [SR] Verify complete
2017-11-11 11:35:25, Info                  CSI    000059cf [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:35:25, Info                  CSI    000059d0 [SR] Beginning Verify and Repair transaction
2017-11-11 11:35:31, Info                  CSI    00005a38 [SR] Verify complete
2017-11-11 11:35:31, Info                  CSI    00005a39 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:35:31, Info                  CSI    00005a3a [SR] Beginning Verify and Repair transaction
2017-11-11 11:35:40, Info                  CSI    00005aa1 [SR] Verify complete
2017-11-11 11:35:40, Info                  CSI    00005aa2 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:35:40, Info                  CSI    00005aa3 [SR] Beginning Verify and Repair transaction
2017-11-11 11:35:45, Info                  CSI    00005b09 [SR] Verify complete
2017-11-11 11:35:45, Info                  CSI    00005b0a [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:35:45, Info                  CSI    00005b0b [SR] Beginning Verify and Repair transaction
2017-11-11 11:35:51, Info                  CSI    00005b70 [SR] Verify complete
2017-11-11 11:35:51, Info                  CSI    00005b71 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:35:51, Info                  CSI    00005b72 [SR] Beginning Verify and Repair transaction
2017-11-11 11:35:55, Info                  CSI    00005bd7 [SR] Verify complete
2017-11-11 11:35:56, Info                  CSI    00005bd8 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:35:56, Info                  CSI    00005bd9 [SR] Beginning Verify and Repair transaction
2017-11-11 11:35:59, Info                  CSI    00005c3f [SR] Verify complete
2017-11-11 11:35:59, Info                  CSI    00005c40 [SR] Verifying 100 (0x0000000000000064) components
2017-11-11 11:35:59, Info                  CSI    00005c41 [SR] Beginning Verify and Repair transaction
2017-11-11 11:36:05, Info                  CSI    00005ca7 [SR] Verify complete
2017-11-11 11:36:05, Info                  CSI    00005ca8 [SR] Verifying 93 (0x000000000000005d) components
2017-11-11 11:36:05, Info                  CSI    00005ca9 [SR] Beginning Verify and Repair transaction
2017-11-11 11:36:09, Info                  CSI    00005d07 [SR] Verify complete
2017-11-11 11:36:09, Info                  CSI    00005d08 [SR] Repairing 0 components
2017-11-11 11:36:09, Info                  CSI    00005d09 [SR] Beginning Verify and Repair transaction
2017-11-11 11:36:09, Info                  CSI    00005d0a [SR] Repair complete
 
 
~~~
 
mcdbus.sys is not 
 
~~
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 11/11/2017 11:44:02 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/11/2017 3:05:38 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start. 
 
See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 11/11/2017 1:29:05 PM
Type: Error Category: 0
Event: 1023 Source: Microsoft-Windows-Perflib
Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section 
 
contains the Windows error code.
 
Log: 'Application' Date/Time: 11/11/2017 1:29:03 PM
Type: Error Category: 0
Event: 1017 Source: Microsoft-Windows-Perflib
Disabled performance counter data collection from the "ASP.NET_64_2.0.50727" service because the performance 
 
counter library for that service has generated one or more errors. The errors that forced this action have been 
 
written to the application event log. Correct the errors before enabling the performance counters for this 
 
service.
 
Log: 'Application' Date/Time: 11/11/2017 1:29:03 PM
Type: Error Category: 0
Event: 1022 Source: Microsoft-Windows-Perflib
Windows cannot open the 64-bit extensible counter DLL ASP.NET_64_2.0.50727 in a 32-bit environment. Contact the 
 
file vendor to obtain a 32-bit version. Alternatively if you are running a 64-bit native environment, you can 
 
open the 64-bit extensible counter DLL by using the 64-bit version of Performance Monitor. To use this tool, 
 
open the Windows folder, open the System32 folder, and then start Perfmon.exe.
 
Log: 'Application' Date/Time: 11/11/2017 1:25:20 PM
Type: Error Category: 0
Event: 10007 Source: Microsoft-Windows-RestartManager
Application or service 'Autodesk Content Service' could not be restarted.
 
Log: 'Application' Date/Time: 11/11/2017 1:11:40 PM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied. .
 
Log: 'Application' Date/Time: 11/11/2017 5:26:54 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start. 
 
See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 11/11/2017 5:26:53 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start. 
 
See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 10/11/2017 3:51:05 AM
Type: Error Category: 3
Event: 1019 Source: Microsoft-Windows-Search
Windows Search Service failed to process the list of included and excluded locations with the error <30, 
 
0x80040d07, "iehistory://{S-1-5-21-2118853541-1488753588-3094647493-1000}/">. 
 
 
Log: 'Application' Date/Time: 08/11/2017 12:06:39 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it 
 
took too long to suspend.
 
Log: 'Application' Date/Time: 08/11/2017 12:00:23 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it 
 
took too long to suspend.
 
Log: 'Application' Date/Time: 06/11/2017 2:50:31 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it 
 
took too long to suspend.
 
Log: 'Application' Date/Time: 06/11/2017 12:00:01 AM
Type: Error Category: 0
Event: 4103 Source: Windows Backup
The backup did not complete because of an error writing to the backup location D:\. The error is: The backup 
 
location cannot be found or is not valid. Review your backup settings and check the backup location. 
 
(0x81000006).
 
Log: 'Application' Date/Time: 05/11/2017 9:40:17 PM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied. .
 
Log: 'Application' Date/Time: 05/11/2017 8:05:02 PM
Type: Error Category: 0
Event: 8193 Source: System Restore
Failed to create restore point (Process = C:\Users\JohnDoe\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT 
 
Pre-Junkware Removal"; Description = JRT Pre-Junkware Removal; Error = 0x8007043c).
 
Log: 'Application' Date/Time: 05/11/2017 7:11:10 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app 
 
windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy:microsoft.windows.immersivecontrolpanel 
 
failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-
 
TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 05/11/2017 7:07:29 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app 
 
Microsoft.MicrosoftEdge_20.10240.17146.0_neutral__8wekyb3d8bbwe:MicrosoftEdge.AppXeb42j1vh6rk395pm0vmcx57dxqjhe
 
j5d.mca failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-
 
Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 05/11/2017 5:53:21 PM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy+App was terminated 
 
because it took too long to suspend.
 
Log: 'Application' Date/Time: 05/11/2017 1:05:50 PM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it 
 
took too long to suspend.
 
Log: 'Application' Date/Time: 05/11/2017 3:51:12 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy+App was terminated 
 
because it took too long to suspend.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/11/2017 4:30:31 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service Launcher.exe' (pid 1740) cannot 
 
be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 11/11/2017 4:30:31 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service Launcher.exe' (pid 1740) cannot 
 
be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 11/11/2017 4:30:28 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service Launcher.exe' (pid 1740) cannot 
 
be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 11/11/2017 4:30:28 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service Launcher.exe' (pid 1740) cannot 
 
be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 11/11/2017 1:25:11 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\explorer.exe' (pid 5328) cannot be restarted - Application SID does not match Conductor 
 
SID..
 
Log: 'Application' Date/Time: 11/11/2017 1:23:39 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\explorer.exe' (pid 5328) cannot be restarted - Application SID does not match Conductor 
 
SID..
 
Log: 'Application' Date/Time: 10/11/2017 4:21:40 AM
Type: Warning Category: 18
Event: 4627 Source: Microsoft-Windows-EventSystem
The COM+ Event System timed out attempting to fire the Logoff method on event class {D5978630-5B9F-11D1-8DD2-
 
00AA004ABD5E} for publisher  and subscriber .  The subscriber failed to respond within 180 seconds. The display 
 
name of the subscription is "Explorer". The HRESULT was 80010002.
 
Log: 'Application' Date/Time: 10/11/2017 4:19:39 AM
Type: Warning Category: 0
Event: 6005 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> is taking long time to handle the notification event (Logoff).
 
Log: 'Application' Date/Time: 10/11/2017 3:51:05 AM
Type: Warning Category: 3
Event: 3023 Source: Microsoft-Windows-Search
The update cannot be started because all of the content sources were excluded by site path rules, or removed 
 
from the index configuration.
 
Context:  Application, SystemIndex Catalog
 
Details:
(HRESULT : 0x1) (0x00000001)
 
 
Log: 'Application' Date/Time: 10/11/2017 3:51:05 AM
Type: Warning Category: 3
Event: 3037 Source: Microsoft-Windows-Search
Crawl could not be started on content source <iehistory://{S-1-5-21-2118853541-1488753588-3094647493-1000}/>.
 
Context:  Application, SystemIndex Catalog
 
Details:
The specified address was excluded from the index. The 
 
site path rules may have to be modified to include this address.  (HRESULT : 0x80040d07) (0x80040d07)
 
 
Log: 'Application' Date/Time: 09/11/2017 12:21:18 PM
Type: Warning Category: 1
Event: 532 Source: ESENT
SearchIndexer (5112) Windows: A request to read from the file "C:\ProgramData\Microsoft\Search\Data
 
\Applications\Windows\Windows.edb" at offset 38240256 (0x0000000002478000) for 32768 (0x00008000) bytes has not 
 
completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor 
 
for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 09/11/2017 12:21:18 PM
Type: Warning Category: 1
Event: 532 Source: ESENT
SearchIndexer (5112) Windows: A request to read from the file "C:\ProgramData\Microsoft\Search\Data
 
\Applications\Windows\Windows.edb" at offset 38174720 (0x0000000002468000) for 32768 (0x00008000) bytes has not 
 
completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor 
 
for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 09/11/2017 12:04:48 PM
Type: Warning Category: 1
Event: 532 Source: ESENT
SearchIndexer (4752) Windows: A request to read from the file "C:\ProgramData\Microsoft\Search\Data
 
\Applications\Windows\Windows.edb" at offset 4423680 (0x0000000000438000) for 32768 (0x00008000) bytes has not 
 
completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor 
 
for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 08/11/2017 12:42:06 AM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
 
Log: 'Application' Date/Time: 08/11/2017 12:42:03 AM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
 
Log: 'Application' Date/Time: 08/11/2017 12:12:02 AM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
 
Log: 'Application' Date/Time: 08/11/2017 12:05:41 AM
Type: Warning Category: 1
Event: 532 Source: ESENT
SearchIndexer (5124) Windows: A request to read from the file "C:\ProgramData\Microsoft\Search\Data
 
\Applications\Windows\Windows.edb" at offset 36372480 (0x00000000022b0000) for 32768 (0x00008000) bytes has not 
 
completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor 
 
for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 07/11/2017 11:59:20 PM
Type: Warning Category: 1
Event: 532 Source: ESENT
SearchIndexer (4852) Windows: A request to read from the file "C:\ProgramData\Microsoft\Search\Data
 
\Applications\Windows\Windows.edb" at offset 54034432 (0x0000000003388000) for 32768 (0x00008000) bytes has not 
 
completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor 
 
for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 06/11/2017 3:46:06 AM
Type: Warning Category: 3
Event: 10024 Source: Microsoft-Windows-Search
The filter host process 5504 did not respond and is being forcibly terminated. 
 
 
Log: 'Application' Date/Time: 06/11/2017 3:45:36 AM
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 3784 did not respond and is being forcibly terminated {filter host process 5504}. 
 
 
~~~
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 11/11/2017 11:45:55 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/11/2017 9:13:46 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 09/11/2017 9:47:44 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 09/11/2017 12:17:46 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 09/11/2017 12:06:40 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 09/11/2017 12:01:08 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 08/11/2017 10:25:27 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 08/11/2017 10:12:39 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 08/11/2017 12:09:06 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 08/11/2017 12:03:10 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 07/11/2017 11:56:49 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 06/11/2017 10:52:33 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 06/11/2017 3:34:07 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 06/11/2017 2:35:05 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 06/11/2017 2:29:17 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 06/11/2017 2:18:30 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 06/11/2017 2:11:06 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 05/11/2017 7:02:51 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 05/11/2017 1:35:01 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 05/11/2017 1:02:21 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 05/11/2017 12:58:55 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped 
 
responding, crashed, or lost power unexpectedly.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/11/2017 4:31:24 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Plex Update Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective 
 
action will be taken in 10000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 11/11/2017 3:30:22 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server 
 
application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-
 
AB702511C276}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) 
 
running in the application container Unavailable SID (Unavailable). This security permission can be modified 
 
using the Component Services administrative tool.
 
Log: 'System' Date/Time: 11/11/2017 3:07:09 PM
Type: Error Category: 0
Event: 10000 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has failed to start.  Module Path: C:\WINDOWS\system32\Rtlihvs.dll Error Code: 126 
 
Log: 'System' Date/Time: 11/11/2017 3:07:09 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start 
 
because of the following error:  The service cannot be started, either because it is disabled or because it has 
 
no enabled devices associated with it.
 
Log: 'System' Date/Time: 11/11/2017 3:05:38 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca did not register with DCOM within the required 
 
timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 11/11/2017 3:05:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/11/2017 3:06:59 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 10/11/2017 9:14:10 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 09/11/2017 9:48:01 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 09/11/2017 12:18:06 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 09/11/2017 12:07:01 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 09/11/2017 12:01:29 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 08/11/2017 10:25:48 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 08/11/2017 10:13:00 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 08/11/2017 12:43:01 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 08/11/2017 12:11:31 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 08/11/2017 12:09:25 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 08/11/2017 12:03:30 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 07/11/2017 11:57:38 PM
Type: Warning Category: 0
Event: 10400 Source: Microsoft-Windows-NDIS
The network interface "Realtek PCIe GBE Family Controller" has begun resetting.  There will be a momentary 
 
disruption in network connectivity while the hardware resets. Reason: The network driver requested that it be 
 
reset. This network interface has reset 1 time(s) since it was last initialized.
 
Log: 'System' Date/Time: 07/11/2017 11:57:08 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 06/11/2017 10:52:53 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 06/11/2017 3:34:36 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 06/11/2017 2:35:26 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 06/11/2017 2:29:36 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 06/11/2017 2:22:44 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 
 
Log: 'System' Date/Time: 06/11/2017 2:20:33 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review 
 
the list of libraries to ensure they are related to trusted applications. Please visit 
 

Edited by zestron, 11 November 2017 - 11:02 AM.

  • 0

#4
zestron

zestron

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 334 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-11-2017
Ran by JohnDoe (11-11-2017 11:48:38)
Running from C:\Users\JohnDoe\Desktop
Windows 10 Pro 10240.17354 (X64) (2017-01-09 00:07:25)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2118853541-1488753588-3094647493-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2118853541-1488753588-3094647493-503 - Limited - Disabled)
Guest (S-1-5-21-2118853541-1488753588-3094647493-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2118853541-1488753588-3094647493-1009 - Limited - Enabled)
JohnDoe (S-1-5-21-2118853541-1488753588-3094647493-1000 - Administrator - Enabled) => C:\Users\JohnDoe
Visitor (S-1-5-21-2118853541-1488753588-3094647493-1010 - Limited - Enabled) => C:\Users\Visitor
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs 
 
should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent 
 
Inc.)
Acronis True Image 2014 (HKLM-x32\...\{1F91344A-B963-4431-89E8-4F80DEE282BE}) (Version: 17.0.5560 - Acronis) 
 
Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems 
 
Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems 
 
Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe 
 
Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems 
 
Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - 
 
Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems 
 
Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe 
 
Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
Call Of Cthulhu DCoTE (HKLM-x32\...\{E4406ED3-B04C-44F1-ABB4-08775B74934F}) (Version: 1.00.000 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 
 
2015.10.19.0 - CCCP Project)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Deluge 1.3.13 (HKLM-x32\...\Deluge) (Version:  - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
D-Link DWA-582 - V1.02b01 (HKLM-x32\...\{321C85DB-F528-4B49-B6AB-82547D03DAF6}) (Version:  - D-Link 
 
Corporation)
Dxtory version 2.0.126 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.126 - ExKode Co. Ltd.)
Emscripten SDK 64-bit (HKLM\...\Emscripten) (Version:  - )
ESEA Client (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\ESEA) (Version: 5.0.0.0 - E-Sports 
 
Entertainment LLC)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron 
 
Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 
 
0.118 - Etron Technology)
f.lux (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Flux) (Version:  - f.lux Software LLC)
FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
foobar2000 v1.3.14 (HKLM-x32\...\foobar2000) (Version: 1.3.14 - JohnDoe Pawlowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.89 - Google Inc.)
Google Drive (HKLM-x32\...\{AC117AF9-316B-4E1D-959E-F0EB85B0DC5F}) (Version: 2.34.7100.0000 - Google, Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) 
 
Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) 
 
Hidden
GZ3Doom 1.8.10_e (HKLM-x32\...\GZ3Doom 1.8.10_e) (Version: 1.8.10_e - zdoom.org)
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) 
 
(Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) 
 
(Version:  - )
InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - 
 
Christian Kindahl)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Jed's Half-Life Model Viewer 1.3.6 (HKLM-x32\...\Jed's Half-Life Model Viewer) (Version: 1.3.6 - wunderboy.org)
KB4023057 (HKLM\...\{ED06689A-33B7-4D35-8F76-36A82CD03406}) (Version: 2.3.0.0 - Microsoft Corporation)
K-Lite Codec Pack 10.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.5.1 - Hermann Schinagl)
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 
 
- Malwarebytes)
Media Player Codec Pack 4.2.4 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.2.4 - Media Player Codec 
 
Pack)
MeshLab_64b 1.3.2 (HKLM\...\MeshLab_64b) (Version: 1.3.2 - Paolo Cignoni - Guido Ranzuglia VCG - ISTI - CNR)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 
 
4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) 
 
(Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - 
 
Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) 
 
(Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) 
 
(Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - 
 
Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - 
 
Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{A6A4A258-0A48-4F76-B8F1-61F0514594DD}) (Version: 16.4.1970.0624 - 
 
Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) 
 
(Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-
 
7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-
 
0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) 
 
(Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 
 
3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - 
 
Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4971.1002 - Microsoft 
 
Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\OneDriveSetup.exe) (Version: 
 
17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft 
 
Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - 
 
Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 
 
3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 
 
11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) 
 
(Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) 
 
(Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{E4A1FDA3-689D-44DA-9B39-86BD2270F522}) (Version: 
 
11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 
 
11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 
 
11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 
 
11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 
 
11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) 
 
(Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 
 
3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 
 
3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 
 
4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) 
 
(Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-
 
A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 
 
10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 
 
10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 
 
11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) 
 
(Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 
 
8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 
 
8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 
 
8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) 
 
(Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) 
 
(Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) 
 
(Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-
 
5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-
 
22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-
 
21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-
 
725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-
 
87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) 
 
(Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-
 
68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-
 
f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-
 
4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-
 
5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-
 
56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-
 
97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-
 
e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-
 
47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-
 
0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-
 
fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-
 
3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) 
 
(Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for 
 
Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft 
 
Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - 
 
Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 
 
3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) 
 
(Version: 4.0.30901.0 - Microsoft Corporation)
MKVToolNix 7.2.0 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 7.2.0 - Moritz Bunkus)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola 
 
Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - 
 
Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - 
 
Motorola Mobility LLC)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft 
 
Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft 
 
Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - 
 
Mozilla)
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - 
 
Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - 
 
Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - 
 
Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft 
 
Corporation)
msxml4 (HKLM-x32\...\{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}) (Version: 1.0.0 - Default Company Name)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NSIS Example2 (HKLM-x32\...\ARC3D Webservice v2.2) (Version:  - )
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 
 
15.0.4971.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 
 
15.0.4971.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 
 
15.0.4971.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 
 
- Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software 
 
Foundation)
Outlast (HKLM-x32\...\Outlast_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PackBit Codec version 1.0.0.1Beta (HKLM-x32\...\{5AFD98DE-0AF5-497F-BE7E-F93DEDF74573}_is1) (Version: 
 
1.0.0.1Beta - Dxtory Software)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems 
 
Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plex Media Server (HKLM-x32\...\{34B11343-9146-43DE-B621-B971E854087D}) (Version: 1.9.6429 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{f3d9eae6-b717-4e4e-884e-227227518530}) (Version: 1.9.6.4429 - Plex, Inc.)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.4 - Power Software Ltd)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft 
 
Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 
 
7.49.927.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - 
 
Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 
 
- Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Resident Evil 7: Biohazard (HKLM-x32\...\Resident Evil 7: Biohazard_is1) (Version:  - )
Riftcat (HKLM-x32\...\{8346dab5-9676-4878-9891-b24811bf4ce4}) (Version: 1.0.0 - Riftcat)
Riftcat Client (HKLM-x32\...\{B2C26ED3-33A6-4A0E-98EE-6ACEC22C5793}) (Version: 1.0.0.3 - Riftcat) Hidden
RoboBasket3 (HKLM\...\RoboBasket_is1) (Version: 3.6.8 - ETUS)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.04.00 - Samsung 
 
Electronics Co., Ltd.)
SharePoint Client Components (HKLM\...\{95150002-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - 
 
Microsoft Corporation) Hidden
SharePoint Client Components (HKLM\...\{95160001-1163-0409-1000-0000000FF1CE}) (Version: 16.0.2617.1200 - 
 
Microsoft Corporation) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
Simple Shutdown Timer (HKLM-x32\...\Simple Shutdown Timer1.1.2) (Version: 1.1.2 - PcWinTech.com)
SketchUp 2016 (HKLM\...\{E2B66CF6-ABA0-4E5F-B426-7478B18301AE}) (Version: 16.1.1449 - Trimble Navigation 
 
Limited)
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Skype Web Plugin (HKLM-x32\...\{EB96DF8B-65A7-4E72-BFB1-38DB36870D16}) (Version: 7.32.6.278 - Skype 
 
Technologies S.A.)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
SoulseekQt version 2017.2.20 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2017.2.20 - 
 
Soulseek LLC)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{992AD614-FFE5-4258-BB56-9E7513E21221}) (Version: 1.9.6429 - Plex, Inc.) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1032 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TriDef 3D 7.0 (HKLM-x32\...\essentials-bundle) (Version: 7.0 - Dynamic Digital Depth Australia Pty Ltd)
TrinusVR version 2.0.7 (HKLM-x32\...\{A66AD08F-FC5B-4583-9A7D-4636F5637B2C}_is1) (Version: 2.0.7 - Odd Sheep 
 
Ltd.)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Unity (HKLM-x32\...\Unity) (Version: 5.1.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\UnityWebPlayer) (Version: 5.1.1f1 - 
 
Unity Technologies ApS)
Unreal Development Kit: 2014-08 (HKLM\...\UDK-9c2d7d48-70d6-4b8d-8177-eed675927679) (Version:  - Epic Games, 
 
Inc.)
Unreal Engine (HKLM\...\{C5027D29-72B6-45F1-95C7-AAB98C31F69D}) (Version: 1.1.12.0 - Epic Games, Inc.)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, 
 
Inc) Hidden
Veeam Endpoint Backup (HKLM\...\{97BBA6CF-338C-4284-B605-5A5AC00132F8}) (Version: 1.5.0.306 - Veeam Software 
 
AG)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - 
 
AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 
 
14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
VR Player (HKLM-x32\...\{31DDB528-67A7-415C-B218-B111B5FAF5DD}) (Version: 0.5.1 - StephaneLX)
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - 
 
Microsoft Corporation)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 
 
2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 
 
2.1.0.7 - Wacom Technology Corp.)
WinDirStat 1.1.2 (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Worms Armageddon (HKLM-x32\...\Worms Armageddon) (Version:  - )
Worms W.M.D. (HKLM-x32\...\Worms W.M.D._is1) (Version:  - )
XSplit Gamecaster (HKLM-x32\...\{083E9AF8-1900-4D7A-AB08-0B4BB98D2848}) (Version: 2.7.1512.1839 - 
 
SplitmediaLabs)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved 
 
unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-
 
5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-
 
AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{41052F6E-3662-4584-BCD3-
 
77BCCAAE8470}\InprocServer32 -> C:\Users\JohnDoe\AppData\Local\SkypePlugin\7.32.6.278\GatewayActiveX-x64.dll 
 
(Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{5370C727-1451-4700-A960-
 
77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{60813F68-E9F7-4B3C-80B4-
 
A76A66211660}\localserver32 -> C:\Users\JohnDoe\AppData\Local\SkypePlugin\7.32.6.278\GatewayVersion-x64.exe 
 
(Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{C52B9871-E5E9-41FD-B84D-
 
C5ACADBEC7AE}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-
 
43E6C7547BC2}\localserver32 -> C:\Users\JohnDoe\AppData\Local\SkypePlugin\7.32.6.278\EdgeCalling.exe (Skype 
 
Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-
 
70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-
 
0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll => No File
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program 
 
Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program 
 
Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program 
 
Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files 
 
(x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program 
 
Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files 
 
(x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files
 
\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program 
 
Files\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program 
 
Files\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files
 
\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program 
 
Files\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:
 
\Program Files\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files 
 
(x86)\Google\Drive\contextmenu64.dll [2017-10-09] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll 
 
[2013-08-22] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR
 
\rarext32.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files 
 
(x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files 
 
(x86)\Google\Drive\contextmenu64.dll [2017-10-09] (Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI 
 
Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files 
 
(x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll 
 
[2013-08-22] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR
 
\rarext32.dll [2013-08-22] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved 
 
unless listed separately.)
 
Task: {043ABB39-7149-431C-A81F-172B310A7E73} - System32\Tasks\Microsoft\Windows\Media Center
 
\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {085F6E7A-CABE-4D03-9AB3-09E55B9851C8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => 
 
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {08F069B4-7CCF-44FA-B025-B8520AAE32FE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS
 
\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-07-09] (Adobe Systems Incorporated)
Task: {09221FF3-7AD7-43E6-9C8D-B9F821CEF5CA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => 
 
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BFD8BCD-46B0-4EB2-B2D7-BAA9ABB9FAB1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady 
 
=> C:\WINDOWS\ehome\ehPrivJob.exe
Task: {10CFAE02-CE22-4E4C-A05C-54C4BE819A62} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot 
 
=> C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B67756E-0F48-496B-BD07-C5067FA20EED} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => 
 
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {213E625D-F228-4F92-9D31-041763DD6ED1} - System32\Tasks\Motorola Device Manager Update => C:\Program 
 
Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {215932AA-6835-474A-BA4A-9185B7E70C4D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => 
 
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {215AAD55-D1F5-4E84-BA1C-5F84FCBE6F67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files 
 
(x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2829A8E2-D3C5-4129-87E7-A61C3F0BCDF5} - System32\Tasks\Private Internet Access Startup => C:\Program 
 
Files\pia_manager\pia_manager.exe [2017-01-08] ()
Task: {2C1386B3-1B50-45CE-B67D-ABF510EF1268} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:
 
\WINDOWS\ehome\mcupdate.exe
Task: {315FF7C3-5435-4784-9BFD-88F6B0AEBAED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files 
 
(x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {343E87FA-C082-4C67-85A8-905F7ADBD75E} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 
 
=> c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {371CC41F-45D9-4A7D-B095-A1F41F8E4535} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance 
 
=> C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared
 
\OFFICE15\OLicenseHeartbeat.exe [2017-09-05] (Microsoft Corporation)
Task: {390B6383-B0BA-4532-BB92-8A8CCD706D21} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => 
 
C:\WINDOWS\ehome\mcupdate.exe
Task: {3A26E800-0D02-423E-831C-4FC5A2CE841B} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program 
 
Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {3CADE8BA-3376-4CC5-9129-DF20CEC9386A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry 
 
=> C:\WINDOWS\ehome\MCUpdate.exe
Task: {3E83079D-5816-44DD-A1C5-035CBA2D8701} - System32\Tasks\{264AA82E-0D9F-491F-8F75-6AC88379EC64} => C:
 
\Windows\system32\pcalua.exe -a C:\facetalk\vcredist_x86.exe -d C:\facetalk
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience
 
\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe generaltel.dll,RunTelemetryW
Task: {4824F5C2-CFF1-489B-9DD8-50867EF00A08} - System32\Tasks\Microsoft\Windows\Media Center
 
\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4DF66FDD-56D1-4CC0-82FD-C23A43BC9FD1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled 
 
=> C:\WINDOWS\ehome\mcupdate.exe
Task: {56A416E1-CEA6-4C66-9B49-446CDF2A9322} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\
 
\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {653609D6-9972-490E-95F8-6655932A38D4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program 
 
Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {70BD27CD-43BC-4D7D-8CC0-A37C7DD5B5DE} - System32\Tasks\Microsoft\Windows\Media Center
 
\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {71E7E9F7-D2F1-4425-A067-8DA7826EC65B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:
 
\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {7D8FACD2-560D-4F3F-849C-CE58FA6D8286} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => 
 
C:\WINDOWS\ehome\mcupdate.exe
Task: {821FBBD1-F4F0-4D14-A496-C67DF82DDB40} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => 
 
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {82D2D90C-FC57-4662-8576-105906E7319C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows
 
\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-09] (Adobe Systems Incorporated)
Task: {82F255A8-9083-4D50-908F-6AE669801AAA} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath 
 
=> C:\WINDOWS\ehome\ehPrivJob.exe
Task: {87FFBA8A-5C6C-40B3-8776-B7F4FFDBC42F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart 
 
=> C:\WINDOWS\ehome\ehrec.exe
Task: {88451E32-5273-48C4-84C3-5EC634EF6E74} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => 
 
C:\WINDOWS\ehome\ehrec.exe
Task: {8F42BC07-C2E6-4884-92D1-D62E0DCE1B98} - System32\Tasks\Microsoft\Windows\Media Center
 
\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8F4C3A2F-D807-437E-BAA4-10DF9721ED47} - \Microsoft\Windows\File Classification Infrastructure\Property 
 
Definition Sync -> No File <==== ATTENTION
Task: {9FF2A908-33EA-42DE-BFA0-940693DF7D25} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2118853541-
 
1488753588-3094647493-1000Core => C:\Users\JohnDoe\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {A20E378C-2EC1-485F-A033-4E56E69D4328} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => 
 
C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {A510FD0F-C100-4861-A68C-3E5752FA7C6E} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program 
 
Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A7B20046-C633-4354-A90C-5793CDC2F226} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:
 
\WINDOWS\ehome\ehPrivJob.exe
Task: {B56B7CF9-8765-49C8-842E-3D9C72245EDB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service 
 
Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft 
 
Corporation)
Task: {B64791E3-1488-4590-A4EA-C2846AAF49C3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:
 
\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {C66F61DB-B81C-4BBB-84E5-699CFC921128} - System32\Tasks\{0712CEE4-6F21-4497-83F5-42D74A7817AB} => C:
 
\Windows\system32\pcalua.exe -a C:\Users\JohnDoe\Downloads\forge-1.8-11.14.1.1375-installer-win.exe -d C:
 
\Users\JohnDoe\Downloads
Task: {CCC7FE22-3409-4283-8E0D-C7015B12984F} - System32\Tasks\Microsoft\Windows\Media Center
 
\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D72F551A-6A6F-4425-8B05-DA317BC197FB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => 
 
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DDA1B7D1-095B-45E8-A877-1BB3A97DCF0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:
 
\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {EAC73821-25D2-4693-83E1-F0CED2F7181F} - System32\Tasks\{62DE4789-40F7-454A-88EC-924C65C24006} => C:
 
\Windows\system32\pcalua.exe -a C:\Users\JohnDoe\Desktop\oculus\Perception\Perception\bin
 
\VireioDLLInstaller.exe -d C:\Users\JohnDoe\Desktop\oculus\Perception\Perception\bin
Task: {EBD233ED-ACC8-4CDF-8404-B3BD20954E3B} - System32\Tasks\Motorola Device Manager Initial Update => C:
 
\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {F63B8181-B71E-49CD-8F32-04949325051C} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft 
 
Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {F8BEDA55-0D01-4DB6-8C7A-62977D00839B} - System32\Tasks\Microsoft\Windows\Media Center
 
\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the 
 
task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\JohnDoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google 
 
Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --
 
profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\JohnDoe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
 
\TaskBar\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
 
(Google Inc.) ->  --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\JohnDoe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
 
\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application
 
\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-01-08 20:07 - 2015-07-14 21:04 - 000032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2014-03-29 17:14 - 2011-04-11 00:26 - 000034304 _____ () C:\WINDOWS\System32\spe__l.dll
2015-08-03 23:25 - 2015-08-03 23:25 - 000214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel
 
\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 000817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 003650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-08-03 23:25 - 2015-08-03 23:25 - 000127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel
 
\Fuel.Container.Wlan.dll
2015-09-08 14:03 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 
 
15\ClientX64\ApiClient.dll
2017-04-11 20:35 - 2017-03-28 05:15 - 002495768 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-11-07 21:52 - 2017-01-08 07:43 - 007711878 _____ () C:\Program Files\pia_manager\pia_manager.exe
2017-03-21 18:50 - 2017-01-31 07:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS
 
\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2004-09-30 13:15 - 2004-09-30 13:15 - 000192000 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2017-01-08 20:14 - 2015-09-17 00:48 - 000429056 _____ () C:\Windows\SystemApps
 
\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel
 
\Fuel.Proxy.Native.dll
2017-11-07 17:32 - 2017-11-05 04:12 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application
 
\62.0.3202.89\libglesv2.dll
2017-11-07 17:32 - 2017-11-05 04:12 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application
 
\62.0.3202.89\libegl.dll
2017-04-11 20:35 - 2017-03-28 00:57 - 006569472 _____ () C:\WINDOWS\SystemApps
 
\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-08 20:12 - 2016-11-19 01:06 - 000471040 _____ () C:\WINDOWS\SystemApps
 
\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-11 20:34 - 2017-03-28 00:55 - 001808384 _____ () C:\WINDOWS\SystemApps
 
\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-08 20:17 - 2015-09-17 00:43 - 002274816 _____ () C:\WINDOWS\SystemApps
 
\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 06:00 - 2015-07-10 08:14 - 000210432 _____ () C:\WINDOWS\SystemApps
 
\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-04-07 09:31 - 2014-04-07 09:31 - 000172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola 
 
Device Manager\css_core.dll
2017-11-11 10:27 - 2017-11-11 10:27 - 000012800 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\encdb.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000009728 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000014848 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000094208 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\src
 
\rgloader\rgloader193.mswin.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000009216 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\lib
 
\ruby\1.9.1\i386-mingw32\etc.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000094208 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\lib
 
\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000126976 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\lib
 
\ruby\1.9.1\i386-mingw32\win32ole.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000087552 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\lib
 
\ruby\1.9.1\i386-mingw32\dl.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000016384 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\lib
 
\ruby\1.9.1\i386-mingw32\fiddle.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000127316 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\bin
 
\libffi-6.dll
2017-11-11 10:27 - 2017-11-11 10:27 - 000008704 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000013312 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000095744 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000026624 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\lib
 
\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000012800 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\encdb.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000009728 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000014848 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000094208 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\src
 
\rgloader\rgloader193.mswin.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000094208 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000118784 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\socket.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000069120 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\zlib.so
2017-11-11 10:27 - 2017-11-11 10:27 - 000083968 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\bin
 
\zlib1.dll
2017-11-11 10:28 - 2017-11-11 10:28 - 000026624 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\stringio.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000275968 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\openssl.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000015360 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\digest.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000008192 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\fcntl.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000009216 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\etc.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000023552 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000008704 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000008704 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000008704 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000008704 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000036352 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000126976 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\win32ole.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000087552 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\dl.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000016384 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\fiddle.so
2017-11-11 10:27 - 2017-11-11 10:28 - 000127316 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\bin
 
\libffi-6.dll
2017-11-11 10:28 - 2017-11-11 10:28 - 000013312 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000095744 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2017-11-11 10:28 - 2017-11-11 10:28 - 000026624 _____ () C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\lib
 
\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2017-01-08 07:43 - 2017-01-08 07:43 - 000939520 _____ () C:\Program Files\pia_manager\pia_tray_bin\nw-win
 
\ffmpeg.dll
2017-01-08 07:43 - 2017-01-08 07:43 - 003115520 _____ () C:\Program Files\pia_manager\pia_tray_bin\nw-win
 
\node.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 000083432 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 001083368 _____ () C:\Program Files (x86)\Plex\Plex Media Server
 
\libxml2.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 000115688 _____ () C:\Program Files (x86)\Plex\Plex Media Server
 
\soci_core-vc80-3_0.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 000059880 _____ () C:\Program Files (x86)\Plex\Plex Media Server
 
\soci_sqlite3-vc80-3_0.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 000772072 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 001741288 _____ () C:\Program Files (x86)\Plex\Plex Media Server
 
\opencv_imgproc2411.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 001962984 _____ () C:\Program Files (x86)\Plex\Plex Media Server
 
\opencv_core2411.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 000025576 _____ () C:\Program Files (x86)\Plex\Plex Media Server
 
\lyric_lite.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 000203240 _____ () C:\Program Files (x86)\Plex\Plex Media Server
 
\libidn.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 001549104 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libstdc
 
++-6.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 000127136 _____ () C:\Program Files (x86)\Plex\Plex Media Server
 
\libgcc_s_dw2-1.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 000050152 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs
 
\_socket.pyd
2017-11-06 09:51 - 2017-11-06 09:51 - 000071656 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs
 
\_ssl.pyd
2017-11-06 09:51 - 2017-11-06 09:51 - 000024552 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs
 
\_hashlib.pyd
2017-11-06 09:51 - 2017-11-06 09:51 - 000041448 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts
 
\simplejson\_speedups.pyd
2017-11-06 09:51 - 2017-11-06 09:51 - 000930280 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts
 
\lxml\etree.pyd
2017-11-06 09:51 - 2017-11-06 09:51 - 000190952 _____ () C:\Program Files (x86)\Plex\Plex Media Server
 
\libxslt.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 000074728 _____ () C:\Program Files (x86)\Plex\Plex Media Server
 
\libexslt.dll
2017-11-06 09:51 - 2017-11-06 09:51 - 000218088 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts
 
\lxml\objectify.pyd
2017-11-06 09:51 - 2017-11-06 09:51 - 000018920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs
 
\select.pyd
2017-11-06 09:51 - 2017-11-06 09:51 - 000095720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs
 
\_ctypes.pyd
2017-11-06 09:51 - 2017-11-06 09:51 - 000143336 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs
 
\pyexpat.pyd
2017-11-06 09:51 - 2017-11-06 09:51 - 000694248 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs
 
\unicodedata.pyd
2017-11-06 09:51 - 2017-11-06 09:51 - 000064488 _____ () C:\Program Files (x86)\Plex\Plex Media Server
 
\TeVii.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be 
 
restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MB3Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MB3Service => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\Software\Classes\.scr: AutoCADScriptFile => 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2017-03-30 20:04 - 000501196 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 activation.acronis.com
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
0.0.0.0 banner.ad.nu
0.0.0.0 adadvisor.net
 
There are 13208 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\JohnDoe
 
\Downloads\46900422-wallpaper-gray.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) 
 
(ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Autodesk Content Service => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: syncagentsrv => 2
MSCONFIG\Services: VeeamEndpointBackupSvc => 2
MSCONFIG\Services: WTabletServiceCon => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CrashPlan Tray.lnk => C:
 
\Windows\pss\CrashPlan Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF 
 
RunOnce.lnk => C:\Windows\pss\Install LastPass FF RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE 
 
RunOnce.lnk => C:\Windows\pss\Install LastPass IE RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan 
 
Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OculusConfigUtil.lnk => 
 
C:\Windows\pss\OculusConfigUtil.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^JohnDoe^AppData^Roaming^Microsoft^Windows^Start 
 
Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^JohnDoe^AppData^Roaming^Microsoft^Windows^Start 
 
Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis
 
\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter
 
\TibMounterMonitor.exe
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative 
 
Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA
 
\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager
 
\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager
 
\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\JohnDoe\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services
 
\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support
 
\APSDaemon.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: AVG-Secure-Search-Update_0214c => C:\Users\JohnDoe\AppData\Roaming\AVG 0214c Campaign
 
\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=012d7d48095647d39ae281ac0f58262d-
 
70393698b68259567fe90401a4c13bae881e40dd /CMPID=0214c
MSCONFIG\startupreg: AVG-Secure-Search-Update_1113a => C:\Users\JohnDoe\AppData\Roaming\AVG 1113a Campaign
 
\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=012d7d48095647d39ae281ac0f58262d-
 
70393698b68259567fe90401a4c13bae881e40dd /CMPID=1113a
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: BackupAndRecoveryMonitor.exe => C:\Program Files (x86)\Acronis\BackupAndRecovery
 
\BackupAndRecoveryMonitor.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CrashPlanService => C:\Users\JohnDoe\AppData\Local\Programs\CrashPlan\CrashPlanService.vbs
MSCONFIG\startupreg: CrashPlanTray => C:\Users\JohnDoe\AppData\Local\Programs\CrashPlan\CrashPlanTray.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
MSCONFIG\startupreg: f.lux => "C:\Users\JohnDoe\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: Facebook Update => "C:\Users\JohnDoe\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c 
 
/nocrashserver
MSCONFIG\startupreg: Fences => "C:\Program Files (x86)\Stardock\Fences\Fences.exe" /startup
MSCONFIG\startupreg: googletalk => C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services
 
\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows
 
\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: OutfoxTV => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" 
 
/autoclean
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search 
 
and Destroy\Test.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TrayMonitor.exe => C:\Program Files (x86)\Acronis\TrayMonitor\TrayMonitor.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome
 
\TrueImageMonitor.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\JohnDoe\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Veeam.EndPoint.Tray.exe => C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe 
 
-NoControlPanel
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\StartupApproved\Run: => 
 
"SpybotPostWindows10UpgradeReInstall"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved 
 
unless listed separately.)
 
