Jump to content

Lagging Windows time & 2 keyboards


Recommended Posts

Hi

About 2 weeks ago i was trying to get a game to work properly,and was instructed to start a new account to get the game working.The other account i set up was not protected,by Malawarebytes  anti malware,virus protection.4 days ago i ran my PC in safe mode and removed a Poweliks malware.I then ran a Malawarebytes anti-rootkit,which found nothing.

When i boot up my PC now,i get a American megatrends screen which tells me i have 2 keyboards(I only have 1 attached,2 mice(i do have 2),2 hubs.I then press F1 to go into the BIOS setup program.I then press return twice for Windows to boot up.I then notice my Windows time is lagging by about 5-6 hours.

One thing i did notice is that,when in safe mode my Device manager was showing 1 keyboard not 2 when i boot up Windows normally.

What should i try so that my PC is back to normal?.Thanks for looking

Colin

Link to post
Share on other sites

Hi

About 2 weeks ago i was trying to get a game to work properly,and was instructed to start a new account to get the game working.The other account i set up was not protected,by Malawarebytes  anti malware,virus protection.4 days ago i ran my PC in safe mode and removed a Poweliks malware.I then ran a Malawarebytes anti-rootkit,which found nothing.

When i boot up my PC now,i get a American megatrends screen which tells me i have 2 keyboards(I only have 1 attached,2 mice(i do have 2),2 hubs.I then press F1 to go into the BIOS setup program.I then press return twice for Windows to boot up.I then notice my Windows time is lagging by about 5-6 hours.

One thing i did notice is that,when in safe mode my Device manager was showing 1 keyboard not 2 when i boot up Windows normally.

What should i try so that my PC is back to normal?.Thanks for looking

Colin

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2016
Ran by Colin (administrator) on COLINS-PC (03-06-2016 20:36:35)
Running from C:\Users\Colin\Desktop
Loaded Profiles: Colin (Available Profiles: Colin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1400261577\ee\aolsoftware.exe
(Microsoft Corp.) C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corp.) C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Spotify Ltd) C:\Users\Colin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Colin\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Colin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Colin\AppData\Roaming\Spotify\Spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4867784 2015-12-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe [9581280 2016-01-28] ()
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1400261577\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [49152 2006-04-13] ()
HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [735744 2013-02-27] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3820440 2016-04-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-06-03] (SUPERAntiSpyware)
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\WLXPGSS.SCR [322248 2014-03-31] (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-3369568051-1984934905-614767478-1006\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1    localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BAAC01BF-606F-4106-9EBE-0770D8FE0670}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.worldofspectrum.org/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3369568051-1984934905-614767478-1001 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3369568051-1984934905-614767478-1001 -> {1DCA0845-D10E-4C2B-B949-1B4D1A1378AB} URL = hxxp://search.aol.co.uk/aolcom/search?query={searchTerms}&invocationType=msie70a
SearchScopes: HKU\S-1-5-21-3369568051-1984934905-614767478-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3369568051-1984934905-614767478-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10088_cnet_141217&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-22] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22] (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  No File
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab

FireFox:
========
FF ProfilePath: C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default
FF NewTab: about:blank
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.worldofspectrum.org/
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\searchplugins\securesearch.xml [2014-12-17]
FF Extension: Quick Translator - C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-05-29]

Chrome:
=======
CHR Profile: C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-12-04] (Advanced Micro Devices) [File not signed]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1563648 2016-04-21] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3647384 2016-04-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [336152 2016-04-21] (AVG Technologies CZ, s.r.o.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-05-16] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-05-16] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [112640 2013-05-22] (Creative Technology Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe [712432 2016-01-28] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-09] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-04-03] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [167936 2005-08-08] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wlidsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corp.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-03-21] (Advanced Micro Devices)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-11] (Advanced Micro Devices, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-05-18] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [77760 2015-07-09] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [299440 2016-01-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [296368 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255920 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [300464 2015-08-04] (AVG Technologies CZ, s.r.o.)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1060632 2013-05-22] (Creative Technology Ltd)
R3 cthdb; C:\Windows\System32\DRIVERS\cthdb.sys [25088 2014-04-16] (Creative Technology Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-05-18] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2015-12-11] () [File not signed]
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2015-08-03] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2015-08-03] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2015-08-03] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2015-08-03] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2015-08-03] (Wondershare)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-03 20:36 - 2016-06-03 20:36 - 02384384 _____ (Farbar) C:\Users\Colin\Desktop\FRST64.exe
2016-06-03 20:36 - 2016-06-03 20:36 - 00019867 _____ C:\Users\Colin\Desktop\FRST.txt
2016-06-03 20:36 - 2016-06-03 20:36 - 00000000 ____D C:\FRST
2016-06-03 14:32 - 2016-06-03 14:32 - 00000000 ____D C:\$WINDOWS.~BT
2016-05-30 14:37 - 2016-05-30 14:44 - 00638210 _____ C:\Windows\ntbtlog.txt
2016-05-30 14:37 - 2016-05-30 14:37 - 00000000 ____D C:\NPE
2016-05-30 14:35 - 2016-05-30 14:40 - 00000000 ____D C:\Users\Colin\AppData\Local\NPE
2016-05-30 14:35 - 2016-05-30 14:35 - 00000000 ____D C:\ProgramData\Norton
2016-05-29 06:13 - 2016-05-29 06:18 - 00203718 _____ C:\Windows\system32\avgrep.txt
2016-05-21 06:33 - 2016-05-21 06:33 - 00001409 _____ C:\Windows\QTFont.for
2016-05-18 14:44 - 2016-04-12 02:23 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-18 14:44 - 2016-04-12 02:23 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-18 14:44 - 2016-04-12 02:20 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-18 14:44 - 2016-04-12 02:01 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-18 14:44 - 2016-04-12 02:01 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-18 14:44 - 2016-04-12 02:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-18 14:44 - 2016-04-12 01:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-18 14:44 - 2016-04-12 01:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-18 14:44 - 2016-04-12 01:43 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-18 14:44 - 2016-04-12 01:43 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-18 14:44 - 2016-04-12 01:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-18 14:44 - 2016-04-12 01:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-18 14:44 - 2016-04-12 01:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-18 14:44 - 2016-04-09 07:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-05-18 14:44 - 2016-04-09 07:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-05-18 14:44 - 2016-04-09 07:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-05-18 14:44 - 2016-04-09 07:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-05-18 14:44 - 2016-04-09 06:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-05-18 14:44 - 2016-04-09 06:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-05-18 14:43 - 2016-04-14 17:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-05-18 14:43 - 2016-04-14 17:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-05-18 14:43 - 2016-04-14 17:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-05-18 14:43 - 2016-04-14 17:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-05-18 14:43 - 2016-04-14 17:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-05-18 14:43 - 2016-04-14 17:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-05-18 14:43 - 2016-04-14 16:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-05-18 14:43 - 2016-04-14 16:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-05-18 14:43 - 2016-04-14 16:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-05-18 14:43 - 2016-04-14 16:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-05-18 14:43 - 2016-04-14 16:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-05-18 14:43 - 2016-04-14 16:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-05-16 21:09 - 2016-05-16 21:16 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Speed Fix Tool Plus
2016-05-11 09:19 - 2016-04-23 18:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 09:19 - 2016-04-23 17:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 09:19 - 2016-04-23 06:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 09:19 - 2016-04-23 06:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-11 09:19 - 2016-04-23 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-11 09:19 - 2016-04-23 06:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-11 09:19 - 2016-04-23 06:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 09:19 - 2016-04-23 06:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 09:19 - 2016-04-23 06:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-11 09:19 - 2016-04-23 06:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-11 09:19 - 2016-04-23 06:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-11 09:19 - 2016-04-23 05:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-11 09:19 - 2016-04-23 05:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-11 09:19 - 2016-04-23 05:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-11 09:19 - 2016-04-23 05:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 09:19 - 2016-04-23 05:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-11 09:19 - 2016-04-23 05:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-11 09:19 - 2016-04-23 05:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-11 09:19 - 2016-04-23 05:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 09:19 - 2016-04-23 05:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-11 09:19 - 2016-04-23 05:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-11 09:19 - 2016-04-23 05:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 09:19 - 2016-04-23 05:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-11 09:19 - 2016-04-23 05:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-11 09:19 - 2016-04-23 05:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-11 09:19 - 2016-04-23 05:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-11 09:19 - 2016-04-23 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-11 09:19 - 2016-04-23 05:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-11 09:19 - 2016-04-23 05:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 09:19 - 2016-04-23 05:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 09:19 - 2016-04-23 05:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 09:19 - 2016-04-23 05:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-11 09:19 - 2016-04-23 05:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-11 09:19 - 2016-04-23 05:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 09:19 - 2016-04-23 05:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-11 09:19 - 2016-04-23 05:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-11 09:19 - 2016-04-23 05:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-11 09:19 - 2016-04-23 05:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 09:19 - 2016-04-23 05:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 09:19 - 2016-04-23 05:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 09:19 - 2016-04-23 05:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-11 09:19 - 2016-04-23 05:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-11 09:19 - 2016-04-23 05:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 09:19 - 2016-04-23 04:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-11 09:19 - 2016-04-23 04:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 09:19 - 2016-04-23 04:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-11 09:19 - 2016-04-23 04:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-11 09:19 - 2016-04-23 04:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 09:19 - 2016-04-23 04:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-11 09:19 - 2016-04-23 04:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 09:19 - 2016-04-23 04:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-11 09:19 - 2016-04-23 04:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-11 09:19 - 2016-04-23 04:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-11 09:19 - 2016-04-23 04:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-11 09:19 - 2016-04-23 04:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 09:19 - 2016-04-23 04:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-11 09:19 - 2016-04-23 04:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 09:19 - 2016-04-23 04:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 09:19 - 2016-04-23 04:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 09:19 - 2016-04-23 04:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 09:19 - 2016-04-23 04:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-11 09:19 - 2016-04-23 04:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 09:19 - 2016-04-23 04:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 09:19 - 2016-04-23 04:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 09:19 - 2016-04-23 04:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 09:19 - 2016-04-23 04:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 09:18 - 2016-04-09 08:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 09:18 - 2016-04-09 08:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 09:18 - 2016-04-09 08:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 09:18 - 2016-04-09 07:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 09:18 - 2016-04-09 07:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 09:18 - 2016-04-09 07:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 09:18 - 2016-04-09 06:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 09:18 - 2016-04-09 06:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 09:18 - 2016-04-09 06:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 09:18 - 2016-04-09 06:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 09:18 - 2016-04-09 06:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 09:18 - 2016-04-09 06:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 09:18 - 2016-04-09 06:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 09:18 - 2016-04-09 06:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 09:18 - 2016-04-09 06:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 09:18 - 2016-04-09 06:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 09:18 - 2016-04-09 06:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 06:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 06:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 06:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 09:18 - 2016-04-06 16:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-11 09:17 - 2016-04-14 14:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 09:17 - 2016-04-14 14:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 09:17 - 2016-04-09 08:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 09:17 - 2016-04-09 08:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 09:17 - 2016-04-09 07:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 09:17 - 2016-04-09 07:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 09:17 - 2016-04-09 07:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 09:17 - 2016-04-09 06:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 09:16 - 2016-04-09 05:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 09:16 - 2016-04-09 04:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-06 08:08 - 2016-05-06 09:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-03 20:34 - 2014-05-16 21:12 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Spotify
2016-06-03 20:15 - 2014-11-07 20:44 - 00000000 ____D C:\ProgramData\MFAData
2016-06-03 20:10 - 2015-10-13 07:56 - 00000000 ____D C:\Users\Colin\AppData\Roaming\vlc
2016-06-03 20:03 - 2016-04-22 12:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-03 19:51 - 2014-09-17 10:12 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-03 19:09 - 2014-05-16 21:15 - 00000000 ____D C:\Users\Colin\AppData\Local\Spotify
2016-06-03 18:58 - 2014-05-29 13:00 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{74261E1B-6682-4F70-AADB-C3A8B07E17B7}
2016-06-03 15:26 - 2014-05-16 20:29 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-03 14:41 - 2014-11-11 18:43 - 00001908 _____ C:\Windows\diagwrn.xml
2016-06-03 14:41 - 2014-11-11 18:43 - 00001908 _____ C:\Windows\diagerr.xml
2016-06-03 14:41 - 2009-07-14 05:45 - 00032352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-03 14:41 - 2009-07-14 05:45 - 00032352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-03 14:39 - 2009-07-14 06:13 - 00795138 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-03 14:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-06-03 14:33 - 2014-12-17 21:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-03 14:33 - 2014-09-17 10:12 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-03 14:33 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-03 14:32 - 2014-05-16 17:57 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-06-03 12:15 - 2014-12-17 20:54 - 00000510 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d075e98f-7c56-4126-9981-52576a084aab.job
2016-06-03 12:00 - 2014-12-17 20:54 - 00000510 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task fcf1f375-4b2f-4817-abcb-7ad088dbbf93.job
2016-06-03 11:47 - 2014-12-17 20:54 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-06-01 10:27 - 2014-06-04 11:37 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Tropico 5
2016-05-30 19:17 - 2015-05-08 14:50 - 00000080 _____ C:\Users\Colin\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-05-29 06:37 - 2015-04-17 06:04 - 00000000 ____D C:\ProgramData\ProductData
2016-05-28 10:43 - 2014-11-05 11:54 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-05-28 10:31 - 2014-12-17 21:07 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-27 09:15 - 2014-05-18 09:49 - 00000000 ____D C:\Users\Colin\AppData\Local\ElevatedDiagnostics
2016-05-27 09:09 - 2015-03-28 21:31 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-27 09:09 - 2015-03-28 21:31 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-21 17:47 - 2014-12-26 21:08 - 00000000 ____D C:\Users\Colin\Documents\GTA San Andreas User Files
2016-05-21 06:32 - 2014-08-13 06:52 - 00054156 ____H C:\Windows\QTFont.qfn
2016-05-19 10:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-05-17 21:07 - 2014-05-16 20:24 - 00000000 ____D C:\Users\Colin\AppData\Local\Microsoft Games
2016-05-17 15:40 - 2014-05-27 08:10 - 00000000 ____D C:\Users\Colin\Documents\Bus Timetables
2016-05-17 12:18 - 2014-05-30 19:00 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2016-05-16 21:26 - 2015-04-17 06:05 - 00000000 ____D C:\Users\Colin\AppData\Roaming\ProductData
2016-05-16 21:26 - 2014-12-22 17:39 - 00000000 ____D C:\Users\Colin\AppData\Roaming\IObit
2016-05-16 21:26 - 2014-12-22 17:38 - 00000000 ____D C:\Users\Colin\AppData\LocalLow\IObit
2016-05-16 21:26 - 2014-12-17 17:29 - 00000000 ____D C:\Users\Colin
2016-05-16 21:25 - 2014-12-30 13:56 - 00000000 ____D C:\Program Files (x86)\AOL Desktop 9.7
2016-05-16 21:25 - 2014-12-22 17:39 - 00000000 ____D C:\ProgramData\IObit
2016-05-16 21:25 - 2014-12-22 17:38 - 00000000 ____D C:\Program Files (x86)\IObit
2016-05-16 21:25 - 2014-11-07 20:53 - 00000000 ____D C:\ProgramData\AVG2015
2016-05-16 21:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-05-14 18:35 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-05-14 18:34 - 2014-05-16 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-05-14 17:53 - 2014-05-22 11:10 - 00000000 ____D C:\Users\Colin\AppData\Local\id Software
2016-05-14 09:39 - 2015-10-14 12:58 - 00000000 ____D C:\Users\Colin\AppData\Roaming\dvdcss
2016-05-13 12:03 - 2016-04-22 12:41 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 12:03 - 2016-04-22 12:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 12:03 - 2016-04-22 12:41 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 20:14 - 2014-12-26 07:05 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-12 10:55 - 2014-12-11 15:22 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-12 10:26 - 2014-09-05 10:39 - 00000000 ____D C:\Users\Colin\AppData\Local\Adobe
2016-05-11 14:25 - 2014-05-19 19:25 - 00000000 ____D C:\ProgramData\Origin
2016-05-11 09:31 - 2009-07-14 05:45 - 00288552 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-11 09:30 - 2011-04-12 09:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 09:25 - 2014-05-18 08:42 - 00000000 ____D C:\Windows\system32\MRT
2016-05-11 09:20 - 2014-12-17 19:00 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-11 06:46 - 2014-09-17 10:12 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 06:46 - 2014-09-17 10:12 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 19:37 - 2014-12-23 13:45 - 00007673 _____ C:\Users\Colin\AppData\Local\Resmon.ResmonCfg
2016-05-09 17:20 - 2014-05-17 19:19 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-05-09 14:54 - 2014-05-20 10:33 - 00000000 ____D C:\Users\Colin\Documents\EA Games
2016-05-09 13:20 - 2014-05-19 19:25 - 00000000 ____D C:\Program Files (x86)\Origin
2016-05-07 06:23 - 2015-01-02 18:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2014-05-18 09:41 - 2014-05-18 09:41 - 0000359 _____ () C:\Users\Colin\AppData\Roaming\Gangsters2Setup.lnk
2016-04-22 11:54 - 2016-04-22 11:54 - 0000115 _____ () C:\Users\Colin\AppData\Roaming\LogFile.txt
2002-08-08 00:13 - 2002-08-08 00:13 - 0319488 ____R () C:\Users\Colin\AppData\Roaming\MafiaSetup.exe
2014-12-23 13:45 - 2016-05-10 19:37 - 0007673 _____ () C:\Users\Colin\AppData\Local\Resmon.ResmonCfg
2015-08-01 14:54 - 2015-08-01 14:55 - 0000000 _____ () C:\Users\Colin\AppData\Local\{2602AFEB-82BB-42EB-95DB-3BA6DF63D216}

Some files in TEMP:
====================
C:\Users\Colin\AppData\Local\Temp\cres.dll
C:\Users\Colin\AppData\Local\Temp\cshell.dll
C:\Users\Colin\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7410004.dll
C:\Users\Colin\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Colin\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Colin\AppData\Local\Temp\SIntf16.dll
C:\Users\Colin\AppData\Local\Temp\SIntf32.dll
C:\Users\Colin\AppData\Local\Temp\SIntfNT.dll
C:\Users\Colin\AppData\Local\Temp\sres.dll
C:\Users\Colin\AppData\Local\Temp\_is2EF3.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-19 10:52