FirewallRules: [{75EFF93B-098D-465E-AF70-C6873E25ACCD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9C7E5216-7246-4528-8150-0FFE3335D0F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0BE48B47-1842-4C75-B520-2D736FBF1451}] => (Allow) C:\Program Files (x86)\Riftcat\VRidge.exe
FirewallRules: [{F81B3C48-1DAB-48BA-A151-7A486ACA21A0}] => (Allow) C:\Program Files (x86)\Riftcat\VRidge.exe
FirewallRules: [{8931F971-2510-419C-8561-66E8583E8595}] => (Allow) C:\Program Files (x86)\Riftcat\Riftcat.exe
FirewallRules: [{E481D2D3-FC9D-4FA9-BD95-A5ABFAEB9EE4}] => (Allow) C:\Program Files (x86)\Riftcat\Riftcat.exe
FirewallRules: [UDP Query User{334E95A5-E2D1-43DE-99CA-98E48DC68EE5}C:\program files (x86)\deluge\deluge.exe] 
 
=> (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{F54B39CC-F7C5-4DE0-995B-A6642AA23865}C:\program files (x86)\deluge\deluge.exe] 
 
=> (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{E3E9ED28-8066-4E36-B5CA-C46F4F148D39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F6A84C0E-FBD0-4CAF-B407-1B06957D4CDE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D121B62E-5B2A-4E66-A800-68664F6E4661}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{37E3A800-803F-4A73-B72E-9FD98E463A1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5A399ACA-D7A2-457D-BADD-487F542DDFF2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1889113A-2289-4DAE-99BA-D8753613E6AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7A628787-D70F-44E9-80D9-38806ED72DBF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6BDA842F-47B0-4DBA-9D33-87B95AD5E95E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0471FF3C-C44C-4C68-9A46-3DBA0A8FF54D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{98A1E580-C5AE-4192-84AB-D1560060FBE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{27955D3F-5717-49D3-8AD0-E8DEA6334BD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5044250B-D182-45D1-84B9-81DCC60E28FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7BA4CEA0-7440-4BA2-AB0A-934CFBBF5FD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1B548BB3-D5CC-4D5F-9D38-B35426A2D05C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8879323F-DBEB-4F66-992E-1AC6C2D2D6AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F357546F-BC60-4181-98B4-C2F57AD073C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5A421725-3FA5-4FA3-ACA0-92A7F2D5220B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0B8DF506-238B-4E76-85DD-E45AFAA49A3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C080184A-4EB1-42F4-8640-31127F0E9A5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{06D8837E-E83B-46D2-894D-962A183F1301}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7228A905-67B6-46BA-ADD1-37A2F4B32B1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{792973AA-B5D0-4B44-8D12-0EB98ED151D7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BC7DEB8A-DE4B-4558-8B9D-C27E0C1CA634}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5BB07D0C-6B22-4274-91B6-FD7947DB90D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B5BC6F77-13B5-4ED9-A507-15B3B1BED50F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F9E7398D-3EFF-40B3-B12E-F03B66786A05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0BF167CF-15F9-4737-9965-865C0D6321B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EB4D1600-0AE2-42A9-B874-48651630C9C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3199D023-6BFA-45E4-B721-D75FBC326964}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{04BF1E32-50DA-4559-B2A1-49B76EB4B638}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5400F224-ED0E-4D80-BC7B-322269023C91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FA8F5790-358C-4F2A-9984-C1F00C975B36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6927A104-0E3A-40F7-86D2-51A558DBB213}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A4B536E6-B8D8-43DD-A9DC-C3BB2C5FC733}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B6ABE096-3A9B-4521-B61B-A23BFA0A9A59}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AB76F7D-7735-4BA5-ACD6-A4E143326D1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{38C11767-E891-40DD-93B6-0D385E9C9C44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6174BB2B-CEED-450A-B238-B6DD9D617A12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A199A92F-EEB1-48CC-B60E-EB8B6D5A6D07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B1F3DFA6-F742-46E7-8DB5-2E99BF6D81DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CB553BBA-8C3E-4978-8B83-DF123EE8F28C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4752FBD5-F36A-4E3D-A108-CCF8C6EA67A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C296C17E-D9D1-46FF-967D-76DA4ECF7102}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B358125D-056E-47EB-AC42-B21783CC1F9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1CF8409-8EB9-4DB4-86D5-F72DDA6239E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EB4FFEAB-443B-4324-950F-AAC71F1132D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EB959F4E-710F-4CE9-98DB-011C396458C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C4EC1DBE-7C62-4B8C-BF04-F046005415AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2E02996E-3154-4610-A5D4-80027361955D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B3A3F6A3-35DF-44F6-AC50-2A306FDA08AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9BC67FB0-7767-4299-8CB6-A27376FCA58E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{60EA82B5-DED9-4FE7-8390-A2A505FA8E00}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{ED62CF6B-F640-4C0E-B0A1-3224767DD34B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef
 
\cef.win7\steamwebhelper.exe
FirewallRules: [{4E4EB7DB-C878-4B9E-9224-FB610E867540}] => (Allow) C:\Program Files (x86)\Steam\bin\cef
 
\cef.win7\steamwebhelper.exe
FirewallRules: [{EB750A4D-18F6-4B03-A74C-CC608477E910}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{4C9EF861-E2E3-4C4D-94A1-29829C11F6D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{4625D4FA-F8F3-4641-A15A-49FDC679DBA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{7BEC35B6-6789-4B85-854A-AE8E529C2908}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{6807D6D9-2714-4377-97B6-DEEBE6718AED}] => (Allow) C:\Program Files\Veeam\Endpoint Backup
 
\VeeamDeploymentSvc.exe
FirewallRules: [{57DB03E4-395E-44B2-A33E-55EC2E91B4A2}] => (Allow) C:\Program Files\Veeam\Endpoint Backup
 
\VeeamDeploymentSvc.exe
FirewallRules: [{F64BFA1B-49E6-4331-A98B-81335811AA1F}] => (Allow) C:\Program Files\Veeam\Endpoint Backup
 
\x86\VeeamAgent.exe
FirewallRules: [{8AC04E03-EF0E-4CC9-8334-0413E02586AF}] => (Allow) C:\Program Files\Veeam\Endpoint Backup
 
\x86\VeeamAgent.exe
FirewallRules: [{F7CA07DE-DC4A-4442-85A3-11C266BE4AB2}] => (Allow) C:\Program Files\Veeam\Endpoint Backup
 
\x64\VeeamAgent.exe
FirewallRules: [{97C8B878-283D-4785-B0AB-E824E050F158}] => (Allow) C:\Program Files\Veeam\Endpoint Backup
 
\x64\VeeamAgent.exe
FirewallRules: [{DFA8F125-8120-4A86-ABCD-D7BD39FB9870}] => (Allow) C:\Program Files\Veeam\Endpoint Backup
 
\Veeam.EndPoint.Service.exe
FirewallRules: [{3BFB2EEC-AC13-4B28-A17D-97A3F3CFAA95}] => (Allow) C:\Program Files\Veeam\Endpoint Backup
 
\Veeam.EndPoint.Service.exe
FirewallRules: [{753C829F-AAF8-46BD-BD3A-3CB1EDACAD80}] => (Allow) C:\Program Files\Veeam\Endpoint Backup
 
\Veeam.EndPoint.Recovery.exe
FirewallRules: [UDP Query User{9E010019-C924-40F4-90B7-7E68AAC18F5D}C:\program files (x86)\trinusvr
 
\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [TCP Query User{3B0E7986-E1E7-49B9-87CB-6228B3681EA2}C:\program files (x86)\trinusvr
 
\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [{97F5B3D5-FBB2-42D0-865E-53C658581B85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\SteamVR\tools\bin\win32\vrmonitor.exe
FirewallRules: [{76A3B7AC-0DCD-4203-B265-DDD01BFAE72D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\SteamVR\tools\bin\win32\vrmonitor.exe
FirewallRules: [UDP Query User{5EB3E8DF-6AE7-46B5-9725-E78D104BE3ED}C:\program files (x86)\trinusvr
 
\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [TCP Query User{00E5D80B-2D5E-4DE1-8428-386A2D6CAC35}C:\program files (x86)\trinusvr
 
\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [{2FA4CE46-18FE-4086-92D4-1AC347E23F1E}] => (Allow) C:\Users\JohnDoe\AppData\Roaming\uTorrent
 
\uTorrent.exe
FirewallRules: [{3481AC93-4F43-4F29-8A7D-894227C96201}] => (Allow) C:\Users\JohnDoe\AppData\Roaming\uTorrent
 
\uTorrent.exe
FirewallRules: [{A720F494-AC19-43A4-B74D-2B94D68C96B3}] => (Allow) C:\Users\JohnDoe\AppData\Roaming\uTorrent
 
\uTorrent.exe
FirewallRules: [{086628CB-CD16-4E65-9132-A82C3F839B8E}] => (Allow) C:\Users\JohnDoe\AppData\Roaming\uTorrent
 
\uTorrent.exe
FirewallRules: [{695E2055-0738-4A4B-B619-FE9D3895A703}] => (Allow) C:\Users\JohnDoe\AppData\Roaming\uTorrent
 
\uTorrent.exe
FirewallRules: [{4CC1AB1E-308B-4EBE-AED2-881C795F188C}] => (Allow) C:\Users\JohnDoe\AppData\Roaming\uTorrent
 
\uTorrent.exe
FirewallRules: [{103C5946-3F05-4BFD-BBC6-40D1099C42CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{34B01E4B-F143-440A-A59A-1AEE372EAF1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [UDP Query User{223C5775-E52B-4BCD-952F-D01632A73CAD}C:\users\JohnDoe\appdata\local\programs
 
\crashplan\crashplanservice.exe] => (Allow) C:\users\JohnDoe\appdata\local\programs\crashplan
 
\crashplanservice.exe
FirewallRules: [TCP Query User{8E72D0B3-A8F6-402E-AD22-C3AFC9AB2FF6}C:\users\JohnDoe\appdata\local\programs
 
\crashplan\crashplanservice.exe] => (Allow) C:\users\JohnDoe\appdata\local\programs\crashplan
 
\crashplanservice.exe
FirewallRules: [{38849EF8-BD16-498C-84D5-F337210558A4}] => (Allow) LPort=7575
FirewallRules: [{F6C56860-CA82-4224-B5D5-46C720F18A8D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Quake Live\quakelive_steam.exe
FirewallRules: [{B50CC47A-193C-4A45-959D-A75DDE485389}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Quake Live\quakelive_steam.exe
FirewallRules: [{687D1343-9F7E-4204-B53D-74EB32326A1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{C2270987-E8D4-4FBB-B40C-CA78E841C26A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [UDP Query User{35688CE3-AF66-4FF0-B22E-50B9EC596A62}C:\program files (x86)\hearthstone
 
\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{C3F443B8-18D2-4BA2-8213-B50E3E5C352B}C:\program files (x86)\hearthstone
 
\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{A1EC950A-785F-42A6-A6DE-CADCCEC3895F}] => (Block) %ProgramFiles% (x86)\R.G. Mechanics\Outlast
 
\OutlastLauncher.exe
FirewallRules: [UDP Query User{DE58377F-8EFA-4999-BCC1-0462C086528E}C:\program files (x86)\r.g. mechanics
 
\outlast\binaries\win64\olgame.exe] => (Block) C:\program files (x86)\r.g. mechanics\outlast\binaries
 
\win64\olgame.exe
FirewallRules: [TCP Query User{97966721-E71E-43EA-A511-C53C7F219C58}C:\program files (x86)\r.g. mechanics
 
\outlast\binaries\win64\olgame.exe] => (Block) C:\program files (x86)\r.g. mechanics\outlast\binaries
 
\win64\olgame.exe
FirewallRules: [{F0404191-39A0-4526-BA1B-027E493EA615}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{90820F54-83BE-47CB-8F53-FB278E5260C4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EE4300FC-1BE1-46FA-95F8-E4B8BCAB0EC2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C1F1A368-F725-44C7-95D8-D65F0F339F28}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3A9091F7-788A-4DE5-8191-196E88BD4973}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{AC291F83-70BC-49DD-8123-138816007EEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [UDP Query User{BFB084F1-BABA-4D4C-AB16-40D414A9D041}C:\program files\unity\editor\unity.exe] => 
 
(Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{679DDA69-471F-423F-A25E-5F3C6D3DC360}C:\program files\unity\editor\unity.exe] => 
 
(Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [{3B9D85D4-D587-4A45-A46C-D8F95F87E81F}] => (Allow) %ProgramFiles%\pia_manager\pia_manager.exe
FirewallRules: [{EB876300-600A-4B9F-8DA4-856756EC7EED}] => (Allow) %ProgramFiles%\pia_manager
 
\privateinternetaccess.exe
FirewallRules: [{CD530128-FBE0-4599-A77B-AC9C278992D4}] => (Allow) %ProgramFiles%\pia_manager\pia_manager.exe
FirewallRules: [{B66A3EAE-1BB1-40BE-AA78-7F509230BC5C}] => (Allow) %ProgramFiles%\pia_manager
 
\privateinternetaccess.exe
FirewallRules: [{914725A8-9310-4172-90A6-9FF2684C2D18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Morrowind\Morrowind Launcher.exe
FirewallRules: [{D2F68AF1-B4F3-4A3A-8C3F-39FA7E294184}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Morrowind\Morrowind Launcher.exe
FirewallRules: [{0465A618-1646-4733-BDDC-8ED63FA94623}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{A21E6775-3F27-4204-8177-9B19B6205C58}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Skyrim\skse_steam_boot.exe
FirewallRules: [UDP Query User{B5E30494-B301-4B74-A681-33243E7C6A9D}C:\program files (x86)\minecraft\runtime
 
\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin
 
\javaw.exe
FirewallRules: [TCP Query User{40A3AA9D-693D-4A48-AE33-23E9C2ADCA18}C:\program files (x86)\minecraft\runtime
 
\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin
 
\javaw.exe
FirewallRules: [{251DF70C-7415-4389-B0F0-00CCBF9ED12A}] => (Allow) C:\Program Files\Microsoft Office 15\root
 
\Office15\UcMapi.exe
FirewallRules: [{7B82BBA7-53A1-459B-B0DB-9F09B0616196}] => (Allow) C:\Program Files\Microsoft Office 15\root
 
\Office15\Lync.exe
FirewallRules: [{557FA6B3-12B5-4BCE-ACCC-79BE7D017056}] => (Allow) %ProgramFiles%\pia_manager
FirewallRules: [{B0F1A8BF-F3AE-4B90-BB52-A647D7668098}] => (Allow) C:\program files\pia_manager\openvpn.exe
FirewallRules: [{5926E1D8-79BF-485E-B617-9C8A46079B47}] => (Allow) C:\program files\pia_manager\openvpn.exe
FirewallRules: [UDP Query User{D9C24520-0DC6-4733-877D-4AF8F3F70C97}C:\program files\pia_manager\openvpn.exe] 
 
=> (Allow) C:\program files\pia_manager\openvpn.exe
FirewallRules: [TCP Query User{7E8567E2-7B68-49A6-AFEC-D2C7D596FB55}C:\program files\pia_manager\openvpn.exe] 
 
=> (Allow) C:\program files\pia_manager\openvpn.exe
FirewallRules: [{689CFD95-B6B3-45BD-93F6-A925FFAAAEB2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4D91763D-87BC-404E-8D43-971FA1B66D97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BDA468C0-1D6A-4319-8085-EB328902BA1D}] => (Allow) C:\Program Files\Microsoft Office 15\root
 
\Office15\UcMapi.exe
FirewallRules: [{6078D894-7692-42E4-A341-9EBABA5A3F4C}] => (Allow) C:\Program Files\Microsoft Office 15\root
 
\Office15\Lync.exe
FirewallRules: [{4F35435A-2864-4DFF-A1F2-FDABB7E21366}] => (Allow) C:\Program Files\Microsoft Office 15\root
 
\Office15\outlook.exe
FirewallRules: [UDP Query User{F4994A54-69F5-4F3B-B87A-14E31C4F93AC}C:\program files\epic games\4.8\engine
 
\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\dotnet
 
\swarmagent.exe
FirewallRules: [TCP Query User{D1101655-C058-424F-AA56-1B5AD6F3FA7C}C:\program files\epic games\4.8\engine
 
\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\dotnet
 
\swarmagent.exe
FirewallRules: [UDP Query User{D4EC0B55-69E8-4A5C-9F92-B49FDF478574}C:\program files\epic games\4.8\engine
 
\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{11F7C029-262D-4ADA-9335-2C0502B83CC2}C:\program files\epic games\4.8\engine
 
\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{0E00E11A-FC6F-452C-844A-F4FA2455648F}C:\program files\unity\monodevelop\bin
 
\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [TCP Query User{7ABD9079-BB15-46F9-B993-81CE94262A93}C:\program files\unity\monodevelop\bin
 
\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{F13BCE07-A029-4B65-AB99-394BA1174A0D}C:\program files\unity\editor\unity.exe] => 
 
(Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{56D6E516-1C0D-45CC-863C-94E1D03A7DFA}C:\program files\unity\editor\unity.exe] => 
 
(Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{BD3BD8C6-DE95-4799-904D-699D1B2B50FB}C:\program files (x86)\minecraft\runtime
 
\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin
 
\javaw.exe
FirewallRules: [TCP Query User{FB60E9E8-09AD-40BF-9741-5A27EA899BC5}C:\program files (x86)\minecraft\runtime
 
\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin
 
\javaw.exe
FirewallRules: [{BDCAEA99-6314-4F53-9A08-C74438D71D71}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 
 
Bit)\Photoshop.exe
FirewallRules: [{304D728F-8450-45B4-B223-F669374AF7E7}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 
 
Bit)\Bridge.exe
FirewallRules: [{4F1C0B00-3EA9-43F9-85FD-C95EB000204A}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 
 
Bit)\Bridge.exe
FirewallRules: [{35248B8B-0468-4F3B-8B7F-07D48887F81E}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 
 
Bit)\sniffer_gpu.exe
FirewallRules: [{2FA9FE2A-47A0-4593-963D-DCFED39BE8AB}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 
 
Bit)\LogTransport2.exe
FirewallRules: [{8B0515E4-0E49-43B2-BF01-86CE7CBA52B0}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 
 
Bit)\Photoshop.exe
FirewallRules: [{F2CBCE41-B49D-4E47-81BF-CB33C1A41BA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Dear Esther\dearesther.exe
FirewallRules: [{1EB87F30-4AA1-4387-9A1C-D594B356FC51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Dear Esther\dearesther.exe
FirewallRules: [{43BE26E7-965F-4EFD-9D05-EF9E5F005882}] => (Allow) C:\Program Files (x86)\Common Files\Acronis
 
\SyncAgent\syncagentsrv.exe
FirewallRules: [{BB1BE65F-E880-4FF6-8227-B2268548ACF3}] => (Allow) C:\Program Files (x86)\Common Files\Acronis
 
\SyncAgent\syncagentsrv.exe
FirewallRules: [{BCEC217F-4EF7-40D5-93E2-1987C9671215}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Machine for Pigs\Launcher.exe
FirewallRules: [{E1DBBEB6-8AB7-4DB4-B37E-F1BB20F9310B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Machine for Pigs\Launcher.exe
FirewallRules: [{AA0C4311-7C28-41E5-ADF8-257AFBB8978F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Machine for Pigs\aamfp.exe
FirewallRules: [{D614BFF5-2C7D-4756-A4C8-98F8BF20DE85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Machine for Pigs\aamfp.exe
FirewallRules: [{CC5E7AA1-A1D9-4683-A46A-2CBFC0DA5338}] => (Allow) C:\Program Files (x86)\Crazybump
 
\CrazyBump.exe
FirewallRules: [{78DA62EC-9AD7-4C8A-8856-C870591C171E}] => (Allow) C:\Program Files (x86)\Crazybump
 
\CrazyBump.exe
FirewallRules: [{70BC060B-FAA7-4814-AF0A-1979E3BF68FA}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{CFC16692-2CCD-4EE0-A203-88B536979279}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win64\UDK.exe
FirewallRules: [{D756C30A-7DC0-40B9-B4E0-E27B97B9ACA9}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win64\UDK.exe
FirewallRules: [{BD0F74E9-033F-41D6-99B1-EA009D003A05}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win32\UDK.exe
FirewallRules: [{6F33C7AF-E299-4E25-B864-6CEDFDC941E7}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win32\UDK.exe
FirewallRules: [{56AF8189-48C8-474A-BE17-1C756CDF0C4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{C0C17CE3-CF5D-488A-982A-67A5B012D068}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{B6CB86F2-75B2-48EB-8516-5504475D41D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\left 4 dead\bin\SDKLauncher.exe
FirewallRules: [{A488BE73-CE02-4B06-8835-6B54A55133B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\left 4 dead\bin\SDKLauncher.exe
FirewallRules: [{8C369261-2C9E-4AC6-96D3-74DF7904DB5A}] => (Allow) LPort=1900
FirewallRules: [{5BE45551-2216-46BE-B0D4-AB084ABF6B5E}] => (Allow) LPort=2869
FirewallRules: [{6C4B18EA-1923-4CE3-9816-38A32670250A}] => (Allow) C:\Program Files (x86)\Windows Live
 
\Contacts\wlcomm.exe
FirewallRules: [{FA5672C5-79CA-4238-8542-B535C9C04AA3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9E1EF846-D980-44D5-B064-9DEFBC386BF0}] => (Allow) C:\Program Files (x86)\Samsung\Samsung 
 
Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{8905A171-F954-4A06-8B10-A14EA7B23B55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [{998B5B86-6CD5-4237-A747-7E9B23370B7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [{1D032D33-B665-477B-B36D-9697627C0BFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Penumbra Black Plague\redist\Penumbra.exe
FirewallRules: [{F2C538D2-CDCB-4AA7-AC77-FF12EF32F3CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Penumbra Black Plague\redist\Penumbra.exe
FirewallRules: [{01B94D6C-BAB3-4CB6-A725-7963319B4E08}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\team fortress 2\hl2.exe
FirewallRules: [{5DF3193C-079D-4FBE-BDE9-9ED23CD96D21}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\team fortress 2\hl2.exe
FirewallRules: [{17A91EFC-AB92-4C4C-A03E-5861C19AB7B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Source SDK Base\hl2.exe
FirewallRules: [{4A5E98D2-427F-42AE-A5F5-084EB39EB9C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Source SDK Base\hl2.exe
FirewallRules: [{391658E2-5D00-48ED-9795-CE0435B6584B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\GarrysMod\hl2.exe
FirewallRules: [{439846EA-C718-47AA-9E58-8FA7093FC2E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\GarrysMod\hl2.exe
FirewallRules: [{6337E307-76D3-4D5E-BB42-AE9A424AED3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{C7B75A24-3A3B-4308-8CEF-EEB2541E7572}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{5CCED517-F47C-4127-B375-420F798744E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{BF9069EB-D6C3-4A0E-B432-4E246497E4EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{82A10E02-EECD-4CBF-959F-0BBDFAA80CBA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Half-Life\hl.exe
FirewallRules: [{B75AB411-522D-47C0-B206-6775A3C76913}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Half-Life\hl.exe
FirewallRules: [{365CF0E7-335E-497B-A6C2-9D0EF37E592F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Half-Life SDK\Hammer Editor\hammer.exe
FirewallRules: [{E7EA8D79-286C-41BB-823E-E1FB770461A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Half-Life SDK\Hammer Editor\hammer.exe
FirewallRules: [{0A05A12F-340B-4C99-8B02-E92ACE1681C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\rust\rust.exe
FirewallRules: [{6D4F103A-84B2-47FE-9C68-711D8069466A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\rust\rust.exe
FirewallRules: [{97BA6D3B-7F24-4BAF-86B0-56F154B4E62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\rust\rust.exe
FirewallRules: [{189AA99C-29B4-4787-BA4F-49038D0CD82C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\rust\rust.exe
FirewallRules: [{F4A1B8F6-5963-49F1-850A-64E9A6030020}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\rust\rust.exe
FirewallRules: [{14A3AE91-D91B-49E1-BD78-1BCAE910B511}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\rust\rust.exe
FirewallRules: [{1FF26D7B-6C36-44E2-B2AF-FBD98F3A1A68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7192F61F-A591-4E6F-87B9-3F3B1BE59F65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5BBADA0D-7A50-4B8A-BC75-5C28ED8002AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BF036E11-8E7F-4FC6-843B-FE13044BF492}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B6080E87-9741-4AB6-85B7-7EF9B69D0E09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E1B16B81-9E24-4DB7-B67B-2950CA0DA710}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{56FFB7E7-4121-47CC-9A22-DB02C79800C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{99D685FA-9458-4285-8048-802DD0CEB253}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F6CD971B-C6D3-4E6A-AB53-2BCFAB125A35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A29D69EE-9F74-45BB-9FBC-CBB8ED1BA890}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{6E5B2C30-AAD4-4339-9887-DCFB64B1B9B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ABFA9C35-5EC3-40A4-861F-82FC1B5C0FBC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A2FF888B-45F5-46B6-9374-104FB370FB0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{6A52E697-7BDE-4EEC-AE16-7FA55BA3741E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{2F8D325A-ED64-440C-96BA-040B56A04E56}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{679FE4AF-76D1-4B96-8216-401D8D646440}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{77A1F528-C305-47C4-9EE8-FADA0899565B}C:\program files (x86)\steam\steam.exe] => 
 
(Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{9A677C8A-4E4B-4317-BAE0-7D62A12D3F15}C:\program files (x86)\steam\steam.exe] => 
 
(Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{C1258AE8-D306-4DF3-BF51-C9FFEE03A10B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Machine for Pigs\Launcher.exe
FirewallRules: [{B027A9F6-42CA-4757-B11C-3DFAD7B15B6C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Machine for Pigs\Launcher.exe
FirewallRules: [{8A717357-2916-4FB5-8C6B-26CDD6F9D087}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Machine for Pigs\aamfp.exe
FirewallRules: [{46FB3D3E-161E-46FC-B87A-5A76394739F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Machine for Pigs\aamfp.exe
FirewallRules: [UDP Query User{91331AFE-DC3D-4181-8407-FFFEF8BAD75A}C:\users\JohnDoe\appdata\roaming\utorrent
 
\utorrent.exe] => (Allow) C:\users\JohnDoe\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F126D196-4670-4756-9A49-1ACED4807FAC}C:\users\JohnDoe\appdata\roaming\utorrent
 
\utorrent.exe] => (Allow) C:\users\JohnDoe\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{6851E29B-4CED-4178-B2B4-C50CAD1DA965}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6A1B49D5-57F7-477B-BBBF-E94F3CBB314E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8577D211-94C7-445D-B102-4CC929B62453}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Bigscreen\Bigscreen_Data\Bigscreen\win64\Bigscreen.exe
FirewallRules: [{EA344CE9-FC11-4172-9D95-7EA505E7D375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Bigscreen\Bigscreen_Data\Bigscreen\win64\Bigscreen.exe
FirewallRules: [{D245C990-B511-4EB7-8DEF-0ABDDD285683}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2352082C-7BA2-4E5C-9602-B76CF40E1F67}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A7F66000-F97A-4487-AE3E-C74AF3BCA34F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA93DE08-08B7-49FF-B45C-1E56103C29F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{89608FAE-303D-4EB4-AA4A-1B7EF91B1385}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F39ACEC1-7F1E-4F51-B074-5C99CAB3C4BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BC36DD12-CAD9-4E29-A76B-4408E4CFBE9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6810EB91-A85A-43B1-9792-49A03464F634}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5A356A8C-54B2-4CF2-9761-895D399FBA78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8FE699A1-CC04-40AF-AB8D-1EF2BEE8AF67}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6473884F-B43E-462E-ADFF-EE1C0FA873F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{31B169E8-D8D3-4BA2-884B-796974DA8345}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{310462CE-870A-41DD-9DFD-20E092554186}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A09E818E-880B-4471-AB74-7F6F3DF33F25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9A16DE88-D587-46E5-BAE1-6CCD178A79F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6B74A00C-6984-4347-9B35-E1A6484CC026}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6DE9E0EE-5297-4536-AF2F-DA6D1388D14A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3C985F21-214E-4329-8135-B230B771CBB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E51D949F-B77D-4B4A-A3ED-1DB0D8B80E8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D7038E8F-2AB5-4568-8CC0-E487DFC4FE50}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{45381F00-51ED-48E7-B197-67A3FED0C0E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3331AE6D-DFC1-42D3-B24F-AD6BC217E9A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{89238998-161F-4BA7-8F28-34D61B0E7AA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9D31D3D7-B755-4104-BB39-F4ED796C4DB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C0CCBE55-0080-43AB-B52A-CE18CDC34FE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C8F229C2-5800-44C3-A584-3F00A449429C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{6AC8E5E5-0448-45A3-96A8-4004A36B416F}C:\program files (x86)\dearmob\5kplayer
 
\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe
FirewallRules: [UDP Query User{E427C6FA-5FC1-44FD-85B0-CB43A01CED92}C:\program files (x86)\dearmob\5kplayer
 
\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe
FirewallRules: [{E07D0991-7B06-437D-BA37-ADEC7371B7F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DF3B090F-AE9C-4666-9413-5BAE516BAF18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{97DB912B-A616-4180-B18C-D090E4D1EB8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{197AE5FD-D8F2-4887-8134-F6D7AA9EEC6C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7A5FC420-46BA-4F82-B923-2017DC25DD3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{35BAE388-A4E3-48C5-B80D-2866A0BD403D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F38EBDB9-B28C-42E7-AB84-E2CEB8364378}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{D969E3CE-7B6C-4DB4-A39E-384479D58877}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [TCP Query User{14F286DF-EB2D-46BB-9450-01A61EC91468}C:\program files\java\jre1.8.0_51\bin
 
\java.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\java.exe
FirewallRules: [UDP Query User{BAF747F1-449C-4811-A989-1A8F8D44A5FB}C:\program files\java\jre1.8.0_51\bin
 
\java.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\java.exe
FirewallRules: [{9B5EA3DB-8A1C-4BBC-AE4C-516EA4031043}] => (Block) C:\program files\java\jre1.8.0_51\bin
 
\java.exe
FirewallRules: [{01090D46-F62D-4303-B9E5-938FF76B3C44}] => (Block) C:\program files\java\jre1.8.0_51\bin
 
\java.exe
FirewallRules: [{EBA1F5DD-6F59-4DB4-AEAC-1CA9F17ED3E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{46E3BC1E-09A0-4EA9-A1A9-36200478C9C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{19EFA63D-3559-4814-B1DD-15449D2A8974}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{63586D1F-9657-4591-B56C-7AD2BDC8B474}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{91CF096F-B4CA-4A22-91DE-27210865081F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{432BF075-8886-4D6E-92A4-3B973A17A9D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FB8FDAED-D7C0-4D99-8EDE-3B8C9774A2FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{89564C33-0558-4FFE-88A9-7EEF9CB3C141}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9DC9AD5B-B134-4283-997F-47382AA74189}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{19914B29-4A43-4650-B88F-88DD1D86D97F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1D34DE84-1F26-490F-BABE-137ED7A0A1A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9ED6880B-04FB-4E3D-9001-70E87B046FD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3D129460-97B1-4FBD-8383-E9C245713CC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0AB58EC6-1B9C-4585-8233-087E8851A54C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FCB2A20E-799F-4AB1-9AB1-620FA84356ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{03E43FBA-EC84-4C22-BD73-CC1F77E00DE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C3BC89C5-2D9F-402B-93E9-294C3B0BC9E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C714E824-9BF6-4DE0-87C7-2290E7198067}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CA19EB25-71AB-4262-812B-B0812E6F4CEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BAE2A2EF-F936-4C89-987F-FC9BE942E522}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AFF11262-B606-4B80-80BD-3FE6C5B095F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AB49C8A-954B-4622-914A-BF96039BA046}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{832EA048-0277-43E3-B9FA-81E13FDE3BDA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E934A329-326F-4009-9C0B-58E68EC0A248}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{73E8F931-26A4-4E1F-98FE-5835493FE656}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2FA56D4A-DCC0-4620-9C21-77053B06BB70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{427DECFB-F758-4FF1-AD23-ED4A1F2592D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FC567421-FC77-4D2A-884A-5B850FB40FE6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E955E5BE-CA38-4345-9FD0-E2829CFFE0E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{71FA7563-269E-49E9-A574-CE765E5623DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{412FB76D-9FE0-4EE4-9654-D90DBCF1F8FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1417E540-990A-4249-A78C-957B5D61C047}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CCECC6EE-AA04-46E4-A7B6-5E183D52C860}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6C3343E6-27D3-451D-89BF-4062F2D83557}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0DC20C22-3D6F-4B0E-8EB3-0F4830C7E991}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5DD6DEA8-8D04-4C50-B84D-5243F4CC50A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EF88E3F1-8982-40A8-9262-31D2D42924FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5733C5D5-8F05-4C45-ADCD-E288184FD9D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{05FE21D2-FE4E-490C-A7DF-5C7821DE4680}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{23AE89FC-1122-4621-AE0D-2538E6B58C3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CDACAA4F-E9E5-432F-A4DB-0C19E7E5A37E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D31A4718-88C6-44DD-A94A-6C9877153FAB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D6185D9B-14D2-46A6-BCE9-EE87C48F2130}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EEFD1C3F-A753-4E91-8310-CC688A6C7610}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{576D2051-F324-4212-A363-237D3F51AB41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5866985D-2A12-4B6C-A0F1-E8644FC1FC91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{069997FD-A755-440C-AE17-BF9393580E40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C38C385F-EA6B-4AB1-A211-92AEF89EF9D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3925D0C6-7756-405F-BD92-20D720B2735E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{565860AF-A84E-46C4-91A7-B18F4A8E840B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6C096AB2-B689-48D0-A401-DF636F46C90A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Zen Bound 2\ZenBound2.exe
FirewallRules: [{2800AF51-77DF-4675-AFAE-DD04FB48BFF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Zen Bound 2\ZenBound2.exe
FirewallRules: [{EFA31CCC-04BD-4FCD-AFB0-BB06B5148E14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Cortex Command\Cortex Command.exe
FirewallRules: [{3FD5A9E1-77AB-435C-8C8E-6B1667DAA5B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Cortex Command\Cortex Command.exe
FirewallRules: [{02422E61-0025-4641-B1ED-072656C08F54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{1D9FB4B2-DB68-429B-891F-232E80B5B829}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{43772756-F942-4139-930D-229C12BCAEB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5FF900DC-81B2-48AD-B23B-0B5DCA19C471}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{640065B5-2295-4138-96E2-4B101A92D1DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{981DA163-C751-4946-9790-FDB51CCFF860}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{F4B2C88B-BC8E-4AC2-B6E2-5CA71BAB0A3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C136E98E-4828-495D-AD23-C7A1F9073B6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BF608A45-E705-4E4B-B16A-80D29EBFA52A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DF4E394B-1880-45ED-8053-2AE59832132D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EB7B7EFE-D6AE-44BA-A657-C72DD195D2E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D6492530-D995-44A3-8704-82ADE07EB2B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{79AF9884-BFA2-46F8-8DEC-B704AA0070BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{542E6284-4CB6-4563-9400-39CFD30C79CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BF698A63-E387-467B-92A9-6281715BEE93}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D64E53CF-71B9-4290-9DE1-0999BAE0389B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1D728E68-E85E-41DC-B8AD-D199D9895E94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E576337B-1D73-4502-8B2D-EBF5EB0DF769}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{623CFFC1-AE84-4615-B448-D9AC1D1D3F22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5DF44BFB-6A7D-47EF-96E3-0F9FF7DF7610}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{825933C6-259B-4786-B4AB-DDFEB0AEEFD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{65C82595-796A-45F6-9ADA-C60D6031CFFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4EBE22F9-D8A1-465E-BD1F-DE33A0799B5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{492826FD-B8D9-4B1D-A4CA-F9E0355D094E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0BF6A407-640D-4373-A826-39AF9389A922}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{77C392DC-EAE5-4127-8FFF-F8A5C953F369}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{7B276A94-FB50-48F6-B292-9FC51776B9B2}C:\users\JohnDoe\appdata\local\skypeplugin
 
\pluginhost.exe] => (Allow) C:\users\JohnDoe\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [UDP Query User{1EB6DD75-412A-4FFE-8682-AAB07DDF629E}C:\users\JohnDoe\appdata\local\skypeplugin
 
\pluginhost.exe] => (Allow) C:\users\JohnDoe\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [{B3E16C66-8057-4F43-BB7D-B6C6E14234CB}] => (Block) C:\users\JohnDoe\appdata\local\skypeplugin
 
\pluginhost.exe
FirewallRules: [{7D55988B-71A5-461E-B315-E09AF86B9501}] => (Block) C:\users\JohnDoe\appdata\local\skypeplugin
 