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2016
Ran by Colin (2016-06-03 20:36:57)
Running from C:\Users\Colin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-12-17 16:39:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3369568051-1984934905-614767478-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3369568051-1984934905-614767478-1006 - Limited - Enabled)
Colin (S-1-5-21-3369568051-1984934905-614767478-1001 - Administrator - Enabled) => C:\Users\Colin
Guest (S-1-5-21-3369568051-1984934905-614767478-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3369568051-1984934905-614767478-1008 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: Ad-Aware Antivirus (Disabled - Out of date) {B0CC18C6-E527-6EE6-874C-9D19920E5619}
AV: AVG Internet Security 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Ad-Aware Antivirus (Disabled - Out of date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
FW: Ad-Aware Firewall (Disabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1701 A.D. - The Sunken Dragon (HKLM-x32\...\{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}) (Version: 2.03 - Aspyr)
1701 A.D. (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
3D Pinball (HKLM-x32\...\{C342E30B-52F9-4657-96B6-32E399B9DEB2}) (Version: 5.1.2600.5512 - Microsoft Coprporation)
ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
Ad-Aware Antivirus (HKLM\...\{50E2E8FE-1F8B-4F21-BE9F-F9152D3EA5B1}_AdAwareUpdater) (Version: 11.10.767.8917 - Lavasoft)
AdAwareInstaller (Version: 11.10.767.8917 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.10.767.8917 - Lavasoft) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Mythology - The Titans Expansion (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version:  - )
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version:  - )
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
American McGee's Alice(tm) (HKLM-x32\...\{77B5AD60-8F14-11D4-9BC9-0050041A1090}) (Version:  - )
ANNO 1404 - Venice (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ANNO 1503 (HKLM-x32\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version:  - )
ANNO 1602 - Gold Edition (HKLM-x32\...\{077A7810-A937-4465-AD08-ACED9807995F}) (Version:  - )
AntimalwareEngine (Version: 3.0.99.0 - Lavasoft) Hidden
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
Ashes Cricket 2009 (HKLM-x32\...\InstallShield_{8B39736E-7C8C-4A32-82C1-F94245F20D85}) (Version: 1.00.0000 - Codemasters)
Ashes Cricket 2009 (x32 Version: 1.00.0000 - Codemasters) Hidden
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version:  - Ubisoft)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Assassin's Creed Syndicate (HKLM-x32\...\Uplay Install 1875) (Version: 1.50 - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6201 - AVG Technologies)
AVG 2015 (Version: 15.0.4598 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6201 - AVG Technologies) Hidden
Barbarian Invasion (HKLM-x32\...\{FD69C8CB-6964-432C-98AB-A5A09ED50EEA}) (Version: 1.4 - )
BioShock (HKLM-x32\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.5.0000 - 2K Games)
BioShock 2 (HKLM-x32\...\{4A8B461A-9336-4CF9-98F4-14DD38E673F0}) (Version: 1.00.0000 - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Blue Byte Game Channel (HKLM-x32\...\Blue Byte Game Channel) (Version:  - UbiSoft)
Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Bulletstorm (HKLM-x32\...\GFWL_{45410935-3E72-472B-8C35-AB1000008200}) (Version: 1.0.0000.130 - EA)
Bulletstorm (x32 Version: 1.0.0000.130 - EA) Hidden
BulletStorm (x32 Version: 1.0.0005.130 - EA) Hidden
Bully Scholarship Edition (HKLM-x32\...\InstallShield_{A724605D-B399-4304-B8C7-33B3EF7D4677}) (Version: 1.00.0200 - Rockstar Games)
Bully Scholarship Edition (x32 Version: 1.00.0200 - Rockstar Games) Hidden
Catalyst Control Center Next Localization BR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CCS64 V3.9.1 (HKLM-x32\...\{B7B5A370-3DFF-4F0E-AE11-FD267C4938AA}) (Version: 1.0.0 - Computerbrains C.C.S.)
Civilization III (HKLM-x32\...\{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}) (Version:  - )
Civilization III v1.29f (HKLM-x32\...\{31E2413D-8AA1-43EC-8B8D-77B65ADA4611}) (Version:  - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Cricket Captain 2008 (HKLM-x32\...\InstallShield_{2E84EEAF-B61D-4FA1-ABE6-054B055A14B6}) (Version: 8.11 - Empire Interactive)
Cricket Captain 2008 (x32 Version: 8.11 - Empire Interactive) Hidden
Crysis WARHEAD(R) (HKLM-x32\...\Crysis WARHEAD(R)) (Version:  - Electronic Arts)
Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek) Hidden
Crysis WARHEAD(R) Patch (HKLM-x32\...\Crysis WARHEAD(R) Patch) (Version:  - Electronic Arts)
Crysis WARHEAD(R) Patch (x32 Version: 1.0 - Crytek) Hidden
Crysis(R) (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
D-Fend Reloaded 1.3.6 (deinstall) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.3.6 - Alexander Herzog)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
DOOM (HKLM\...\Steam App 379720) (Version:  - id Software)
Doom 3 (HKLM-x32\...\InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}) (Version: 1.2 - Activision)
Doom 3 (x32 Version: 1.2 - Activision) Hidden
DOOM 3: BFG Edition (HKLM-x32\...\Steam App 208200) (Version:  - id Software)
DOOM 3: Resurrection of Evil (HKLM-x32\...\InstallShield_{04347DFD-87B6-4E30-B14D-5DF2888AD8F5}) (Version: 1.0 - Activision)
DOOM 3: Resurrection of Evil (x32 Version: 1.0 - Activision) Hidden
DRIV3R (HKLM-x32\...\{01DBF423-E27B-45DA-B7F3-F9D4DB39B1C9}) (Version: 1.00.000 - )
Driver Fusion (HKLM-x32\...\Driver Fusion) (Version: 2.1 - Treexy)
Driver San Francisco (HKLM-x32\...\Driver San Francisco) (Version: 1.4.0.0 - Ubisoft)
Driver: Parallel Lines (HKLM-x32\...\{31CB0D80-1866-462A-9455-88614410971F}) (Version: 1.00.0000 - Ubisoft)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version:  - 3D Realms)
Duke Nukem: Manhattan Project (HKLM-x32\...\Steam App 240200) (Version:  - Sunstorm Interactive, 3D Realms)
EAX Unified (HKLM-x32\...\EAX Unified) (Version:  - )
Empire Earth - The Art of Conquest (HKLM-x32\...\{B49C924C-A651-4378-94F6-5D9BF44A959F}) (Version:  - )
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.20 - Sierra)
Empire Earth II: The Art of Supremacy (HKLM-x32\...\{F596C356-BF35-4ED7-981C-CC791461A8F0}) (Version: 1.0 - Sierra)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
Europa 1400 - Gold Edition (HKLM-x32\...\Europa 1400 - Gold Edition) (Version:  - )
Evil Genius (HKLM-x32\...\Evil Genius_is1) (Version:  - Elixir Studios Ltd)
F.E.A.R. 2: Project Origin (HKLM-x32\...\Steam App 16450) (Version:  - Monolith)
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version:  - Day 1 Studios)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout 3 Patch v1.6 (HKLM-x32\...\Updated Unofficial Fallout 3 Patch_is1) (Version: 1.6 - )
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry (AMD64 Exclusive Content Update) (Version: 1.00.0000 - Ubisoft) Hidden
Far Cry (HKLM-x32\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Ubisoft)
Far Cry (Patch 1.3) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft)
Far Cry Primal (HKLM-x32\...\Uplay Install 2010) (Version:  - Ubisoft)
FarCry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
FEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FEAR Extraction Point (HKLM-x32\...\{909BBDB7-BABE-434C-9124-863A9F8D1CF8}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FEAR Perseus Mandate (HKLM-x32\...\{226EF119-7B43-4F08-8348-ED66A89BE63C}) (Version: 1.00.0000 - Sierra Entertainment, Inc.)
FIFA MANAGER 08 (HKLM-x32\...\FIFA MANAGER 08) (Version:  - Electronic Arts)
FIFA MANAGER 11 (HKLM-x32\...\FIFA MANAGER 11) (Version: 1.0.0.3 - Electronic Arts)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free All-In-One Media Player (HKLM-x32\...\Free Media Player_is1) (Version:  - Free Software Group)
Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version:  - )
Freedom Force (HKLM-x32\...\Steam App 8880) (Version:  - Irrational Games)
Freedom Force vs. the 3rd Reich (HKLM-x32\...\Steam App 8890) (Version:  - Irrational Games)
Gangsters (HKLM-x32\...\Gangsters) (Version:  - )
Gangsters 2 (HKLM-x32\...\{8BD5B620-AA88-11D4-AEC7-0008C739EC2A}) (Version:  - )
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V - The Manual (HKLM-x32\...\{752EBD91-8B95-42B5-8692-A7243A6EEEA9}) (Version: 1.0.0 - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
GT Interactive - Driver (HKLM-x32\...\GT Interactive - Driver) (Version:  - )
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
GTAIII (HKLM-x32\...\{92B94569-6683-4617-8C54-EB27A1B51B30}) (Version:  - )
Guild 2 Patch (HKLM-x32\...\{0C6F0F18-61EE-457C-BA92-055FA151B90A}) (Version: 1.0.0 - JoWood)
Guild 2 Patch (HKLM-x32\...\{E9E09EAA-0FF8-42A1-ACAB-67F2A691E50F}) (Version: 1.0.0 - JoWood)
Heretic II (HKLM-x32\...\Heretic II) (Version:  - )
Hexen II (HKLM-x32\...\Hexen2UninstallKey) (Version:  - )
Hexen II Mission Pack (HKLM-x32\...\H2MPUninstallKey) (Version:  - )
Hitman 2: Silent Assassin (HKLM-x32\...\Hitman 2: Silent Assassin) (Version:  - Eidos Interactive)
Hitman Blood Money (HKLM-x32\...\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}) (Version: 1.00.0000 - Eidos)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hitman: Contracts (HKLM-x32\...\Hitman: Contracts) (Version:  - Eidos)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Imperialism II (HKLM-x32\...\Imperialism II) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Jade Empire (HKLM-x32\...\{EEAA7AC3-F651-4842-86E0-4C755181388B}) (Version: 1.0.1.1 - Electronic Arts)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Just Cause 1.00.0000 (HKLM-x32\...\{C9E270CC-AE42-4BD8-B9C6-1EB3A8657FF5}) (Version: 1.00.0000 - Eidos)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche Studios)
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version:  - Avalanche Studios)
Key Remapper v1.8 (HKLM-x32\...\Key Remapper_is1) (Version: 1.8 - ATNSOFT)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
Lords of the Realm III (HKLM-x32\...\{7C1EAF33-82AD-4A63-B56D-4739172714DF}) (Version: 1.01.000 - )
Mafia (HKLM-x32\...\Mafia) (Version:  - )
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Manhunt (HKLM-x32\...\{8A62C8DA-2DB7-4D94-B5BA-1D38FC36E830}) (Version: 1.00.0000 - Rockstar Games)
Max Payne (HKLM-x32\...\{39930321-4C58-4B8B-BCBF-342698C9801D}) (Version:  - )
Max Payne 2 (HKLM-x32\...\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}) (Version: 1.01.102 - )
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Max Payne 3 DLC (HKLM-x32\...\Max Payne 3 DLC) (Version: 1.0.0.0 - Rockstar Games)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Medieval - Total War (TM) - Viking Invasion (TM) (HKLM-x32\...\Medieval - Total War (TM) - Viking Invasion (TM)) (Version: 2.0 - Activision Publishing, Inc.)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.05.000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version:  - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)
Monopoly Tycoon (HKLM-x32\...\{B975F4A1-63B6-11D4-BFEC-005004AF2D32}) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
No One Lives Forever - Game of the Year Edition (HKLM-x32\...\{EE3E60BC-F29F-4E7B-A110-B538387D34DA}) (Version:  - )
No One Lives Forever 2 (HKLM-x32\...\{EBCCE08A-B3EE-40E7-96D7-31741D481015}) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Patrician III (HKLM-x32\...\Patrician III_is1) (Version:  - )
Patrician IV - Rise of a Dynasty (HKLM-x32\...\{D55F88FD-4263-4DCF-B0DF-3149D04DB034}) (Version: 2.0.4.0 - Kalypso Media GmbH)
Patrician IV (HKLM-x32\...\{25B473C3-2C62-482B-858F-94ED76880F79}) (Version: 1.0.0 - Kalypso Media)
PGA Championship Golf CE (HKLM-x32\...\PGA Championship Golf CE) (Version:  - )
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.0.7 - Portforward, LLC)
Port Royale 2 (HKLM-x32\...\Port Royale 2) (Version:  - )
Port Royale 3 (HKLM-x32\...\{E07A21E5-1C16-41E7-9617-2D38CF3A642C}) (Version: 1.3.2.0 - Gaming Minds Studios GmbH)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.1702.0 - CyberLink Corporation)
Prince of Persia (HKLM-x32\...\{7C11154F-3539-4CB5-979D-EF7913473E53}) (Version: 1.0 - Ubisoft)
Prince of Persia 3D (HKLM-x32\...\Prince of Persia 3D) (Version:  - )
Prince of Persia T2T (HKLM-x32\...\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}) (Version: 1.00.999 - Ubisoft)
Prince of Persia The Forgotten Sands™ (HKLM-x32\...\{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}) (Version: 1.0 - Ubisoft)
Prince of Persia The Sands of Time (HKLM-x32\...\{8C453F13-6877-4D34-8816-009ABDE306DB}) (Version: 1.00.181 - )
Prince of Persia The Two Thrones (x32 Version: 1.00.999 - Ubisoft) Hidden
Prince of Persia Warrior Within (HKLM-x32\...\{EE5BC0BB-9EDA-423C-8276-48857B735D68}) (Version: 1.00.999 - )
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quake (HKLM-x32\...\Steam App 2310) (Version:  - id Software)
Quake 4(TM) (HKLM-x32\...\InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}) (Version: 1.0 - Activision)
Quake 4(TM) (x32 Version: 1.0 - Activision) Hidden
Quake II (HKLM-x32\...\Steam App 2320) (Version:  - id Software)
Quake II: Ground Zero (HKLM-x32\...\Steam App 2340) (Version:  - Rogue Entertainment)
Quake II: The Reckoning (HKLM-x32\...\Steam App 2330) (Version:  - Xatrix Entertainment)
Quake III Arena (HKLM-x32\...\Quake III Arena) (Version:  - )
Quake Mission Pack 1: Scourge of Armagon (HKLM-x32\...\Steam App 9040) (Version:  - Ritual Entertainment)
Quake Mission Pack 2: Dissolution of Eternity (HKLM-x32\...\Steam App 9030) (Version:  - Rogue Entertainment)
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
RAGE (HKLM-x32\...\Steam App 9200) (Version:  - id Software)
RAGE Tool Kit (HKLM-x32\...\Steam App 205860) (Version:  - )
Railroad Tycoon 3 (HKLM-x32\...\{DE29025A-091F-4998-AD2D-24C84421190F}) (Version: 1.0 - )
Railroad Tycoon II - Platinum (HKLM-x32\...\{BED27751-CD2A-4C2F-9813-00B9B60C76FE}) (Version:  - )
RCT3 Soaked (HKLM-x32\...\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}) (Version: 1.00.000 - )
Return to Castle Wolfenstein - Platinum Edition (HKLM-x32\...\Return to Castle Wolfenstein - Platinum Edition) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
RollerCoaster Tycoon 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
Rome - Total War - Alexander (HKLM-x32\...\{6C1804BC-094F-431A-BEA5-37A837958029}) (Version: 1.9 - The Creative Assembly)
Rome - Total War(TM) (HKLM-x32\...\InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}) (Version: 1.0 - Activision)
Rome - Total War(TM) (x32 Version: 1.0 - Activision) Hidden
Rome Total War - patch 1.3 (HKLM-x32\...\{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}) (Version: 1.3 - )
Serious Sam 2 (HKLM-x32\...\SeriousSam2) (Version:  - )
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Serious Sam HD: The First Encounter (HKLM-x32\...\Steam App 41000) (Version:  - Croteam)
Serious Sam HD: The Second Encounter (HKLM-x32\...\Steam App 41010) (Version:  - Croteam)
Serious Sam: The First Encounter (HKLM-x32\...\{815050E5-F545-11D4-9569-004095812ACC}) (Version:  - )
Serious Sam: The Second Encounter (HKLM-x32\...\{5BDAA2F7-8E48-4AFF-AA92-B559D0CDF1AD}) (Version:  - )
Sid Meier's Civilization IV Colonization (HKLM-x32\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.01 - Firaxis Games)
Sid Meier's Colonization (Classic) (HKLM-x32\...\Steam App 327400) (Version:  - MicroProse Software, Inc)
Sid Meier's Pirates! (HKLM-x32\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Firaxis Games)
Sid Meier's Pirates! (x32 Version: 1.00.0000 - Firaxis Games) Hidden
Sid Meier's Railroads! (HKLM-x32\...\{EE3FBD3C-782E-4A90-9507-0ECFE1FECCE4}) (Version: 1.10 - Firaxis Games)
Sid Meier's Railroads! (x32 Version: 1.00 - Firaxis Games) Hidden
Sid Meier's Railroads! Holiday Scenario (HKLM-x32\...\Sid Meier's Railroads! Holiday Scenario) (Version: 1.0 - Firaxis Games)
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.3 - IObit)
SMR Map Shifter 1.0 (HKLM-x32\...\SMR Map Shifter) (Version: 1.0 - smrsimple)
Soldier of Fortune II - Double Helix (HKLM-x32\...\Soldier of Fortune II - Double Helix) (Version: 1.03 - Activision, Inc.)
Soldier of Fortune Platinum (HKLM-x32\...\Soldier of Fortune Platinum) (Version:  - )
Sound Blaster Z-Series (HKLM-x32\...\{E48EE8B8-1CD6-4F60-AB93-7C398DAAE08E}) (Version: 1.00.21 - Creative Technology Limited)
Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited)
Spectaculator 8.0 (HKLM-x32\...\{B21AE9DA-E837-4F82-B061-7848B4F3096B}) (Version: 8.0.0.3092 - spectaculator.com)
Spotify (HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Spotify) (Version: 1.0.29.92.g67727800 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.30 - Firefly Studios)
Stronghold 3 (HKLM-x32\...\Steam App 47400) (Version:  - FireFly Studios)
Stronghold Crusader Extreme HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.1003 - Firefly Studios)
Stronghold HD (HKLM-x32\...\Steam App 40950) (Version:  - FireFly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends Bonus Maps (HKLM-x32\...\{42BAEF3D-4364-495F-8909-9774C7992365}) (Version: 1.00.0000 - Firefly Studios)
Sudden Strike (HKLM-x32\...\Sudden Strike) (Version:  - )
Sudden Strike II (HKLM-x32\...\Sudden Strike II) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
Superfrog HD (HKLM-x32\...\Steam App 234000) (Version:  - Team17 Digital Ltd)
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
The Extractor (HKLM-x32\...\The Extractor2.0.2) (Version: 2.0.2 - Simply Free Software)
The Guild 2 - Pirates of the European Seas (HKLM-x32\...\The Guild 2 - Pirates of the European Seas) (Version: V 1.20 - JoWood)
The Guild 2 - Renaissance (HKLM-x32\...\{9BDE15B0-BAA5-437F-B957-57658704ACC5}) (Version: 1.0.0 - JoWooD)
The Guild 2 - Renaissance (HKLM-x32\...\{THEGUILDREN-0010-2010-300520102330}_is1) (Version:  - JoWooD Entertainment AG)
The Guild 2 (HKLM-x32\...\TheGuild2) (Version:  - )
The Movies(TM) - Bonus Costumes (x32 Version: 1.0 - Activision) Hidden
The Movies(TM) (x32 Version: 1.0 - Activision) Hidden
The Movies(TM) Stunts & Effects (HKLM-x32\...\InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}) (Version: 1.2 - Activision)
The Movies(TM) Stunts & Effects (x32 Version: 1.0 - Activision) Hidden
THE SETTLERS - Heritage of Kings (all products) (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
THE SETTLERS - Rise of an Empire (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
The Settlers 7 - Paths to a Kingdom (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.5 - Electronic Arts)
Theme Park Inc (HKLM-x32\...\{094FABA0-4865-11D4-95B6-000103485DB6}) (Version:  - )
Thief - Deadly Shadows (HKLM-x32\...\{FC123EEA-330A-4685-911C-95B8F5E9DE68}) (Version: 1.0 - )
Thief - Deadly Shadows Collective Texture Pack by John P., ver. 1.0.3 (HKLM-x32\...\Collective Thief: DS Texture Pack by John P. 1.03) (Version:  - John P.)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Thief 2 (HKLM-x32\...\Thief2DeinstallKey) (Version:  - )
Thief Gold (HKLM-x32\...\ThiefGoldDeinstallKey) (Version:  - )
Thief Gold HD Mod 0.9.3 (HKLM-x32\...\ThiefGold) (Version:  - )
Tiger Woods PGA TOUR 2004 (HKLM-x32\...\{7E91306C-899F-45F3-B5E9-4B480A27A63D}) (Version:  - )
Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version:  - Creative Assembly)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
TrackMania United 0.2.0.8 (HKLM-x32\...\TmUnited_is1) (Version:  - Nadeo)
Trade Empires (remove only) (HKLM-x32\...\Trade Empires) (Version:  - )
Tropico 3 1.00 (HKLM-x32\...\Tropico3) (Version: 1.00 - Kalypso Media)
Tropico 4 1.00 (HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Tropico 4) (Version: 1.00 - Kalypso Media)
Tropico 5 (HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Tropico5) (Version: 1.10 - Kalypso Media)
Tropico Reloaded (HKLM-x32\...\{65422AD6-A33F-49C6-A02C-A6FD81FAAEB2}_is1) (Version:  - Kalypso Media)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ultima 8 (HKLM-x32\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
VEGA$ - Make It Big (HKLM-x32\...\{2981C989-5C50-4BC4-91A0-9BFBAB0997F9}) (Version:  - )
Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version:  - )
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Wolfenstein (HKLM-x32\...\InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.2 - Activision)
Wolfenstein (x32 Version: 1.0 - Activision) Hidden
Wolfenstein 3D (HKLM-x32\...\Steam App 2270) (Version:  - id Software)
Wolfenstein 3D: Spear of Destiny (HKLM-x32\...\Steam App 9000) (Version:  - id Software)
Wolfenstein(TM) 1.2 Patch  (x32 Version: 1.2 - Activision) Hidden
Wolfenstein(TM) 1.2 Patch (x32 Version:  - ) Hidden
Wolfenstein: The New Order (HKLM-x32\...\Steam App 201810) (Version:  - Machine Games)
Wolfenstein: The Old Blood  (HKLM-x32\...\Steam App 350080) (Version:  - MachineGames)
Zumas Revenge (HKLM-x32\...\{0B153CAB-792B-4CA2-B2A5-AB0BBAF2FFA9}) (Version: 1.0.5.600 - PopCap Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AE796C8-F99F-4B91-9133-FA03D245AAAF} - System32\Tasks\{E173E391-B259-4DEE-BA92-BEE853034033} => pcalua.exe -a "C:\Program Files (x86)\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe" -c /M{FB6908C2-2138-4D6E-9CAF-11D7AE6C3909} /l2057  /x
Task: {0D1BF617-8420-4A74-83DA-DA54649035C5} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCPromote.exe
Task: {1ED65531-D7BD-4BBC-9819-9939B2432546} - \SUPERAntiSpyware Scheduled Task 58720337-6454-484e-b344-43d3e2cfe5ee -> No File <==== ATTENTION
Task: {39BE0F9C-C2FA-43EE-8B3D-142B2A9B3B2C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {44F26C65-81FA-4C57-A128-90967969E33C} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [2015-10-27] (IObit)
Task: {4600C04C-3545-457C-96C3-36FB46787473} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {74D33BA3-11CD-4241-BBD1-1A72E5F070B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {74FB4E97-7597-4563-B162-859706AD98EA} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {9EADF1F9-6198-4C00-AE16-4A6C473D8DDA} - System32\Tasks\SUPERAntiSpyware Scheduled Task d075e98f-7c56-4126-9981-52576a084aab => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {B992CAA0-678F-473E-9D93-F6250C68808F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {C3D89CF7-901A-4D30-9D31-E23F638FFC8C} - System32\Tasks\SUPERAntiSpyware Scheduled Task fcf1f375-4b2f-4817-abcb-7ad088dbbf93 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {C9D82CB9-F2D3-4CB5-AB7F-BF9BC9E10860} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3369568051-1984934905-614767478-1001
Task: {D882E52A-B539-463F-8A54-04D1546FD39C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D8F38F39-8E3A-47EB-968C-32D5A885D51F} - \SidebarExecute -> No File <==== ATTENTION
Task: {DE8F9924-1475-4177-BCAF-05E529812FD3} - System32\Tasks\{F111293F-5029-4BB1-9C51-2158FCF300CA} => pcalua.exe -a D:\setup.exe -d D:\
Task: {E4CA875B-6328-4DB9-ACC6-6E403C1B9ADA} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-08-21] (IObit)
Task: {E8C94AA3-620D-4289-95DB-23C662D87E38} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {F37CAD40-613D-445D-B806-713D29240972} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d075e98f-7c56-4126-9981-52576a084aab.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task fcf1f375-4b2f-4817-abcb-7ad088dbbf93.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-01-28 17:44 - 2016-01-28 17:44 - 00712432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe
2016-01-28 17:48 - 2016-01-28 17:48 - 00025856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_system-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00057096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_date_time-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00123656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_filesystem-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 11674360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareServiceKernel.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 03549904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\RCF.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00911616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_regex-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00107776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_thread-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00035072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_chrono-vc120-mt-1_57.dll
2016-01-28 17:47 - 2016-01-28 17:47 - 00973040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareActivation.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00561920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareApplicationUpdater.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00847600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareGamingMode.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00101096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareReset.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00123104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTime.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01030912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareDefinitionsUpdater.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00905488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareDefinitionsUpdaterScheduler.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01146608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareIgnoreList.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00243440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareQuarantine.dll
2016-01-28 17:47 - 2016-01-28 17:47 - 01594624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiMalwareEngine.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00206080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiRootkitEngine.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01210616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScannerHistory.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01373928 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScanner.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00036096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_timer-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01019640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScannerScheduler.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01190656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareRealTimeProtection.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 02547448 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareIncompatibles.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01489640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiSpam.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01437424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiPhishing.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 03263736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareParentalControl.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 03107576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareWebProtection.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01325816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareEmailProtection.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00059656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_iostreams-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01878784 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareNetworkProtection.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01024744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwarePromo.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00457448 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareFeedback.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 02958592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareThreatWorkAlliance.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01310952 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwarePinCode.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01027304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareNotice.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01563888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAvcEngine.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01222416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareRealTimeProtectionHistory.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00519920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareStatistics.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 09581280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe
2016-01-28 17:48 - 2016-01-28 17:48 - 00492288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_locale-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 02266344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\HtmlFramework.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00868600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTrayDefaultSkin.dll
2015-04-03 12:55 - 2015-04-03 12:55 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-05-17 09:50 - 2005-08-08 13:54 - 00167936 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-11-04 07:37 - 2015-10-27 15:05 - 00618784 _____ () C:\Program Files (x86)\IObit\Smart Defrag 4\ProductStatistics.dll
2015-05-28 06:06 - 2013-01-15 19:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Smart Defrag 4\webres.dll
2016-03-21 14:49 - 2016-03-21 14:49 - 00186368 _____ () C:\Windows\SysWOW64\GameManager32.dll
2015-05-20 07:16 - 2016-04-29 21:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-20 07:16 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-05-20 07:16 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-05-20 07:16 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-20 07:16 - 2016-04-30 01:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-05-20 07:15 - 2016-02-09 00:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-20 07:15 - 2016-02-09 00:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-20 07:15 - 2016-02-09 00:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-20 07:15 - 2016-02-09 00:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-20 07:15 - 2016-02-09 00:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-20 07:15 - 2016-04-30 01:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 08:02 - 2016-02-17 23:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-05-20 07:15 - 2016-04-28 02:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-06-03 20:58 - 2016-05-28 19:48 - 47503472 _____ () C:\Users\Colin\AppData\Roaming\Spotify\libcef.dll
2015-06-03 20:58 - 2016-05-28 19:48 - 01584240 _____ () C:\Users\Colin\AppData\Roaming\Spotify\libglesv2.dll
2015-06-03 20:58 - 2016-05-28 19:48 - 00082032 _____ () C:\Users\Colin\AppData\Roaming\Spotify\libegl.dll
2015-05-20 07:15 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:CD30FA91 [182]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-09 18:53 - 00000768 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1    localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3369568051-1984934905-614767478-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ATNSOFT Key Remapper => "C:\Program Files (x86)\ATNSOFT Key Remapper\keyremapper.exe" /startup
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Colin\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Colin\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9F971DA6-B263-4C8C-88C0-64DD11DEA1B9}] => (Allow) E:\3D\UBISOFT\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{1A4B3CD7-996F-499A-9077-C0087B73B783}] => (Allow) E:\3D\UBISOFT\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{D61605AB-EE52-4834-A11C-9216B8403789}] => (Allow) E:\3D\UBISOFT\FarCry 4\bin\FarCry4.exe
FirewallRules: [{48FDAE59-7B54-4FA9-9031-F53B0669B0D1}] => (Allow) E:\3D\UBISOFT\FarCry 4\bin\FarCry4.exe
FirewallRules: [{AB34D2E6-4F77-4975-9D67-1B7361E756A4}] => (Allow) F:\3D\Assassin's Creed Unity\ACU.exe
FirewallRules: [{930C7A6F-CB2F-46CA-9599-24C7E85C42F0}] => (Allow) F:\3D\Assassin's Creed Unity\ACU.exe
FirewallRules: [{E0004F80-D0EE-414F-9DED-3E2087C69DC7}] => (Allow) E:\Steam\SteamApps\common\Stronghold3\bin\win32_release\Stronghold3.exe
FirewallRules: [{6C22AF0A-81B0-4AB4-9172-E96D6AA0C17E}] => (Allow) E:\Steam\SteamApps\common\Stronghold3\bin\win32_release\Stronghold3.exe
FirewallRules: [{0D319FF6-C10D-432F-9BE1-D4D2B53EC8F8}] => (Allow) E:\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{95125D18-F95C-4BC9-A485-E144B307B454}] => (Allow) E:\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{989376CC-EA06-4E5E-9B93-93872F58479C}] => (Allow) E:\Steam\SteamApps\common\Stronghold\Stronghold.exe
FirewallRules: [{A3E8B11A-4066-4752-8E2A-6AFF9C5EFE1A}] => (Allow) E:\Steam\SteamApps\common\Stronghold\Stronghold.exe
FirewallRules: [{3BF0446C-8694-4365-86C7-975F3113860E}] => (Allow) E:\Strategy\Firefly Studios\Stronghold Crusader\stronghold crusader.exe
FirewallRules: [{27EA2B58-48FF-45EE-9E4C-83928D7263E7}] => (Allow) E:\Strategy\Firefly Studios\Stronghold Crusader\stronghold_crusader_extreme.exe
FirewallRules: [{1D0A7EBF-958F-43F1-A683-FCA8D2B23886}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C00D5715-EB23-4BEA-99A3-E2E36DCFC5FC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C11D87C6-1516-45C3-B5C4-9FE8B5D09B10}] => (Allow) E:\Strategy\SimCity\SimCity\SimCity.exe
FirewallRules: [{3B21C6A3-E72C-4619-8341-9B5E16909226}] => (Allow) E:\Strategy\SimCity\SimCity\SimCity.exe
FirewallRules: [{4338B9FB-E60F-4063-BAD5-60193B409C92}] => (Allow) E:\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe
FirewallRules: [{3AE29939-1BEF-4683-83ED-1D701BB932FE}] => (Allow) E:\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe
FirewallRules: [{08D06D95-BD53-4F9E-9316-C2608B34EDB6}] => (Allow) E:\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe
FirewallRules: [{8B1AEFCC-86B4-478F-98E8-CC3C7C4D904E}] => (Allow) E:\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe
FirewallRules: [{826CBD7A-C54F-47CE-A04A-259CE181D023}] => (Allow) F:\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{F205FC84-CB08-42AF-88CE-59AB16CBB796}] => (Allow) F:\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{46C6E65E-5318-4733-97A7-CEF4772643F2}] => (Allow) F:\Steam\SteamApps\common\Freedom Force\fforce.exe
FirewallRules: [{95BFF40B-D856-4567-88B1-FFEA2A2CA598}] => (Allow) F:\Steam\SteamApps\common\Freedom Force\fforce.exe
FirewallRules: [{297FFA46-6465-4D0B-BC96-E9E7FD28BDF8}] => (Allow) F:\Steam\SteamApps\common\Freedom Force vs. the 3rd Reich\ffvt3r.exe
FirewallRules: [{870AB340-84BB-4B68-891F-F0E6C126A4A1}] => (Allow) F:\Steam\SteamApps\common\Freedom Force vs. the 3rd Reich\ffvt3r.exe
FirewallRules: [{6B01BC15-16F9-4076-AA27-CFED2C02DD6D}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{29550E89-528E-4308-8674-930CA26A4072}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{A07BF502-BB4F-44EC-A7F4-ACBE1770262C}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\Addon.exe
FirewallRules: [{1D9BC043-32ED-489E-94BE-BEA614A2DD4F}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\Addon.exe
FirewallRules: [{47B9A853-22AD-47BD-BCE0-35809A3F0C4C}] => (Allow) E:\Steam\SteamApps\common\rage tool kit\Rage64.exe
FirewallRules: [{AD755243-5EFF-4D01-8133-DF2B28BD5A13}] => (Allow) E:\Steam\SteamApps\common\rage tool kit\Rage64.exe