\pluginhost.exe
FirewallRules: [{F8208DB3-B161-4BA9-8A7F-16630E61C34B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F63F8DF5-C01D-4FAF-8F27-510DBF54CB19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{15D84A01-F110-4FDC-8B4B-084F74B60A20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B04D8C0D-AE14-4A7B-A5F6-A7EBA848F0CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7BABF8C7-1591-4E6D-8304-B8671454F32C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [{E52AC7D1-78D0-4C4B-95A2-BB5FEB018DC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [{0486B8D6-FA3F-413F-B65B-B13B7D4DD0B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{41F34609-39D8-4379-975E-83B2FEEA483A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{65F85B7B-5E0A-4A34-BA8A-8F9DF9379F6A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BAA3C76E-5912-40A4-B5EF-8447C22377AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6B3ED6D8-16E4-4286-AE70-9C355169A9E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EB58486A-41EF-42A9-96D8-4274C4DFF89D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C45C4B25-60DF-45AE-A5DB-8DD50AE4CA5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{19E27A4B-39F8-4005-A278-1F8CCB56EE3F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{507958FD-98C8-4FE3-8F93-657E400FDBCB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{54A41E38-A54E-4B32-855F-BEB3D136F096}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BE9B0D5E-3A07-4512-B2CC-4F24CBA568B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5485B733-5164-4538-910B-3BEE4C65D8A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{77AB9DE0-B3A4-43F4-9F80-4F3ABCC9FD14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Triennale Game Collection\TGC.exe
FirewallRules: [{676A7CDA-A46A-4496-92D7-F68FFC49F41A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Triennale Game Collection\TGC.exe
FirewallRules: [{C235C184-5A94-42BF-9E85-14EE77224B78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7EC2B399-65D5-4B73-AD68-E595BFF30B5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{510AF94E-A9A6-4A81-8ADD-42F189A77F53}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AE483A94-2D4F-4F54-8AF3-C4D5FA933903}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{87C50B97-179B-4167-B01A-432D556C9A36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E99827AF-1101-4E88-9165-507B1BEF9811}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{254A6799-03FB-404C-8940-063A42089224}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{FC3B87D6-A7D2-422F-BC70-C41EEFAF7D01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{167A9F00-3909-4C4D-AD34-AABAC3B12513}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{E4BD7796-64EB-4297-BDC1-F65A820AEA23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{E16C27F7-C59A-4EDB-B43F-8043B12AF54E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DFBA6168-F6EF-47E7-A58A-3A042151A66E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4C92C5CA-63DE-4A90-B4D2-9E7F7F5776D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA8E79E3-98EA-4F6A-AAF0-49B82DF5EC65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A417CF6B-07C2-4525-80E4-A6C7363879D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7B3FAC41-BF51-4279-A173-3E19790BA3C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3B47F452-87B4-4A4D-8984-3B5A20A52DFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7A1AFFB4-6342-408E-9662-78355A0DE6B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{15B3E56E-14DE-4026-9328-C807880A2C66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{606F94DF-9D74-44EF-AECC-73512F25B10C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1DB90217-2232-4FCF-9359-467C14C16327}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1C73ECC3-7383-462A-A3DC-771D654CA657}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B416E276-6AF4-4B77-8950-F03E4725948A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{315762FD-A671-4774-96EE-18446A82785C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{50E779EE-EC1D-4A4F-9C74-4A87C79FEAC8}C:\program files (x86)\deluge\deluge.exe] 
 
=> (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{7F8EDFFF-DD3B-44B8-A785-1EBE80B9E50E}C:\program files (x86)\deluge\deluge.exe] 
 
=> (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{E69DE465-861D-41EB-A63E-A86ABA70F293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{916F46A2-FAAE-4E01-A23E-57D66C21D8E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4AC4A855-5540-47DF-A7D5-FDA21823C7D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7A91B659-E7CF-4D1D-9E91-23E9E2000572}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2644EFC1-6167-454F-BB9A-30D75036F400}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C62FA5BC-EEED-4BD3-9AA4-03CB555FB11E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3422CCD2-01C2-4CFB-B827-FA954DEA2AE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9B967771-AAC4-41BE-8D4D-B65CFEC3BBFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DAB6C0DC-12D6-464F-B68C-9782EA4885B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5E4624F1-98C2-49EF-BA69-B2E9843704A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EAA30354-F07F-426A-9B2C-F8115F9314E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{56142DD9-BC39-45B3-91B6-9E6213D053BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7C263FBD-34B2-48A0-AEC3-92105F755173}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{99DCE7D5-BF18-467E-87AC-5FCD2DCAEDEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{78F62FD9-0796-4556-BC1C-933E47B11F2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7AC1DA79-3137-4001-8496-DC4E0DDE858A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A431190B-8412-4131-AE4C-4EB2FEAF1C97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{74418ACE-0D30-4D41-975C-E9BD60981C50}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AF62C180-0082-422C-BE04-646F804B15BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9DF0E91F-7AC6-441E-A109-3E01B399EFA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E516132C-40AB-4F01-9B81-D6AF9183E5E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{305B42DD-E1E5-4071-A2B7-69EF76452D79}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3F68097E-D5E7-4D27-98BF-45AB5B62A4C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{98343C88-E0C2-4B71-9CA3-A51E88FA7C55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{44CA5BFF-1EF0-4CAF-8242-57555D24441D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{9B682D37-DA92-4476-850F-D763F46D9BD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{2A148A49-C05F-492B-A0E5-8B034E502076}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3284D81D-5513-4551-9A77-968E7043F7A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01CF588F-84B1-4752-9C3D-5FF58E488E3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C673C64A-D1ED-4A0E-A4D0-B471183EE2A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{739F6C2D-AEF8-48C6-820C-613BE741703F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DC306C33-ECD2-4ECD-A001-26FFD865F636}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{29B3AD49-D643-4AC8-ABD8-B6D0CED2B441}C:\program files (x86)\soulseekqt
 
\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{0D679011-82BD-4F1E-B04C-97C0DDB1D934}C:\program files (x86)\soulseekqt
 
\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [{255E9145-EE3E-495E-B151-EFA65214E29E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7C89B1F5-CC4A-4F1B-BA02-D90E0B0EE52A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F1EB676A-7D30-4141-AA44-9D7059BB6928}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D9576BED-234D-4668-8495-B4DC5A837198}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CD0F42FD-88A3-49EB-94F4-13BC5406DDC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6968A33F-1EA2-421A-ACEE-4BBAABC6DDB8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A1F3BC9B-DFB9-4656-96CC-CBE6F0E67009}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1645735C-278C-4F8B-A430-8702193853BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{911AEA59-0961-4F08-A979-822F997BA7AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{09921F80-DFF8-4D97-A551-6C3D4F7A5CC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B40E7FD4-0927-48B0-BC17-DD9BFDA2B68B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{98DDC664-3564-478F-8DD0-289C58AAE70D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{43B87E0A-CFE5-4266-AD6A-6B09F1591C38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{76244D35-2524-462F-86D7-E013948C4316}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{83363C42-8C47-44D6-8412-84AF0C7CBEBA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1F4F6EE-2873-4B5C-AE8F-9666BF98CA1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2ABB588A-749D-4FA0-A6F8-E511FFD502F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{793EC73F-D8C3-477C-B8F8-81F93B14E99D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{1E9FAE70-7B73-4467-9F42-B5C1CF2DE7F8}C:\program files (x86)\overwatch
 
\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{A438AD74-1F12-4BB8-BC30-0A01E7E937D6}C:\program files (x86)\overwatch
 
\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{7EF1D59D-501B-4B6C-BADC-283A849AA655}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8C0EE9FA-11A0-4774-B16C-ECA5215AF15C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7456922B-CF5D-4D2E-A257-0F1056DBEC51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{FDB0C458-052B-4969-A633-AC774C4719B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{999587AA-D171-4756-B871-EB30050F54EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Portal\hl2.exe
FirewallRules: [{E53C5683-F0A0-4380-9952-9F6B13C96E37}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Portal\hl2.exe
FirewallRules: [{3DE45635-9A1F-4949-B55F-35B168040C49}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [{8D850CB9-C0D9-430D-849B-A3FF4D66DAEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [{E3A522E8-9DB3-4841-8F7B-1FCDD58F8BEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Torchlight\Torchlight.exe
FirewallRules: [{BBFE475D-C672-48B5-B39B-D790E9F63F3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Torchlight\Torchlight.exe
FirewallRules: [{74A4F7C7-B64A-4D41-8D4F-0CEFBA921523}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Overcooked\Overcooked.exe
FirewallRules: [{C86FFC09-13FC-412E-90BC-AA4059446FE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Overcooked\Overcooked.exe
FirewallRules: [{A2B400F0-951F-42C2-926C-078ABB37638C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Torchlight II\ModLauncher.exe
FirewallRules: [{8E41CDAD-9230-4026-A838-96D0EF8EFF13}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Torchlight II\ModLauncher.exe
FirewallRules: [TCP Query User{26F84D69-04FB-4401-8E81-A1E5A35C4320}C:\program files (x86)\steam\steamapps
 
\common\torchlight ii\torchlight2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\torchlight ii
 
\torchlight2.exe
FirewallRules: [UDP Query User{D876B31E-C18D-4377-8810-08FEF73E5C70}C:\program files (x86)\steam\steamapps
 
\common\torchlight ii\torchlight2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\torchlight ii
 
\torchlight2.exe
FirewallRules: [{5C1B1890-8B2D-4BD5-B6B5-BE97AAC38F49}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{8E4923C5-F189-42FD-BBAE-65DFE3AEFB19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{DFC0B403-FD85-46CE-BC73-D84EFC12825D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\SS2\SS2.exe
FirewallRules: [{C7FF41ED-9D63-413F-A84B-210735A4AE49}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\SS2\SS2.exe
FirewallRules: [{7F04A63A-7FCD-48F7-8E9D-A59A34FDF58A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{54A4D2AF-7DFA-4F45-AAA9-DA918593486C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{4289BEF5-E30E-4FBE-BDF5-26DEF9F1312D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{2FDE973B-A82F-4771-85FC-C0443078B991}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{0BD12F7B-5679-4762-ACDF-8EF0BB347489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{050892EF-F145-4DE0-B64D-1725B440D7C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{127D96F1-B23E-4B56-A2E1-740977401BB5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{CCD87D99-7A79-4B0A-B6AE-A8D5E5C9085D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{052DE6E9-EB97-4948-A138-22C80CA858D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{B4ABE65D-FCF9-42D9-BB47-AF5B2807936C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{B98F4CB2-0DF5-4F32-B06B-ED6134A77573}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9B77AFFC-BFA0-451A-846B-A3931E54CB10}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{56638887-1DF3-442E-8860-010B98F032C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A2B413A8-F55D-4A6C-8535-8B283AD64668}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7AD2574A-84F1-489C-87F6-814630659005}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CD97A7CC-67AC-4C84-9FEB-D8A6ECD3C7EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9B67E367-AECF-42E0-918B-13946F4408B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C627F552-1792-4A32-9A88-33D25E70D4CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5AD70824-6505-4112-8ECF-7D623854179B}] => (Allow) C:\Program Files (x86)\Google\Chrome
 
\Application\chrome.exe
FirewallRules: [TCP Query User{ACC3414A-5267-457C-BAFF-DC83C6D319A5}C:\users\JohnDoe\downloads
 
\sdi_r1793\sdi_x64_r1793.exe] => (Allow) C:\users\JohnDoe\downloads\sdi_r1793\sdi_x64_r1793.exe
FirewallRules: [UDP Query User{029153E8-27F2-426E-8ACC-FE2033EDC1C1}C:\users\JohnDoe\downloads
 
\sdi_r1793\sdi_x64_r1793.exe] => (Allow) C:\users\JohnDoe\downloads\sdi_r1793\sdi_x64_r1793.exe
FirewallRules: [{AAB09494-CFA2-4DF4-A79C-F9EB1ED11A15}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{56E4EC1F-901A-496C-B2E4-E0BAD48CE131}] => (Allow) C:\Program Files (x86)\Steam\SteamApps
 
\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DF7E6CD0-4F78-4108-B309-19D51DC28650}] => (Allow) C:\Program Files (x86)\Plex\Plex Media 
 
Server\Plex Media Server.exe
FirewallRules: [{77554E9E-5ECA-4452-96FB-970A36A7D118}] => (Allow) C:\Program Files (x86)\Plex\Plex Media 
 
Server\PlexScriptHost.exe
FirewallRules: [{A71A6284-597F-49F5-9EF9-1EC5182D547B}] => (Allow) C:\Program Files (x86)\Plex\Plex Media 
 
Server\Plex DLNA Server.exe
FirewallRules: [{867D1BE5-EFE4-454D-9B1C-2DD34F2CFF49}] => (Allow) C:\Program Files (x86)\Plex\Plex Media 
 
Server\Plex Tuner Service.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\TriDef\TriDef\TriDefMediaPlayer
 
\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player
 
==================== Restore Points =========================
 
05-11-2017 16:40:04 Scheduled Checkpoint
11-11-2017 08:10:46 Removed Java 7 Update 67
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/11/2017 10:05:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANDROID-
 
MC3IPDQ)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 
 
See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/11/2017 08:29:05 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data 
 
section contains the Windows error code.
 
Error: (11/11/2017 08:29:03 AM) (Source: Perflib) (EventID: 1017) (User: )
Description: Disabled performance counter data collection from the "ASP.NET_64_2.0.50727" service because the 
 
performance counter library for that service has generated one or more errors. The errors that forced this 
 
action have been written to the application event log. Correct the errors before enabling the performance 
 
counters for this service.
 
Error: (11/11/2017 08:29:03 AM) (Source: Perflib) (EventID: 1022) (User: )
Description: Windows cannot open the 64-bit extensible counter DLL ASP.NET_64_2.0.50727 in a 32-bit 
 
environment. Contact the file vendor to obtain a 32-bit version. Alternatively if you are running a 64-bit 
 
native environment, you can open the 64-bit extensible counter DLL by using the 64-bit version of Performance 
 
Monitor. To use this tool, open the Windows folder, open the System32 folder, and then start Perfmon.exe.
 
Error: (11/11/2017 08:25:20 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: ANDROID-
 
MC3IPDQ)
Description: Application or service 'Autodesk Content Service' could not be restarted.
 
Error: (11/11/2017 08:11:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System 
 
Error:
Access is denied.
.
 
Error: (11/11/2017 12:26:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANDROID-
 
MC3IPDQ)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 
 
See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/11/2017 12:26:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANDROID-
 
MC3IPDQ)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 
 
See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/09/2017 10:51:05 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the 
 
error <30, 0x80040d07, "iehistory://{S-1-5-21-2118853541-1488753588-3094647493-1000}/">.
 
Error: (11/07/2017 07:06:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ANDROID-
 
MC3IPDQ)
Description: Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated 
 
because it took too long to suspend.
 
 
System errors:
=============
Error: (11/11/2017 11:31:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Plex Update Service service terminated unexpectedly.  It has done this 1 time(s).  The 
 
following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (11/11/2017 10:30:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM 
 
Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the 
 
application container Unavailable SID (Unavailable). This security permission can be modified using the 
 
Component Services administrative tool.
 
Error: (11/11/2017 10:07:09 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT 
 
AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
 
Error: (11/11/2017 10:07:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which 
 
failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated 
 
with it.
 
Error: (11/11/2017 10:05:38 AM) (Source: DCOM) (EventID: 10010) (User: ANDROID-MC3IPDQ)
Description: The server CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca did not register with DCOM within 
 
the required timeout.
 
Error: (11/11/2017 10:05:37 AM) (Source: DCOM) (EventID: 10010) (User: ANDROID-MC3IPDQ)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required 
 
timeout.
 
Error: (11/11/2017 10:05:37 AM) (Source: DCOM) (EventID: 10010) (User: ANDROID-MC3IPDQ)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required 
 
timeout.
 
Error: (11/11/2017 10:05:37 AM) (Source: DCOM) (EventID: 10010) (User: ANDROID-MC3IPDQ)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required 
 
timeout.
 
Error: (11/11/2017 10:05:37 AM) (Source: DCOM) (EventID: 10010) (User: ANDROID-MC3IPDQ)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required 
 
timeout.
 
Error: (11/11/2017 10:05:37 AM) (Source: DCOM) (EventID: 10010) (User: ANDROID-MC3IPDQ)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required 
 
timeout.
 
 
CodeIntegrity:
===================================
  Date: 2017-10-18 20:13:39.660
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET
 
\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC
 
\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft 
 
signing level requirements.
 
  Date: 2017-10-18 20:13:39.588
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET
 
\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB
 
\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-18 20:13:39.540
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET
 
\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC
 
\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-18 20:13:39.454
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET
 
\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC
 
\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft 
 
signing level requirements.
 
  Date: 2017-10-18 20:13:39.313
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET
 
\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB
 
\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-18 20:13:39.181
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET
 
\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC
 
\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-18 20:13:35.417
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET
 
\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole
 
\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-18 20:13:32.129
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET
 
\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole
 
\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-10-03 06:55:31.303
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET
 
\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC
 
\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft 
 
signing level requirements.
 
  Date: 2017-10-03 06:55:31.199
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET
 
\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB
 
\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD Phenom™ II X4 955 Processor
Percentage of memory in use: 43%
Total physical RAM: 8189.24 MB
Available physical RAM: 4626.84 MB
Total Virtual: 20472.24 MB
Available Virtual: 16603.79 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:930.97 GB) (Free:189.77 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AEAA2C87)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
==================== End of Addition.txt ============================
 
~~~
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-11-2017
Ran by JohnDoe (administrator) on ANDROID-MC3IPDQ (11-11-2017 11:46:49)
Running from C:\Users\JohnDoe\Desktop
Loaded Profiles: JohnDoe (Available Profiles: JohnDoe & Visitor & DefaultAppPool)
Platform: Windows 10 Pro 10240.17354 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...ial-how-to-use-
 
farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(f.lux Software LLC) C:\Users\JohnDoe\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(hxxp://www.ruby-lang.org/) C:\Users\JohnDoe\AppData\Local\Temp\ocr3701.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(hxxp://www.ruby-lang.org/) C:\Users\JohnDoe\AppData\Local\Temp\ocrCF88.tmp\bin\rubyw.exe
(The NWJS Community) C:\Program Files\pia_manager\pia_tray_bin\nw-win\pia_nw.exe
(The NWJS Community) C:\Program Files\pia_manager\pia_tray_bin\nw-win\pia_nw.exe
(The NWJS Community) C:\Program Files\pia_manager\pia_tray_bin\nw-win\pia_nw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
(Plex) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file 
 
will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-12] (Realtek 
 
Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] 
 
(Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA
 
\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe 
 
[767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Run: [f.lux] => C:\Users\JohnDoe\AppData\Local
 
\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program 
 
Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex
 
\Plex Media Server\Plex Media Server.exe [15842280 2017-11-06] (Plex, Inc.)
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS
 
\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [1280000 2017-07-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\MountPoints2: D - "D:\setup\autorun.exe" 
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media 
 
Server.exe [15842280 2017-11-06] (Plex, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{09c7a648-8223-45eb-bd0d-35af2ede0422}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{4f1c6091-4e81-436c-b5c8-a0d8e1805d09}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{591e90c2-32c8-420e-94d4-28b956bcd8d5}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{c37a50aa-f7ab-4830-b36f-6aef28eb3c0a}: [DhcpNameServer] 192.168.0.1 0.0.0.0
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\Software\Microsoft\Internet Explorer\Main,Start Page 
 
Redirect Cache = hxxp://ca.msn.com/?ocid=iehp
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft 
 
Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-09-05] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass
 
\LPToolbar_x64.dll [2016-01-15] (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft 
 
Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2017-09-05] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files
 
\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-09-05] (Microsoft 
 
Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files
 
\Microsoft Office 15\root\Office15\OCHelper.dll [2017-08-15] (Microsoft Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass
 
\LPToolbar.dll [2016-01-15] (LastPass)
BHO-x32: No Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files
 
\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-09-05] (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass
 
\LPToolbar_x64.dll [2016-01-15] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files 
 
(x86)\LastPass\LPToolbar.dll [2016-01-15] (LastPass)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root
 
\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\JohnDoe\AppData\Roaming\Mozilla\Firefox\Profiles\88xq2klu.default [2017-11-09]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\88xq2klu.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\88xq2klu.default -> 
 
hxxps://www.malwarebytes.org/restorebrowser/_ir_16_02&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dca%26pa
 
%3DWincy%26cd
 
%3D2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0B0C0C0F0D0EtAyCyBtCtN0D0Tzu0StCyEyByEtN1L2XzutAtFtCyBtFtBtFtDtN1L1Czu1BtBtN1L1G
 
1B1V1N2Y1L1Qzu2SyBtByCzyyDyD0CyBtGtD0AzyzztG0AtAzztDtGyB0C0AyCtGtCyEyDtByE0CyDtCtAtCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qz
 
u2SzytCyDyE0AzyzyyBtGyE0DyEzztGyE0EtDtBtG0BzytBzztGyCtDyDyB0EyCzytCyE0DyCyE2QtN0A0LzutB%26cr%3D595026009%26a
 
%3Dwncy_ir_16_02%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> backup.ftp", "118.97.30.165"
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> backup.ftp_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> backup.socks", "118.97.30.165"
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> backup.socks_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> backup.ssl", "118.97.30.165"
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> backup.ssl_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> ftp", "140.0.237.238 "
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> ftp_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> http", "140.0.237.238 "
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> http_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> share_proxy_settings", true
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> socks", "140.0.237.238 "
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> socks_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> ssl", "140.0.237.238 "
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> ssl_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\88xq2klu.default -> type", 0
FF Extension: (Mozilla WebVR Plus) - C:\Users\JohnDoe\AppData\Roaming\Mozilla\Firefox\Profiles
 
\88xq2klu.default\Extensions\@mozillawebvrenabler.xpi [2016-09-12]
FF Extension: (LastPass) - C:\Users\JohnDoe\AppData\Roaming\Mozilla\Firefox\Profiles\88xq2klu.default
 
\Extensions\[email protected] [2017-06-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll 
 
[2014-05-22] (DivX, LLC.)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-01-15] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll 
 
[2016-08-31] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014
 
-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities
 
\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] 
 
(Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] 
 
()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-
 
26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll 
 
[2014-02-18] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper
 
\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll 
 
[2015-02-13] (Google, Inc.)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-01-15] 
 
(LastPass)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS
 
\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight
 
\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root
 
\Office15\NPSPWRAP.DLL [2015-09-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery
 
\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update
 
\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update
 
\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins
 
\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] 
 
(Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities
 
\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll 
 
[2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-2118853541-1488753588-3094647493-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users
 
\JohnDoe\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-15] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2118853541-1488753588-3094647493-1000: SkypePlugin -> C:\Users\JohnDoe\AppData\Local
 
\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2118853541-1488753588-3094647493-1000: SkypePlugin64 -> C:\Users\JohnDoe\AppData\Local
 
\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Skype Technologies S.A.)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR DefaultSearchKeyword: Profile 1 -> lp
CHR Profile: C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default [2017-11-09]
CHR Extension: (Duolingo on the Web) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-06-26]
CHR Extension: (Adblock for Youtube™) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-10-16]
CHR Extension: (Google Calendar) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\ejjicmeblgpmajnghnpcppodonldlgfn [2017-05-20]
CHR Extension: (Facebook™ Chat Privacy) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\gfpgaanechfneiboempkfjghninbibjn [2017-01-02]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data
 
\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-05-20]
CHR Extension: (Facebook - Delete All Messages) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data
 
\Default\Extensions\hgiidlnejdlfoacoeleopkljhbckmlko [2017-01-02]
CHR Extension: (Google Maps) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\lneaknkopdijkpnocmklfnjbeapigfbh [2016-01-15]
CHR Extension: (Click&Clean App) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\pdabfienifkbhoihedcgeogidfmibmhp [2017-05-20]
CHR Extension: (Chrome Media Router) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-20]
CHR Extension: (Privacy Badger) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2017-05-20]
CHR Profile: C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-11-09]
CHR Profile: C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-11-11]
CHR Extension: (Google Drive) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions
 
\apdfllckaahabafndbhieahigkjlhalf [2016-01-15]
CHR Extension: (YouTube) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions
 
\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-15]
CHR Extension: (Chrome IG Story) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions
 
\bojgejgifofondahckoaahkilneffhmf [2017-10-09]
CHR Extension: (Adblock Plus) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions
 
\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-27]
CHR Extension: (Google Search) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions
 
\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-15]
CHR Extension: (Video Downloader professional) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 
 
1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-08-03]
CHR Extension: (WebM Options (Premium)) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 
 
1\Extensions\fhgjcfedjhkachipnckecjckmdllpgjh [2016-02-08]
CHR Extension: (WebM Inline Player) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 
 
1\Extensions\fnaeemmlglafkapofhhgfhnhddaboeig [2016-01-27]
CHR Extension: (Web Page to PDF Converter) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 
 
1\Extensions\gdlncamcmchghcemgocofijkhkklijbj [2016-08-11]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data
 
\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-10-21]
CHR Extension: (Facebook - Delete All Messages) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data
 
\Profile 1\Extensions\hgiidlnejdlfoacoeleopkljhbckmlko [2017-10-29]
CHR Extension: (Kill News Feed) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions
 
\hjobfcedfgohjkaieocljfcppjbkglfd [2016-02-16]
CHR Extension: (Google Keep - notes and lists) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 
 
1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-11-06]
CHR Extension: (Social Fixer for Facebook) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 
 
1\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2017-10-03]
CHR Extension: (InstaG Downloader) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 
 
1\Extensions\jnkdcmgmnegofdddphijckfagibepdlb [2017-10-28]
CHR Extension: (Signup Block) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions
 
\joiaigcocfbhjbgeajdmmgchlbepelco [2016-11-11]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 
 
1\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-09-22]
CHR Extension: (Ghostery) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions
 
\mlomiejdfkolichcflejclcbmpeaniij [2017-10-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 
 
1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-21]
CHR Extension: (Unseen) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions
 
\oclokcfejikeggpnhgakanfbdnlafaon [2017-08-08]
CHR Extension: (Gmail) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions
 
\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-15]
CHR Extension: (Chrome Media Router) - C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\Profile 
 
1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-07]
CHR Profile: C:\Users\JohnDoe\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-09]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - 
 
hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - 
 
hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved 
 
unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro 
 
Devices, Inc.) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-05-12] ()
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2017-01-08] (Microsoft 
 
Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] 
 
(Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [528424 2017-10-23] (EasyAntiCheat 
 
Ltd)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager
 
\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2100200 2017-11-
 
06] (Plex, Inc.)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] 
 
(Motorola) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] 
 
(Adobe Systems Incorporated) [File not signed]
S4 VeeamEndpointBackupSvc; C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe [101888 2016-03-
 
10] (Veeam Software AG) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-03-28] (Microsoft Corporation)
S4 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, 
 
Corp.)
S4 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved 
 
unless listed separately.)
 
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro 
 
Devices)
S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3778592 2017-01-08] (C-MEDIA)
S3 DFX12; C:\WINDOWS\System32\drivers\dfx12x64.sys [28344 2015-10-12] (Windows ® Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-05-27] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2017-07-30] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2017-07-30] (Windows ® Win 7 DDK provider)
R3 DRTWlanE; C:\WINDOWS\System32\drivers\Drtwlane.sys [4619520 2015-07-21] (Realtek Semiconductor Corporation )
R1 epp; C:\EEK\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2017-02-02] (LogMeIn Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-04-21] ()
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2017-08-04] (Microsoft 
 
Corporation)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\WINDOWS\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2013-12-20] (CACE Technologies, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-05-27] (Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] ()
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] ()
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2014-12-04] (Acronis International GmbH)
S0 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [183224 2014-12-04] (Acronis)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-01-02] (Windows ® Win 
 
7 DDK provider)
R2 VeeamFSR; C:\Program Files\Veeam\Endpoint Backup\VeeamFSR.sys [114120 2016-03-10] (Veeam Software AG)
R0 vidsflt; C:\WINDOWS\System32\DRIVERS\vidsflt.sys [117024 2014-12-04] (Acronis International GmbH)
S3 VirtualDK; C:\Program Files\Veeam\Endpoint Backup\vdk.sys [36808 2016-03-10] (Ken Kato)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 XSplit_Dummy; C:\WINDOWS\System32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
U3 idsvc; no ImagePath
S3 VBAudioVACMME; \SystemRoot\system32\DRIVERS\vbaudio_cable64_win7.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved 
 
unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-11 11:48 - 2017-11-11 11:48 - 002724512 _____ (Sysinternals - www.sysinternals.com) C:\Users\JohnDoe
 
\Downloads\procexp.exe
2017-11-11 11:46 - 2017-11-11 11:46 - 000000000 ____D C:\Users\JohnDoe\Desktop\FRST-OlderVersion
2017-11-11 11:42 - 2017-11-11 11:45 - 000019220 _____ C:\VEW.txt
2017-11-11 11:41 - 2017-11-11 11:41 - 000063050 _____ C:\Users\Public\Documents\SIGVERIF.TXT
2017-11-11 11:41 - 2017-11-11 11:41 - 000061440 _____ ( ) C:\Users\JohnDoe\Downloads\VEW.exe
2017-11-11 11:38 - 2017-11-11 11:39 - 000060564 _____ C:\junk.txt
2017-11-11 11:31 - 2017-11-11 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex 
 
Media Server
2017-11-11 11:15 - 2017-11-11 11:15 - 000016148 _____ C:\WINDOWS\system32\ANDROID-
 
MC3IPDQ_JohnDoe_HistoryPrediction.bin
2017-11-11 09:18 - 2017-11-11 09:19 - 000001194 _____ C:\Users\JohnDoe\Desktop\malware.txt
2017-11-11 08:28 - 2017-11-11 08:28 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\Deployment
2017-11-11 08:27 - 2017-11-11 08:27 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\DropIt
2017-11-11 08:17 - 2017-11-11 08:17 - 000000309 _____ C:\Users\JohnDoe\Desktop\Search.txt
2017-11-11 08:16 - 2017-11-11 08:16 - 000000085 _____ C:\WINDOWS\wininit.ini
2017-11-11 08:14 - 2017-11-11 08:15 - 000000153 _____ C:\Users\JohnDoe\BullseyeCoverageError.txt
2017-11-11 08:13 - 2017-11-11 08:16 - 000154724 _____ C:\Users\JohnDoe\Desktop\Addition.txt
2017-11-11 08:13 - 2017-11-11 08:13 - 000000000 _____ C:\WINDOWS\SysWOW64\REN4189.tmp
2017-11-11 08:09 - 2017-11-11 11:47 - 000028671 _____ C:\Users\JohnDoe\Desktop\FRST.txt
2017-11-11 08:08 - 2017-11-11 11:46 - 002392576 _____ (Farbar) C:\Users\JohnDoe\Desktop\FRST64.exe
2017-11-10 23:07 - 2017-11-10 23:08 - 000000000 ____D C:\Users\JohnDoe\Downloads\Pimsleur - All Languages
2017-11-10 23:07 - 2017-11-10 23:07 - 000139599 _____ C:\Users\JohnDoe\Downloads\Pimsleur - All Languages-
 
[rarbg.to].torrent
2017-11-10 22:55 - 2017-11-10 22:55 - 000043046 _____ C:\Users\JohnDoe\Desktop\TB1X3AAb46I8KJjy0FgXXXXzVXa-
 
1125-350.jpg_960x960Q75s50.jpg_.webp
2017-11-10 19:45 - 2017-11-10 19:45 - 000000000 ____D C:\Users\JohnDoe\Downloads\gil1557
2017-11-10 17:54 - 2017-11-10 18:55 - 148868562 _____ C:\Users\JohnDoe\Downloads\gil1557.part2.rar
2017-11-10 16:30 - 2017-11-10 17:32 - 099333685 _____ C:\Users\JohnDoe\Downloads\Unconfirmed 905287.crdownload
2017-11-09 23:07 - 2017-11-09 23:09 - 000000000 ____D C:\Users\JohnDoe\Downloads\SDI_R1793
2017-11-09 23:07 - 2017-11-09 23:07 - 004229389 _____ C:\Users\JohnDoe\Downloads\SDI_R1793.zip
2017-11-09 23:07 - 2017-11-09 23:07 - 000173692 _____ C:\Users\JohnDoe\Downloads\SDI_Update.torrent
2017-11-09 23:00 - 2017-11-09 23:00 - 036404789 _____ C:\Users\JohnDoe\Downloads\Unconfirmed 848068.crdownload
2017-11-07 20:42 - 2017-11-07 20:42 - 000000717 _____ C:\Users\JohnDoe\AppData\Local\recently-used.xbel
2017-11-07 17:16 - 2017-11-11 11:33 - 000000000 ____D C:\Users\JohnDoe\Downloads\Stranger Things Season 2 Mp4 
 
1080p
2017-11-06 21:21 - 2017-11-06 23:15 - 209715200 _____ C:\Users\JohnDoe\Downloads\gil1557.part1.rar
2017-11-05 15:21 - 2017-11-05 15:21 - 000000000 ____D C:\ProgramData\Emsisoft
2017-11-05 15:20 - 2017-11-05 15:45 - 000000000 ____D C:\EEK
2017-11-05 15:16 - 2017-11-05 15:19 - 340674888 _____ C:\Users\JohnDoe\Downloads\EmsisoftEmergencyKit.exe
2017-11-05 15:11 - 2017-11-05 15:11 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\30251D42.sys
2017-11-05 15:07 - 2017-11-05 15:07 - 008261584 _____ (Malwarebytes) C:\Users\JohnDoe\Downloads
 
\adwcleaner_7.0.4.0.exe
2017-11-05 15:03 - 2017-11-05 15:03 - 001790024 _____ (Malwarebytes) C:\Users\JohnDoe\Downloads\JRT.exe
2017-11-05 15:03 - 2017-11-05 15:03 - 000048425 _____ C:\Users\JohnDoe\Downloads\Addition.txt
2017-11-05 15:01 - 2017-11-05 15:03 - 000042389 _____ C:\Users\JohnDoe\Downloads\FRST.txt
2017-11-05 14:06 - 2017-11-07 19:12 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-11-03 19:37 - 2017-11-03 19:37 - 002047428 _____ C:\Users\JohnDoe\Downloads\Bail 6592 Jeanne-Mance (1).pdf
2017-11-03 19:20 - 2017-11-03 19:20 - 002118430 _____ C:\Users\JohnDoe\Downloads\Photos (1).zip
2017-11-03 19:20 - 2017-11-03 19:20 - 001435730 _____ C:\Users\JohnDoe\Downloads\Photos.zip
2017-11-03 19:17 - 2017-11-03 19:17 - 004088898 _____ C:\Users\JohnDoe\Downloads\WEB_LRT01_AW-PW-PWAIR.dwg
2017-10-28 22:41 - 2017-10-28 22:42 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\Trine1
2017-10-28 20:04 - 2017-10-28 20:04 - 000000000 ____D C:\Users\JohnDoe\Documents\Penumbra
2017-10-28 18:08 - 2017-10-28 18:08 - 000000000 ____D C:\Users\JohnDoe\Downloads\The Tragically Hip - 1992 - 
 
Fully Completely (2CD Deluxe Edition) [mp3]
2017-10-28 17:55 - 2017-10-28 17:58 - 000000000 ____D C:\Users\JohnDoe\Downloads
 
\Nathan.For.You.S04E04.WEB.x264-TBS[ettv]
2017-10-28 17:53 - 2017-10-28 17:54 - 000000000 ____D C:\Users\JohnDoe\Downloads\NxWorries (Anderson .Paak & 
 
Knxwledge) - Yes Lawd! (2016) [MP3~320Kbps]
2017-10-28 17:52 - 2017-10-28 17:52 - 000003626 _____ C:\Users\JohnDoe\Downloads
 
\Nathan.For.You.S04E04.WEB.x264-TBS[ettv][https---worldwidetorrents.me].torrent
2017-10-28 09:01 - 2017-10-28 09:01 - 000021994 _____ C:\Users\JohnDoe\Downloads\Thundercat - Drunk (2017) 
 
[Mp3-320kbps][https---worldwidetorrents.me].torrent
2017-10-28 09:01 - 2017-10-28 09:01 - 000000000 ____D C:\Users\JohnDoe\Downloads\Thundercat - Drunk (2017) 
 
[Mp3~320kbps]
2017-10-26 19:26 - 2017-10-26 19:27 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\discordsdk
2017-10-26 19:26 - 2017-10-26 19:26 - 000000000 ____D C:\Users\JohnDoe\Documents\SavedGames
2017-10-26 19:26 - 2007-04-04 17:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-10-26 18:14 - 2017-10-26 18:14 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\ParadoxInteractive
2017-10-25 21:16 - 2017-11-11 11:36 - 000000000 ____D C:\Users\JohnDoe\Streaming Media
2017-10-25 21:13 - 2017-11-11 11:28 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\Plex Media Server
2017-10-25 21:11 - 2017-10-25 21:11 - 000000000 ____D C:\Program Files (x86)\Plex
2017-10-25 21:09 - 2017-10-25 21:10 - 075658992 _____ (Plex, Inc.) C:\Users\JohnDoe\Downloads\Plex-Media-
 
Server-1.9.4.4325-1bf240a65.exe
2017-10-25 17:31 - 2017-10-25 17:31 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\EasyAntiCheat
2017-10-25 17:31 - 2017-10-25 17:31 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2017-10-24 20:11 - 2017-10-24 20:11 - 000000021 _____ C:\Users\JohnDoe\Documents\rbc_account.txt
2017-10-21 07:34 - 2017-10-21 07:59 - 000000000 ____D C:\Users\JohnDoe\Documents\Overwatch
2017-10-21 00:10 - 2017-10-21 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs
 
\Overwatch
2017-10-20 22:30 - 2017-11-10 21:34 - 000000000 ____D C:\Program Files (x86)\Overwatch
2017-10-20 22:25 - 2017-10-20 22:25 - 003251696 _____ (Blizzard Entertainment) C:\Users\JohnDoe\Downloads
 
\Overwatch-Setup.exe
2017-10-19 17:03 - 2017-10-19 17:03 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-10-18 18:46 - 2017-10-18 18:46 - 000028310 _____ C:\Users\JohnDoe\Downloads\The Tragically Hip - 1992 - 
 
Fully Completely (2CD Deluxe Edition) [mp3][https---worldwidetorrents.me].torrent
2017-10-18 18:28 - 2017-10-18 18:28 - 000002205 _____ C:\Users\JohnDoe\AppData\Roaming\Microsoft\Windows\Start 
 
Menu\Programs\f.lux.lnk
2017-10-17 21:53 - 2017-10-17 22:08 - 048414273 _____ C:\Users\JohnDoe\Downloads\Unconfirmed 658321.crdownload
2017-10-14 09:39 - 2017-10-14 09:39 - 000062665 _____ C:\Users\JohnDoe\Downloads\02383462.pdf
2017-10-14 09:39 - 2017-10-14 09:39 - 000062137 _____ C:\Users\JohnDoe\Downloads\CR112377.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-11 11:46 - 2015-04-30 16:59 - 000000000 ____D C:\FRST
2017-11-11 11:40 - 2015-07-10 06:02 - 000000000 ____D C:\WINDOWS\INF
2017-11-11 11:31 - 2014-08-29 14:59 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-11 10:27 - 2016-10-01 09:16 - 000000000 ____D C:\Temp
2017-11-11 10:07 - 2015-07-10 07:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-11 10:06 - 2017-05-14 10:37 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-11-11 10:06 - 2015-07-10 07:20 - 005018672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-11 10:05 - 2015-07-10 04:05 - 001048576 ___SH C:\WINDOWS\system32\config\BBI
2017-11-11 09:22 - 2015-07-10 05:55 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-11 08:52 - 2013-09-09 17:33 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\vlc
2017-11-11 08:30 - 2015-12-12 18:39 - 000000556 _____ C:\WINDOWS\SysWOW64\nativelog.txt
2017-11-11 08:30 - 2015-04-17 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs
 
\Minecraft
2017-11-11 08:30 - 2015-04-17 18:07 - 000000000 ____D C:\Program Files (x86)\Minecraft
2017-11-11 08:30 - 2014-09-14 18:59 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\Microsoft\Windows\Start 
 
Menu\Programs\Autodesk
2017-11-11 08:30 - 2014-09-14 18:59 - 000000000 ____D C:\Program Files\Autodesk
2017-11-11 08:30 - 2014-03-07 16:31 - 000000000 ____D C:\Program Files\VCG
2017-11-11 08:29 - 2016-10-02 22:05 - 000000000 ____D C:\Program Files\GoPro
2017-11-11 08:29 - 2014-09-02 20:05 - 000000000 ____D C:\Program Files\GIMP 2
2017-11-11 08:28 - 2015-04-02 11:30 - 000000000 ____D C:\ProgramData\HappyCloud
2017-11-11 08:28 - 2014-09-15 08:09 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\Microsoft\Windows\Start 
 
Menu\Programs\GitHub, Inc
2017-11-11 08:28 - 2014-09-02 19:48 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\Nem's Tools
2017-11-11 08:28 - 2014-09-02 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs
 
\Nem's Tools
2017-11-11 08:27 - 2016-10-28 22:36 - 000000000 ____D C:\Program Files (x86)\DebugMode
2017-11-11 08:27 - 2016-08-21 18:50 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\CrashPlan
2017-11-11 08:27 - 2016-05-12 18:32 - 000000000 ____D C:\Program Files (x86)\DZLauncher
2017-11-11 08:26 - 2016-12-10 09:12 - 000000000 ____D C:\Program Files (x86)\AviSynth
2017-11-11 08:26 - 2013-09-06 19:43 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\Canon
2017-11-11 08:26 - 2013-09-06 18:15 - 000000000 ____D C:\Program Files (x86)\Steam
2017-11-11 08:25 - 2016-01-11 16:35 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-11-11 08:24 - 2016-01-11 16:29 - 000000000 ____D C:\ProgramData\Autodesk
2017-11-11 08:24 - 2015-07-10 06:04 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-11-11 08:23 - 2014-09-14 19:00 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\Autodesk
2017-11-11 08:19 - 2014-01-27 23:22 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2017-11-11 08:16 - 2017-05-14 10:37 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-11-11 08:15 - 2017-05-15 17:53 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-11 08:15 - 2013-09-06 18:25 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-11 08:14 - 2017-01-08 18:25 - 000000000 ____D C:\Users\JohnDoe
2017-11-11 08:14 - 2013-09-06 18:15 - 000000000 ____D C:\Program Files\Java
2017-11-11 08:14 - 2013-09-06 18:14 - 000000000 ____D C:\Program Files (x86)\Java
2017-11-10 23:08 - 2017-01-08 10:15 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\deluge
2017-11-10 21:42 - 2016-06-19 11:42 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\Battle.net
2017-11-10 20:19 - 2016-06-19 11:43 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2017-11-10 20:12 - 2016-06-19 11:41 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-11-09 22:56 - 2013-09-16 06:40 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\Media Player Classic
2017-11-07 17:32 - 2015-05-03 23:11 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs
 
\Google Chrome.lnk
2017-11-07 17:19 - 2017-07-27 16:40 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update 
 
Task-S-1-5-21-2118853541-1488753588-3094647493-1000
2017-11-07 17:19 - 2017-01-08 19:22 - 000002412 _____ C:\Users\JohnDoe\AppData\Roaming\Microsoft\Windows\Start 
 
Menu\Programs\OneDrive.lnk
2017-11-07 17:19 - 2014-02-20 21:10 - 000000000 ___RD C:\Users\JohnDoe\OneDrive
2017-11-06 17:57 - 2017-01-08 18:24 - 001005598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-05 15:12 - 2015-07-10 06:04 - 000000000 __RSD C:\WINDOWS\Media
2017-11-05 15:11 - 2015-04-21 12:27 - 000000000 ____D C:\AdwCleaner
2017-11-05 14:28 - 2013-12-19 09:35 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\ElevatedDiagnostics
2017-11-05 14:12 - 2014-08-30 11:31 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers
 
\MBAMSwissArmy.sys
2017-11-04 14:09 - 2013-09-06 18:35 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\Skype
2017-11-02 17:15 - 2015-07-10 06:04 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-02 17:15 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-01 21:28 - 2017-03-11 16:41 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\foobar2000
2017-10-31 20:04 - 2017-10-02 05:59 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-10-31 20:02 - 2014-03-08 22:05 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\Packages
2017-10-26 23:01 - 2015-11-07 15:52 - 000000000 ____D C:\Program Files\pia_manager
2017-10-26 17:34 - 2015-02-05 20:34 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\Steam
2017-10-26 16:44 - 2017-03-25 21:08 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\ZenBound2
2017-10-26 16:26 - 2017-01-08 20:19 - 000000000 ____D C:\Users\JohnDoe\Documents\My Games
2017-10-24 21:11 - 2015-04-26 18:37 - 000109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:
 
\WINDOWS\SysWOW64\OpenAL32.dll
2017-10-24 21:11 - 2013-12-19 17:09 - 000466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2017-10-24 21:11 - 2013-12-19 17:09 - 000444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2017-10-24 21:11 - 2013-12-19 17:09 - 000122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:
 
\WINDOWS\system32\OpenAL32.dll
2017-10-21 12:43 - 2014-02-11 22:31 - 000000000 ____D C:\Users\JohnDoe\AppData\Roaming\OBS
2017-10-21 07:58 - 2016-06-19 11:42 - 000000000 ____D C:\Users\JohnDoe\AppData\Local\Blizzard Entertainment
2017-10-17 21:16 - 2015-07-10 06:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-17 21:14 - 2015-09-08 14:03 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-10-14 18:22 - 2016-08-28 08:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs
 
\Google Drive
 
==================== Files in the root of some directories =======
 
2016-01-15 15:47 - 2016-01-15 15:47 - 021403160 _____ (LastPass) C:\Program Files (x86)\Common Files
 
\lpuninstall.exe
2013-11-08 08:52 - 2015-06-26 12:23 - 000000132 _____ () C:\Users\JohnDoe\AppData\Roaming\Adobe AIFF Format CS6 
 
Prefs
2015-01-21 19:44 - 2015-01-21 20:04 - 000000132 _____ () C:\Users\JohnDoe\AppData\Roaming\Adobe BMP Format CS6 
 
Prefs
2014-12-22 13:11 - 2014-12-24 13:38 - 000000132 _____ () C:\Users\JohnDoe\AppData\Roaming\Adobe PNG Format CS5 
 
Prefs
2013-12-08 10:53 - 2017-08-15 17:48 - 000000132 _____ () C:\Users\JohnDoe\AppData\Roaming\Adobe PNG Format CS6 
 
Prefs
2014-09-02 20:48 - 2014-09-02 21:08 - 000000107 _____ () C:\Users\JohnDoe\AppData\Roaming\Camdata.ini
2014-09-02 20:48 - 2014-09-02 21:08 - 000000408 _____ () C:\Users\JohnDoe\AppData\Roaming\CamLayout.ini
2014-09-02 20:48 - 2014-09-02 21:08 - 000000408 _____ () C:\Users\JohnDoe\AppData\Roaming\CamShapes.ini
2014-09-02 20:48 - 2014-09-02 21:08 - 000004544 _____ () C:\Users\JohnDoe\AppData\Roaming\CamStudio.cfg
2015-08-24 23:54 - 2015-08-24 23:54 - 000000000 _____ () C:\Users\JohnDoe\AppData\Roaming\Exception Minidump 
 
(2015-08-25 04.54.01).mdmp
2014-12-24 15:03 - 2014-12-24 16:49 - 297506468 _____ () C:\Users\JohnDoe\AppData\Roaming\Install Quixel 
 
SUITE.exe
2014-09-22 13:47 - 2014-11-22 16:53 - 000000112 _____ () C:\Users\JohnDoe\AppData\Roaming\JP2K CS6 Prefs
2014-10-26 14:51 - 2014-10-26 14:56 - 000000125 _____ () C:\Users\JohnDoe\AppData\Roaming\licecap.ini
2014-01-03 23:00 - 2014-01-03 23:05 - 000001158 _____ () C:\Users\JohnDoe\AppData\Roaming\ShiftN.ini
2014-09-02 20:41 - 2014-09-02 21:04 - 000000096 _____ () C:\Users\JohnDoe\AppData\Roaming\version2.xml
2017-01-02 18:15 - 2017-04-14 15:42 - 000004031 _____ () C:\Users\JohnDoe\AppData\Roaming
 
\VoiceMeeterDefault.xml
2014-08-30 10:55 - 2014-08-30 10:55 - 000000046 _____ () C:\Users\JohnDoe\AppData\Roaming\WB.CFG
2014-08-29 15:09 - 2014-08-29 15:11 - 174606558 _____ () C:\Users\JohnDoe\AppData\Local\ACCCx2_7_1_418.zip
2013-12-08 11:38 - 2017-07-23 20:38 - 000001456 _____ () C:\Users\JohnDoe\AppData\Local\Adobe Save for Web 13.0 
 
Prefs
2015-11-22 21:41 - 2015-11-22 21:41 - 000968942 _____ () C:\Users\JohnDoe\AppData\Local\Auto-Shutdown_1140.rar
2013-09-22 15:20 - 2015-08-20 19:46 - 000007168 _____ () C:\Users\JohnDoe\AppData\Local\DCBC2A71-70D8-4DAN-
 
EHR8-E0D61DEA3FDF.ini
2015-05-18 20:05 - 2015-05-18 20:35 - 000027316 _____ () C:\Users\JohnDoe\AppData\Local\HDGraph.log
2017-11-07 20:42 - 2017-11-07 20:42 - 000000717 _____ () C:\Users\JohnDoe\AppData\Local\recently-used.xbel
 
Some files in TEMP:
====================
2017-11-11 08:24 - 2015-01-26 07:34 - 000015752 _____ (Autodesk, Inc.) C:\Users\JohnDoe\AppData\Local\Temp
 
\AcDeltree.exe
2017-11-11 08:14 - 2017-11-11 08:14 - 000008720 _____ () C:\Users\JohnDoe\AppData\Local\Temp\BullseyeCoverage-
 
2-x86.dll
2017-11-11 08:15 - 2017-11-11 08:15 - 000012080 _____ () C:\Users\JohnDoe\AppData\Local\Temp\BullseyeCoverage-
 
x64-3.dll
2017-11-11 08:24 - 2017-11-11 08:24 - 001962752 _____ (Flexera Software LLC) C:\Users\JohnDoe\AppData\Local
 
\Temp\FNP_ACT_InstallerCA.dll
2017-11-11 11:48 - 2017-11-11 11:48 - 001458856 _____ (Sysinternals - www.sysinternals.com) C:\Users\JohnDoe
 
\AppData\Local\Temp\procexp64.exe
2017-11-11 08:19 - 2017-11-11 08:19 - 000192512 _____ () C:\Users\JohnDoe\AppData\Local\Temp\sfamcc00001.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-11-11 10:18
 
==================== End of FRST.txt ============================
 