FirewallRules: [{69F118C2-A94E-4507-8B7D-84295A29C7D1}] => (Allow) E:\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{50C7A08F-2039-4F51-A843-9130E86C395F}] => (Allow) E:\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{B0508B77-A1B4-49CB-9685-F8F3DB2523A2}] => (Allow) E:\3D\UBISOFT\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{AA90D478-3D97-4E12-B5B1-31171389FA76}] => (Allow) E:\3D\UBISOFT\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{1C89C07F-BF81-4D9F-B164-AB11C7B4B06C}] => (Allow) E:\3D\UBISOFT\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{04B7B697-576A-4818-844E-AB9B6EBBDF86}] => (Allow) E:\3D\UBISOFT\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{3084DEDB-F273-44EB-AD5E-EA8F901459DD}] => (Allow) E:\3D\UBISOFT\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{DFEB049D-3589-4425-9401-E31406827B70}] => (Allow) E:\3D\UBISOFT\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{5362C9B6-2428-4ACB-A09C-8F8BD08ECC67}] => (Allow) E:\Strategy\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{530DCA38-262B-476D-92FD-F863908DC0F0}] => (Allow) E:\Strategy\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{A4506309-0767-4354-BDB5-1B0255A49FDB}] => (Allow) E:\Strategy\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{C9473A67-E284-4E32-8B1F-515DF6959945}] => (Allow) E:\Strategy\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{3DF4DE6A-ED2E-4D1F-ADBC-AC231F9471EC}] => (Allow) E:\Strategy\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{0D24DD61-8C2E-470F-926A-1439DF9E5FF6}] => (Allow) E:\Strategy\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{FCB18FBC-F3AA-4C96-A0A6-9885D003FCA4}] => (Allow) E:\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [{CCD70A82-A13A-4101-BD89-33F9E40D630E}] => (Allow) E:\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [{E32A7D7E-1D97-4747-9FD2-520A170B4929}] => (Allow) E:\Strategy\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{A5C86970-184E-42E5-B8A1-E0B3554A7FB0}] => (Allow) E:\Strategy\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{CB22DA4A-0947-4B50-9606-A174E4E1DD77}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Liberation HD\ac3lhd_32.exe
FirewallRules: [{3E628C72-6BF6-4088-8D2D-3C3C867B7B32}] => (Allow) E:\3D\UBISOFT\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{AB91341A-E4FB-45CE-84CA-5279D3A58D92}] => (Allow) E:\3D\UBISOFT\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{A7417877-DDC2-4423-ADC7-96F59ABD5482}] => (Allow) E:\3D\UBISOFT\Assassin's Creed III\AC3MP.exe
FirewallRules: [{BB602EEA-09C2-4AC7-B073-410C3EAE7F1D}] => (Allow) E:\3D\UBISOFT\Assassin's Creed III\AC3MP.exe
FirewallRules: [{743F9C6F-1E89-4448-B536-F88282DE161D}] => (Allow) E:\3D\UBISOFT\Assassin's Creed III\AC3SP.exe
FirewallRules: [{0FF71B61-EC1A-45F2-A0B6-BB23B2FA179D}] => (Allow) E:\3D\UBISOFT\Assassin's Creed III\AC3SP.exe
FirewallRules: [{81866719-9A10-474F-B547-C603957713A6}] => (Allow) E:\3D\UBISOFT\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{E8B74E26-7774-49F3-811D-77D4FF8845F6}] => (Allow) E:\3D\UBISOFT\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{B00C3FDA-B687-41A5-9B7A-75F3EA0E66AF}] => (Allow) E:\3D\UBISOFT\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{E73AF23F-E56D-4F26-A69D-8068754F0FCB}] => (Allow) E:\3D\UBISOFT\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [UDP Query User{37272407-FF54-4D6E-8F59-54D68AF5C5C5}E:\3d\rockstar games\max payne 3\maxpayne3.exe] => (Allow) E:\3d\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [TCP Query User{86999504-B048-4B75-905D-A121F1BF55DD}E:\3d\rockstar games\max payne 3\maxpayne3.exe] => (Allow) E:\3d\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{81701FE2-03D3-4829-816D-2A2E72E92DE0}E:\3d\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) E:\3d\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [TCP Query User{4721187F-B75C-4276-90C4-63CD806D4F26}E:\3d\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) E:\3d\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [UDP Query User{2093BC5A-50C3-47DD-A612-53BDDE277A00}E:\strategy\kalypso media\patrician iv\patrician4_addon.exe] => (Allow) E:\strategy\kalypso media\patrician iv\patrician4_addon.exe
FirewallRules: [TCP Query User{A4EF3AB1-59F8-4B6C-A25B-692937EAA897}E:\strategy\kalypso media\patrician iv\patrician4_addon.exe] => (Allow) E:\strategy\kalypso media\patrician iv\patrician4_addon.exe
FirewallRules: [{5A4AD6AB-B246-4393-8882-3775D1B2B8B8}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{47625553-439A-40E9-B7CD-D519D3C4D678}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{671CE42F-B3B4-43A2-BDCB-BDB5AD9585E3}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{788A4B5C-85C9-4AC3-AFC2-DCD6CBEEDB6E}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{FEEB74DE-DCD6-43A9-A5BF-A1C093C22020}] => (Allow) E:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{EF60AFD6-666D-4193-8341-45C37C8B87C7}] => (Allow) E:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{6B7EB7F2-A9B3-4BEC-9055-DCA27F62CB8E}] => (Allow) E:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{5D13BB3C-018B-4448-A1AB-E26310868D6E}] => (Allow) E:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{A48899DC-7041-4759-AC13-CE05B3C3DFD3}] => (Allow) E:\Steam\SteamApps\common\Superfrog\Superfrog.exe
FirewallRules: [{38542D63-FE6A-4EE5-A50B-9806859D8DD3}] => (Allow) E:\Steam\SteamApps\common\Superfrog\Superfrog.exe
FirewallRules: [{484E26E8-1EFD-44F9-9BEC-781796895733}] => (Allow) E:\Steam\SteamApps\common\Spear of Destiny\base\dosbox.exe
FirewallRules: [{80EC3935-23F9-4EB1-81E3-BCA2B330000B}] => (Allow) E:\Steam\SteamApps\common\Spear of Destiny\base\dosbox.exe
FirewallRules: [{DEC0FA44-7254-4BDF-B0CE-C5E1AF814FC8}] => (Allow) E:\Steam\SteamApps\common\Wolfenstein 3D\base\dosbox.exe
FirewallRules: [{E05AE058-6883-4CAA-98B9-A92296F2AB77}] => (Allow) E:\Steam\SteamApps\common\Wolfenstein 3D\base\dosbox.exe
FirewallRules: [UDP Query User{13796DF4-68AC-4F20-BB05-676F75538F46}E:\3d\raven\sof platinum\sof.exe] => (Allow) E:\3d\raven\sof platinum\sof.exe
FirewallRules: [TCP Query User{2767F9F3-62E7-4F1F-B19A-D83172AF21B8}E:\3d\raven\sof platinum\sof.exe] => (Allow) E:\3d\raven\sof platinum\sof.exe
FirewallRules: [{0119571E-9C80-48AF-863D-DBD144872015}] => (Allow) E:\Steam\SteamApps\common\Serious Sam HD The First Encounter\Bin\SamHD.exe
FirewallRules: [{5207C1FF-39ED-4722-98B5-8E52113270FA}] => (Allow) E:\Steam\SteamApps\common\Serious Sam HD The First Encounter\Bin\SamHD.exe
FirewallRules: [UDP Query User{805F5529-F56F-47EB-A39C-39DC3F386E04}E:\3d\quake iii arena\quake3.exe] => (Allow) E:\3d\quake iii arena\quake3.exe
FirewallRules: [TCP Query User{F5C0D17D-63BA-4AD5-AF87-C15F91390B71}E:\3d\quake iii arena\quake3.exe] => (Allow) E:\3d\quake iii arena\quake3.exe
FirewallRules: [{71B3BF2D-E619-41B3-9F04-183430BF6AB4}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{84AC6349-1D35-42FD-9C0A-8E9EAA0E2197}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{05574DC0-555F-4EB9-B4E1-9BCA603C8E9F}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{DF132AF1-FC77-4E00-9DAA-35FDFF4BDDA4}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{DC689682-07F7-4291-8F2C-5219632D5CA4}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{5305F525-9DF0-4FA5-B5D6-5546A28DFEB2}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{5B909457-F110-4A61-A0EF-37442026FE4F}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{FEF407E5-F9A0-4F34-BAB9-352CBDFBE298}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [UDP Query User{23D581C1-DA45-4C7D-A570-F39116194B28}E:\driving\trackmania united\tmunited.exe] => (Allow) E:\driving\trackmania united\tmunited.exe
FirewallRules: [TCP Query User{99E9B0AB-7354-44F2-9C79-F3F3EF4DC0A2}E:\driving\trackmania united\tmunited.exe] => (Allow) E:\driving\trackmania united\tmunited.exe
FirewallRules: [UDP Query User{0BEE89E4-FBF4-4EA2-9695-A56E8ECB87BB}E:\strategy\microsoft games\age of empires ii\empires2.icd] => (Allow) E:\strategy\microsoft games\age of empires ii\empires2.icd
FirewallRules: [TCP Query User{F8705EDC-6E7B-4ADF-9FB0-401D14F4CFC1}E:\strategy\microsoft games\age of empires ii\empires2.icd] => (Allow) E:\strategy\microsoft games\age of empires ii\empires2.icd
FirewallRules: [UDP Query User{32A4A949-B4AD-4DD7-92DB-7E085AD110A4}E:\strategy\microsoft games\age of empires\empires.exe] => (Allow) E:\strategy\microsoft games\age of empires\empires.exe
FirewallRules: [TCP Query User{5D6B734D-D1B7-4D2D-9848-A217DD0F3CB2}E:\strategy\microsoft games\age of empires\empires.exe] => (Allow) E:\strategy\microsoft games\age of empires\empires.exe
FirewallRules: [UDP Query User{7A1E4F47-E309-486F-8E34-1CA638226EDB}E:\strategy\eidos interactive\hothouse creations\gangsters 2\gangsters2.exe] => (Allow) E:\strategy\eidos interactive\hothouse creations\gangsters 2\gangsters2.exe
FirewallRules: [TCP Query User{D1BC751C-07C6-4E7F-BEC9-CCDF795BA685}E:\strategy\eidos interactive\hothouse creations\gangsters 2\gangsters2.exe] => (Allow) E:\strategy\eidos interactive\hothouse creations\gangsters 2\gangsters2.exe
FirewallRules: [{2FAF55AB-6A6E-4A8D-A96F-8B01B4CF94C2}] => (Allow) E:\Strategy\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{4A169730-F259-4BC4-AA4D-7028C32A213B}] => (Allow) E:\Strategy\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{73DFD73C-EBE9-418E-80E3-1554CEDCC26B}] => (Allow) E:\Strategy\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{FC1D8A83-96E0-4377-94CA-CD37FAC7CBCF}] => (Allow) E:\Strategy\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{1CB066B5-43C3-48CF-AA38-B6269E457022}] => (Allow) E:\3D\EA\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe
FirewallRules: [{6D82585C-77ED-4D4A-ABC9-386276DF0CD8}] => (Allow) E:\3D\EA\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe
FirewallRules: [{88669DFE-CF6B-4734-95CC-1A2789FF62C7}] => (Allow) E:\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{5C509E68-DB95-42D4-8DC3-837D112CCE01}] => (Allow) E:\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{541BF646-5B03-4D5D-8079-55790417D249}] => (Allow) E:\3D\Activision\Wolfenstein\MP\Wolf2MPLite.exe
FirewallRules: [{ED80E624-1D14-4DC2-8D1A-97B875DA3D07}] => (Allow) E:\3D\Activision\Wolfenstein\MP\Wolf2MPLite.exe
FirewallRules: [{A9B39434-84BC-43E5-A048-2986B1ECC56C}] => (Allow) E:\3D\Activision\Wolfenstein\MP\Wolf2MP.exe
FirewallRules: [{2B1A8F99-D87F-4A70-AA97-077298AFF5C2}] => (Allow) E:\3D\Activision\Wolfenstein\MP\Wolf2MP.exe
FirewallRules: [{165FBBF8-58A0-49B7-8057-C7051119DFA6}] => (Allow) E:\3D\2K Games\BioShock 2\MP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{E1C8DA64-0740-4A04-A273-40E7F3A0A977}] => (Allow) E:\3D\2K Games\BioShock 2\MP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{58995601-FC75-466D-BAE5-57633184D3C8}] => (Allow) E:\3D\2K Games\BioShock 2\SP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{968A2CC0-ABA1-4356-AE27-DE1C0EFB1D30}] => (Allow) E:\3D\2K Games\BioShock 2\SP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{3998EDD2-625E-4D29-993B-0BC257B8CD66}] => (Allow) E:\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{32685D5C-6032-483B-B021-9B66B9B45313}] => (Allow) E:\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{973E2CD0-380B-41CB-8AD7-3597A5B6C602}] => (Allow) E:\Steam\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{9D6C41D5-9BB4-40A9-9CF0-B21832E6ED12}] => (Allow) E:\Steam\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{3B061897-76CA-4248-ACC3-FE9DA418D5D0}] => (Allow) E:\3D\Sierra Entertainment\FEAR Perseus Mandate\FEARXP2.exe
FirewallRules: [{0112A1D3-0119-44A5-8FDE-8C57932F4A53}] => (Allow) E:\3D\Sierra Entertainment\FEAR Perseus Mandate\FEARXP2.exe
FirewallRules: [{DD241F13-BFBA-4C24-B1BE-06B15F9C7067}] => (Allow) E:\3D\Sierra\FEAR\FEARXP\FEARXP.exe
FirewallRules: [{66306EE8-0AC1-4F8C-8A3D-11866768EA99}] => (Allow) E:\3D\Sierra\FEAR\FEARXP\FEARXP.exe
FirewallRules: [{837224D2-652A-413D-9575-36C814B6A348}] => (Allow) E:\3D\Sierra\FEAR\FEARMP.exe
FirewallRules: [{C9F923C0-F15B-48B8-89CD-F7A7C6FF38A5}] => (Allow) E:\3D\Sierra\FEAR\FEARMP.exe
FirewallRules: [{44E452D7-CB40-4CC8-9EF5-2EAFAFDF9CB7}] => (Allow) E:\3D\Sierra\FEAR\FEAR.exe
FirewallRules: [{3CC58E27-117E-44CF-9E07-4443E13E7B7D}] => (Allow) E:\3D\Sierra\FEAR\FEAR.exe
FirewallRules: [{0C69A782-2FDC-4E7F-A267-D1C55640CFF1}] => (Allow) E:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{638D30AC-93F6-433A-9CF7-AC38C2A83DD0}] => (Allow) E:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{288D26F7-CB21-4484-85D8-B32F62ED3DA6}] => (Allow) E:\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{D3D39352-9205-4881-B5DB-4458AF18E6F7}] => (Allow) E:\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{907F897C-4DAF-4647-9A20-5C546F6E445D}] => (Allow) E:\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{07FD2763-A36A-4126-BB58-847035B1C44C}] => (Allow) E:\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{F719567F-5D26-48E8-8802-2D9A4514D365}] => (Allow) E:\3D\EA Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{B03DA80F-16FC-4108-9CD9-51610E26D948}] => (Allow) E:\3D\EA Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{6ED22A8C-0BC2-4FB5-B9E6-526C1BC64756}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{311B625C-A61C-4094-A35D-4E20DC74D6FF}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{A473FBD1-6EDE-458D-9BD5-D9D479EADB5F}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{B2C7BE25-43AF-426F-9D70-DED2A2F6F6E8}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{C480A6A1-3CD8-4466-8E92-56319FD3A517}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{E384940A-EFC5-4615-AA5F-EA81CDE95E97}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{D00DC9A3-E733-4A9F-A004-C0C598C364A4}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\farcry3.exe
FirewallRules: [{B9BAC3F1-C766-48C4-A146-A3996D5513D8}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\farcry3.exe
FirewallRules: [{2513877E-2DEC-4C1C-B7C0-DA99244D8986}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{37A51B5B-E353-4CD4-9C9C-C696069C8EC8}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{04CFBA6F-A811-4285-BA97-FA9724D7E230}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{88304FB3-3513-44AF-B1E6-E935C450A6B1}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{D446A66D-DE24-47D5-BD8E-DFC365770509}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{0CBD0D63-578E-4CDA-9F42-AED9F44CD241}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{94D5BD34-87DB-4DEE-8161-F6366B678E30}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{CF3C36BF-EF73-44AA-85ED-A753C16C4948}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{0ADBFDBA-B8FD-4241-A674-DDE1190A5FA6}] => (Allow) E:\3D\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{E18E2293-513B-45EF-9AC2-B039698E2746}] => (Allow) E:\3D\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{12F95BC4-01A0-4E6A-B506-CEE684B4D323}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{53D1B922-7094-43E0-9D1B-7FCB940F9942}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{5572996E-8F91-4F63-A5FD-AF774DB17396}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{2594B4E3-3A7F-4428-AB02-2B1AC8E5D0EE}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{59F28F71-5022-4D0A-B0EB-EDEB8DF94DD9}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{F78452ED-98A4-4B01-BC2D-EE47D749BC53}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{698B67AB-686A-426F-BC38-5630065D368D}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{7CBA9CD8-0E93-4BEB-9C07-0E1A06043009}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{5ECB86EF-FE2A-4D64-B3E4-91390D4419CF}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{7050BE1C-36E9-4A44-9430-E05499BEDF0C}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{34038BC2-CEAC-4379-BAD2-CFD1B867059E}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{4DDDBB76-972B-4CBC-BFCD-0F9802A17406}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A57ED098-22B5-4FF3-9DD9-50704B6061E5}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{8D3ACA07-E76B-4318-883A-B0431536105F}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{919C4F38-F093-4233-9144-04B09B8A709C}] => (Allow) E:\3D\UBISOFT\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{F94E9C46-7E8D-434E-A15D-3849F487BBA3}] => (Allow) E:\3D\UBISOFT\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{81FB9687-3E4A-453B-ABD5-50B81CE51B5F}] => (Allow) E:\3D\UBISOFT\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{D6F65FDD-2333-4E4A-B7B1-C975239DC02E}] => (Allow) E:\3D\UBISOFT\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{1388D878-6456-4D9C-B7C4-B2D29B259692}] => (Allow) E:\3D\UBISOFT\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{A28F1347-9BF2-4785-8F75-E79CF76753FD}] => (Allow) E:\3D\UBISOFT\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{637FD715-8740-4982-8BAB-AB7DEC996364}] => (Allow) E:\3D\UBISOFT\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{03E76266-6A41-493E-AC7F-3841908FA53E}] => (Allow) E:\3D\UBISOFT\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{D2C4B414-907E-4C5C-8A34-93249AEBE13F}] => (Allow) E:\3D\UBISOFT\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{C62D135F-A8F3-46CC-B630-83C345D87336}] => (Allow) E:\3D\UBISOFT\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{F9898374-B69E-42F7-87FB-CC9D181F2BC6}] => (Allow) E:\3D\UBISOFT\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{B4992645-6B95-4662-8355-1BC199E29318}] => (Allow) E:\3D\UBISOFT\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{1DE4C721-12E8-40EB-8A4F-9848E1695550}] => (Allow) E:\3D\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{85AA4638-A2FC-41EC-A7DC-A98A1BFCB700}] => (Allow) E:\3D\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{A7A8ABA2-FFFC-43C1-A6BD-AD7ABA462334}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\UPlayBrowser.exe
FirewallRules: [{11808E58-7F75-4717-92C0-0ADC97857E62}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\UPlayBrowser.exe
FirewallRules: [{EF40CE61-F058-4A91-8321-1FFAD5162A09}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\gu.exe
FirewallRules: [{910132A5-F5FA-4DDD-ABD2-D92B99A9EB8B}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\gu.exe
FirewallRules: [{BFDA4D81-1077-4A9A-AA26-7EC0B6A8C0AF}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\GameSettings.exe
FirewallRules: [{A69D1768-1F73-4633-9DB1-DC85AFB5FC5E}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\GameSettings.exe
FirewallRules: [{9A86A617-57EC-4212-BE51-AEF36D806246}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\Prince of Persia.exe
FirewallRules: [{C3B072FB-AEBA-415F-A138-BA6F8151A4F6}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\Prince of Persia.exe
FirewallRules: [{57B2C69F-6B6B-4525-AA4B-0523BE1A265D}] => (Allow) E:\3D\UBISOFT\Prince of Persia\PrinceOfPersia_Launcher.exe
FirewallRules: [{50B26D11-5230-4155-9382-93DBBCBBF8E7}] => (Allow) E:\3D\UBISOFT\Prince of Persia\PrinceOfPersia_Launcher.exe
FirewallRules: [{89B89FAD-6C58-4CA4-B92D-C48EE76538F2}] => (Allow) E:\3D\UBISOFT\Prince of Persia\Prince of Persia.exe
FirewallRules: [{2FCE0839-3AA5-47E7-92FC-9832A4BFFD45}] => (Allow) E:\3D\UBISOFT\Prince of Persia\Prince of Persia.exe
FirewallRules: [{E585E447-6906-497B-9D97-E1A2930D6C24}] => (Allow) E:\Driving\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{A316DBCF-1563-40A6-9746-01693BFF67BC}] => (Allow) E:\Driving\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{2827EE9C-6C56-43FF-9C3A-F1729BB2F912}] => (Allow) E:\Driving\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{2AE03DB6-8C22-461F-8D33-22AE6D826A11}] => (Allow) E:\Driving\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{99002563-68A1-4571-9859-5B2007C5986F}] => (Allow) E:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{2F543C9C-F6C7-49F2-AE86-5F194CB1E71D}] => (Allow) E:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{813616A2-11ED-4C12-AB01-7300AD4FE438}] => (Allow) E:\Driving\Ubisoft\Driver San Francisco\Driver.exe
FirewallRules: [{42D2A244-6B83-4EF5-9D01-E1843E340890}] => (Allow) E:\Driving\Ubisoft\Driver San Francisco\Driver.exe
FirewallRules: [{7F58B1C5-AB3D-4FF4-8BDB-D02BE027D66C}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{53178738-EB75-4A75-8B4F-CADD1F8EB339}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{D1C10798-6701-43BA-A521-8919CFA13198}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{BDC3A9CB-94A9-4ACF-B97D-A2415459AC6D}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{D1CA2AE7-8D5C-44F2-8779-CE51146AAD66}] => (Allow) E:\Strategy\1701 A.D\1701-AddOn.exe
FirewallRules: [{D23C71DC-21C4-492E-85E6-577C8328B4DB}] => (Allow) E:\Strategy\1701 A.D\1701-AddOn.exe
FirewallRules: [{E3D9212D-1080-4CA0-B87C-7B1F04A59853}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{62583998-5B66-4B4E-9235-4F56A08BCD63}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{AA7BBDBE-03CF-4092-97D3-38195FEF4EF9}] => (Allow) E:\Strategy\Ubisoft\THE SETTLERS - Rise of an Empire\base\bin\Settlers6.exe
FirewallRules: [{52865C6C-E008-4C6D-9776-C32332C8C626}] => (Allow) E:\Strategy\Ubisoft\THE SETTLERS - Rise of an Empire\base\bin\Settlers6.exe
FirewallRules: [{D9A28B8A-D4AB-4CE5-B95E-7ECA69673F93}] => (Allow) E:\Strategy\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [{1DF550C3-DCB2-4A6C-B2E4-3F8619BD31E2}] => (Allow) E:\Strategy\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [{7888A86C-13B1-4F9B-87CF-384D65470C93}] => (Allow) E:\Steam\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{805A357B-F8EB-4F70-B6C5-A6AE7BCE5A0F}] => (Allow) E:\Steam\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{C5AC3758-3BD9-4D5F-A866-83DC1C51A8E5}] => (Allow) E:\Strategy\Kalypso Media\Port Royale 3\PortRoyale3.exe
FirewallRules: [{0B0C84F0-D5FF-4306-8521-1CEB9CD98FC4}] => (Allow) E:\Sport\Codemasters\Ashes Cricket 2009\Cricket2009.exe
FirewallRules: [{F4047A75-4E7E-4A2F-B4C7-9DA7D3D1B436}] => (Allow) E:\Sport\Codemasters\Ashes Cricket 2009\Cricket2009.exe
FirewallRules: [{3475AC3A-F8EB-4BC0-AD38-8D33B51C5937}] => (Allow) E:\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{9E600517-E89E-4BDB-807C-40BAB5EB893B}] => (Allow) E:\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{388909D9-12C9-41F0-B563-170524ACC31C}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{D435E2D2-2593-4982-B3E5-9A41DDA66600}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
FirewallRules: [UDP Query User{CDD9BAF6-CC73-44C0-9879-E509693D6FC0}C:\users\colin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\colin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6D104ED7-11BD-496E-BC76-F74175E09384}C:\users\colin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\colin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{96571BB9-F8FF-4C8C-B5DB-96FA96629BA9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{22F72C4B-99B2-461C-A87A-FDF7049F34E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FDD851D8-F92A-4DCE-95C3-7B378FB521EB}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{2569D93C-575C-438D-9373-87036D968275}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{A6442D53-836E-43C3-8F76-F2932DAD4ADE}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1400261577\ee\aolsoftware.exe
FirewallRules: [{99F212ED-D959-458C-821D-EFDBD6D6B576}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1400261577\ee\aolsoftware.exe
FirewallRules: [{C928DC26-3101-403C-9796-9C6F880D55A4}] => (Allow) C:\Program Files (x86)\Common Files\AOL\ACS\AOLacsd.exe
FirewallRules: [{8A3A4DD5-1C78-4C40-B656-F706AC83BF19}] => (Allow) C:\Program Files (x86)\Common Files\AOL\ACS\AOLacsd.exe
FirewallRules: [{D505038B-591F-453F-A6B6-720E83842053}] => (Allow) C:\Program Files (x86)\Common Files\AOL\ACS\AOLDial.exe
FirewallRules: [{053AE0F4-55DC-4509-9D8D-C561C563ABFB}] => (Allow) C:\Program Files (x86)\Common Files\AOL\ACS\AOLDial.exe
FirewallRules: [{E2707F1B-0389-4EA5-8DDF-63EA64F9EC35}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{32841619-EB3F-45AB-B418-2F62D0FAB89D}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{00F0F85B-253C-4DD5-AF10-22FCE9C9F759}] => (Allow) E:\Strategy\2K Games\Firaxis Games\Sid Meier's Railroads!\RailRoads.exe
FirewallRules: [{E4A0CF52-1E08-456F-BCB6-13BD9AC9DEB1}] => (Allow) E:\Strategy\2K Games\Firaxis Games\Sid Meier's Railroads!\RailRoads.exe
FirewallRules: [{C60BF1D0-4AA8-4D44-8DA7-7194553F0040}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{AEA5FDDC-310D-41C3-9FA4-BF277DBA06F8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{869B971A-6D97-4282-AD71-D26A21021D21}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{95BCC87E-57CC-4C90-9E87-FD0484865B11}] => (Allow) LPort=2869
FirewallRules: [{1CA83558-58C5-4B38-954B-1D73418D2423}] => (Allow) LPort=1900
FirewallRules: [{3B79BD28-8736-4D80-B03B-0969F936B1C2}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
FirewallRules: [{F4EDEDA4-0228-4261-B6B3-6576CEE0A5A8}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
FirewallRules: [{1AF84224-BF5E-4675-B875-848C224F4D6D}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\aolbrowser.exe
FirewallRules: [{B37CD680-210A-488A-8F7C-BE51668F8D5A}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\aolbrowser.exe
FirewallRules: [TCP Query User{94C5F9E1-16C1-44AF-A77E-57F8E036671A}E:\driving\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) E:\driving\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [UDP Query User{D2FE83F1-25E8-461E-8E75-B16B962964BF}E:\driving\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) E:\driving\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [{CF0C799B-F67A-4C34-8B3B-ACFB833FF467}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7B39AE76-3073-4C08-BF6A-03DDE2CED6B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{074481DC-11C3-4153-8296-CD49072E148E}E:\3d\ea games\american mcgee's alice\alice.exe] => (Allow) E:\3d\ea games\american mcgee's alice\alice.exe
FirewallRules: [UDP Query User{B16C2C85-E92E-4718-8CAC-6E29B23A4878}E:\3d\ea games\american mcgee's alice\alice.exe] => (Allow) E:\3d\ea games\american mcgee's alice\alice.exe
FirewallRules: [{DC2A00EE-DC2E-45FC-9515-D7A5254D2F63}] => (Allow) F:\3D\Ubisoft\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{22E335DF-FB30-4DED-BD7E-612D23B897D1}] => (Allow) F:\3D\Ubisoft\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{21A3CE76-4C28-429E-B8F0-1E1693574A78}] => (Allow) E:\Strategy\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{D8AFD6F6-8328-484C-85D9-7E11DF4DDDE3}] => (Allow) E:\Strategy\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{5317F649-6092-4ECE-89DF-DC5694B719C0}] => (Allow) F:\3D\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{DF051433-AC7F-4646-9664-6B435F15D7D7}] => (Allow) F:\3D\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{37CD13D7-2E24-4B87-B57B-8789F42457EE}] => (Allow) E:\Strategy\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{F5516D49-F92A-48FD-B534-7173A4DC847C}] => (Allow) E:\Strategy\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{0355ED4C-1A4D-49E8-9C46-3520C5557E76}] => (Allow) F:\Steam\SteamApps\common\Sid Meier's Colonization\dosbox_windows\dosbox.exe
FirewallRules: [{9DF83335-991C-4F34-A5CB-2257F8C6D22E}] => (Allow) F:\Steam\SteamApps\common\Sid Meier's Colonization\dosbox_windows\dosbox.exe
FirewallRules: [{9C31693B-4C59-4BFB-A34A-70C379AD5E36}] => (Allow) F:\Steam\SteamApps\common\Sid Meier's Colonization\dosbox_windows\daum\dosbox.exe
FirewallRules: [{4791EE89-DAF4-406B-9343-1A3EAA6CC6D9}] => (Allow) F:\Steam\SteamApps\common\Sid Meier's Colonization\dosbox_windows\daum\dosbox.exe
FirewallRules: [{052AC89A-ED20-4F33-B575-24EF0E9CCF69}] => (Allow) F:\Steam\SteamApps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{DB41247F-EC1B-4878-9A86-295E949CE487}] => (Allow) F:\Steam\SteamApps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{285E2788-06A3-44AF-9ED0-90F55D49AFC9}] => (Allow) F:\Steam\SteamApps\common\Quake 2\quake2.exe
FirewallRules: [{FD9C279B-9352-4C66-B4A6-4E8FABD76CEC}] => (Allow) F:\Steam\SteamApps\common\Quake 2\quake2.exe
FirewallRules: [{03CCA364-ECDB-4E0B-8A70-8C870F57FBAE}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem Manhatten Project\prism3d.exe
FirewallRules: [{ED9F24AA-0AB5-4F6F-A3FB-F303CD0D1749}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem Manhatten Project\prism3d.exe
FirewallRules: [{48792522-10A6-4C34-89B2-72DE226F19D0}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem Manhatten Project\DukeNukemManhattanLauncher.exe
FirewallRules: [{E9EB24EE-86FE-4CC7-8DA8-63A0D557EFB7}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem Manhatten Project\DukeNukemManhattanLauncher.exe
FirewallRules: [{828E79F5-873C-4CF0-BCAC-40B83F9399EE}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{E0FC4C19-329C-45FC-9CE1-DACA40ADEA6B}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{24858B54-06D3-4FF5-B2AA-4249784DFF58}] => (Allow) E:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{DF1331C6-7D4A-433A-84FB-B220A081E501}] => (Allow) E:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{EB661E55-AE3F-45EE-9A2A-9C6B61AFD7C4}] => (Allow) E:\Steam\SteamApps\common\FEAR2\FEAR2.exe
FirewallRules: [{A8A8D36A-EE8F-492B-BCB7-820C9457D04C}] => (Allow) E:\Steam\SteamApps\common\FEAR2\FEAR2.exe
FirewallRules: [{A87075D1-843F-462B-901F-2B3E99D24C8E}] => (Allow) F:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{8F1347A1-5733-4408-AE78-6C01373EC996}] => (Allow) F:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{1D8A950D-9E22-4057-8A6D-0AF02A3DB928}] => (Allow) F:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{E59D726E-1838-4BF3-923C-E1ABDCFD0C55}] => (Allow) F:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{F534CA55-2FE2-4453-9689-F38734FF1584}] => (Allow) F:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{43610AE5-4418-4509-B316-A590AEC99540}] => (Allow) F:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{D1319E98-9C9C-43E8-A854-C8B7A0540C28}] => (Allow) F:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{F84B2491-DF09-4EB2-8112-3B5353457D8B}] => (Allow) F:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E565E83B-D47D-4D44-8EE5-665008B45479}] => (Allow) E:\Steam\SteamApps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{E8E5B904-E1F6-4EBC-A418-CA22557A181F}] => (Allow) E:\Steam\SteamApps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{337B4FAB-C453-43E4-BAE4-2ACC0C34D393}] => (Allow) F:\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{436C4F21-EA87-4BAA-BE6B-947A1DDD0B6E}] => (Allow) F:\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{02F5E983-E491-40AA-9097-5CACB16177F4}] => (Allow) F:\Steam\SteamApps\common\Quake\Winquake.exe
FirewallRules: [{EF5F1660-3284-4672-BEC0-41672C9B730F}] => (Allow) F:\Steam\SteamApps\common\Quake\Winquake.exe
FirewallRules: [{D55F6367-63CB-4B1C-8C4C-5531A627504B}] => (Allow) F:\Steam\SteamApps\common\Quake\qwcl.exe
FirewallRules: [{FCE8A2E9-6DDF-4F9F-ADD4-D470DCAC624A}] => (Allow) F:\Steam\SteamApps\common\Quake\qwcl.exe
FirewallRules: [{90A9BAC5-5DEB-4AAF-B853-E8B963BEAA57}] => (Allow) F:\Steam\SteamApps\common\Quake\Glquake.exe
FirewallRules: [{0E5565D1-AC42-42F9-9DC8-13F9793B7797}] => (Allow) F:\Steam\SteamApps\common\Quake\Glquake.exe
FirewallRules: [{E5EC7F85-0944-4113-9A01-15A8EEF590C8}] => (Allow) F:\Steam\SteamApps\common\Quake\glqwcl.exe
FirewallRules: [{1619D02D-8311-4A07-AE8A-A4F182EA4536}] => (Allow) F:\Steam\SteamApps\common\Quake\glqwcl.exe
FirewallRules: [TCP Query User{20ED31BE-57D5-46B1-96ED-864B1EC3D78B}C:\users\colin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\colin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{08BB469B-4D89-46F1-9EB8-984DD59A410A}C:\users\colin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\colin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{F63BF5BB-95E2-49D4-B4DB-4B18A9B18BA1}F:\driving\rockstar games\grand theft auto v\gta5.exe] => (Allow) F:\driving\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{B48F93CA-A1ED-4E54-8C29-E263AF0989F2}F:\driving\rockstar games\grand theft auto v\gta5.exe] => (Allow) F:\driving\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{A962DC50-43CD-46A6-9D38-4EA7BC52CECC}] => (Allow) E:\Strategy\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{7DDAE2A2-642B-4816-A640-66FA243E07CF}] => (Allow) E:\Strategy\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{7E8A1498-AEA0-48C7-B813-3CAE5DC5B71D}] => (Allow) E:\Strategy\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
FirewallRules: [{8BA622CF-37E3-468B-A7C3-1B639B859D92}] => (Allow) E:\Strategy\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
FirewallRules: [{5425C2A9-2F6A-4103-8529-7BBD5549C2C5}] => (Allow) E:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{8FB56280-33C9-493B-920A-104776EEEED6}] => (Allow) E:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{871BBB40-BFA1-4489-9777-A82204D83EEC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DDF9C0B3-5593-4C0A-A97E-461F16319334}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6626A1EC-E6E3-47F4-A55B-503E06AB3C79}] => (Allow) F:\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{4449BF82-AD23-44E2-9879-82511213D900}] => (Allow) F:\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{325DC6B0-7F5F-486B-9BBC-8FCADF8D94D5}] => (Allow) F:\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{F79D7862-430A-4396-B8F1-0268661A62C2}] => (Allow) F:\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [TCP Query User{14D1E655-E7AA-4F5F-8CB9-00A9E239DB3A}E:\3d\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Allow) E:\3d\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [UDP Query User{287F9650-6362-4FC6-8CAC-1FCAFBE1EEFD}E:\3d\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Allow) E:\3d\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [{F5C982A0-A023-4AF0-A6AB-D3FABAA3BEC6}] => (Allow) F:\3D\Ubisoft\Assassin's Creed Syndicate\ACS.exe
FirewallRules: [{8C6E2091-9B6B-4C73-A23C-31A2307946EA}] => (Allow) F:\Driving\EA Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{03CF25E2-475A-4BDE-8672-0DE60AC362A2}] => (Allow) F:\Driving\EA Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{C13CA77D-4ABB-4ACA-B442-FF949548403D}] => (Allow) F:\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{7FC228F2-6B59-49A5-A074-4141398301DB}] => (Allow) F:\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{59FB65CC-506A-4E37-93D4-5FCC30F88B03}] => (Allow) F:\3D\Ubisoft\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{758A39DE-A8E5-415B-8A92-25AADEBD4966}] => (Allow) F:\3D\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{EFEFFF34-82BE-493A-8230-35E662EBCD2C}] => (Allow) F:\3D\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{55FDF372-51CF-4C50-88F3-9B4F8145C7EF}] => (Allow) F:\3D\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{D3324B39-94BE-4062-8EFF-A9CD5D0FAF37}] => (Allow) F:\3D\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{A3BF91BD-F919-4391-AE44-44BB1C6879F5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{A8CF46D7-2798-4E70-BA32-BFDCB57563FF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{CC76400A-BE81-43DF-82B4-C25147B3FDBB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{5AC69753-929C-43BC-90EE-226D2B4033BB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{6DCA569B-396C-4205-B258-CF627688A42C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{8ADE5CE7-AFA1-4C07-BBE5-BD32E1977792}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{465FCE9D-E5D6-4B3C-B7A7-2F21A561B04C}] => (Allow) F:\Steam\SteamApps\common\DOOM\DOOMx64.exe
FirewallRules: [{E14576D6-2E4C-436F-90BD-C3AE7D9595A1}] => (Allow) F:\Steam\SteamApps\common\DOOM\DOOMx64.exe

==================== Restore Points =========================

25-05-2016 07:00:30 Windows Update
27-05-2016 09:09:53 Windows Update
31-05-2016 06:35:27 Windows Update
03-06-2016 11:58:42 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2016 02:35:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2016 11:49:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2016 06:19:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2016 12:27:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2016 11:41:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2016 07:12:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/01/2016 06:42:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2016 06:26:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2016 02:39:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2016 01:49:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/03/2016 02:33:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%2

Error: (06/03/2016 11:48:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%2

Error: (06/03/2016 06:18:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%2

Error: (06/02/2016 09:58:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (06/02/2016 12:25:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%2

Error: (06/02/2016 11:40:34 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%2

Error: (06/01/2016 10:21:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%2

Error: (06/01/2016 06:41:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%2

Error: (05/31/2016 10:56:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%2

Error: (05/31/2016 06:25:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%2


CodeIntegrity:
===================================
  Date: 2014-11-09 16:57:40.752
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:57:40.738
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:57:40.722
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:57:40.707
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:52:51.323
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:52:51.309
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:52:51.295
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:52:51.281
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 12:42:14.788
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 12:42:14.774
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4820K CPU @ 3.70GHz
Percentage of memory in use: 42%
Total physical RAM: 8133.48 MB
Available physical RAM: 4708.52 MB
Total Virtual: 16265.14 MB
Available Virtual: 12176.67 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:441.27 GB) (Free:257.27 GB) NTFS
Drive e: () (Fixed) (Total:976.56 GB) (Free:61.5 GB) NTFS
Drive f: () (Fixed) (Total:976.56 GB) (Free:498.25 GB) NTFS
Drive g: () (Fixed) (Total:841.27 GB) (Free:841.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: 6D21CED5)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: 45AD9E1B)
Partition 1: (Active) - (Size=5.9 GB) - (Type=27)
Partition 2: (Not Active) - (Size=441.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Can't find the Follow this topic button and choose Immediate Email Notification,sorry

 

Link to post
Share on other sites

  • Root Admin

Hello and :welcome:

Please read the following and post back the logs when ready and we'll see about getting you cleaned up.

Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.

  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
  • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly
  • Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive
  • Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you.
  • The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue.
  • You can check here if you're not sure if your computer is 32-bit or 64-bit
  • Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners.
  • When we are done, I'll give you instructions on how to cleanup all the tools and logs
  • Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.
  • Your topic will be closed if you haven't replied within 3 days
  • (If I have not responded within 24 hours, please send me a Private Message as a reminder)



STEP 01
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.

Link 1 | Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.



STEP 02
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.
  • Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe



STEP 03
Please run a Threat Scan with MBAM. If you're unable to run or complete the scan as shown below please see the following:
MBAM Clean Removal Process 2x
When reinstalling the program please try the latest version.

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

Link to post
Share on other sites

Hi Ron

Here is my scan log as you requestedThank you

Colin.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 08/06/2016
Scan Time: 10:43
Logfile:
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.06.08.03
Rootkit Database: v2016.05.27.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Colin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 441877
Time Elapsed: 6 min, 32 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Disabled
Rootkits: Enabled
Heuristics: Disabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

  • Root Admin

We'll continue looking for any threats but have you looked at possibly replacing the CMOS battery on the system?  If the ESET scan hangs then skip it and move on to the next step

 

 

 

Please go ahead and run through the following steps and post back the logs when ready.

STEP 04
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus



STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista / Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


STEP 06
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.



STEP 07
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.
Link to post
Share on other sites

Hi Ron

1st here is my JRT.txt log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Home Premium x64
Ran by Colin (Administrator) on 08/06/2016 at 12:33:46.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


File System: 79

Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\ProgramData\slimware utilities inc (Folder)
Successfully deleted: C:\ProgramData\speedypc software (Folder)
Successfully deleted: C:\ProgramData\viewpoint (Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\slimware utilities inc (Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\ysearchutil (Folder)
Successfully deleted: C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\searchplugins\securesearch.xml (File)
Successfully deleted: C:\Users\Colin\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Users\Colin\AppData\Roaming\speedypc software (Folder)
Successfully deleted: C:\users\Public\Documents\downloaded installers (Folder)
Successfully deleted: C:\Windows\system32\Tasks\SmartDefrag4_Startup (Task)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Program Files (x86)\viewpoint (Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\034MEWGY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\21P8K85E (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2IITFMYP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34ZUTROK (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3EVH81EV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3TU1AX4K (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5ANSF3KU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5KUIGKGW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UFLJKKQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9LY9FBTZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1L9IYAA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CBSB7HKV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOM6YN3Y (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FRR70L3I (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1EPVXSD (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MYNYZBT2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCHXV6V2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QK072O0E (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RDUYI41K (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REGNYZ10 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEN2463C (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\URSYVRIB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VA0XV1OW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WMEB8AFX (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WZCRUWN9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YLOTPGX9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1ER2YJT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3P8961W (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\prefetch\FREECELL.EXE-B8D57695.pf (File)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\034MEWGY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\21P8K85E (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2IITFMYP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34ZUTROK (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3EVH81EV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3TU1AX4K (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5ANSF3KU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5KUIGKGW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UFLJKKQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9LY9FBTZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1L9IYAA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CBSB7HKV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOM6YN3Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FRR70L3I (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1EPVXSD (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MYNYZBT2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCHXV6V2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QK072O0E (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RDUYI41K (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REGNYZ10 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEN2463C (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\URSYVRIB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VA0XV1OW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WMEB8AFX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WZCRUWN9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YLOTPGX9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1ER2YJT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3P8961W (Temporary Internet Files Folder)

Deleted the following from C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\prefs.js
user_pref(HomeTab_18145.global.CurrentSearchEngineSelection, US: United States of America);
user_pref(HomeTab_18145.global.DisplayRecentSearches, true);
user_pref(browser.search.hiddenOneOffs, Amazon.com,Twitter,Ad-Aware SecureSearch);
user_pref(extensions.toolbar.mindspark.hp.enabled, false);
user_pref(extensions.toolbar.mindspark.lastInstalled, convertanyfile@mindspark.com);

 

Registry: 2

Successfully deleted: HKLM\Software\MozillaPlugins\@viewpoint.com/vmp (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} (Registry Key)

 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/06/2016 at 12:36:59.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2nd here is my ADwcleaner log

# AdwCleaner v5.119 - Logfile created 08/06/2016 at 12:42:25
# Updated 30/05/2016 by Xplode
# Database : 2016-06-07.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Colin - COLINS-PC
# Running from : C:\Users\Colin\Desktop\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\Avg_Update_1014avt
[#] Folder Deleted : C:\ProgramData\Application Data\Avg_Update_1014avt
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

***** [ Files ] *****

[x] File Not Deleted : C:\Windows\SysWOW64\lavasofttcpservice.dll
[x] File Not Deleted : C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
[x] File Not Deleted : C:\Windows\SysNative\LavasoftTcpService64.dll
[x] File Not Deleted : C:\Windows\SysNative\LavasoftTcpServiceOff.ini

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\speedypc software
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
[-] Key Deleted : HKLM\SOFTWARE\MetaStream
[-] Key Deleted : HKLM\SOFTWARE\speedypc software
[-] Key Deleted : HKLM\SOFTWARE\Viewpoint
[-] Key Deleted : HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}

***** [ Web browsers ] *****

[-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\prefs.js] Deleted : user_pref("HomeTab_18145.global.ClearSearchHistoryOnClose", "false");
[-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\prefs.js] Deleted : user_pref("HomeTab_18145.global.CurrentLanguageSelection", "English");
[-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\prefs.js] Deleted : user_pref("HomeTab_18145.global.CurrentNavigationSelection", "Current window");
[-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\prefs.js] Deleted : user_pref("HomeTab_18145.global.ShowButtonText2", "true");
[-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\prefs.js] Deleted : user_pref("HomeTab_18145.global.UpdateTime", "1400263088945");
[-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\prefs.js] Deleted : user_pref("HomeTab_18145.global.setupExtension", "true");
[-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\prefs.js] Deleted : user_pref("HomeTab_18145.global.userEnable", true);
[-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\prefs.js] Deleted : user_pref("HomeTab_18145.global.userID", "ef922f370ee277448d60851489401aa6");
[-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\prefs.js] Deleted : user_pref("wtb18145.homepage", "about:home");
[-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\prefs.js] Deleted : user_pref("wtb18145.newtab", "about:home");
[-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\prefs.js] Deleted : user_pref("wtbg.global.storedbrowserversion", "26.0");

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4545 bytes] - [08/06/2016 12:42:25]
C:\AdwCleaner\AdwCleaner[R0].txt - [6746 bytes] - [08/11/2014 19:11:40]
C:\AdwCleaner\AdwCleaner[R1].txt - [5728 bytes] - [09/12/2014 20:09:30]
C:\AdwCleaner\AdwCleaner[S0].txt - [5650 bytes] - [09/12/2014 20:12:13]
C:\AdwCleaner\AdwCleaner[S1].txt - [370 bytes] - [08/06/2016 12:39:53]
C:\AdwCleaner\AdwCleaner[S2].txt - [5011 bytes] - [08/06/2016 12:40:38]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4982 bytes] ##########


3rd Here is my eset log file.Had to do disk partitions,E,F,G separately but no threats founds.

C:\Windows\System32\LavasoftTcpService64.dll    a variant of Win64/Packed.Komodia.A suspicious application    
C:\Windows\SysWOW64\LavasoftTcpService.dll    a variant of Win32/Packed.Komodia.A suspicious application    

4th Here is my FRST.txt & Addition .txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2016
Ran by Colin (administrator) on COLINS-PC (08-06-2016 13:51:11)
Running from C:\Users\Colin\Desktop
Loaded Profiles: Colin (Available Profiles: Colin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
(Microsoft Corp.) C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1400261577\ee\aolsoftware.exe
(Microsoft Corp.) C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\ACS\AOLacsd.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(ESET spol. s r.o.) C:\Users\Colin\Desktop\esetonlinescanner_enu.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4867784 2015-12-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe [9581280 2016-01-28] ()
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1400261577\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [49152 2006-04-13] ()
HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [735744 2013-02-27] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3820440 2016-04-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-06-03] (SUPERAntiSpyware)
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE [72296 2014-09-16] (AOL Inc.)
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\WLXPGSS.SCR [322248 2014-03-31] (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-3369568051-1984934905-614767478-1006\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1    localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BAAC01BF-606F-4106-9EBE-0770D8FE0670}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.worldofspectrum.org/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3369568051-1984934905-614767478-1001 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3369568051-1984934905-614767478-1001 -> {1DCA0845-D10E-4C2B-B949-1B4D1A1378AB} URL = hxxp://search.aol.co.uk/aolcom/search?query={searchTerms}&invocationType=msie70a
SearchScopes: HKU\S-1-5-21-3369568051-1984934905-614767478-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-22] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22] (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  No File
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab

FireFox:
========
FF ProfilePath: C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default
FF NewTab: about:blank
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.worldofspectrum.org/
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Extension: Quick Translator - C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\wlbi8dco.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-05-29]

Chrome:
=======
CHR Profile: C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-12-04] (Advanced Micro Devices) [File not signed]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1563648 2016-04-21] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3647384 2016-04-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [336152 2016-04-21] (AVG Technologies CZ, s.r.o.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-05-16] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-05-16] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [112640 2013-05-22] (Creative Technology Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe [712432 2016-01-28] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-09] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-04-03] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [167936 2005-08-08] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wlidsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corp.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-03-21] (Advanced Micro Devices)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-11] (Advanced Micro Devices, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-05-18] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [77760 2015-07-09] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [299440 2016-01-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [296368 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255920 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [300464 2015-08-04] (AVG Technologies CZ, s.r.o.)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1060632 2013-05-22] (Creative Technology Ltd)
R3 cthdb; C:\Windows\System32\DRIVERS\cthdb.sys [25088 2014-04-16] (Creative Technology Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-05-18] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-08] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2015-12-11] () [File not signed]
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2015-08-03] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2015-08-03] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2015-08-03] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2015-08-03] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2015-08-03] (Wondershare)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-08 13:51 - 2016-06-08 13:51 - 00018549 _____ C:\Users\Colin\Desktop\FRST.txt
2016-06-08 12:44 - 2016-06-08 12:44 - 00000000 ____D C:\Users\Colin\AppData\Roaming\ProductData
2016-06-08 12:44 - 2016-06-08 12:44 - 00000000 ____D C:\Users\Colin\AppData\Local\ESET
2016-06-08 12:36 - 2016-06-08 12:36 - 00012899 _____ C:\Users\Colin\Desktop\JRT.txt
2016-06-08 12:33 - 2016-06-08 12:33 - 02385408 _____ (Farbar) C:\Users\Colin\Desktop\FRST64.exe
2016-06-08 12:32 - 2016-06-08 12:32 - 06858912 _____ (ESET spol. s r.o.) C:\Users\Colin\Desktop\esetonlinescanner_enu.exe
2016-06-08 12:31 - 2016-06-08 12:31 - 03677248 _____ C:\Users\Colin\Desktop\AdwCleaner.exe
2016-06-08 12:30 - 2016-06-08 12:30 - 01610816 _____ (Malwarebytes) C:\Users\Colin\Desktop\JRT.exe
2016-06-05 11:57 - 2016-06-05 11:57 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-06-05 11:23 - 2016-06-05 11:24 - 00000000 ____D C:\Users\Colin\Documents\ELO
2016-06-03 20:36 - 2016-06-08 13:51 - 00000000 ____D C:\FRST
2016-06-03 14:32 - 2016-06-03 14:32 - 00000000 ____D C:\$WINDOWS.~BT
2016-05-30 14:37 - 2016-05-30 14:44 - 00638210 _____ C:\Windows\ntbtlog.txt
2016-05-30 14:37 - 2016-05-30 14:37 - 00000000 ____D C:\NPE
2016-05-30 14:35 - 2016-05-30 14:40 - 00000000 ____D C:\Users\Colin\AppData\Local\NPE
2016-05-30 14:35 - 2016-05-30 14:35 - 00000000 ____D C:\ProgramData\Norton
2016-05-29 06:13 - 2016-05-29 06:18 - 00203718 _____ C:\Windows\system32\avgrep.txt
2016-05-21 06:33 - 2016-05-21 06:33 - 00001409 _____ C:\Windows\QTFont.for
2016-05-18 14:44 - 2016-04-12 02:23 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-18 14:44 - 2016-04-12 02:23 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-18 14:44 - 2016-04-12 02:20 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-18 14:44 - 2016-04-12 02:20 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-18 14:44 - 2016-04-12 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-18 14:44 - 2016-04-12 02:01 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-18 14:44 - 2016-04-12 02:01 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-18 14:44 - 2016-04-12 02:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-18 14:44 - 2016-04-12 01:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-18 14:44 - 2016-04-12 01:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-18 14:44 - 2016-04-12 01:43 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-18 14:44 - 2016-04-12 01:43 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-18 14:44 - 2016-04-12 01:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-18 14:44 - 2016-04-12 01:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-18 14:44 - 2016-04-12 01:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-18 14:44 - 2016-04-09 07:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-05-18 14:44 - 2016-04-09 07:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-05-18 14:44 - 2016-04-09 07:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-05-18 14:44 - 2016-04-09 07:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-05-18 14:44 - 2016-04-09 06:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-05-18 14:44 - 2016-04-09 06:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-05-18 14:43 - 2016-04-14 17:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-05-18 14:43 - 2016-04-14 17:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-05-18 14:43 - 2016-04-14 17:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-05-18 14:43 - 2016-04-14 17:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-05-18 14:43 - 2016-04-14 17:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-05-18 14:43 - 2016-04-14 17:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-05-18 14:43 - 2016-04-14 16:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-05-18 14:43 - 2016-04-14 16:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-05-18 14:43 - 2016-04-14 16:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-05-18 14:43 - 2016-04-14 16:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-05-18 14:43 - 2016-04-14 16:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-05-18 14:43 - 2016-04-14 16:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-05-16 21:09 - 2016-05-16 21:16 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Speed Fix Tool Plus
2016-05-11 09:19 - 2016-04-23 18:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 09:19 - 2016-04-23 17:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 09:19 - 2016-04-23 06:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 09:19 - 2016-04-23 06:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-11 09:19 - 2016-04-23 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-11 09:19 - 2016-04-23 06:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-11 09:19 - 2016-04-23 06:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 09:19 - 2016-04-23 06:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 09:19 - 2016-04-23 06:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-11 09:19 - 2016-04-23 06:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-11 09:19 - 2016-04-23 06:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-11 09:19 - 2016-04-23 05:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-11 09:19 - 2016-04-23 05:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-11 09:19 - 2016-04-23 05:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-11 09:19 - 2016-04-23 05:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 09:19 - 2016-04-23 05:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-11 09:19 - 2016-04-23 05:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-11 09:19 - 2016-04-23 05:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-11 09:19 - 2016-04-23 05:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 09:19 - 2016-04-23 05:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-11 09:19 - 2016-04-23 05:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-11 09:19 - 2016-04-23 05:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 09:19 - 2016-04-23 05:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-11 09:19 - 2016-04-23 05:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-11 09:19 - 2016-04-23 05:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-11 09:19 - 2016-04-23 05:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-11 09:19 - 2016-04-23 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-11 09:19 - 2016-04-23 05:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-11 09:19 - 2016-04-23 05:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 09:19 - 2016-04-23 05:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 09:19 - 2016-04-23 05:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 09:19 - 2016-04-23 05:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-11 09:19 - 2016-04-23 05:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-11 09:19 - 2016-04-23 05:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 09:19 - 2016-04-23 05:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-11 09:19 - 2016-04-23 05:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-11 09:19 - 2016-04-23 05:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-11 09:19 - 2016-04-23 05:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 09:19 - 2016-04-23 05:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 09:19 - 2016-04-23 05:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 09:19 - 2016-04-23 05:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-11 09:19 - 2016-04-23 05:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-11 09:19 - 2016-04-23 05:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 09:19 - 2016-04-23 04:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-11 09:19 - 2016-04-23 04:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 09:19 - 2016-04-23 04:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-11 09:19 - 2016-04-23 04:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-11 09:19 - 2016-04-23 04:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 09:19 - 2016-04-23 04:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-11 09:19 - 2016-04-23 04:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 09:19 - 2016-04-23 04:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-11 09:19 - 2016-04-23 04:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-11 09:19 - 2016-04-23 04:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-11 09:19 - 2016-04-23 04:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-11 09:19 - 2016-04-23 04:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 09:19 - 2016-04-23 04:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-11 09:19 - 2016-04-23 04:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 09:19 - 2016-04-23 04:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 09:19 - 2016-04-23 04:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 09:19 - 2016-04-23 04:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 09:19 - 2016-04-23 04:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-11 09:19 - 2016-04-23 04:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 09:19 - 2016-04-23 04:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 09:19 - 2016-04-23 04:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 09:19 - 2016-04-23 04:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 09:19 - 2016-04-23 04:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 09:18 - 2016-04-09 08:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 09:18 - 2016-04-09 08:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 09:18 - 2016-04-09 08:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 09:18 - 2016-04-09 07:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 09:18 - 2016-04-09 07:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 09:18 - 2016-04-09 07:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 09:18 - 2016-04-09 07:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 07:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 09:18 - 2016-04-09 06:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 09:18 - 2016-04-09 06:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 09:18 - 2016-04-09 06:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 09:18 - 2016-04-09 06:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 09:18 - 2016-04-09 06:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 09:18 - 2016-04-09 06:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 09:18 - 2016-04-09 06:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 09:18 - 2016-04-09 06:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 09:18 - 2016-04-09 06:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 09:18 - 2016-04-09 06:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 09:18 - 2016-04-09 06:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 06:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 06:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 09:18 - 2016-04-09 06:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 09:18 - 2016-04-06 16:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-11 09:17 - 2016-04-14 14:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 09:17 - 2016-04-14 14:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 09:17 - 2016-04-09 08:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 09:17 - 2016-04-09 08:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 09:17 - 2016-04-09 07:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 09:17 - 2016-04-09 07:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 09:17 - 2016-04-09 07:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 09:17 - 2016-04-09 06:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 09:16 - 2016-04-09 05:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 09:16 - 2016-04-09 04:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-08 13:51 - 2014-09-17 10:12 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-08 13:50 - 2015-10-13 07:56 - 00000000 ____D C:\Users\Colin\AppData\Roaming\vlc
2016-06-08 13:03 - 2016-04-22 12:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-08 13:00 - 2014-05-29 13:00 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{74261E1B-6682-4F70-AADB-C3A8B07E17B7}
2016-06-08 12:50 - 2009-07-14 05:45 - 00032352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-08 12:50 - 2009-07-14 05:45 - 00032352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-08 12:49 - 2014-12-17 21:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-08 12:49 - 2009-07-14 06:13 - 00795138 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-08 12:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-06-08 12:43 - 2014-09-17 10:12 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-08 12:43 - 2014-05-16 20:29 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-08 12:42 - 2014-11-08 19:11 - 00000000 ____D C:\AdwCleaner
2016-06-08 12:42 - 2014-05-16 17:57 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-06-08 12:42 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-08 12:15 - 2014-12-17 20:54 - 00000510 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d075e98f-7c56-4126-9981-52576a084aab.job
2016-06-08 12:15 - 2014-11-07 20:44 - 00000000 ____D C:\ProgramData\MFAData
2016-06-08 12:00 - 2014-12-17 20:54 - 00000510 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task fcf1f375-4b2f-4817-abcb-7ad088dbbf93.job
2016-06-08 10:41 - 2014-11-08 12:37 - 00000000 ____D C:\Windows\erdnt
2016-06-08 09:08 - 2015-04-02 18:07 - 00000000 ____D C:\Program Files\Rockstar Games
2016-06-08 09:08 - 2014-05-18 08:27 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-06-07 21:27 - 2014-05-16 21:15 - 00000000 ____D C:\Users\Colin\AppData\Local\Spotify
2016-06-07 20:59 - 2014-05-16 21:12 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Spotify
2016-06-05 13:48 - 2014-05-27 07:43 - 00000000 ____D C:\Users\Colin\Documents\K-O
2016-06-05 12:51 - 2014-11-11 08:29 - 00000000 ____D C:\Users\Colin\AppData\Local\CrashDumps
2016-06-05 11:57 - 2014-04-16 22:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-06-03 14:41 - 2014-11-11 18:43 - 00001908 _____ C:\Windows\diagwrn.xml
2016-06-03 14:41 - 2014-11-11 18:43 - 00001908 _____ C:\Windows\diagerr.xml
2016-06-03 11:47 - 2014-12-17 20:54 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-06-01 10:27 - 2014-06-04 11:37 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Tropico 5
2016-05-28 10:43 - 2014-11-05 11:54 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-05-28 10:31 - 2014-12-17 21:07 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-27 09:15 - 2014-05-18 09:49 - 00000000 ____D C:\Users\Colin\AppData\Local\ElevatedDiagnostics
2016-05-27 09:09 - 2015-03-28 21:31 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-27 09:09 - 2015-03-28 21:31 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-21 17:47 - 2014-12-26 21:08 - 00000000 ____D C:\Users\Colin\Documents\GTA San Andreas User Files
2016-05-21 06:32 - 2014-08-13 06:52 - 00054156 ____H C:\Windows\QTFont.qfn
2016-05-19 10:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-05-17 21:07 - 2014-05-16 20:24 - 00000000 ____D C:\Users\Colin\AppData\Local\Microsoft Games
2016-05-17 15:40 - 2014-05-27 08:10 - 00000000 ____D C:\Users\Colin\Documents\Bus Timetables
2016-05-17 12:18 - 2014-05-30 19:00 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2016-05-16 21:26 - 2014-12-22 17:39 - 00000000 ____D C:\Users\Colin\AppData\Roaming\IObit
2016-05-16 21:26 - 2014-12-22 17:38 - 00000000 ____D C:\Users\Colin\AppData\LocalLow\IObit
2016-05-16 21:26 - 2014-12-17 17:29 - 00000000 ____D C:\Users\Colin
2016-05-16 21:25 - 2014-12-30 13:56 - 00000000 ____D C:\Program Files (x86)\AOL Desktop 9.7
2016-05-16 21:25 - 2014-12-22 17:39 - 00000000 ____D C:\ProgramData\IObit
2016-05-16 21:25 - 2014-12-22 17:38 - 00000000 ____D C:\Program Files (x86)\IObit
2016-05-16 21:25 - 2014-11-07 20:53 - 00000000 ____D C:\ProgramData\AVG2015
2016-05-16 21:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-05-14 18:35 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-05-14 18:34 - 2014-05-16 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-05-14 17:53 - 2014-05-22 11:10 - 00000000 ____D C:\Users\Colin\AppData\Local\id Software
2016-05-14 09:39 - 2015-10-14 12:58 - 00000000 ____D C:\Users\Colin\AppData\Roaming\dvdcss
2016-05-13 12:03 - 2016-04-22 12:41 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 12:03 - 2016-04-22 12:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 12:03 - 2016-04-22 12:41 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 20:14 - 2014-12-26 07:05 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-12 10:55 - 2014-12-11 15:22 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-12 10:26 - 2014-09-05 10:39 - 00000000 ____D C:\Users\Colin\AppData\Local\Adobe
2016-05-11 14:25 - 2014-05-19 19:25 - 00000000 ____D C:\ProgramData\Origin
2016-05-11 09:31 - 2009-07-14 05:45 - 00288552 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-11 09:30 - 2011-04-12 09:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 09:25 - 2014-05-18 08:42 - 00000000 ____D C:\Windows\system32\MRT
2016-05-11 09:20 - 2014-12-17 19:00 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-11 06:46 - 2014-09-17 10:12 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 06:46 - 2014-09-17 10:12 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 19:37 - 2014-12-23 13:45 - 00007673 _____ C:\Users\Colin\AppData\Local\Resmon.ResmonCfg
2016-05-09 17:20 - 2014-05-17 19:19 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-05-09 14:54 - 2014-05-20 10:33 - 00000000 ____D C:\Users\Colin\Documents\EA Games
2016-05-09 13:20 - 2014-05-19 19:25 - 00000000 ____D C:\Program Files (x86)\Origin

==================== Files in the root of some directories =======

2014-05-18 09:41 - 2014-05-18 09:41 - 0000359 _____ () C:\Users\Colin\AppData\Roaming\Gangsters2Setup.lnk
2016-04-22 11:54 - 2016-04-22 11:54 - 0000115 _____ () C:\Users\Colin\AppData\Roaming\LogFile.txt
2002-08-08 00:13 - 2002-08-08 00:13 - 0319488 ____R () C:\Users\Colin\AppData\Roaming\MafiaSetup.exe
2014-12-23 13:45 - 2016-05-10 19:37 - 0007673 _____ () C:\Users\Colin\AppData\Local\Resmon.ResmonCfg
2015-08-01 14:54 - 2015-08-01 14:55 - 0000000 _____ () C:\Users\Colin\AppData\Local\{2602AFEB-82BB-42EB-95DB-3BA6DF63D216}

Some files in TEMP:
====================
C:\Users\Colin\AppData\Local\Temp\cres.dll
C:\Users\Colin\AppData\Local\Temp\cshell.dll
C:\Users\Colin\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7410004.dll
C:\Users\Colin\AppData\Local\Temp\GTA_V_Launcher_1_0_757_3.exe
C:\Users\Colin\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Colin\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Colin\AppData\Local\Temp\libeay32.dll
C:\Users\Colin\AppData\Local\Temp\msvcr120.dll
C:\Users\Colin\AppData\Local\Temp\SIntf16.dll
C:\Users\Colin\AppData\Local\Temp\SIntf32.dll
C:\Users\Colin\AppData\Local\Temp\SIntfNT.dll
C:\Users\Colin\AppData\Local\Temp\sqlite3.dll
C:\Users\Colin\AppData\Local\Temp\sres.dll
C:\Users\Colin\AppData\Local\Temp\_is2EF3.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-04 12:15

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-06-2016
Ran by Colin (2016-06-08 13:51:35)
Running from C:\Users\Colin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-12-17 16:39:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3369568051-1984934905-614767478-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3369568051-1984934905-614767478-1006 - Limited - Enabled)
Colin (S-1-5-21-3369568051-1984934905-614767478-1001 - Administrator - Enabled) => C:\Users\Colin
Guest (S-1-5-21-3369568051-1984934905-614767478-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3369568051-1984934905-614767478-1008 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: Ad-Aware Antivirus (Disabled - Out of date) {B0CC18C6-E527-6EE6-874C-9D19920E5619}
AV: AVG Internet Security 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Ad-Aware Antivirus (Disabled - Out of date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
FW: Ad-Aware Firewall (Disabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1701 A.D. - The Sunken Dragon (HKLM-x32\...\{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}) (Version: 2.03 - Aspyr)
1701 A.D. (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
3D Pinball (HKLM-x32\...\{C342E30B-52F9-4657-96B6-32E399B9DEB2}) (Version: 5.1.2600.5512 - Microsoft Coprporation)
ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
Ad-Aware Antivirus (HKLM\...\{50E2E8FE-1F8B-4F21-BE9F-F9152D3EA5B1}_AdAwareUpdater) (Version: 11.10.767.8917 - Lavasoft)
AdAwareInstaller (Version: 11.10.767.8917 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.10.767.8917 - Lavasoft) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Mythology - The Titans Expansion (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version:  - )
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version:  - )
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
American McGee's Alice(tm) (HKLM-x32\...\{77B5AD60-8F14-11D4-9BC9-0050041A1090}) (Version:  - )
ANNO 1404 - Venice (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ANNO 1503 (HKLM-x32\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version:  - )
ANNO 1602 - Gold Edition (HKLM-x32\...\{077A7810-A937-4465-AD08-ACED9807995F}) (Version:  - )
AntimalwareEngine (Version: 3.0.99.0 - Lavasoft) Hidden
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
Ashes Cricket 2009 (HKLM-x32\...\InstallShield_{8B39736E-7C8C-4A32-82C1-F94245F20D85}) (Version: 1.00.0000 - Codemasters)
Ashes Cricket 2009 (x32 Version: 1.00.0000 - Codemasters) Hidden
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version:  - Ubisoft)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Assassin's Creed Syndicate (HKLM-x32\...\Uplay Install 1875) (Version: 1.50 - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6201 - AVG Technologies)
AVG 2015 (Version: 15.0.4598 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6201 - AVG Technologies) Hidden
Barbarian Invasion (HKLM-x32\...\{FD69C8CB-6964-432C-98AB-A5A09ED50EEA}) (Version: 1.4 - )
BioShock (HKLM-x32\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.5.0000 - 2K Games)
BioShock 2 (HKLM-x32\...\{4A8B461A-9336-4CF9-98F4-14DD38E673F0}) (Version: 1.00.0000 - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Blue Byte Game Channel (HKLM-x32\...\Blue Byte Game Channel) (Version:  - UbiSoft)
Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Bulletstorm (HKLM-x32\...\GFWL_{45410935-3E72-472B-8C35-AB1000008200}) (Version: 1.0.0000.130 - EA)
Bulletstorm (x32 Version: 1.0.0000.130 - EA) Hidden
BulletStorm (x32 Version: 1.0.0005.130 - EA) Hidden
Bully Scholarship Edition (HKLM-x32\...\InstallShield_{A724605D-B399-4304-B8C7-33B3EF7D4677}) (Version: 1.00.0200 - Rockstar Games)
Bully Scholarship Edition (x32 Version: 1.00.0200 - Rockstar Games) Hidden
Catalyst Control Center Next Localization BR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CCS64 V3.9.1 (HKLM-x32\...\{B7B5A370-3DFF-4F0E-AE11-FD267C4938AA}) (Version: 1.0.0 - Computerbrains C.C.S.)
Civilization III (HKLM-x32\...\{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}) (Version:  - )
Civilization III v1.29f (HKLM-x32\...\{31E2413D-8AA1-43EC-8B8D-77B65ADA4611}) (Version:  - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Cricket Captain 2008 (HKLM-x32\...\InstallShield_{2E84EEAF-B61D-4FA1-ABE6-054B055A14B6}) (Version: 8.11 - Empire Interactive)
Cricket Captain 2008 (x32 Version: 8.11 - Empire Interactive) Hidden
Crysis WARHEAD(R) (HKLM-x32\...\Crysis WARHEAD(R)) (Version:  - Electronic Arts)
Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek) Hidden
Crysis WARHEAD(R) Patch (HKLM-x32\...\Crysis WARHEAD(R) Patch) (Version:  - Electronic Arts)
Crysis WARHEAD(R) Patch (x32 Version: 1.0 - Crytek) Hidden
Crysis(R) (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
D-Fend Reloaded 1.3.6 (deinstall) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.3.6 - Alexander Herzog)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
DOOM (HKLM\...\Steam App 379720) (Version:  - id Software)
Doom 3 (HKLM-x32\...\InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}) (Version: 1.2 - Activision)
Doom 3 (x32 Version: 1.2 - Activision) Hidden
DOOM 3: BFG Edition (HKLM-x32\...\Steam App 208200) (Version:  - id Software)
DOOM 3: Resurrection of Evil (HKLM-x32\...\InstallShield_{04347DFD-87B6-4E30-B14D-5DF2888AD8F5}) (Version: 1.0 - Activision)
DOOM 3: Resurrection of Evil (x32 Version: 1.0 - Activision) Hidden
DRIV3R (HKLM-x32\...\{01DBF423-E27B-45DA-B7F3-F9D4DB39B1C9}) (Version: 1.00.000 - )
Driver Fusion (HKLM-x32\...\Driver Fusion) (Version: 2.1 - Treexy)
Driver San Francisco (HKLM-x32\...\Driver San Francisco) (Version: 1.4.0.0 - Ubisoft)
Driver: Parallel Lines (HKLM-x32\...\{31CB0D80-1866-462A-9455-88614410971F}) (Version: 1.00.0000 - Ubisoft)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version:  - 3D Realms)
Duke Nukem: Manhattan Project (HKLM-x32\...\Steam App 240200) (Version:  - Sunstorm Interactive, 3D Realms)
EAX Unified (HKLM-x32\...\EAX Unified) (Version:  - )
Empire Earth - The Art of Conquest (HKLM-x32\...\{B49C924C-A651-4378-94F6-5D9BF44A959F}) (Version:  - )
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.20 - Sierra)
Empire Earth II: The Art of Supremacy (HKLM-x32\...\{F596C356-BF35-4ED7-981C-CC791461A8F0}) (Version: 1.0 - Sierra)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
Europa 1400 - Gold Edition (HKLM-x32\...\Europa 1400 - Gold Edition) (Version:  - )
Evil Genius (HKLM-x32\...\Evil Genius_is1) (Version:  - Elixir Studios Ltd)
F.E.A.R. 2: Project Origin (HKLM-x32\...\Steam App 16450) (Version:  - Monolith)
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version:  - Day 1 Studios)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout 3 Patch v1.6 (HKLM-x32\...\Updated Unofficial Fallout 3 Patch_is1) (Version: 1.6 - )
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry (AMD64 Exclusive Content Update) (Version: 1.00.0000 - Ubisoft) Hidden
Far Cry (HKLM-x32\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Ubisoft)
Far Cry (Patch 1.3) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft)
Far Cry Primal (HKLM-x32\...\Uplay Install 2010) (Version:  - Ubisoft)
FarCry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
FEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FEAR Extraction Point (HKLM-x32\...\{909BBDB7-BABE-434C-9124-863A9F8D1CF8}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FEAR Perseus Mandate (HKLM-x32\...\{226EF119-7B43-4F08-8348-ED66A89BE63C}) (Version: 1.00.0000 - Sierra Entertainment, Inc.)
FIFA MANAGER 08 (HKLM-x32\...\FIFA MANAGER 08) (Version:  - Electronic Arts)
FIFA MANAGER 11 (HKLM-x32\...\FIFA MANAGER 11) (Version: 1.0.0.3 - Electronic Arts)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free All-In-One Media Player (HKLM-x32\...\Free Media Player_is1) (Version:  - Free Software Group)
Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version:  - )
Freedom Force (HKLM-x32\...\Steam App 8880) (Version:  - Irrational Games)
Freedom Force vs. the 3rd Reich (HKLM-x32\...\Steam App 8890) (Version:  - Irrational Games)
Gangsters (HKLM-x32\...\Gangsters) (Version:  - )
Gangsters 2 (HKLM-x32\...\{8BD5B620-AA88-11D4-AEC7-0008C739EC2A}) (Version:  - )
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V - The Manual (HKLM-x32\...\{752EBD91-8B95-42B5-8692-A7243A6EEEA9}) (Version: 1.0.0 - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
GT Interactive - Driver (HKLM-x32\...\GT Interactive - Driver) (Version:  - )
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
GTAIII (HKLM-x32\...\{92B94569-6683-4617-8C54-EB27A1B51B30}) (Version:  - )
Guild 2 Patch (HKLM-x32\...\{0C6F0F18-61EE-457C-BA92-055FA151B90A}) (Version: 1.0.0 - JoWood)
Guild 2 Patch (HKLM-x32\...\{E9E09EAA-0FF8-42A1-ACAB-67F2A691E50F}) (Version: 1.0.0 - JoWood)
Heretic II (HKLM-x32\...\Heretic II) (Version:  - )
Hexen II (HKLM-x32\...\Hexen2UninstallKey) (Version:  - )
Hexen II Mission Pack (HKLM-x32\...\H2MPUninstallKey) (Version:  - )
Hitman 2: Silent Assassin (HKLM-x32\...\Hitman 2: Silent Assassin) (Version:  - Eidos Interactive)
Hitman Blood Money (HKLM-x32\...\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}) (Version: 1.00.0000 - Eidos)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hitman: Contracts (HKLM-x32\...\Hitman: Contracts) (Version:  - Eidos)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Imperialism II (HKLM-x32\...\Imperialism II) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Jade Empire (HKLM-x32\...\{EEAA7AC3-F651-4842-86E0-4C755181388B}) (Version: 1.0.1.1 - Electronic Arts)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Just Cause 1.00.0000 (HKLM-x32\...\{C9E270CC-AE42-4BD8-B9C6-1EB3A8657FF5}) (Version: 1.00.0000 - Eidos)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche Studios)
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version:  - Avalanche Studios)
Key Remapper v1.8 (HKLM-x32\...\Key Remapper_is1) (Version: 1.8 - ATNSOFT)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
Lords of the Realm III (HKLM-x32\...\{7C1EAF33-82AD-4A63-B56D-4739172714DF}) (Version: 1.01.000 - )
Mafia (HKLM-x32\...\Mafia) (Version:  - )
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Manhunt (HKLM-x32\...\{8A62C8DA-2DB7-4D94-B5BA-1D38FC36E830}) (Version: 1.00.0000 - Rockstar Games)
Max Payne (HKLM-x32\...\{39930321-4C58-4B8B-BCBF-342698C9801D}) (Version:  - )
Max Payne 2 (HKLM-x32\...\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}) (Version: 1.01.102 - )
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Max Payne 3 DLC (HKLM-x32\...\Max Payne 3 DLC) (Version: 1.0.0.0 - Rockstar Games)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Medieval - Total War (TM) - Viking Invasion (TM) (HKLM-x32\...\Medieval - Total War (TM) - Viking Invasion (TM)) (Version: 2.0 - Activision Publishing, Inc.)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.05.000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version:  - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)
Monopoly Tycoon (HKLM-x32\...\{B975F4A1-63B6-11D4-BFEC-005004AF2D32}) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
No One Lives Forever - Game of the Year Edition (HKLM-x32\...\{EE3E60BC-F29F-4E7B-A110-B538387D34DA}) (Version:  - )
No One Lives Forever 2 (HKLM-x32\...\{EBCCE08A-B3EE-40E7-96D7-31741D481015}) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Patrician III (HKLM-x32\...\Patrician III_is1) (Version:  - )
Patrician IV - Rise of a Dynasty (HKLM-x32\...\{D55F88FD-4263-4DCF-B0DF-3149D04DB034}) (Version: 2.0.4.0 - Kalypso Media GmbH)
Patrician IV (HKLM-x32\...\{25B473C3-2C62-482B-858F-94ED76880F79}) (Version: 1.0.0 - Kalypso Media)
PGA Championship Golf CE (HKLM-x32\...\PGA Championship Golf CE) (Version:  - )
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.0.7 - Portforward, LLC)
Port Royale 2 (HKLM-x32\...\Port Royale 2) (Version:  - )
Port Royale 3 (HKLM-x32\...\{E07A21E5-1C16-41E7-9617-2D38CF3A642C}) (Version: 1.3.2.0 - Gaming Minds Studios GmbH)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.1702.0 - CyberLink Corporation)
Prince of Persia (HKLM-x32\...\{7C11154F-3539-4CB5-979D-EF7913473E53}) (Version: 1.0 - Ubisoft)
Prince of Persia 3D (HKLM-x32\...\Prince of Persia 3D) (Version:  - )
Prince of Persia T2T (HKLM-x32\...\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}) (Version: 1.00.999 - Ubisoft)
Prince of Persia The Forgotten Sands™ (HKLM-x32\...\{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}) (Version: 1.0 - Ubisoft)
Prince of Persia The Sands of Time (HKLM-x32\...\{8C453F13-6877-4D34-8816-009ABDE306DB}) (Version: 1.00.181 - )
Prince of Persia The Two Thrones (x32 Version: 1.00.999 - Ubisoft) Hidden
Prince of Persia Warrior Within (HKLM-x32\...\{EE5BC0BB-9EDA-423C-8276-48857B735D68}) (Version: 1.00.999 - )
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quake (HKLM-x32\...\Steam App 2310) (Version:  - id Software)
Quake 4(TM) (HKLM-x32\...\InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}) (Version: 1.0 - Activision)
Quake 4(TM) (x32 Version: 1.0 - Activision) Hidden
Quake II (HKLM-x32\...\Steam App 2320) (Version:  - id Software)
Quake II: Ground Zero (HKLM-x32\...\Steam App 2340) (Version:  - Rogue Entertainment)
Quake II: The Reckoning (HKLM-x32\...\Steam App 2330) (Version:  - Xatrix Entertainment)
Quake III Arena (HKLM-x32\...\Quake III Arena) (Version:  - )
Quake Mission Pack 1: Scourge of Armagon (HKLM-x32\...\Steam App 9040) (Version:  - Ritual Entertainment)
Quake Mission Pack 2: Dissolution of Eternity (HKLM-x32\...\Steam App 9030) (Version:  - Rogue Entertainment)
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
RAGE (HKLM-x32\...\Steam App 9200) (Version:  - id Software)
RAGE Tool Kit (HKLM-x32\...\Steam App 205860) (Version:  - )
Railroad Tycoon 3 (HKLM-x32\...\{DE29025A-091F-4998-AD2D-24C84421190F}) (Version: 1.0 - )
Railroad Tycoon II - Platinum (HKLM-x32\...\{BED27751-CD2A-4C2F-9813-00B9B60C76FE}) (Version:  - )
RCT3 Soaked (HKLM-x32\...\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}) (Version: 1.00.000 - )
Return to Castle Wolfenstein - Platinum Edition (HKLM-x32\...\Return to Castle Wolfenstein - Platinum Edition) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.5 - Rockstar Games)
RollerCoaster Tycoon 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
Rome - Total War - Alexander (HKLM-x32\...\{6C1804BC-094F-431A-BEA5-37A837958029}) (Version: 1.9 - The Creative Assembly)
Rome - Total War(TM) (HKLM-x32\...\InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}) (Version: 1.0 - Activision)
Rome - Total War(TM) (x32 Version: 1.0 - Activision) Hidden
Rome Total War - patch 1.3 (HKLM-x32\...\{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}) (Version: 1.3 - )
Serious Sam 2 (HKLM-x32\...\SeriousSam2) (Version:  - )
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Serious Sam HD: The First Encounter (HKLM-x32\...\Steam App 41000) (Version:  - Croteam)
Serious Sam HD: The Second Encounter (HKLM-x32\...\Steam App 41010) (Version:  - Croteam)
Serious Sam: The First Encounter (HKLM-x32\...\{815050E5-F545-11D4-9569-004095812ACC}) (Version:  - )
Serious Sam: The Second Encounter (HKLM-x32\...\{5BDAA2F7-8E48-4AFF-AA92-B559D0CDF1AD}) (Version:  - )
Sid Meier's Civilization IV Colonization (HKLM-x32\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.01 - Firaxis Games)
Sid Meier's Colonization (Classic) (HKLM-x32\...\Steam App 327400) (Version:  - MicroProse Software, Inc)
Sid Meier's Pirates! (HKLM-x32\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Firaxis Games)
Sid Meier's Pirates! (x32 Version: 1.00.0000 - Firaxis Games) Hidden
Sid Meier's Railroads! (HKLM-x32\...\{EE3FBD3C-782E-4A90-9507-0ECFE1FECCE4}) (Version: 1.10 - Firaxis Games)
Sid Meier's Railroads! (x32 Version: 1.00 - Firaxis Games) Hidden
Sid Meier's Railroads! Holiday Scenario (HKLM-x32\...\Sid Meier's Railroads! Holiday Scenario) (Version: 1.0 - Firaxis Games)
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.3 - IObit)
SMR Map Shifter 1.0 (HKLM-x32\...\SMR Map Shifter) (Version: 1.0 - smrsimple)
Soldier of Fortune II - Double Helix (HKLM-x32\...\Soldier of Fortune II - Double Helix) (Version: 1.03 - Activision, Inc.)
Soldier of Fortune Platinum (HKLM-x32\...\Soldier of Fortune Platinum) (Version:  - )
Sound Blaster Z-Series (HKLM-x32\...\{E48EE8B8-1CD6-4F60-AB93-7C398DAAE08E}) (Version: 1.00.21 - Creative Technology Limited)
Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited)
Spectaculator 8.0 (HKLM-x32\...\{B21AE9DA-E837-4F82-B061-7848B4F3096B}) (Version: 8.0.0.3092 - spectaculator.com)
Spotify (HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Spotify) (Version: 1.0.29.92.g67727800 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.30 - Firefly Studios)
Stronghold 3 (HKLM-x32\...\Steam App 47400) (Version:  - FireFly Studios)
Stronghold Crusader Extreme HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.1003 - Firefly Studios)
Stronghold HD (HKLM-x32\...\Steam App 40950) (Version:  - FireFly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends Bonus Maps (HKLM-x32\...\{42BAEF3D-4364-495F-8909-9774C7992365}) (Version: 1.00.0000 - Firefly Studios)
Sudden Strike (HKLM-x32\...\Sudden Strike) (Version:  - )
Sudden Strike II (HKLM-x32\...\Sudden Strike II) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
Superfrog HD (HKLM-x32\...\Steam App 234000) (Version:  - Team17 Digital Ltd)
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
The Extractor (HKLM-x32\...\The Extractor2.0.2) (Version: 2.0.2 - Simply Free Software)
The Guild 2 - Pirates of the European Seas (HKLM-x32\...\The Guild 2 - Pirates of the European Seas) (Version: V 1.20 - JoWood)
The Guild 2 - Renaissance (HKLM-x32\...\{9BDE15B0-BAA5-437F-B957-57658704ACC5}) (Version: 1.0.0 - JoWooD)
The Guild 2 - Renaissance (HKLM-x32\...\{THEGUILDREN-0010-2010-300520102330}_is1) (Version:  - JoWooD Entertainment AG)
The Guild 2 (HKLM-x32\...\TheGuild2) (Version:  - )
The Movies(TM) - Bonus Costumes (x32 Version: 1.0 - Activision) Hidden
The Movies(TM) (x32 Version: 1.0 - Activision) Hidden
The Movies(TM) Stunts & Effects (HKLM-x32\...\InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}) (Version: 1.2 - Activision)
The Movies(TM) Stunts & Effects (x32 Version: 1.0 - Activision) Hidden
THE SETTLERS - Heritage of Kings (all products) (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
THE SETTLERS - Rise of an Empire (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
The Settlers 7 - Paths to a Kingdom (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.5 - Electronic Arts)
Theme Park Inc (HKLM-x32\...\{094FABA0-4865-11D4-95B6-000103485DB6}) (Version:  - )
Thief - Deadly Shadows (HKLM-x32\...\{FC123EEA-330A-4685-911C-95B8F5E9DE68}) (Version: 1.0 - )
Thief - Deadly Shadows Collective Texture Pack by John P., ver. 1.0.3 (HKLM-x32\...\Collective Thief: DS Texture Pack by John P. 1.03) (Version:  - John P.)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Thief 2 (HKLM-x32\...\Thief2DeinstallKey) (Version:  - )
Thief Gold (HKLM-x32\...\ThiefGoldDeinstallKey) (Version:  - )
Thief Gold HD Mod 0.9.3 (HKLM-x32\...\ThiefGold) (Version:  - )
Tiger Woods PGA TOUR 2004 (HKLM-x32\...\{7E91306C-899F-45F3-B5E9-4B480A27A63D}) (Version:  - )
Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version:  - Creative Assembly)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
TrackMania United 0.2.0.8 (HKLM-x32\...\TmUnited_is1) (Version:  - Nadeo)
Trade Empires (remove only) (HKLM-x32\...\Trade Empires) (Version:  - )
Tropico 3 1.00 (HKLM-x32\...\Tropico3) (Version: 1.00 - Kalypso Media)
Tropico 4 1.00 (HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Tropico 4) (Version: 1.00 - Kalypso Media)
Tropico 5 (HKU\S-1-5-21-3369568051-1984934905-614767478-1001\...\Tropico5) (Version: 1.10 - Kalypso Media)
Tropico Reloaded (HKLM-x32\...\{65422AD6-A33F-49C6-A02C-A6FD81FAAEB2}_is1) (Version:  - Kalypso Media)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ultima 8 (HKLM-x32\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
VEGA$ - Make It Big (HKLM-x32\...\{2981C989-5C50-4BC4-91A0-9BFBAB0997F9}) (Version:  - )
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Wolfenstein (HKLM-x32\...\InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.2 - Activision)
Wolfenstein (x32 Version: 1.0 - Activision) Hidden
Wolfenstein 3D (HKLM-x32\...\Steam App 2270) (Version:  - id Software)
Wolfenstein 3D: Spear of Destiny (HKLM-x32\...\Steam App 9000) (Version:  - id Software)
Wolfenstein(TM) 1.2 Patch  (x32 Version: 1.2 - Activision) Hidden
Wolfenstein(TM) 1.2 Patch (x32 Version:  - ) Hidden
Wolfenstein: The New Order (HKLM-x32\...\Steam App 201810) (Version:  - Machine Games)
Wolfenstein: The Old Blood  (HKLM-x32\...\Steam App 350080) (Version:  - MachineGames)
Zumas Revenge (HKLM-x32\...\{0B153CAB-792B-4CA2-B2A5-AB0BBAF2FFA9}) (Version: 1.0.5.600 - PopCap Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AE796C8-F99F-4B91-9133-FA03D245AAAF} - System32\Tasks\{E173E391-B259-4DEE-BA92-BEE853034033} => pcalua.exe -a "C:\Program Files (x86)\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe" -c /M{FB6908C2-2138-4D6E-9CAF-11D7AE6C3909} /l2057  /x
Task: {0D1BF617-8420-4A74-83DA-DA54649035C5} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCPromote.exe
Task: {1ED65531-D7BD-4BBC-9819-9939B2432546} - \SUPERAntiSpyware Scheduled Task 58720337-6454-484e-b344-43d3e2cfe5ee -> No File <==== ATTENTION
Task: {39BE0F9C-C2FA-43EE-8B3D-142B2A9B3B2C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {4600C04C-3545-457C-96C3-36FB46787473} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {74D33BA3-11CD-4241-BBD1-1A72E5F070B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {74FB4E97-7597-4563-B162-859706AD98EA} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {9EADF1F9-6198-4C00-AE16-4A6C473D8DDA} - System32\Tasks\SUPERAntiSpyware Scheduled Task d075e98f-7c56-4126-9981-52576a084aab => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {B992CAA0-678F-473E-9D93-F6250C68808F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {C3D89CF7-901A-4D30-9D31-E23F638FFC8C} - System32\Tasks\SUPERAntiSpyware Scheduled Task fcf1f375-4b2f-4817-abcb-7ad088dbbf93 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {C9D82CB9-F2D3-4CB5-AB7F-BF9BC9E10860} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3369568051-1984934905-614767478-1001
Task: {D882E52A-B539-463F-8A54-04D1546FD39C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D8F38F39-8E3A-47EB-968C-32D5A885D51F} - \SidebarExecute -> No File <==== ATTENTION
Task: {DE8F9924-1475-4177-BCAF-05E529812FD3} - System32\Tasks\{F111293F-5029-4BB1-9C51-2158FCF300CA} => pcalua.exe -a D:\setup.exe -d D:\
Task: {E4CA875B-6328-4DB9-ACC6-6E403C1B9ADA} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-08-21] (IObit)
Task: {E8C94AA3-620D-4289-95DB-23C662D87E38} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {F37CAD40-613D-445D-B806-713D29240972} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d075e98f-7c56-4126-9981-52576a084aab.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task fcf1f375-4b2f-4817-abcb-7ad088dbbf93.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 09581280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe
2016-01-28 17:48 - 2016-01-28 17:48 - 03549904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\RCF.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00123656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_filesystem-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00025856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_system-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00057096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_date_time-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00107776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_thread-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00035072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_chrono-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00492288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_locale-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 02266344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\HtmlFramework.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00868600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTrayDefaultSkin.dll
2015-04-03 12:55 - 2015-04-03 12:55 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-05-17 09:50 - 2005-08-08 13:54 - 00167936 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-03-21 14:49 - 2016-03-21 14:49 - 00186368 _____ () C:\Windows\SysWOW64\GameManager32.dll
2015-05-20 07:16 - 2016-04-29 21:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-20 07:16 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-05-20 07:16 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-05-20 07:16 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-20 07:16 - 2016-04-30 01:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-05-20 07:15 - 2016-02-09 00:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-20 07:15 - 2016-02-09 00:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-20 07:15 - 2016-02-09 00:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-20 07:15 - 2016-02-09 00:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-20 07:15 - 2016-02-09 00:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-20 07:15 - 2016-04-30 01:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 08:02 - 2016-02-17 23:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2014-09-16 19:17 - 2014-09-16 19:17 - 00048640 _____ () C:\Program Files (x86)\AOL Desktop 9.7\zlib.dll
2014-09-16 19:17 - 2014-09-16 19:17 - 21151232 _____ () C:\Program Files (x86)\AOL Desktop 9.7\libcef.dll
2014-09-16 19:17 - 2014-09-16 19:17 - 00648704 _____ () C:\Program Files (x86)\AOL Desktop 9.7\libglesv2.dll
2014-09-16 19:17 - 2014-09-16 19:17 - 00122880 _____ () C:\Program Files (x86)\AOL Desktop 9.7\libegl.dll
2015-05-20 07:15 - 2016-04-28 02:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:CD30FA91 [182]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-09 18:53 - 00000768 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1    localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3369568051-1984934905-614767478-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ATNSOFT Key Remapper => "C:\Program Files (x86)\ATNSOFT Key Remapper\keyremapper.exe" /startup
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Colin\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Colin\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9F971DA6-B263-4C8C-88C0-64DD11DEA1B9}] => (Allow) E:\3D\UBISOFT\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{1A4B3CD7-996F-499A-9077-C0087B73B783}] => (Allow) E:\3D\UBISOFT\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{D61605AB-EE52-4834-A11C-9216B8403789}] => (Allow) E:\3D\UBISOFT\FarCry 4\bin\FarCry4.exe
FirewallRules: [{48FDAE59-7B54-4FA9-9031-F53B0669B0D1}] => (Allow) E:\3D\UBISOFT\FarCry 4\bin\FarCry4.exe
FirewallRules: [{AB34D2E6-4F77-4975-9D67-1B7361E756A4}] => (Allow) F:\3D\Assassin's Creed Unity\ACU.exe
FirewallRules: [{930C7A6F-CB2F-46CA-9599-24C7E85C42F0}] => (Allow) F:\3D\Assassin's Creed Unity\ACU.exe
FirewallRules: [{E0004F80-D0EE-414F-9DED-3E2087C69DC7}] => (Allow) E:\Steam\SteamApps\common\Stronghold3\bin\win32_release\Stronghold3.exe
FirewallRules: [{6C22AF0A-81B0-4AB4-9172-E96D6AA0C17E}] => (Allow) E:\Steam\SteamApps\common\Stronghold3\bin\win32_release\Stronghold3.exe
FirewallRules: [{0D319FF6-C10D-432F-9BE1-D4D2B53EC8F8}] => (Allow) E:\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{95125D18-F95C-4BC9-A485-E144B307B454}] => (Allow) E:\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{989376CC-EA06-4E5E-9B93-93872F58479C}] => (Allow) E:\Steam\SteamApps\common\Stronghold\Stronghold.exe
FirewallRules: [{A3E8B11A-4066-4752-8E2A-6AFF9C5EFE1A}] => (Allow) E:\Steam\SteamApps\common\Stronghold\Stronghold.exe
FirewallRules: [{3BF0446C-8694-4365-86C7-975F3113860E}] => (Allow) E:\Strategy\Firefly Studios\Stronghold Crusader\stronghold crusader.exe
FirewallRules: [{27EA2B58-48FF-45EE-9E4C-83928D7263E7}] => (Allow) E:\Strategy\Firefly Studios\Stronghold Crusader\stronghold_crusader_extreme.exe
FirewallRules: [{1D0A7EBF-958F-43F1-A683-FCA8D2B23886}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C00D5715-EB23-4BEA-99A3-E2E36DCFC5FC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C11D87C6-1516-45C3-B5C4-9FE8B5D09B10}] => (Allow) E:\Strategy\SimCity\SimCity\SimCity.exe
FirewallRules: [{3B21C6A3-E72C-4619-8341-9B5E16909226}] => (Allow) E:\Strategy\SimCity\SimCity\SimCity.exe
FirewallRules: [{4338B9FB-E60F-4063-BAD5-60193B409C92}] => (Allow) E:\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe
FirewallRules: [{3AE29939-1BEF-4683-83ED-1D701BB932FE}] => (Allow) E:\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe
FirewallRules: [{08D06D95-BD53-4F9E-9316-C2608B34EDB6}] => (Allow) E:\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe
FirewallRules: [{8B1AEFCC-86B4-478F-98E8-CC3C7C4D904E}] => (Allow) E:\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe
FirewallRules: [{826CBD7A-C54F-47CE-A04A-259CE181D023}] => (Allow) F:\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{F205FC84-CB08-42AF-88CE-59AB16CBB796}] => (Allow) F:\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{46C6E65E-5318-4733-97A7-CEF4772643F2}] => (Allow) F:\Steam\SteamApps\common\Freedom Force\fforce.exe
FirewallRules: [{95BFF40B-D856-4567-88B1-FFEA2A2CA598}] => (Allow) F:\Steam\SteamApps\common\Freedom Force\fforce.exe
FirewallRules: [{297FFA46-6465-4D0B-BC96-E9E7FD28BDF8}] => (Allow) F:\Steam\SteamApps\common\Freedom Force vs. the 3rd Reich\ffvt3r.exe
FirewallRules: [{870AB340-84BB-4B68-891F-F0E6C126A4A1}] => (Allow) F:\Steam\SteamApps\common\Freedom Force vs. the 3rd Reich\ffvt3r.exe
FirewallRules: [{6B01BC15-16F9-4076-AA27-CFED2C02DD6D}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{29550E89-528E-4308-8674-930CA26A4072}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{A07BF502-BB4F-44EC-A7F4-ACBE1770262C}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\Addon.exe
FirewallRules: [{1D9BC043-32ED-489E-94BE-BEA614A2DD4F}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\Addon.exe
FirewallRules: [{47B9A853-22AD-47BD-BCE0-35809A3F0C4C}] => (Allow) E:\Steam\SteamApps\common\rage tool kit\Rage64.exe
FirewallRules: [{AD755243-5EFF-4D01-8133-DF2B28BD5A13}] => (Allow) E:\Steam\SteamApps\common\rage tool kit\Rage64.exe
FirewallRules: [{69F118C2-A94E-4507-8B7D-84295A29C7D1}] => (Allow) E:\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{50C7A08F-2039-4F51-A843-9130E86C395F}] => (Allow) E:\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{B0508B77-A1B4-49CB-9685-F8F3DB2523A2}] => (Allow) E:\3D\UBISOFT\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{AA90D478-3D97-4E12-B5B1-31171389FA76}] => (Allow) E:\3D\UBISOFT\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{1C89C07F-BF81-4D9F-B164-AB11C7B4B06C}] => (Allow) E:\3D\UBISOFT\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{04B7B697-576A-4818-844E-AB9B6EBBDF86}] => (Allow) E:\3D\UBISOFT\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{3084DEDB-F273-44EB-AD5E-EA8F901459DD}] => (Allow) E:\3D\UBISOFT\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{DFEB049D-3589-4425-9401-E31406827B70}] => (Allow) E:\3D\UBISOFT\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{5362C9B6-2428-4ACB-A09C-8F8BD08ECC67}] => (Allow) E:\Strategy\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{530DCA38-262B-476D-92FD-F863908DC0F0}] => (Allow) E:\Strategy\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{A4506309-0767-4354-BDB5-1B0255A49FDB}] => (Allow) E:\Strategy\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{C9473A67-E284-4E32-8B1F-515DF6959945}] => (Allow) E:\Strategy\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{3DF4DE6A-ED2E-4D1F-ADBC-AC231F9471EC}] => (Allow) E:\Strategy\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{0D24DD61-8C2E-470F-926A-1439DF9E5FF6}] => (Allow) E:\Strategy\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{FCB18FBC-F3AA-4C96-A0A6-9885D003FCA4}] => (Allow) E:\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [{CCD70A82-A13A-4101-BD89-33F9E40D630E}] => (Allow) E:\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [{E32A7D7E-1D97-4747-9FD2-520A170B4929}] => (Allow) E:\Strategy\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{A5C86970-184E-42E5-B8A1-E0B3554A7FB0}] => (Allow) E:\Strategy\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{CB22DA4A-0947-4B50-9606-A174E4E1DD77}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Liberation HD\ac3lhd_32.exe
FirewallRules: [{3E628C72-6BF6-4088-8D2D-3C3C867B7B32}] => (Allow) E:\3D\UBISOFT\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{AB91341A-E4FB-45CE-84CA-5279D3A58D92}] => (Allow) E:\3D\UBISOFT\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{A7417877-DDC2-4423-ADC7-96F59ABD5482}] => (Allow) E:\3D\UBISOFT\Assassin's Creed III\AC3MP.exe
FirewallRules: [{BB602EEA-09C2-4AC7-B073-410C3EAE7F1D}] => (Allow) E:\3D\UBISOFT\Assassin's Creed III\AC3MP.exe
FirewallRules: [{743F9C6F-1E89-4448-B536-F88282DE161D}] => (Allow) E:\3D\UBISOFT\Assassin's Creed III\AC3SP.exe
FirewallRules: [{0FF71B61-EC1A-45F2-A0B6-BB23B2FA179D}] => (Allow) E:\3D\UBISOFT\Assassin's Creed III\AC3SP.exe
FirewallRules: [{81866719-9A10-474F-B547-C603957713A6}] => (Allow) E:\3D\UBISOFT\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{E8B74E26-7774-49F3-811D-77D4FF8845F6}] => (Allow) E:\3D\UBISOFT\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{B00C3FDA-B687-41A5-9B7A-75F3EA0E66AF}] => (Allow) E:\3D\UBISOFT\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{E73AF23F-E56D-4F26-A69D-8068754F0FCB}] => (Allow) E:\3D\UBISOFT\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [UDP Query User{37272407-FF54-4D6E-8F59-54D68AF5C5C5}E:\3d\rockstar games\max payne 3\maxpayne3.exe] => (Allow) E:\3d\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [TCP Query User{86999504-B048-4B75-905D-A121F1BF55DD}E:\3d\rockstar games\max payne 3\maxpayne3.exe] => (Allow) E:\3d\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{81701FE2-03D3-4829-816D-2A2E72E92DE0}E:\3d\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) E:\3d\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [TCP Query User{4721187F-B75C-4276-90C4-63CD806D4F26}E:\3d\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) E:\3d\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [UDP Query User{2093BC5A-50C3-47DD-A612-53BDDE277A00}E:\strategy\kalypso media\patrician iv\patrician4_addon.exe] => (Allow) E:\strategy\kalypso media\patrician iv\patrician4_addon.exe
FirewallRules: [TCP Query User{A4EF3AB1-59F8-4B6C-A25B-692937EAA897}E:\strategy\kalypso media\patrician iv\patrician4_addon.exe] => (Allow) E:\strategy\kalypso media\patrician iv\patrician4_addon.exe
FirewallRules: [{5A4AD6AB-B246-4393-8882-3775D1B2B8B8}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{47625553-439A-40E9-B7CD-D519D3C4D678}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{671CE42F-B3B4-43A2-BDCB-BDB5AD9585E3}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{788A4B5C-85C9-4AC3-AFC2-DCD6CBEEDB6E}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{FEEB74DE-DCD6-43A9-A5BF-A1C093C22020}] => (Allow) E:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{EF60AFD6-666D-4193-8341-45C37C8B87C7}] => (Allow) E:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{6B7EB7F2-A9B3-4BEC-9055-DCA27F62CB8E}] => (Allow) E:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{5D13BB3C-018B-4448-A1AB-E26310868D6E}] => (Allow) E:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{A48899DC-7041-4759-AC13-CE05B3C3DFD3}] => (Allow) E:\Steam\SteamApps\common\Superfrog\Superfrog.exe
FirewallRules: [{38542D63-FE6A-4EE5-A50B-9806859D8DD3}] => (Allow) E:\Steam\SteamApps\common\Superfrog\Superfrog.exe
FirewallRules: [{484E26E8-1EFD-44F9-9BEC-781796895733}] => (Allow) E:\Steam\SteamApps\common\Spear of Destiny\base\dosbox.exe
FirewallRules: [{80EC3935-23F9-4EB1-81E3-BCA2B330000B}] => (Allow) E:\Steam\SteamApps\common\Spear of Destiny\base\dosbox.exe
FirewallRules: [{DEC0FA44-7254-4BDF-B0CE-C5E1AF814FC8}] => (Allow) E:\Steam\SteamApps\common\Wolfenstein 3D\base\dosbox.exe
FirewallRules: [{E05AE058-6883-4CAA-98B9-A92296F2AB77}] => (Allow) E:\Steam\SteamApps\common\Wolfenstein 3D\base\dosbox.exe
FirewallRules: [UDP Query User{13796DF4-68AC-4F20-BB05-676F75538F46}E:\3d\raven\sof platinum\sof.exe] => (Allow) E:\3d\raven\sof platinum\sof.exe
FirewallRules: [TCP Query User{2767F9F3-62E7-4F1F-B19A-D83172AF21B8}E:\3d\raven\sof platinum\sof.exe] => (Allow) E:\3d\raven\sof platinum\sof.exe
FirewallRules: [{0119571E-9C80-48AF-863D-DBD144872015}] => (Allow) E:\Steam\SteamApps\common\Serious Sam HD The First Encounter\Bin\SamHD.exe
FirewallRules: [{5207C1FF-39ED-4722-98B5-8E52113270FA}] => (Allow) E:\Steam\SteamApps\common\Serious Sam HD The First Encounter\Bin\SamHD.exe
FirewallRules: [UDP Query User{805F5529-F56F-47EB-A39C-39DC3F386E04}E:\3d\quake iii arena\quake3.exe] => (Allow) E:\3d\quake iii arena\quake3.exe
FirewallRules: [TCP Query User{F5C0D17D-63BA-4AD5-AF87-C15F91390B71}E:\3d\quake iii arena\quake3.exe] => (Allow) E:\3d\quake iii arena\quake3.exe
FirewallRules: [{71B3BF2D-E619-41B3-9F04-183430BF6AB4}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{84AC6349-1D35-42FD-9C0A-8E9EAA0E2197}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{05574DC0-555F-4EB9-B4E1-9BCA603C8E9F}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{DF132AF1-FC77-4E00-9DAA-35FDFF4BDDA4}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{DC689682-07F7-4291-8F2C-5219632D5CA4}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{5305F525-9DF0-4FA5-B5D6-5546A28DFEB2}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{5B909457-F110-4A61-A0EF-37442026FE4F}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{FEF407E5-F9A0-4F34-BAB9-352CBDFBE298}] => (Allow) E:\3D\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [UDP Query User{23D581C1-DA45-4C7D-A570-F39116194B28}E:\driving\trackmania united\tmunited.exe] => (Allow) E:\driving\trackmania united\tmunited.exe
FirewallRules: [TCP Query User{99E9B0AB-7354-44F2-9C79-F3F3EF4DC0A2}E:\driving\trackmania united\tmunited.exe] => (Allow) E:\driving\trackmania united\tmunited.exe
FirewallRules: [UDP Query User{0BEE89E4-FBF4-4EA2-9695-A56E8ECB87BB}E:\strategy\microsoft games\age of empires ii\empires2.icd] => (Allow) E:\strategy\microsoft games\age of empires ii\empires2.icd
FirewallRules: [TCP Query User{F8705EDC-6E7B-4ADF-9FB0-401D14F4CFC1}E:\strategy\microsoft games\age of empires ii\empires2.icd] => (Allow) E:\strategy\microsoft games\age of empires ii\empires2.icd
FirewallRules: [UDP Query User{32A4A949-B4AD-4DD7-92DB-7E085AD110A4}E:\strategy\microsoft games\age of empires\empires.exe] => (Allow) E:\strategy\microsoft games\age of empires\empires.exe
FirewallRules: [TCP Query User{5D6B734D-D1B7-4D2D-9848-A217DD0F3CB2}E:\strategy\microsoft games\age of empires\empires.exe] => (Allow) E:\strategy\microsoft games\age of empires\empires.exe
FirewallRules: [UDP Query User{7A1E4F47-E309-486F-8E34-1CA638226EDB}E:\strategy\eidos interactive\hothouse creations\gangsters 2\gangsters2.exe] => (Allow) E:\strategy\eidos interactive\hothouse creations\gangsters 2\gangsters2.exe
FirewallRules: [TCP Query User{D1BC751C-07C6-4E7F-BEC9-CCDF795BA685}E:\strategy\eidos interactive\hothouse creations\gangsters 2\gangsters2.exe] => (Allow) E:\strategy\eidos interactive\hothouse creations\gangsters 2\gangsters2.exe
FirewallRules: [{2FAF55AB-6A6E-4A8D-A96F-8B01B4CF94C2}] => (Allow) E:\Strategy\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{4A169730-F259-4BC4-AA4D-7028C32A213B}] => (Allow) E:\Strategy\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{73DFD73C-EBE9-418E-80E3-1554CEDCC26B}] => (Allow) E:\Strategy\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{FC1D8A83-96E0-4377-94CA-CD37FAC7CBCF}] => (Allow) E:\Strategy\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{1CB066B5-43C3-48CF-AA38-B6269E457022}] => (Allow) E:\3D\EA\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe
FirewallRules: [{6D82585C-77ED-4D4A-ABC9-386276DF0CD8}] => (Allow) E:\3D\EA\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe
FirewallRules: [{88669DFE-CF6B-4734-95CC-1A2789FF62C7}] => (Allow) E:\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{5C509E68-DB95-42D4-8DC3-837D112CCE01}] => (Allow) E:\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{541BF646-5B03-4D5D-8079-55790417D249}] => (Allow) E:\3D\Activision\Wolfenstein\MP\Wolf2MPLite.exe
FirewallRules: [{ED80E624-1D14-4DC2-8D1A-97B875DA3D07}] => (Allow) E:\3D\Activision\Wolfenstein\MP\Wolf2MPLite.exe
FirewallRules: [{A9B39434-84BC-43E5-A048-2986B1ECC56C}] => (Allow) E:\3D\Activision\Wolfenstein\MP\Wolf2MP.exe
FirewallRules: [{2B1A8F99-D87F-4A70-AA97-077298AFF5C2}] => (Allow) E:\3D\Activision\Wolfenstein\MP\Wolf2MP.exe
FirewallRules: [{165FBBF8-58A0-49B7-8057-C7051119DFA6}] => (Allow) E:\3D\2K Games\BioShock 2\MP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{E1C8DA64-0740-4A04-A273-40E7F3A0A977}] => (Allow) E:\3D\2K Games\BioShock 2\MP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{58995601-FC75-466D-BAE5-57633184D3C8}] => (Allow) E:\3D\2K Games\BioShock 2\SP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{968A2CC0-ABA1-4356-AE27-DE1C0EFB1D30}] => (Allow) E:\3D\2K Games\BioShock 2\SP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{3998EDD2-625E-4D29-993B-0BC257B8CD66}] => (Allow) E:\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{32685D5C-6032-483B-B021-9B66B9B45313}] => (Allow) E:\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{973E2CD0-380B-41CB-8AD7-3597A5B6C602}] => (Allow) E:\Steam\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{9D6C41D5-9BB4-40A9-9CF0-B21832E6ED12}] => (Allow) E:\Steam\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{3B061897-76CA-4248-ACC3-FE9DA418D5D0}] => (Allow) E:\3D\Sierra Entertainment\FEAR Perseus Mandate\FEARXP2.exe
FirewallRules: [{0112A1D3-0119-44A5-8FDE-8C57932F4A53}] => (Allow) E:\3D\Sierra Entertainment\FEAR Perseus Mandate\FEARXP2.exe
FirewallRules: [{DD241F13-BFBA-4C24-B1BE-06B15F9C7067}] => (Allow) E:\3D\Sierra\FEAR\FEARXP\FEARXP.exe
FirewallRules: [{66306EE8-0AC1-4F8C-8A3D-11866768EA99}] => (Allow) E:\3D\Sierra\FEAR\FEARXP\FEARXP.exe
FirewallRules: [{837224D2-652A-413D-9575-36C814B6A348}] => (Allow) E:\3D\Sierra\FEAR\FEARMP.exe
FirewallRules: [{C9F923C0-F15B-48B8-89CD-F7A7C6FF38A5}] => (Allow) E:\3D\Sierra\FEAR\FEARMP.exe
FirewallRules: [{44E452D7-CB40-4CC8-9EF5-2EAFAFDF9CB7}] => (Allow) E:\3D\Sierra\FEAR\FEAR.exe
FirewallRules: [{3CC58E27-117E-44CF-9E07-4443E13E7B7D}] => (Allow) E:\3D\Sierra\FEAR\FEAR.exe
FirewallRules: [{0C69A782-2FDC-4E7F-A267-D1C55640CFF1}] => (Allow) E:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{638D30AC-93F6-433A-9CF7-AC38C2A83DD0}] => (Allow) E:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{288D26F7-CB21-4484-85D8-B32F62ED3DA6}] => (Allow) E:\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{D3D39352-9205-4881-B5DB-4458AF18E6F7}] => (Allow) E:\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{907F897C-4DAF-4647-9A20-5C546F6E445D}] => (Allow) E:\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{07FD2763-A36A-4126-BB58-847035B1C44C}] => (Allow) E:\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{F719567F-5D26-48E8-8802-2D9A4514D365}] => (Allow) E:\3D\EA Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{B03DA80F-16FC-4108-9CD9-51610E26D948}] => (Allow) E:\3D\EA Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{6ED22A8C-0BC2-4FB5-B9E6-526C1BC64756}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{311B625C-A61C-4094-A35D-4E20DC74D6FF}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{A473FBD1-6EDE-458D-9BD5-D9D479EADB5F}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{B2C7BE25-43AF-426F-9D70-DED2A2F6F6E8}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{C480A6A1-3CD8-4466-8E92-56319FD3A517}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{E384940A-EFC5-4615-AA5F-EA81CDE95E97}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{D00DC9A3-E733-4A9F-A004-C0C598C364A4}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\farcry3.exe
FirewallRules: [{B9BAC3F1-C766-48C4-A146-A3996D5513D8}] => (Allow) E:\3D\UBISOFT\FarCry 3\bin\farcry3.exe
FirewallRules: [{2513877E-2DEC-4C1C-B7C0-DA99244D8986}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{37A51B5B-E353-4CD4-9C9C-C696069C8EC8}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{04CFBA6F-A811-4285-BA97-FA9724D7E230}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{88304FB3-3513-44AF-B1E6-E935C450A6B1}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{D446A66D-DE24-47D5-BD8E-DFC365770509}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{0CBD0D63-578E-4CDA-9F42-AED9F44CD241}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{94D5BD34-87DB-4DEE-8161-F6366B678E30}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{CF3C36BF-EF73-44AA-85ED-A753C16C4948}] => (Allow) E:\3D\UBISOFT\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{0ADBFDBA-B8FD-4241-A674-DDE1190A5FA6}] => (Allow) E:\3D\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{E18E2293-513B-45EF-9AC2-B039698E2746}] => (Allow) E:\3D\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{12F95BC4-01A0-4E6A-B506-CEE684B4D323}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{53D1B922-7094-43E0-9D1B-7FCB940F9942}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{5572996E-8F91-4F63-A5FD-AF774DB17396}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{2594B4E3-3A7F-4428-AB02-2B1AC8E5D0EE}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{59F28F71-5022-4D0A-B0EB-EDEB8DF94DD9}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{F78452ED-98A4-4B01-BC2D-EE47D749BC53}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{698B67AB-686A-426F-BC38-5630065D368D}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{7CBA9CD8-0E93-4BEB-9C07-0E1A06043009}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{5ECB86EF-FE2A-4D64-B3E4-91390D4419CF}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{7050BE1C-36E9-4A44-9430-E05499BEDF0C}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{34038BC2-CEAC-4379-BAD2-CFD1B867059E}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{4DDDBB76-972B-4CBC-BFCD-0F9802A17406}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A57ED098-22B5-4FF3-9DD9-50704B6061E5}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{8D3ACA07-E76B-4318-883A-B0431536105F}] => (Allow) E:\3D\UBISOFT\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{919C4F38-F093-4233-9144-04B09B8A709C}] => (Allow) E:\3D\UBISOFT\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{F94E9C46-7E8D-434E-A15D-3849F487BBA3}] => (Allow) E:\3D\UBISOFT\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{81FB9687-3E4A-453B-ABD5-50B81CE51B5F}] => (Allow) E:\3D\UBISOFT\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{D6F65FDD-2333-4E4A-B7B1-C975239DC02E}] => (Allow) E:\3D\UBISOFT\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{1388D878-6456-4D9C-B7C4-B2D29B259692}] => (Allow) E:\3D\UBISOFT\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{A28F1347-9BF2-4785-8F75-E79CF76753FD}] => (Allow) E:\3D\UBISOFT\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{637FD715-8740-4982-8BAB-AB7DEC996364}] => (Allow) E:\3D\UBISOFT\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{03E76266-6A41-493E-AC7F-3841908FA53E}] => (Allow) E:\3D\UBISOFT\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{D2C4B414-907E-4C5C-8A34-93249AEBE13F}] => (Allow) E:\3D\UBISOFT\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{C62D135F-A8F3-46CC-B630-83C345D87336}] => (Allow) E:\3D\UBISOFT\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{F9898374-B69E-42F7-87FB-CC9D181F2BC6}] => (Allow) E:\3D\UBISOFT\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{B4992645-6B95-4662-8355-1BC199E29318}] => (Allow) E:\3D\UBISOFT\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{1DE4C721-12E8-40EB-8A4F-9848E1695550}] => (Allow) E:\3D\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{85AA4638-A2FC-41EC-A7DC-A98A1BFCB700}] => (Allow) E:\3D\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{A7A8ABA2-FFFC-43C1-A6BD-AD7ABA462334}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\UPlayBrowser.exe
FirewallRules: [{11808E58-7F75-4717-92C0-0ADC97857E62}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\UPlayBrowser.exe
FirewallRules: [{EF40CE61-F058-4A91-8321-1FFAD5162A09}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\gu.exe
FirewallRules: [{910132A5-F5FA-4DDD-ABD2-D92B99A9EB8B}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\gu.exe
FirewallRules: [{BFDA4D81-1077-4A9A-AA26-7EC0B6A8C0AF}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\GameSettings.exe
FirewallRules: [{A69D1768-1F73-4633-9DB1-DC85AFB5FC5E}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\GameSettings.exe
FirewallRules: [{9A86A617-57EC-4212-BE51-AEF36D806246}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\Prince of Persia.exe
FirewallRules: [{C3B072FB-AEBA-415F-A138-BA6F8151A4F6}] => (Allow) E:\3D\UBISOFT\Prince of Persia The Forgotten Sands\Prince of Persia.exe
FirewallRules: [{57B2C69F-6B6B-4525-AA4B-0523BE1A265D}] => (Allow) E:\3D\UBISOFT\Prince of Persia\PrinceOfPersia_Launcher.exe
FirewallRules: [{50B26D11-5230-4155-9382-93DBBCBBF8E7}] => (Allow) E:\3D\UBISOFT\Prince of Persia\PrinceOfPersia_Launcher.exe
FirewallRules: [{89B89FAD-6C58-4CA4-B92D-C48EE76538F2}] => (Allow) E:\3D\UBISOFT\Prince of Persia\Prince of Persia.exe
FirewallRules: [{2FCE0839-3AA5-47E7-92FC-9832A4BFFD45}] => (Allow) E:\3D\UBISOFT\Prince of Persia\Prince of Persia.exe
FirewallRules: [{E585E447-6906-497B-9D97-E1A2930D6C24}] => (Allow) E:\Driving\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{A316DBCF-1563-40A6-9746-01693BFF67BC}] => (Allow) E:\Driving\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{2827EE9C-6C56-43FF-9C3A-F1729BB2F912}] => (Allow) E:\Driving\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{2AE03DB6-8C22-461F-8D33-22AE6D826A11}] => (Allow) E:\Driving\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{99002563-68A1-4571-9859-5B2007C5986F}] => (Allow) E:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{2F543C9C-F6C7-49F2-AE86-5F194CB1E71D}] => (Allow) E:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{813616A2-11ED-4C12-AB01-7300AD4FE438}] => (Allow) E:\Driving\Ubisoft\Driver San Francisco\Driver.exe
FirewallRules: [{42D2A244-6B83-4EF5-9D01-E1843E340890}] => (Allow) E:\Driving\Ubisoft\Driver San Francisco\Driver.exe
FirewallRules: [{7F58B1C5-AB3D-4FF4-8BDB-D02BE027D66C}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{53178738-EB75-4A75-8B4F-CADD1F8EB339}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{D1C10798-6701-43BA-A521-8919CFA13198}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{BDC3A9CB-94A9-4ACF-B97D-A2415459AC6D}] => (Allow) E:\Strategy\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{D1CA2AE7-8D5C-44F2-8779-CE51146AAD66}] => (Allow) E:\Strategy\1701 A.D\1701-AddOn.exe
FirewallRules: [{D23C71DC-21C4-492E-85E6-577C8328B4DB}] => (Allow) E:\Strategy\1701 A.D\1701-AddOn.exe
FirewallRules: [{E3D9212D-1080-4CA0-B87C-7B1F04A59853}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{62583998-5B66-4B4E-9235-4F56A08BCD63}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{AA7BBDBE-03CF-4092-97D3-38195FEF4EF9}] => (Allow) E:\Strategy\Ubisoft\THE SETTLERS - Rise of an Empire\base\bin\Settlers6.exe
FirewallRules: [{52865C6C-E008-4C6D-9776-C32332C8C626}] => (Allow) E:\Strategy\Ubisoft\THE SETTLERS - Rise of an Empire\base\bin\Settlers6.exe
FirewallRules: [{D9A28B8A-D4AB-4CE5-B95E-7ECA69673F93}] => (Allow) E:\Strategy\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [{1DF550C3-DCB2-4A6C-B2E4-3F8619BD31E2}] => (Allow) E:\Strategy\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [{7888A86C-13B1-4F9B-87CF-384D65470C93}] => (Allow) E:\Steam\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{805A357B-F8EB-4F70-B6C5-A6AE7BCE5A0F}] => (Allow) E:\Steam\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{C5AC3758-3BD9-4D5F-A866-83DC1C51A8E5}] => (Allow) E:\Strategy\Kalypso Media\Port Royale 3\PortRoyale3.exe
FirewallRules: [{0B0C84F0-D5FF-4306-8521-1CEB9CD98FC4}] => (Allow) E:\Sport\Codemasters\Ashes Cricket 2009\Cricket2009.exe
FirewallRules: [{F4047A75-4E7E-4A2F-B4C7-9DA7D3D1B436}] => (Allow) E:\Sport\Codemasters\Ashes Cricket 2009\Cricket2009.exe
FirewallRules: [{3475AC3A-F8EB-4BC0-AD38-8D33B51C5937}] => (Allow) E:\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{9E600517-E89E-4BDB-807C-40BAB5EB893B}] => (Allow) E:\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{388909D9-12C9-41F0-B563-170524ACC31C}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{D435E2D2-2593-4982-B3E5-9A41DDA66600}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
FirewallRules: [UDP Query User{CDD9BAF6-CC73-44C0-9879-E509693D6FC0}C:\users\colin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\colin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6D104ED7-11BD-496E-BC76-F74175E09384}C:\users\colin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\colin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{96571BB9-F8FF-4C8C-B5DB-96FA96629BA9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{22F72C4B-99B2-461C-A87A-FDF7049F34E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FDD851D8-F92A-4DCE-95C3-7B378FB521EB}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{2569D93C-575C-438D-9373-87036D968275}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{A6442D53-836E-43C3-8F76-F2932DAD4ADE}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1400261577\ee\aolsoftware.exe
FirewallRules: [{99F212ED-D959-458C-821D-EFDBD6D6B576}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1400261577\ee\aolsoftware.exe
FirewallRules: [{C928DC26-3101-403C-9796-9C6F880D55A4}] => (Allow) C:\Program Files (x86)\Common Files\AOL\ACS\AOLacsd.exe
FirewallRules: [{8A3A4DD5-1C78-4C40-B656-F706AC83BF19}] => (Allow) C:\Program Files (x86)\Common Files\AOL\ACS\AOLacsd.exe
FirewallRules: [{D505038B-591F-453F-A6B6-720E83842053}] => (Allow) C:\Program Files (x86)\Common Files\AOL\ACS\AOLDial.exe
FirewallRules: [{053AE0F4-55DC-4509-9D8D-C561C563ABFB}] => (Allow) C:\Program Files (x86)\Common Files\AOL\ACS\AOLDial.exe
FirewallRules: [{E2707F1B-0389-4EA5-8DDF-63EA64F9EC35}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{32841619-EB3F-45AB-B418-2F62D0FAB89D}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{00F0F85B-253C-4DD5-AF10-22FCE9C9F759}] => (Allow) E:\Strategy\2K Games\Firaxis Games\Sid Meier's Railroads!\RailRoads.exe
FirewallRules: [{E4A0CF52-1E08-456F-BCB6-13BD9AC9DEB1}] => (Allow) E:\Strategy\2K Games\Firaxis Games\Sid Meier's Railroads!\RailRoads.exe
FirewallRules: [{C60BF1D0-4AA8-4D44-8DA7-7194553F0040}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{AEA5FDDC-310D-41C3-9FA4-BF277DBA06F8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{869B971A-6D97-4282-AD71-D26A21021D21}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{95BCC87E-57CC-4C90-9E87-FD0484865B11}] => (Allow) LPort=2869
FirewallRules: [{1CA83558-58C5-4B38-954B-1D73418D2423}] => (Allow) LPort=1900
FirewallRules: [{3B79BD28-8736-4D80-B03B-0969F936B1C2}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
FirewallRules: [{F4EDEDA4-0228-4261-B6B3-6576CEE0A5A8}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
FirewallRules: [{1AF84224-BF5E-4675-B875-848C224F4D6D}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\aolbrowser.exe
FirewallRules: [{B37CD680-210A-488A-8F7C-BE51668F8D5A}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\aolbrowser.exe
FirewallRules: [TCP Query User{94C5F9E1-16C1-44AF-A77E-57F8E036671A}E:\driving\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) E:\driving\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [UDP Query User{D2FE83F1-25E8-461E-8E75-B16B962964BF}E:\driving\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) E:\driving\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [{CF0C799B-F67A-4C34-8B3B-ACFB833FF467}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7B39AE76-3073-4C08-BF6A-03DDE2CED6B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{074481DC-11C3-4153-8296-CD49072E148E}E:\3d\ea games\american mcgee's alice\alice.exe] => (Allow) E:\3d\ea games\american mcgee's alice\alice.exe
FirewallRules: [UDP Query User{B16C2C85-E92E-4718-8CAC-6E29B23A4878}E:\3d\ea games\american mcgee's alice\alice.exe] => (Allow) E:\3d\ea games\american mcgee's alice\alice.exe
FirewallRules: [{DC2A00EE-DC2E-45FC-9515-D7A5254D2F63}] => (Allow) F:\3D\Ubisoft\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{22E335DF-FB30-4DED-BD7E-612D23B897D1}] => (Allow) F:\3D\Ubisoft\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{21A3CE76-4C28-429E-B8F0-1E1693574A78}] => (Allow) E:\Strategy\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{D8AFD6F6-8328-484C-85D9-7E11DF4DDDE3}] => (Allow) E:\Strategy\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{5317F649-6092-4ECE-89DF-DC5694B719C0}] => (Allow) F:\3D\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{DF051433-AC7F-4646-9664-6B435F15D7D7}] => (Allow) F:\3D\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{37CD13D7-2E24-4B87-B57B-8789F42457EE}] => (Allow) E:\Strategy\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{F5516D49-F92A-48FD-B534-7173A4DC847C}] => (Allow) E:\Strategy\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{0355ED4C-1A4D-49E8-9C46-3520C5557E76}] => (Allow) F:\Steam\SteamApps\common\Sid Meier's Colonization\dosbox_windows\dosbox.exe
FirewallRules: [{9DF83335-991C-4F34-A5CB-2257F8C6D22E}] => (Allow) F:\Steam\SteamApps\common\Sid Meier's Colonization\dosbox_windows\dosbox.exe
FirewallRules: [{9C31693B-4C59-4BFB-A34A-70C379AD5E36}] => (Allow) F:\Steam\SteamApps\common\Sid Meier's Colonization\dosbox_windows\daum\dosbox.exe
FirewallRules: [{4791EE89-DAF4-406B-9343-1A3EAA6CC6D9}] => (Allow) F:\Steam\SteamApps\common\Sid Meier's Colonization\dosbox_windows\daum\dosbox.exe
FirewallRules: [{052AC89A-ED20-4F33-B575-24EF0E9CCF69}] => (Allow) F:\Steam\SteamApps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{DB41247F-EC1B-4878-9A86-295E949CE487}] => (Allow) F:\Steam\SteamApps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{285E2788-06A3-44AF-9ED0-90F55D49AFC9}] => (Allow) F:\Steam\SteamApps\common\Quake 2\quake2.exe
FirewallRules: [{FD9C279B-9352-4C66-B4A6-4E8FABD76CEC}] => (Allow) F:\Steam\SteamApps\common\Quake 2\quake2.exe
FirewallRules: [{03CCA364-ECDB-4E0B-8A70-8C870F57FBAE}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem Manhatten Project\prism3d.exe
FirewallRules: [{ED9F24AA-0AB5-4F6F-A3FB-F303CD0D1749}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem Manhatten Project\prism3d.exe
FirewallRules: [{48792522-10A6-4C34-89B2-72DE226F19D0}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem Manhatten Project\DukeNukemManhattanLauncher.exe
FirewallRules: [{E9EB24EE-86FE-4CC7-8DA8-63A0D557EFB7}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem Manhatten Project\DukeNukemManhattanLauncher.exe
FirewallRules: [{828E79F5-873C-4CF0-BCAC-40B83F9399EE}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{E0FC4C19-329C-45FC-9CE1-DACA40ADEA6B}] => (Allow) E:\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{24858B54-06D3-4FF5-B2AA-4249784DFF58}] => (Allow) E:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{DF1331C6-7D4A-433A-84FB-B220A081E501}] => (Allow) E:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{EB661E55-AE3F-45EE-9A2A-9C6B61AFD7C4}] => (Allow) E:\Steam\SteamApps\common\FEAR2\FEAR2.exe
FirewallRules: [{A8A8D36A-EE8F-492B-BCB7-820C9457D04C}] => (Allow) E:\Steam\SteamApps\common\FEAR2\FEAR2.exe
FirewallRules: [{A87075D1-843F-462B-901F-2B3E99D24C8E}] => (Allow) F:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{8F1347A1-5733-4408-AE78-6C01373EC996}] => (Allow) F:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{1D8A950D-9E22-4057-8A6D-0AF02A3DB928}] => (Allow) F:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{E59D726E-1838-4BF3-923C-E1ABDCFD0C55}] => (Allow) F:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{F534CA55-2FE2-4453-9689-F38734FF1584}] => (Allow) F:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{43610AE5-4418-4509-B316-A590AEC99540}] => (Allow) F:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{D1319E98-9C9C-43E8-A854-C8B7A0540C28}] => (Allow) F:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{F84B2491-DF09-4EB2-8112-3B5353457D8B}] => (Allow) F:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E565E83B-D47D-4D44-8EE5-665008B45479}] => (Allow) E:\Steam\SteamApps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{E8E5B904-E1F6-4EBC-A418-CA22557A181F}] => (Allow) E:\Steam\SteamApps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{337B4FAB-C453-43E4-BAE4-2ACC0C34D393}] => (Allow) F:\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{436C4F21-EA87-4BAA-BE6B-947A1DDD0B6E}] => (Allow) F:\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{02F5E983-E491-40AA-9097-5CACB16177F4}] => (Allow) F:\Steam\SteamApps\common\Quake\Winquake.exe
FirewallRules: [{EF5F1660-3284-4672-BEC0-41672C9B730F}] => (Allow) F:\Steam\SteamApps\common\Quake\Winquake.exe
FirewallRules: [{D55F6367-63CB-4B1C-8C4C-5531A627504B}] => (Allow) F:\Steam\SteamApps\common\Quake\qwcl.exe
FirewallRules: [{FCE8A2E9-6DDF-4F9F-ADD4-D470DCAC624A}] => (Allow) F:\Steam\SteamApps\common\Quake\qwcl.exe
FirewallRules: [{90A9BAC5-5DEB-4AAF-B853-E8B963BEAA57}] => (Allow) F:\Steam\SteamApps\common\Quake\Glquake.exe
FirewallRules: [{0E5565D1-AC42-42F9-9DC8-13F9793B7797}] => (Allow) F:\Steam\SteamApps\common\Quake\Glquake.exe
FirewallRules: [{E5EC7F85-0944-4113-9A01-15A8EEF590C8}] => (Allow) F:\Steam\SteamApps\common\Quake\glqwcl.exe
FirewallRules: [{1619D02D-8311-4A07-AE8A-A4F182EA4536}] => (Allow) F:\Steam\SteamApps\common\Quake\glqwcl.exe
FirewallRules: [TCP Query User{20ED31BE-57D5-46B1-96ED-864B1EC3D78B}C:\users\colin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\colin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{08BB469B-4D89-46F1-9EB8-984DD59A410A}C:\users\colin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\colin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{F63BF5BB-95E2-49D4-B4DB-4B18A9B18BA1}F:\driving\rockstar games\grand theft auto v\gta5.exe] => (Allow) F:\driving\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{B48F93CA-A1ED-4E54-8C29-E263AF0989F2}F:\driving\rockstar games\grand theft auto v\gta5.exe] => (Allow) F:\driving\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{A962DC50-43CD-46A6-9D38-4EA7BC52CECC}] => (Allow) E:\Strategy\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{7DDAE2A2-642B-4816-A640-66FA243E07CF}] => (Allow) E:\Strategy\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{7E8A1498-AEA0-48C7-B813-3CAE5DC5B71D}] => (Allow) E:\Strategy\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
FirewallRules: [{8BA622CF-37E3-468B-A7C3-1B639B859D92}] => (Allow) E:\Strategy\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
FirewallRules: [{5425C2A9-2F6A-4103-8529-7BBD5549C2C5}] => (Allow) E:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{8FB56280-33C9-493B-920A-104776EEEED6}] => (Allow) E:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{871BBB40-BFA1-4489-9777-A82204D83EEC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DDF9C0B3-5593-4C0A-A97E-461F16319334}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6626A1EC-E6E3-47F4-A55B-503E06AB3C79}] => (Allow) F:\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{4449BF82-AD23-44E2-9879-82511213D900}] => (Allow) F:\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{325DC6B0-7F5F-486B-9BBC-8FCADF8D94D5}] => (Allow) F:\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{F79D7862-430A-4396-B8F1-0268661A62C2}] => (Allow) F:\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [TCP Query User{14D1E655-E7AA-4F5F-8CB9-00A9E239DB3A}E:\3d\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Allow) E:\3d\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [UDP Query User{287F9650-6362-4FC6-8CAC-1FCAFBE1EEFD}E:\3d\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Allow) E:\3d\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [{F5C982A0-A023-4AF0-A6AB-D3FABAA3BEC6}] => (Allow) F:\3D\Ubisoft\Assassin's Creed Syndicate\ACS.exe
FirewallRules: [{8C6E2091-9B6B-4C73-A23C-31A2307946EA}] => (Allow) F:\Driving\EA Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{03CF25E2-475A-4BDE-8672-0DE60AC362A2}] => (Allow) F:\Driving\EA Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{C13CA77D-4ABB-4ACA-B442-FF949548403D}] => (Allow) F:\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{7FC228F2-6B59-49A5-A074-4141398301DB}] => (Allow) F:\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{59FB65CC-506A-4E37-93D4-5FCC30F88B03}] => (Allow) F:\3D\Ubisoft\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{758A39DE-A8E5-415B-8A92-25AADEBD4966}] => (Allow) F:\3D\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{EFEFFF34-82BE-493A-8230-35E662EBCD2C}] => (Allow) F:\3D\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{55FDF372-51CF-4C50-88F3-9B4F8145C7EF}] => (Allow) F:\3D\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{D3324B39-94BE-4062-8EFF-A9CD5D0FAF37}] => (Allow) F:\3D\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{A3BF91BD-F919-4391-AE44-44BB1C6879F5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{A8CF46D7-2798-4E70-BA32-BFDCB57563FF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{CC76400A-BE81-43DF-82B4-C25147B3FDBB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{5AC69753-929C-43BC-90EE-226D2B4033BB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{6DCA569B-396C-4205-B258-CF627688A42C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{8ADE5CE7-AFA1-4C07-BBE5-BD32E1977792}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{465FCE9D-E5D6-4B3C-B7A7-2F21A561B04C}] => (Allow) F:\Steam\SteamApps\common\DOOM\DOOMx64.exe
FirewallRules: [{E14576D6-2E4C-436F-90BD-C3AE7D9595A1}] => (Allow) F:\Steam\SteamApps\common\DOOM\DOOMx64.exe

==================== Restore Points =========================

31-05-2016 06:35:27 Windows Update
03-06-2016 11:58:42 Windows Update
07-06-2016 06:21:14 Windows Update
08-06-2016 12:33:46 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/08/2016 12:44:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/08/2016 10:54:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/08/2016 06:01:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2016 12:55:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2016 04:18:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2016 06:08:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2016 12:51:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 46.0.1.5966, time stamp: 0x572818c9
Faulting module name: mozglue.dll, version: 46.0.1.5966, time stamp: 0x572808c3
Exception code: 0x80000003
Fault offset: 0x0000efdc
Faulting process id: 0x1f94
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (06/05/2016 12:47:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 46.0.1.5966, time stamp: 0x572818c9
Faulting module name: mozglue.dll, version: 46.0.1.5966, time stamp: 0x572808c3
Exception code: 0x80000003
Fault offset: 0x0000efdc
Faulting process id: 0x2038
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (06/05/2016 05:55:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2016 06:08:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/08/2016 12:51:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/08/2016 12:51:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Colin\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/08/2016 12:51:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/08/2016 12:51:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Colin\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/08/2016 12:51:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/08/2016 12:51:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Colin\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/08/2016 12:51:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/08/2016 12:51:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Colin\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/08/2016 12:51:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/08/2016 12:51:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Colin\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


CodeIntegrity:
===================================
  Date: 2014-11-09 16:57:40.752
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:57:40.738
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:57:40.722
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:57:40.707
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:52:51.323
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:52:51.309
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:52:51.295
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 16:52:51.281
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 12:42:14.788
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-09 12:42:14.774
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4820K CPU @ 3.70GHz
Percentage of memory in use: 40%
Total physical RAM: 8133.48 MB
Available physical RAM: 4861.3 MB
Total Virtual: 16265.14 MB
Available Virtual: 12637.27 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:441.27 GB) (Free:248.17 GB) NTFS
Drive e: () (Fixed) (Total:976.56 GB) (Free:61.19 GB) NTFS
Drive f: () (Fixed) (Total:976.56 GB) (Free:503.06 GB) NTFS
Drive g: () (Fixed) (Total:841.27 GB) (Free:841.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: 6D21CED5)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: 45AD9E1B)
Partition 1: (Active) - (Size=5.9 GB) - (Type=27)
Partition 2: (Not Active) - (Size=441.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

I have thought about replacing the CMOS battery,but before my PC was infected with the poweliks malware the time on my PC was fine.

 

 

Link to post
Share on other sites

  • Root Admin

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

fixlist.txt

 

Link to post
Share on other sites

Hi Ron

Here is the fixlog.txt as requested.

Fix result of Farbar Recovery Scan Tool (x64) Version:08-06-2016
Ran by Colin (2016-06-08 21:40:36) Run:1
Running from C:\Users\Colin\Desktop
Loaded Profiles: Colin (Available Profiles: Colin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
RemoveProxy:
GroupPolicyUsers\S-1-5-21-3369568051-1984934905-614767478-1006\User: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\Colin\AppData\Local\Temp\cres.dll
C:\Users\Colin\AppData\Local\Temp\cshell.dll
C:\Users\Colin\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7410004.dll
C:\Users\Colin\AppData\Local\Temp\GTA_V_Launcher_1_0_757_3.exe
C:\Users\Colin\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Colin\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Colin\AppData\Local\Temp\libeay32.dll
C:\Users\Colin\AppData\Local\Temp\msvcr120.dll
C:\Users\Colin\AppData\Local\Temp\SIntf16.dll
C:\Users\Colin\AppData\Local\Temp\SIntf32.dll
C:\Users\Colin\AppData\Local\Temp\SIntfNT.dll
C:\Users\Colin\AppData\Local\Temp\sqlite3.dll
C:\Users\Colin\AppData\Local\Temp\sres.dll
C:\Users\Colin\AppData\Local\Temp\_is2EF3.exe
Task: {0AE796C8-F99F-4B91-9133-FA03D245AAAF} - System32\Tasks\{E173E391-B259-4DEE-BA92-BEE853034033} => pcalua.exe -a "C:\Program Files (x86)\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe" -c /M{FB6908C2-2138-4D6E-9CAF-11D7AE6C3909} /l2057  /x
Task: {0D1BF617-8420-4A74-83DA-DA54649035C5} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCPromote.exe
Task: {1ED65531-D7BD-4BBC-9819-9939B2432546} - \SUPERAntiSpyware Scheduled Task 58720337-6454-484e-b344-43d3e2cfe5ee -> No File <==== ATTENTION
Task: {39BE0F9C-C2FA-43EE-8B3D-142B2A9B3B2C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {4600C04C-3545-457C-96C3-36FB46787473} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C9D82CB9-F2D3-4CB5-AB7F-BF9BC9E10860} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3369568051-1984934905-614767478-1001
Task: {D882E52A-B539-463F-8A54-04D1546FD39C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D8F38F39-8E3A-47EB-968C-32D5A885D51F} - \SidebarExecute -> No File <==== ATTENTION
Task: {DE8F9924-1475-4177-BCAF-05E529812FD3} - System32\Tasks\{F111293F-5029-4BB1-9C51-2158FCF300CA} => pcalua.exe -a D:\setup.exe -d D:\
Task: {E4CA875B-6328-4DB9-ACC6-6E403C1B9ADA} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-08-21] (IObit)
AlternateDataStreams: C:\ProgramData\TEMP:CD30FA91 [182]
EmptyTemp:
Reboot:


*****************

Processes closed successfully.
Restore point was successfully created.

========= RemoveProxy: =========

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3369568051-1984934905-614767478-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

C:\Windows\system32\GroupPolicyUsers\S-1-5-21-3369568051-1984934905-614767478-1006\User => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKU\S-1-5-21-3369568051-1984934905-614767478-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2" => key removed successfully
C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2" => key removed successfully
C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\Colin\AppData\Local\Temp\cres.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\cshell.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\drm_dialogs.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7380014.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7380015.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7400009.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\drm_dyndata_7410004.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\GTA_V_Launcher_1_0_757_3.exe => moved successfully
C:\Users\Colin\AppData\Local\Temp\jre-8u77-windows-au.exe => moved successfully
C:\Users\Colin\AppData\Local\Temp\jre-8u91-windows-au.exe => moved successfully
C:\Users\Colin\AppData\Local\Temp\libeay32.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\msvcr120.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\SIntf16.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\SIntf32.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\SIntfNT.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\sqlite3.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\sres.dll => moved successfully
C:\Users\Colin\AppData\Local\Temp\_is2EF3.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0AE796C8-F99F-4B91-9133-FA03D245AAAF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AE796C8-F99F-4B91-9133-FA03D245AAAF}" => key removed successfully
C:\Windows\System32\Tasks\{E173E391-B259-4DEE-BA92-BEE853034033} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E173E391-B259-4DEE-BA92-BEE853034033}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D1BF617-8420-4A74-83DA-DA54649035C5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D1BF617-8420-4A74-83DA-DA54649035C5}" => key removed successfully
C:\Windows\System32\Tasks\ASC Task (One-Time) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC Task (One-Time)" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1ED65531-D7BD-4BBC-9819-9939B2432546}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1ED65531-D7BD-4BBC-9819-9939B2432546}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task 58720337-6454-484e-b344-43d3e2cfe5ee => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39BE0F9C-C2FA-43EE-8B3D-142B2A9B3B2C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39BE0F9C-C2FA-43EE-8B3D-142B2A9B3B2C}" => key removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4600C04C-3545-457C-96C3-36FB46787473}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4600C04C-3545-457C-96C3-36FB46787473}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C9D82CB9-F2D3-4CB5-AB7F-BF9BC9E10860}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9D82CB9-F2D3-4CB5-AB7F-BF9BC9E10860}" => key removed successfully
C:\Windows\System32\Tasks\Games\UpdateCheck_S-1-5-21-3369568051-1984934905-614767478-1001 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games\UpdateCheck_S-1-5-21-3369568051-1984934905-614767478-1001" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D882E52A-B539-463F-8A54-04D1546FD39C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D882E52A-B539-463F-8A54-04D1546FD39C}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8F38F39-8E3A-47EB-968C-32D5A885D51F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8F38F39-8E3A-47EB-968C-32D5A885D51F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SidebarExecute" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE8F9924-1475-4177-BCAF-05E529812FD3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE8F9924-1475-4177-BCAF-05E529812FD3}" => key removed successfully
C:\Windows\System32\Tasks\{F111293F-5029-4BB1-9C51-2158FCF300CA} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F111293F-5029-4BB1-9C51-2158FCF300CA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E4CA875B-6328-4DB9-ACC6-6E403C1B9ADA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4CA875B-6328-4DB9-ACC6-6E403C1B9ADA}" => key removed successfully
C:\Windows\System32\Tasks\SmartDefrag4_Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag4_Update" => key removed successfully
C:\ProgramData\TEMP => ":CD30FA91" ADS removed successfully.
EmptyTemp: => 1.2 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 21:41:13 ====

Link to post
Share on other sites

  • Root Admin

Download Sophos Free Virus Removal Tool and save it to your desktop.
 

  • Double click the icon and select Run

Click Next Select I accept the terms in this license agreement, then click Next twice Click Install Click Finish to launch the program Once the virus database has been updated click Start Scanning If any threats are found click Details, then View log file... (bottom left hand corner) Copy and paste the results in your reply Close the Notepad document, close the Threat Details screen, then click Start cleanup Click Exit to close the program If no threats were found please confirm that result....

Let me see those logs, also let me know if you have any remaining issues or concerns...

Thank you,

Link to post
Share on other sites

I'm still getting issues as described in my 1st post:-

When i boot up my PC now,i get a American megatrends screen which tells me i have 2 keyboards(I only have 1 attached,2 mice(i do have 2),2 hubs.I then press F1 to go into the BIOS setup program.I then press return twice for Windows to boot up.I then notice my Windows time is lagging by about 5-6 hours.

What else can you suggest i do?

Thank you

Colin

 

 

Link to post
Share on other sites

  • Root Admin

For Time I would say replace the CMOS battery as I mentioned before. The BIOS showing a secondary keyboard I'd simply ignore as it doesn't really matter that much. You could reset the BIOS to factory defaults but that probably would not help. Though if the BIOS is hanging up due to this other keyboard issue then maybe resetting the BIOS to defaults would help. Do not change the SATA/ATA/RAID settings though as that could prevent Windows from booting. Look at what it is and make sure it stays that way after a factory reset.

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.