~~~
 
 
~~~
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 45.03 0 K 4 K 0
chrome.exe 24.27 62,808 K 66,060 K 6648 Google Chrome Google Inc. (Verified) 
 
Google Inc
chrome.exe 15.65 213,412 K 230,524 K 3852 Google Chrome Google Inc. (Verified) 
 
Google Inc
procexp64.exe 6.21 49,788 K 66,636 K 7948 Sysinternals Process Explorer Sysinternals - 
 
www.sysinternals.com (Verified) Microsoft Corporation
FRST64.exe 2.86 27,160 K 46,280 K 6864 Farbar Recovery Scan Tool Farbar (No 
 
signature was present in the subject) Farbar
Interrupts 1.02 0 K 0 K n/a Hardware Interrupts and DPCs
System 0.90 308 K 17,796 K 4
dwm.exe 0.85 35,152 K 30,288 K 920 Desktop Window Manager Microsoft Corporation
 
(Verified) Microsoft Windows
csrss.exe 0.60 5,848 K 5,912 K 800 Client Server Runtime Process Microsoft Corporation
 
(Verified) Microsoft Windows Publisher
rubyw.exe 0.51 56,600 K 14,052 K 4120 Ruby interpreter (GUI) 1.9.3p448 [i386-mingw32]
 
http://www.ruby-lang.org/ (No signature was present in the subject) http://www.ruby-lang.org/
svchost.exe 0.36 15,180 K 25,996 K 1156 Host Process for Windows Services
 
Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.27 107,132 K 124,696 K 1040 Host Process for Windows Services
 
Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.26 3,696 K 8,840 K 8 Host Process for Windows Services Microsoft Corporation
 
(Verified) Microsoft Windows Publisher
explorer.exe 0.21 72,364 K 127,228 K 3596 Windows Explorer Microsoft Corporation
 
(Verified) Microsoft Windows
Plex DLNA Server.exe 0.16 11,992 K 14,804 K 4964 Plex Media Server DLNA Service Plex, 
 
Inc. (Verified) Plex
dllhost.exe 0.16 4,284 K 9,640 K 3160 COM Surrogate Microsoft Corporation (Verified) Microsoft 
 
Windows
chrome.exe 0.15 186,532 K 268,628 K 4396 Google Chrome Google Inc. (Verified) 
 
Google Inc
Plex Media Server.exe 0.10 44,412 K 57,640 K 4272 Plex Media Server Plex, Inc.
 
(Verified) Plex
pia_nw.exe 0.07 43,024 K 28,372 K 892 nwjs The NWJS Community (No signature 
 
was present in the subject) The NWJS Community
chrome.exe 0.05 165,432 K 176,448 K 5900 Google Chrome Google Inc. (Verified) 
 
Google Inc
PlexScriptHost.exe 0.04 29,860 K 36,448 K 4092 Python Python Software Foundation
 
(Verified) Plex
services.exe 0.04 2,996 K 7,828 K 924 Services and Controller app Microsoft Corporation
 
(Verified) Microsoft Windows Publisher
chrome.exe 0.03 129,700 K 136,228 K 5000 Google Chrome Google Inc. (Verified) 
 
Google Inc
ipoint.exe 0.03 4,348 K 2,676 K 3296 IPoint.exe Microsoft Corporation (Verified) Microsoft 
 
Corporation
itype.exe 0.02 7,172 K 2,236 K 1964 IType.exe Microsoft Corporation (Verified) Microsoft 
 
Corporation
flux.exe 0.01 8,780 K 22,140 K 4244 f.lux f.lux Software LLC (Verified) F.lux 
 
Software LLC
PlexScriptHost.exe 0.01 26,724 K 32,324 K 3180 Python Python Software Foundation
 
(Verified) Plex
PlexScriptHost.exe 0.01 21,992 K 27,612 K 4384 Python Python Software Foundation
 
(Verified) Plex
chrome.exe 0.01 138,560 K 117,908 K 4836 Google Chrome Google Inc. (Verified) 
 
Google Inc
PlexScriptHost.exe 0.01 23,476 K 28,984 K 6148 Python Python Software Foundation
 
(Verified) Plex
pia_nw.exe 0.01 18,964 K 7,352 K 4504 nwjs The NWJS Community (No signature was 
 
present in the subject) The NWJS Community
PlexScriptHost.exe 0.01 21,064 K 26,660 K 5644 Python Python Software Foundation
 
(Verified) Plex
MOM.exe 0.01 24,076 K 4,944 K 4528 Catalyst Control Center: Monitoring program Advanced Micro 
 
Devices Inc. (Verified) Advanced Micro Devices
PlexScriptHost.exe 0.01 23,248 K 28,832 K 5196 Python Python Software Foundation
 
(Verified) Plex
chrome.exe 0.01 52,964 K 60,072 K 5008 Google Chrome Google Inc. (Verified) 
 
Google Inc
MotoHelperAgent.exe 0.01 2,600 K 11,296 K 1884 MotoHelperAgent Motorola Mobility LLC
 
(Verified) Motorola Mobility Inc.
PlexScriptHost.exe 0.01 27,988 K 35,052 K 6004 Python Python Software Foundation
 
(Verified) Plex
PlexScriptHost.exe 0.01 21,848 K 27,440 K 5864 Python Python Software Foundation
 
(Verified) Plex
PlexScriptHost.exe < 0.01 25,404 K 30,968 K 3440 Python Python Software Foundation
 
(Verified) Plex
PlexScriptHost.exe < 0.01 26,080 K 31,616 K 6940 Python Python Software Foundation
 
(Verified) Plex
PlexScriptHost.exe < 0.01 20,936 K 26,732 K 5908 Python Python Software Foundation
 
(Verified) Plex
svchost.exe < 0.01 17,456 K 41,296 K 1060 Host Process for Windows Services
 
Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 7,600 K 24,976 K 1388 Host Process for Windows Services Microsoft 
 
Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 2,268 K 8,708 K 1380 Host Process for Windows Services Microsoft Corporation
 
(Verified) Microsoft Windows Publisher
rubyw.exe < 0.01 8,716 K 260 K 5092 Ruby interpreter (GUI) 1.9.3p448 [i386-mingw32]
 
http://www.ruby-lang.org/ (No signature was present in the subject) http://www.ruby-lang.org/
svchost.exe < 0.01 5,716 K 18,272 K 348 Host Process for Windows Services Microsoft 
 
Corporation (Verified) Microsoft Windows Publisher
officeclicktorun.exe < 0.01 30,892 K 46,456 K 2348 Microsoft Office Click-to-Run
 
Microsoft Corporation (Verified) Microsoft Corporation
SearchIndexer.exe < 0.01 44,048 K 45,576 K 3016 Microsoft Windows Search Indexer
 
Microsoft Corporation (Verified) Microsoft Windows
Plex Tuner Service.exe < 0.01 6,380 K 12,444 K 3632 Plex Tuner Service Plex (Verified) Plex
chrome.exe < 0.01 51,780 K 56,212 K 5024 Google Chrome Google Inc. (Verified) 
 
Google Inc
WmiPrvSE.exe 2,048 K 8,348 K 4296 WMI Provider Host Microsoft Corporation (Verified) 
 
Microsoft Windows
winlogon.exe 1,640 K 8,844 K 860 Windows Logon Application Microsoft Corporation
 
(Verified) Microsoft Windows
wininit.exe 892 K 4,784 K 776 Windows Start-Up Application Microsoft Corporation
 
(Verified) Microsoft Windows Publisher
taskhostw.exe 5,076 K 15,664 K 3680 Host Process for Windows Tasks Microsoft Corporation
 
(Verified) Microsoft Windows
svchost.exe 16,248 K 26,728 K 1704 Host Process for Windows Services
 
Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,972 K 9,276 K 2176 Host Process for Windows Services Microsoft Corporation
 
(Verified) Microsoft Windows Publisher
svchost.exe 7,484 K 28,056 K 608 Host Process for Windows Services Microsoft 
 
Corporation (Verified) Microsoft Windows Publisher
svchost.exe 16,112 K 29,452 K 1860 Host Process for Windows Services
 
Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,356 K 9,652 K 2416 Host Process for Windows Services Microsoft Corporation
 
(Verified) Microsoft Windows Publisher
svchost.exe 1,820 K 8,092 K 2880 Host Process for Windows Services Microsoft Corporation
 
(Verified) Microsoft Windows Publisher
svchost.exe 3,988 K 15,832 K 2920 Host Process for Windows Services Microsoft 
 
Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,276 K 6,120 K 3220 Host Process for Windows Services Microsoft Corporation
 
(Verified) Microsoft Windows Publisher
svchost.exe 1,104 K 5,320 K 3152 Host Process for Windows Services Microsoft Corporation
 
(Verified) Microsoft Windows Publisher
sqlwriter.exe 1,444 K 7,412 K 2740 SQL Server VSS Writer - 64 Bit Microsoft Corporation
 
(Verified) Microsoft Corporation
spoolsv.exe 5,500 K 14,984 K 1852 Spooler SubSystem App Microsoft Corporation
 
(Verified) Microsoft Windows
SMSvcHost.exe 15,460 K 19,600 K 3348 SMSvcHost.exe Microsoft Corporation
 
(Verified) Microsoft Corporation
SMSvcHost.exe 20,752 K 13,972 K 3340 SMSvcHost.exe Microsoft Corporation
 
(Verified) Microsoft Corporation
smss.exe 344 K 1,180 K 492 Windows Session Manager Microsoft Corporation (Verified) 
 
Microsoft Windows Publisher
sihost.exe 4,212 K 19,000 K 3144 Shell Infrastructure Host Microsoft Corporation
 
(Verified) Microsoft Windows
ShellExperienceHost.exe Suspended 19,652 K 52,160 K 3020 Windows Shell Experience Host
 
Microsoft Corporation (Verified) Microsoft Windows
SearchUI.exe Suspended 50,460 K 95,188 K 6092 Search and Cortana application
 
Microsoft Corporation (Verified) Microsoft Windows
SearchProtocolHost.exe 2,572 K 9,428 K 7444 Microsoft Windows Search Protocol Host Microsoft 
 
Corporation (Verified) Microsoft Windows
SearchFilterHost.exe 1,880 K 6,992 K 7724 Microsoft Windows Search Filter Host Microsoft 
 
Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 7,052 K 26,984 K 1336 Runtime Broker Microsoft Corporation
 
(Verified) Microsoft Windows
RAVCpl64.exe 3,876 K 13,160 K 2248 Realtek HD Audio Manager Realtek Semiconductor
 
(Verified) Realtek Semiconductor Corp
procexp.exe 2,684 K 9,688 K 6848 Sysinternals Process Explorer Sysinternals - 
 
www.sysinternals.com (Verified) Microsoft Corporation
Plex Update Service.exe 1,788 K 7,816 K 6156 Plex Update Service Plex, Inc. (Verified) Plex
pia_nw.exe 1,644 K 376 K 4524 nwjs The NWJS Community (No signature was present in 
 
the subject) The NWJS Community
pia_manager.exe 1,152 K 184 K 308 (No signature was present in the subject)
pia_manager.exe 1,152 K 232 K 4376 (No signature was present in the subject)
notepad.exe 2,220 K 10,600 K 7504 Notepad Microsoft Corporation (Verified) Microsoft 
 
Windows
mqsvc.exe 4,172 K 12,116 K 2272 Message Queuing Service Microsoft Corporation
 
(Verified) Microsoft Windows
MotoHelperService.exe 2,560 K 9,864 K 2292 MotoHelper Service Motorola Mobility LLC
 
(Verified) Motorola Mobility Inc.
lsass.exe 4,692 K 13,892 K 936 Local Security Authority Process Microsoft 
 
Corporation (Verified) Microsoft Windows Publisher
GoogleCrashHandler64.exe 1,456 K 260 K 3292 Google Crash Handler Google Inc.
 
(Verified) Google Inc
GoogleCrashHandler.exe 1,496 K 268 K 3416 Google Crash Handler Google Inc. (Verified) 
 
Google Inc
Fuel.Service.exe 4,824 K 19,728 K 2240 AMD Fuel Service Advanced Micro Devices, 
 
Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.
ForwardDaemon.exe 1,256 K 5,272 K 2464 ForwardDemon Motorola (No signature was 
 
present in the subject) Motorola
dasHost.exe 1,984 K 10,288 K 2224 Device Association Framework Provider Host
 
Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 1,248 K 4,488 K 672 Client Server Runtime Process Microsoft Corporation
 
(Verified) Microsoft Windows Publisher
conhost.exe 1,584 K 6,980 K 4356 Console Window Host Microsoft Corporation (Verified) 
 
Microsoft Windows
conhost.exe 1,344 K 5,376 K 3368 Console Window Host Microsoft Corporation (Verified) 
 
Microsoft Windows
conhost.exe 1,572 K 7,016 K 3968 Console Window Host Microsoft Corporation (Verified) 
 
Microsoft Windows
conhost.exe 1,576 K 6,920 K 4944 Console Window Host Microsoft Corporation (Verified) 
 
Microsoft Windows
conhost.exe 1,568 K 6,940 K 6336 Console Window Host Microsoft Corporation (Verified) 
 
Microsoft Windows
conhost.exe 1,572 K 6,912 K 3580 Console Window Host Microsoft Corporation (Verified) 
 
Microsoft Windows
conhost.exe 1,568 K 6,940 K 5492 Console Window Host Microsoft Corporation (Verified) 
 
Microsoft Windows
conhost.exe 1,568 K 6,964 K 3488 Console Window Host Microsoft Corporation (Verified) 
 
Microsoft Windows
conhost.exe 1,576 K 6,924 K 6108 Console Window Host Microsoft Corporation (Verified) 
 
Microsoft Windows
conhost.exe 1,576 K 6,956 K 5800 Console Window Host Microsoft Corporation (Verified) 
 
Microsoft Windows
conhost.exe 1,564 K 6,948 K 3772 Console Window Host Microsoft Corporation (Verified) 
 
Microsoft Windows
conhost.exe 1,580 K 7,004 K 5580 Console Window Host Microsoft Corporation (Verified) 
 
Microsoft Windows
chrome.exe 75,592 K 84,028 K 5016 Google Chrome Google Inc. (Verified) 
 
Google Inc
chrome.exe 29,552 K 35,028 K 5048 Google Chrome Google Inc. (Verified) 
 
Google Inc
chrome.exe 29,420 K 36,156 K 5032 Google Chrome Google Inc. (Verified) 
 
Google Inc
chrome.exe 42,044 K 46,048 K 5040 Google Chrome Google Inc. (Verified) 
 
Google Inc
chrome.exe 1,728 K 6,956 K 4404 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 1,640 K 7,528 K 4676 Google Chrome Google Inc. (Verified) Google Inc
CCC.exe 75,304 K 6,404 K 4620 Catalyst Control Center: Host application Advanced Micro 
 
Devices Inc. (Verified) Advanced Micro Devices
audiodg.exe 8,684 K 13,744 K 6472 Windows Audio Device Graph Isolation Microsoft 
 
Corporation (Verified) Microsoft Windows
atiesrxx.exe 1,028 K 4,912 K 1228 AMD External Events Service Module AMD (Verified) 
 
Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 2,008 K 8,976 K 1292 AMD External Events Client Module AMD (Verified) 
 
Microsoft Windows Hardware Compatibility Publisher
armsvc.exe 1,164 K 5,612 K 2208 Adobe Acrobat Update Service Adobe Systems Incorporated
 
(Verified) Adobe Systems
 
~~~
 
 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       492 N/A                                         
csrss.exe                      672 N/A                                         
wininit.exe                    776 N/A                                         
csrss.exe                      800 N/A                                         
winlogon.exe                   860 N/A                                         
services.exe                   924 N/A                                         
lsass.exe                      936 KeyIso, SamSs, VaultSvc                     
svchost.exe                    348 BrokerInfrastructure, DcomLaunch, LSM,      
                                   PlugPlay, Power, SystemEventsBroker         
svchost.exe                      8 RpcEptMapper, RpcSs                         
dwm.exe                        920 N/A                                         
svchost.exe                   1040 AudioEndpointBuilder, CscService,           
                                   DeviceAssociationService, DsSvc, hidserv,   
                                   NcbService, PcaSvc, SysMain, TrkWks,        
                                   WdiSystemHost, WlanSvc, wudfsvc             
svchost.exe                   1060 Appinfo, BITS, gpsvc, iphlpsvc,             
                                   LanmanServer, ProfSvc, Schedule, SENS,      
                                   ShellHWDetection, Themes, UserManager,      
                                   Winmgmt                                     
svchost.exe                   1156 Audiosrv, Dhcp, EventLog, lmhosts, Wcmsvc,  
                                   wscsvc                                      
atiesrxx.exe                  1228 AMD External Events Utility                 
atieclxx.exe                  1292 N/A                                         
svchost.exe                   1380 SSDPSRV, TimeBroker                         
svchost.exe                   1388 EventSystem, FontCache, LicenseManager,     
                                   netprofm, nsi, WdiServiceHost,              
                                   WinHttpAutoProxySvc                         
svchost.exe                   1704 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc                                      
spoolsv.exe                   1852 Spooler                                     
svchost.exe                   1860 BFE, CoreMessagingRegistrar, DPS, MpsSvc    
svchost.exe                   2176 AppHostSvc                                  
armsvc.exe                    2208 AdobeARMservice                             
dasHost.exe                   2224 N/A                                         
Fuel.Service.exe              2240 AMD FUEL Service                            
mqsvc.exe                     2272 MSMQ                                        
MotoHelperService.exe         2292 Motorola Device Manager                     
officeclicktorun.exe          2348 ClickToRunSvc                               
svchost.exe                   2416 W3SVC, WAS                                  
ForwardDaemon.exe             2464 PST Service                                 
sqlwriter.exe                 2740 SQLWriter                                   
svchost.exe                   2880 stisvc                                      
svchost.exe                   2920 StateRepository, tiledatamodelsvc           
svchost.exe                   3220 PolicyAgent                                 
SMSvcHost.exe                 3340 NetMsmqActivator                            
SMSvcHost.exe                 3348 NetPipeActivator                            
GoogleCrashHandler.exe        3416 N/A                                         
GoogleCrashHandler64.exe      3292 N/A                                         
SearchIndexer.exe             3016 WSearch                                     
sihost.exe                    3144 N/A                                         
pia_manager.exe                308 N/A                                         
itype.exe                     1964 N/A                                         
taskhostw.exe                 3680 N/A                                         
ipoint.exe                    3296 N/A                                         
explorer.exe                  3596 N/A                                         
RuntimeBroker.exe             1336 N/A                                         
ShellExperienceHost.exe       3020 N/A                                         
MotoHelperAgent.exe           1884 N/A                                         
RAVCpl64.exe                  2248 N/A                                         
flux.exe                      4244 N/A                                         
WmiPrvSE.exe                  4296 N/A                                         
chrome.exe                    4396 N/A                                         
chrome.exe                    4404 N/A                                         
MOM.exe                       4528 N/A                                         
CCC.exe                       4620 N/A                                         
chrome.exe                    4676 N/A                                         
chrome.exe                    4836 N/A                                         
chrome.exe                    5000 N/A                                         
chrome.exe                    5008 N/A                                         
chrome.exe                    5016 N/A                                         
chrome.exe                    5024 N/A                                         
chrome.exe                    5032 N/A                                         
chrome.exe                    5040 N/A                                         
chrome.exe                    5048 N/A                                         
rubyw.exe                     5092 N/A                                         
pia_manager.exe               4376 N/A                                         
rubyw.exe                     4120 N/A                                         
pia_nw.exe                    4504 N/A                                         
pia_nw.exe                    4524 N/A                                         
pia_nw.exe                     892 N/A                                         
svchost.exe                    608 N/A                                         
chrome.exe                    6648 N/A                                         
svchost.exe                   3152 SDRSVC                                      
chrome.exe                    5900 N/A                                         
audiodg.exe                   6472 N/A                                         
SearchUI.exe                  6092 N/A                                         
Plex Media Server.exe         4272 N/A                                         
PlexScriptHost.exe            4092 N/A                                         
conhost.exe                   4356 N/A                                         
Plex DLNA Server.exe          4964 N/A                                         
Plex Tuner Service.exe        3632 N/A                                         
conhost.exe                   3368 N/A                                         
Plex Update Service.exe       6156 PlexUpdateService                           
PlexScriptHost.exe            6940 N/A                                         
conhost.exe                   3968 N/A                                         
PlexScriptHost.exe            5908 N/A                                         
PlexScriptHost.exe            5644 N/A                                         
conhost.exe                   4944 N/A                                         
conhost.exe                   6336 N/A                                         
PlexScriptHost.exe            6148 N/A                                         
PlexScriptHost.exe            5864 N/A                                         
conhost.exe                   3580 N/A                                         
conhost.exe                   5492 N/A                                         
PlexScriptHost.exe            4384 N/A                                         
PlexScriptHost.exe            5196 N/A                                         
conhost.exe                   3488 N/A                                         
conhost.exe                   6108 N/A                                         
PlexScriptHost.exe            3440 N/A                                         
PlexScriptHost.exe            3180 N/A                                         
conhost.exe                   5800 N/A                                         
conhost.exe                   3772 N/A                                         
PlexScriptHost.exe            6004 N/A                                         
conhost.exe                   5580 N/A                                         
chrome.exe                    3852 N/A                                         
notepad.exe                   7504 N/A                                         
SearchProtocolHost.exe        7444 N/A                                         
FRST64.exe                    6864 N/A                                         
procexp.exe                   6848 N/A                                         
procexp64.exe                 7948 N/A                                         
notepad.exe                   8052 N/A                                         
taskhostw.exe                 7632 N/A                                         
dllhost.exe                   1396 N/A                                         
dllhost.exe                   5056 N/A                                         
dllhost.exe                   1036 N/A                                         
cmd.exe                       4772 N/A                                         
conhost.exe                   7032 N/A                                         
tasklist.exe                  5680 N/A                                         
WmiPrvSE.exe                  6568 N/A                                         

  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

It should have worked without the fixlist but you can make your own.  Open notepad.  Copy the quoted text and paste it into notepad.  Save As fixlist in the same folder as FRST.  Then when you press Fix it should find it.

 


? Java 7 Update 67 -obsolete
? Java 8 Update 51 -obsolete
? Java 8 Update 51 -obsolete
? LogMeIn - not working
? Malwarebytes Anti-Ransomware - May interfere with fixes
? Private Internet Access Support Files - Just don't want it confusing things
? Spybot - Search & Destroy Not a good idea on Win 10.  Have it remove its immunizations on the way out
? SUPERAntiSpyware - May interfere with fixes
 

 

 

You couldn't uninstall the above?

 

 enter Control Panel in the search box and select Control Panel from the results.

Select Programs > Programs and Features, and then select the program.  Uninstall

 

 

 

Dism should work.  Copy the next line:

DISM  /Online  /Cleanup-Image  /RestoreHealth

Open an elevated Command Prompt and right click and select Paste (or Edit then Paste) and the copied line should appear.  Hit Enter.

 

Does it work this time?

 

IF not search for

services.msc

hit Enter

 

Verify that Background Intelligent Transfer service is started.  Also check Windows Update is started.  Make sure you are on line and not using any VPN.

 

The driver you found is from MagicISO SCSI Host Controller.  Not sure why it is on your PC.

 

If you are able to uninstall the programs run a new FRST scan with addition.txt checked.

 

If you are able to run dism then run VEW again as before.

 

 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.

 


  • 0

#6
zestron

zestron

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 334 posts

Sorry, I did get those installed. I put an ascii checkmark beside those but notepad didn't like the unicode.

 

Made a fixlist.txt and ran the "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION" through the fix button, but it says "Looks you don't know what to do. To prevent damage to the system the tool will exit."

 

 

~~~
 
When I run that line in elevated command line I get:
 
Microsoft Windows [Version 10.0.10240]
© 2015 Microsoft Corporation. All rights reserved.
 
C:\WINDOWS\system32>DISM  /Online  /Cleanup-Image  /RestoreHealth
 
Deployment Image Servicing and Management tool
Version: 10.0.10240.16384
 
Image Version: 10.0.10240.16384
 
~~~
 
Background Intelligent Transfer service is started
 
Windows Update is set to Manual, I think I tried to disable it because it got really annoying having it update on it's own
 
~~~

  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Could you attach the last FRST logs?  The formatting got messed up and it's too hard to work with.  To Attach:

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.
 


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Be patient with the DISM command.  It will sometimes sit there with just the image version showing for a couple of minutes before it starts to give you a completion %.  I would start the Windows update service before running it just to make sure it has what it needs.  You can just type:

sc  start  wuauserv

and it should start when you hit Enter.


  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

I'm going to take a nap now so won't be back on line for an hour or more.


  • 0

#10
zestron

zestron

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 334 posts

Okay. I'm running the DISM line and will let it sit there for a while and see if anything new pops up

Attached Files


  • 0

Advertisements


#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Anything happen with DISM?

 

Download the attached fixlist.txt to the same location as FRST



Run FRST and press Fix

System should reboot.

A fix log will be generated please post that


Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.  MAKE SURE YOU DO NOT HAVE WORD WRAP CHECKED (Under Format in Notepad)

 


  • 0

#12
zestron

zestron

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 334 posts

DISM ran clear!

 

 

Attached Files


  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

 Looks like Windows Defender is working again.  See if it can do a scan now.

 

 

Error: (11/11/2017 04:31:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126

 

 

126 means it can't find the file. 

Let's see if the file is anywhere:

 

Start up FRST and in the search box put

 

Rtlihvs.dll

 

then hit Search Files.  You should get a log.  Post it please.  There is a Rtlihvs.dll file on my PC so if we can't find one on yours I'll zip it up and upload it for you.

 

 

 

 

Error: (11/11/2017 04:31:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

 

This is a mistake from Microsoft. The service should not be on.  

 

Search for services and hit Enter.  Find each entry that starts with Net Tcp.  Right click and select Properties.  Change the Startup type: to Disabled.  OK.  Repeat for all entries that start with Net Tcp.

 

The other errors all happened as you shut it down so I don't care about them.

 

Let's see new VEW logs.
 


  • 0

#14
zestron

zestron

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 334 posts
Farbar Recovery Scan Tool (x64) Version: 11-11-2017
Ran by JohnDoe (11-11-2017 17:30:53)
Running from C:\Users\JohnDoe\Desktop
Boot Mode: Normal
 
================== Search Files: "Rtlihvs.dll
" =============
 
C:\Windows\SysWOW64\Rtlihvs.dll
[2017-06-27 19:36][2013-04-01 21:19] 000516608 _____ (Realtek Semiconductor Corp. ) 4A577370E852CE85D74A26FDF90B5244 [File not signed]
 
 
====== End of Search ======
 
~~~
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 11/11/2017 6:02:08 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
~~~
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 11/11/2017 6:02:43 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/11/2017 10:48:53 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x8024200D: Feature update to Windows 10, version 1703.
 
Log: 'System' Date/Time: 11/11/2017 9:48:57 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80246013: Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2, 2016 x64 Edition - October 2017 (KB890830).
 
Log: 'System' Date/Time: 11/11/2017 9:48:56 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Interactive Services Detection service terminated with the following error:  Incorrect function.
 
Log: 'System' Date/Time: 11/11/2017 9:48:56 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Interactive Services Detection service terminated with the following error:  Incorrect function.
 
Log: 'System' Date/Time: 11/11/2017 9:48:55 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Interactive Services Detection service terminated with the following error:  Incorrect function.
 
Log: 'System' Date/Time: 11/11/2017 9:48:55 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Interactive Services Detection service terminated with the following error:  Incorrect function.
 
Log: 'System' Date/Time: 11/11/2017 9:48:55 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Interactive Services Detection service terminated with the following error:  Incorrect function.
 
Log: 'System' Date/Time: 11/11/2017 9:48:49 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80246013: Feature update to Windows 10, version 1703.
 
Log: 'System' Date/Time: 11/11/2017 9:48:49 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80246013: Update for Windows 10 Version 1511 for x64-based Systems (KB4033631).
 
Log: 'System' Date/Time: 11/11/2017 9:48:49 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80246013: 2017-06 Security Update for Adobe Flash Player for Windows 10 Version 1507 for x64-based Systems (KB4022730).
 
Log: 'System' Date/Time: 11/11/2017 9:48:49 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80246013: 2017-06 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB4022727).
 
Log: 'System' Date/Time: 11/11/2017 9:31:04 PM
Type: Error Category: 0
Event: 10000 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has failed to start.  Module Path: C:\WINDOWS\system32\Rtlihvs.dll Error Code: 126 
 
Log: 'System' Date/Time: 11/11/2017 9:31:01 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Log: 'System' Date/Time: 11/11/2017 9:29:32 PM
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The Group Policy Client service did not shut down properly after receiving a preshutdown control.
 
Log: 'System' Date/Time: 11/11/2017 9:28:55 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Sync Host_Session1 service to connect.
 
Log: 'System' Date/Time: 11/11/2017 9:28:55 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_Session1 service to connect.
 
Log: 'System' Date/Time: 11/11/2017 9:28:55 PM
Type: Error Category: 0
Event: 7032 Source: Service Control Manager
The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Data Storage_Session1 service, but this action failed with the following error:  An instance of the service is already running.
 
Log: 'System' Date/Time: 11/11/2017 9:28:45 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 11/11/2017 9:28:45 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The User Data Storage_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 11/11/2017 9:28:45 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Contact Data_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/11/2017 9:30:45 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 

  • 0

#15
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

The missing file is part of

 

REALTEK PCIE Wireless LAN Driver

 

Mine shows it:

 

 

C:\Windows\System32\Rtlihvs.dll
[2014-07-02 18:35][2012-02-14 21:37] 000594432 _____ (Realtek Semiconductor Corp. ) 778F1F1C8872206FF37BBFC98CFC5DCA [File not signed]

C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver\Rtlihvs.dll
[2014-07-02 18:34][2012-02-14 21:37] 000594432 _____ (Realtek Semiconductor Corp. ) 778F1F1C8872206FF37BBFC98CFC5DCA [File not signed]

 

 

Can you download the Realtek driver from your PC maker's support website?

 

Alternatively Lenovo has it at:

 

https://pcsupport.le...nloads/ds104195

 

That one will probably work for you.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP