Jump to content
nt1992

Trojan: Win32/Occamy.B found

Recommended Posts

Hi. My Microsoft Security Essentials Scan found Occamy.B this morning! I used Security Essentials' delete function to remove it but I'm worried the virus is still kicking around my drive. I did some malwarebytes scans after that but they didn't catch anything. I noticed a few posts here where the experts suggested using Farbar Recovery Scan Tool to create a log. So that's what I did. Here's that along with the Addition.txt file from the scan. Any assistance would be greatly appreciated!

 

 

FRST.txt Addition.txt

Share this post


Link to post
Share on other sites

sorry didn't mean to just attach them, here's FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-11-2019
Ran by Nick Torres (administrator) on NICKTORRES-PC (01-11-2019 21:08:54)
Running from C:\Users\Nick Torres\Desktop
Loaded Profiles: Nick Torres (Available Profiles: Nick Torres)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 1999-12-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2499520 2019-09-27] (Hola Networks Ltd -> Hola Networks Ltd.) <==== ATTENTION
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => D:\Applications\iTunes\iTunesHelper.exe [302904 2019-10-03] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [76600 2019-10-01] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => D:\Applications\PowerISO\PWRISOVM.EXE [337432 2013-07-03] (Power Software Ltd -> Power Software Ltd)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => D:\Applications\Quicktime\QTTask.exe [421888 2015-06-17] (Apple Inc.) [File not signed]
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [Steam] => D:\Applications\Steam x64\Steam\steam.exe [3278288 2019-10-30] (Valve -> Valve Corporation)
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Nick Torres\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [Amazon Cloud Player] => C:\Users\Nick Torres\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3109376 2013-07-21] () [File not signed]
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47677240 2019-10-10] (Google LLC -> )
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [GoogleChromeAutoLaunch_EBB015BB97B9A4FB709628EE396F6237] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1696920 2019-10-30] (Google LLC -> Google LLC)
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8202008 2015-04-08] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [Dropbox Update] => C:\Users\Nick Torres\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [Adobe Acrobat Synchronizer] => "D:\Applications\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [f.lux] => C:\Users\Nick Torres\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [uTorrent] => "C:\Users\Nick Torres\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [PCShowServer] => C:\Users\Nick Torres\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe [1632752 2015-08-23] (DIRECTV, LLC. -> Cisco)
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [Octoshape Streaming Services] => C:\Users\Nick Torres\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [500016 2014-08-01] (Octoshape ApS -> Octoshape ApS)
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [SandboxieControl] => D:\Applications\SbieCtrl.exe [799880 2017-10-30] (Invincea, Inc. -> Sandboxie Holdings, LLC)
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [com.squirrel.splice.Splice] => C:\Users\Nick Torres\AppData\Local\splice\app-3.5.71\Splice.exe [52374928 2019-10-05] (DISTRIBUTED CREATION INC. -> Splice)
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [Blend] => C:\Users\Nick Torres\AppData\Local\Programs\Blend\Blend.exe [83606936 2017-11-29] (ROLI Ltd -> The Blend Team)
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [EpicGamesLauncher] => D:\Applications\EPIC\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35977616 2019-10-30] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\RunOnce: [Uninstall C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\MountPoints2: {a8e33b1f-07d4-11e6-bb21-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\MountPoints2: {a8e33b20-07d4-11e6-bb21-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\MountPoints2: {a8e33b23-07d4-11e6-bb21-806e6f6e6963} - I:\setup.exe
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\MountPoints2: {ace8924e-77dc-11e3-8119-60a44c53cda7} - F:\setup.exe
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\MountPoints2: {ace89264-77dc-11e3-8119-60a44c53cda7} - G:\setup.exe
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [67384 2016-07-08] (Apple Inc. -> Apple Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.87\Installer\chrmstp.exe [2019-10-31] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-02] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
AppInit_DLLs-x32:  => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk [2014-02-01]
ShortcutTarget: Air Mouse.lnk -> C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LoopBe30 Monitor.lnk [2016-12-19]
ShortcutTarget: LoopBe30 Monitor.lnk -> C:\Program Files (x86)\nerds.de\LoopBe30\loough.exe (Daniel Schmitt -> nerds.de)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-06-30]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2018-06-12]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions) [File not signed]
Startup: C:\Users\Nick Torres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2019-10-31]
ShortcutTarget: Dropbox.lnk -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C44285A-E10D-43B3-8FB5-9FAD6B71B140} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2790423112-85866878-2890688316-1000Core => C:\Users\Nick Torres\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-19] (Facebook, Inc. -> Facebook Inc.)
Task: {0CB62D08-CB06-483C-8C4F-CFFC023720C3} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2179792 2013-05-13] (Microsoft Corporation -> Microsoft)
Task: {0F69D5D5-C833-42F6-85F1-081C0456265E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {10CB32FB-337A-475A-94C5-4913B7718E49} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {116360A5-8AC5-4CF1-8654-1FFF5088E503} - System32\Tasks\shutdown => C:\Windows\System32\shutdown.exe [34304 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
Task: {1E74C31C-A383-4C7A-85C9-6A6FF30A02FB} - System32\Tasks\{932E700F-8F47-4200-9B0B-F93C84AE17CD} => C:\Windows\system32\pcalua.exe -a "D:\Downloads\Native.Instruments.FM8.VSTi.DXi.RTAS.v1.0.3-AMPLiFY\FM8 1.0.3 Setup.exe" -d D:\Downloads\Native.Instruments.FM8.VSTi.DXi.RTAS.v1.0.3-AMPLiFY
Task: {241BB97F-6CDA-4B72-B7C5-59D3CE876B5C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {296CBA58-7892-4FF2-BC2E-6C8E75939D1A} - System32\Tasks\{69F91220-2AFD-40B4-8FB9-7276CAB9BF85} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/en/go/help.faq.installer?LastError=1638
Task: {2989C462-063C-49C7-A1D9-FBD523867843} - System32\Tasks\{329486D2-9D04-4FCF-9536-0FC2DCBE55C9} => C:\Windows\system32\pcalua.exe -a "D:\Downloads\eventide\Eventide - Bundle VST, VST3, AAX x86 x64 (NO INSTALL, SymLink Installer) [04.01.2019].exe" -d D:\Downloads\eventide
Task: {2C662CDB-2B3F-4B70-BC2E-BE2B06B84B0E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {32B781CA-DCB7-4AFE-97B2-D7B95533FD8E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1491664 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {39A74DF6-4414-498D-861A-11C178B69FB5} - System32\Tasks\{50C895BE-0A37-45D4-AA95-11FE5AD39F8C} => C:\Windows\system32\pcalua.exe -a "D:\Downloads\OPXPROII_11_INSTALLERSET (1)\OP-X PRO-II 1.1 Installer.exe" -d "D:\Downloads\OPXPROII_11_INSTALLERSET (1)"
Task: {3A693152-C8F1-4B7E-AA67-44EF44A6E825} - System32\Tasks\updater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]
Task: {3F0339E1-9AE7-4E44-8B9E-582BA671DBF9} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2108624 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F9B61BB-32F9-414A-8B2C-4BE273DDF852} - System32\Tasks\shutdown 2 => C:\Windows\System32\shutdown.exe [34304 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
Task: {40A273E1-8477-4984-9F70-FE4BE38FF364} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [1346024 2015-08-06] (Symantec Corporation -> Symantec Corporation)
Task: {42D9CF9B-CE0A-4FD0-810D-2BBBCF59BB25} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2790423112-85866878-2890688316-1000UA => C:\Users\Nick Torres\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {449B281C-47DD-4CFB-AC22-2608622F032F} - System32\Tasks\{387BA8F0-A0C5-4CF5-9F69-E1793CC59012} => C:\Windows\system32\pcalua.exe -a "D:\Music\SAMPLE COLLECTION\iZotope NO iLOK\NO INSTALL\iZotope Alloy 2.02 Nectar 2.02 Ozone 4.04 Ozone 5.04 Stutter Edit 1.05 Trash 2.03 NO INSTALL.exe" -d "D:\Music\SAMPLE COLLECTION\iZotope NO iLOK\NO INSTALL"
Task: {47B60734-D74C-44A1-A815-8F1A9466BDF2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2108624 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {481AD13C-B5C4-42DC-B880-B85D2C4533AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {48391138-2944-4839-AD50-90EADCCF84DB} - System32\Tasks\PC SHUTDOWN => C:\Windows\System32\shutdown.exe [34304 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
Task: {495FD7BC-72A1-4A02-B180-67E818F152DC} - System32\Tasks\{488F7923-1218-4120-9CA1-C02EA9CDF1A0} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/en/go/help.faq.installer?LastError=1638
Task: {50E65739-FBAF-4117-AA76-CC02060298CD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {573CE44C-539B-4045-9F98-93ACE9753BA4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {62D8FBB4-3767-4AD6-BA23-918AD4A756A7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2790423112-85866878-2890688316-1000Core => C:\Users\Nick Torres\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6A72F35F-4EAA-4BD3-8B20-BD182F7B610A} - System32\Tasks\ViGEmBusUpdater => C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe [901144 2019-05-10] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
Task: {6E68FDAB-00FE-42AE-884F-A572C8F49048} - System32\Tasks\avastBCLRestartS-1-5-21-2790423112-85866878-2890688316-1000 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {702227F6-0E65-4014-93A2-AC14AC46DCA4} - System32\Tasks\{A4094AB9-862A-4C65-B8DD-FD544BBEE211} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" -c -hunter
Task: {7ED6F831-FB39-4C95-88A3-8DF8CAC3D276} - System32\Tasks\AdobeAAMUpdater-1.0-NickTorres-PC-Nick Torres => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {81FD0443-2DDF-43BF-B8C1-650FD03507BC} - System32\Tasks\{3E03FB4A-FD4F-4D07-A6F3-0F4D331D21C3} => C:\Windows\system32\pcalua.exe -a "D:\Music\SAMPLE COLLECTION\iZotope NO iLOK\INSTALL\iZotope Alloy 2.02 Nectar 2.02 Ozone 4.04 Ozone 5.04 Stutter Edit 1.05 Trash 2.03 INSTALL.exe" -d "D:\Music\SAMPLE COLLECTION\iZotope NO iLOK\INSTALL"
Task: {8A02FA42-7DB8-4C73-9C36-940B19A5924E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6276888 2015-04-08] (Piriform Ltd -> Piriform Ltd)
Task: {911053AA-E4DA-4D4B-BE16-7C95B06CE593} - System32\Tasks\{17D8E6C2-DADD-4675-BBA3-F9B5ADC37828} => C:\Windows\system32\pcalua.exe -a F:\Windows\setup.exe -d F:\Windows
Task: {9E9A820B-4625-4FBE-805E-EB20F2EE2088} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2790423112-85866878-2890688316-1000UA => C:\Users\Nick Torres\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-19] (Facebook, Inc. -> Facebook Inc.)
Task: {A0A8D763-ED8F-4068-A737-B75DF1054377} - System32\Tasks\{FE768964-A2DC-43D2-ADC7-6BF1E18BAD2E} => C:\Windows\system32\pcalua.exe -a D:\Downloads\Sonic.Projects.OP-X.PRO.II.v1.0.Incl.Keygen-AiR\Setup.exe -d D:\Downloads\Sonic.Projects.OP-X.PRO.II.v1.0.Incl.Keygen-AiR
Task: {A2790457-3C82-477A-9174-B041DA551548} - System32\Tasks\{8709A5C6-030C-42CC-A4AB-63A2628EA829} => C:\Windows\system32\pcalua.exe -a D:\Downloads\chromeinstall-8u31.exe -d D:\Downloads
Task: {A4DD74F9-B4BC-4118-9AD2-2290A6214EB4} - System32\Tasks\Shut Down => C:\Windows\System32\shutdown.exe [34304 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
Task: {A4F3203B-1DD0-4758-B36A-0D3FF7C0E678} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {A602A868-5081-498E-A7F8-369D7A48A683} - System32\Tasks\{1BE9F052-BE06-4CBB-A0C1-526AAD6714C8} => C:\Windows\system32\pcalua.exe -a "D:\Downloads\DropclothInstaller 0.3.exe" -d D:\Downloads
Task: {A8CD2AA8-44F1-43EB-807E-BCC8351A44B0} - System32\Tasks\shutdown2 => C:\Windows\System32\shutdown.exe [34304 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
Task: {BC5B548C-E66D-444D-B5DD-A9DE60A65F91} - System32\Tasks\{952E68FB-3524-4D93-B807-135F63F0C6AA} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {BC94DCDC-40F4-4D73-ACAA-09C5460F0FDE} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe
Task: {BE3A0B7F-6296-4108-8C9A-7AEC77EC5F82} - System32\Tasks\{80C58CB3-A638-4C1D-A441-FA87CFFBFE19} => C:\Windows\system32\pcalua.exe -a "D:\Applications\Live 9.5\Program\InstallHelper.exe" -d C:\Windows\system32 -c "D:\Applications\Live 9.5\Program\Ableton Live 9 Suite.exe" "D:\Applications\Live 9.5\Resources\Icons" "Live" "ableton" "D:\Applications\Live 9.5\Program\Ableton Live Engine.dll"
Task: {BF04885B-FD40-4DF6-BDCC-B73F114A05A6} - System32\Tasks\{287304A9-E3E4-44D2-A372-3980AF2EBF85} => C:\Windows\system32\pcalua.exe -a F:\Autorun.exe -d F:\
Task: {BF2CBC86-D002-4BEE-B3A1-4C75DFE682FF} - System32\Tasks\{E23718A9-0D04-41B9-81A1-82D2EA790775} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/en/go/help.faq.installer?LastError=1638
Task: {C2604471-81F5-499A-8AC5-AA76436D29AB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C261E754-177A-4EA4-8E77-CE52BA031673} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C369A985-744C-40E7-9A76-201E059734CA} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe
Task: {C4CA07B0-B9EC-4811-8669-F997D0980193} - System32\Tasks\{54D10E63-27C6-42A3-940A-979699AB6296} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.22.0.107/en/go/help.faq.installer?LastError=1638
Task: {C7F828A3-2EB7-48BA-A710-FABA4C76206C} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {D39BEDAA-50CB-4590-B8AC-42A04E45244F} - System32\Tasks\{E8AC40C3-083F-48BC-9D86-8C24F3AB24D1} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/en/go/help.faq.installer?LastError=1638
Task: {DB4B023C-5C94-4EDC-B103-C27445969D9A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1491664 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {E13D2FA0-4DB8-4AF8-97F1-2A2ADFFE2CCE} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe
Task: {E2A2D03D-285B-4605-968D-BF5CC1CF2F9C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E3D5F9D3-8129-4480-83CC-01135E8FF229} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {E42ED860-B3E3-45D4-A7D6-2C68FEDA24F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-09] (Adobe Inc. -> Adobe)
Task: {E76BC9A8-81B6-4633-9E06-D34ABD42EDFA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {EC2676E7-0033-4712-BC78-1EC28C950511} - System32\Tasks\{8C58FB0B-73AA-4AFB-A21F-3F9FD128052C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?source=lightinstaller&page=tsBing
Task: {F0EA6FC4-E424-4E7B-A799-DDE380234FB9} - System32\Tasks\{0567490E-E585-4C9D-9C05-32DF6F4076BB} => C:\Windows\system32\pcalua.exe -a D:\Downloads\D16.Group.Decimort.VST.v1.0.Incl.Keygen-AiR\a-dgdc10\Setup.exe -d D:\Downloads\D16.Group.Decimort.VST.v1.0.Incl.Keygen-AiR\a-dgdc10
Task: {F8EBA33B-5791-4010-8D9E-705CE9458133} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-09] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2790423112-85866878-2890688316-1000Core.job => C:\Users\Nick Torres\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2790423112-85866878-2890688316-1000UA.job => C:\Users\Nick Torres\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2790423112-85866878-2890688316-1000Core.job => C:\Users\Nick Torres\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2790423112-85866878-2890688316-1000UA.job => C:\Users\Nick Torres\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 167.206.13.180 167.206.13.181
Tcpip\..\Interfaces\{761CD75A-6D90-4D16-AF1B-87432B9578A3}: [DhcpNameServer] 167.206.13.180 167.206.13.181

Internet Explorer:
==================
URLSearchHook: HKU\S-1-5-21-2790423112-85866878-2890688316-1000 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc. -> Yahoo! Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc. -> Yahoo! Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28] (Yahoo! Inc. -> Yahoo! Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc. -> Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-2790423112-85866878-2890688316-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll [2014-04-27] (AVG Technologies -> AVG Secure Search)

FireFox:
========
FF ProfilePath: C:\Users\Nick Torres\AppData\Roaming\Mozilla\Firefox\Profiles\cgned1kc.default [2017-11-26]
FF DownloadDir: D:\Documents\e books
FF Homepage: Mozilla\Firefox\Profiles\cgned1kc.default -> hxxp://us.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}
FF Session Restore: Mozilla\Firefox\Profiles\cgned1kc.default -> is enabled.
FF Extension: (Block site) - C:\Users\Nick Torres\AppData\Roaming\Mozilla\Firefox\Profiles\cgned1kc.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-06-19] [Legacy]
FF SearchPlugin: C:\Users\Nick Torres\AppData\Roaming\Mozilla\Firefox\Profiles\cgned1kc.default\searchplugins\safeguard-secure-search.xml [2013-10-28]
FF HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-07-10] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-09] (Adobe Inc. -> )
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-01] () [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-07] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-07] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> D:\Applications\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]
FF Plugin HKU\S-1-5-21-2790423112-85866878-2890688316-1000: @hola.org/vlc -> C:\Users\Nick Torres\AppData\Local\Hola\firefox\app\vlc\npvlc.dll [No File]
FF Plugin HKU\S-1-5-21-2790423112-85866878-2890688316-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Nick Torres\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll [2017-02-15] (Octoshape -> Octoshape ApS)
FF Plugin HKU\S-1-5-21-2790423112-85866878-2890688316-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Nick Torres\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
FF Plugin HKU\S-1-5-21-2790423112-85866878-2890688316-1000: torrents-time.com/TTPlugin -> C:\Program Files (x86)\TorrentsTime Media Player\bin\npTTPlugin.dll [2019-09-25] (Torrents Time) [File not signed]
FF Plugin HKU\S-1-5-21-2790423112-85866878-2890688316-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2018-06-12] (Ubisoft Entertainment Sweden AB -> )
FF Plugin ProgramFiles/Appdata: C:\Users\Nick Torres\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2016-03-05]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://mysearch.avg.com?cid={67F08C8D-2466-4021-A2FD-6E3BF32F3EED}&mid=f16efd7d216647d3a8d2b1ed0ab72454-56b671731fea097ab6370bfd8e7d45a06eb1536b&lang=en&ds=ts024&coid=avgtbdists&pr=sa&d=2013-10-28 16:59:48&v=17.0.0.12&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={56E035D4-2744-4FB3-B26A-8D61CE132ACA}&mid=f16efd7d216647d3a8d2b1ed0ab72454-56b671731fea097ab6370bfd8e7d45a06eb1536b&lang=en&ds=is015&coid=avgtbdisis&cmpid=&pr=sa&d=2013-12-25 00:16:33&v=17.2.0.38&pid=safeguard&sg=&sap=hp"
CHR Session Restore: Default -> is enabled.
CHR Notifications: Default -> hxxps://mp3andvideoconverter.com; hxxps://ouo.io; hxxps://voice.google.com; hxxps://www.g2a.com; hxxps://www.netflix.com; hxxps://www.pcgamer.com; hxxps://www.reddit.com; hxxps://www.youtube.com; hxxps://y2mate.com
CHR Profile: C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default [2019-11-01]
CHR DownloadDir: D:\Downloads
CHR Extension: (Slides) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-31]
CHR Extension: (JSTorrent Lite) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmohcnlldaiaodkpacnldcdnjjgldfh [2019-04-01]
CHR Extension: (Entanglement Web App) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2018-01-31]
CHR Extension: (Docs) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-31]
CHR Extension: (Google Drive) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-31]
CHR Extension: (Chrome IG Story) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2019-02-13]
CHR Extension: (Rakuten Ebates: Get Cash Back For Shopping) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2019-10-31]
CHR Extension: (OneTab) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2018-01-31]
CHR Extension: (Liberate) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\cochhjhkhbcccaiialbebpmkdlppdmjm [2018-01-31]
CHR Extension: (Session Buddy) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2018-01-31]
CHR Extension: (Sheets) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-31]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2019-10-22]
CHR Extension: (Boxopus) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdifjpojafakgbdkfephddpkjejincan [2018-01-31]
CHR Extension: (AudioPick) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhcppdamigjkficnjnhmnljljhagaha [2019-01-29]
CHR Extension: (Google Docs Offline) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (AdBlock) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-10-23]
CHR Extension: (MediaSave. Download music free) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfgbpkkdodfihabamnkhoaeamkdhnoec [2018-03-25]
CHR Extension: (Alarm Clock Radio) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi [2018-01-31]
CHR Extension: (Skype) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-01-31]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-01-31]
CHR Extension: (Poppit!) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2018-01-31]
CHR Extension: (Reload All Tabs) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\midkcinmplflbiflboepnahkboeonkam [2018-07-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Material Simple Dark Grey) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookepigabmicjpgfnmncjiplegcacdbm [2018-09-11]
CHR Extension: (Gmail) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-31]
CHR HKU\S-1-5-21-2790423112-85866878-2890688316-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\NICKTO~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-01-21]
CHR HKU\S-1-5-21-2790423112-85866878-2890688316-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\18.1.0.443\avg.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-04-02] (BattlEye Innovations e.K. -> )
S2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed]
S2 EaseUS Agent; D:\Applications\Todo Backup\bin\Agent.exe [40104 2019-09-02] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S2 Episode Assistant Service; D:\Applications\Episode 6\bin\tseas.exe [6144 2013-03-12] () [File not signed]
S2 Episode Client Proxy Service; D:\Applications\Episode 6\bin\tsecps.exe [6144 2013-03-12] () [File not signed]
S2 Episode IOserver Service; D:\Applications\Episode 6\bin\tseioss.exe [6144 2013-03-12] () [File not signed]
S2 Episode Node Service; D:\Applications\Episode 6\bin\tsens.exe [7680 2013-03-12] () [File not signed]
S2 Episode XML-RPC Service; D:\Applications\Episode 6\bin\tsexrs.exe [6144 2013-03-12] () [File not signed]
S2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [21052864 2019-09-27] (Hola Networks Ltd -> Hola Networks Ltd.) <==== ATTENTION
S2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [20986416 2019-08-30] (Hola Networks Ltd -> Hola Networks Ltd.) <==== ATTENTION
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
S2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1043584 2010-01-30] (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
S2 InputMapper Cerberus Whitelister; D:\Applications\HIDGUARDIAN\InputMapperCerberusWhitelister.exe [14848 2017-04-21] () [File not signed]
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S2 KinoniRemoteDesktop; C:\Program Files (x86)\Kinoni\Remote Desktop\service.exe [73216 2014-10-26] () [File not signed]
S2 luminati_net_updater_win_hola_org; C:\Program Files\Hola\app\net_updater64.exe [2677184 2019-09-16] (Luminati Networks -> Luminati Networks Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation -> Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation -> Microsoft Corporation)
S2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe [123320 2011-11-07] (Symantec Corporation -> Symantec Corporation)
S3 Origin Client Service; D:\Applications\Origin\OriginClientService.exe [2403120 2019-10-22] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; D:\Applications\Origin\OriginWebHelperService.exe [3282736 2019-10-22] (Electronic Arts, Inc. -> Electronic Arts)
S2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe [126392 2011-11-07] (Symantec Corporation -> Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 rtpMIDIService; C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe [1142272 2012-08-24] (Tobias Erichsen) [File not signed]
S2 SbieSvc; D:\Applications\SbieSvc.exe [198792 2017-10-30] (Invincea, Inc. -> Sandboxie Holdings, LLC)
S2 TTService; C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe [3266584 2019-10-01] (Radius, OOO -> TorrentsTime) [File not signed]
S3 updater; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]
S3 ViGEmBusUpdater; C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe [901144 2019-05-10] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
S2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X]
S3 SysCMD; cmd /K start [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (ASMedia Technology Inc. -> Asmedia Technology)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [130536 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [395752 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies -> AVG Technologies)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [54144 2019-09-02] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [127280 2013-12-19] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Limited.)
S3 FocusriteUSBSwRoot; C:\Windows\System32\DRIVERS\FocusriteUSBSwRoot.sys [92688 2016-11-30] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
S3 HidGuardian; C:\Windows\System32\DRIVERS\HidGuardian.sys [26736 2017-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [33968 2015-08-21] (Paragon Software GmbH -> Paragon Software Group)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2018-06-12] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 LoopBe30; C:\Windows\System32\drivers\loopbe30.sys [16896 2011-02-26] (Daniel Schmitt -> nerds.de)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-11-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Generic USB smartcard reader)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation -> Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation -> Microsoft Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation -> Corel Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [24672 2012-07-22] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 SbieDrv; D:\Applications\SbieDrv.sys [209544 2017-10-30] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2017-11-30] (Slimware Utilities, Inc. -> )
S3 teVirtualMIDI64; C:\Windows\System32\DRIVERS\teVirtualMIDI64.sys [30208 2012-08-16] (Tobias Erichsen -> Tobias Erichsen)
R0 Tpkd; C:\Windows\SysWow64\Drivers\Tpkd.sys [72608 2006-10-05] (PACE Anti-Piracy, Inc.) [File not signed]
S1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102576 2015-08-21] (Paragon Software GmbH -> )
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 ViGEmBus; C:\Windows\System32\DRIVERS\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2008-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S4 nvvhci; system32\DRIVERS\nvvhci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-01 21:08 - 2019-11-01 21:08 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-11-01 10:53 - 2019-11-01 10:53 - 000205675 _____ C:\Users\Nick Torres\Desktop\Shortcut.txt
2019-11-01 10:50 - 2019-11-01 21:09 - 000055721 _____ C:\Users\Nick Torres\Desktop\FRST.txt
2019-11-01 10:41 - 2019-11-01 21:08 - 001493642 _____ C:\Windows\ntbtlog.txt
2019-11-01 09:25 - 2019-11-01 21:09 - 000000000 ____D C:\FRST
2019-11-01 09:17 - 2019-11-01 09:23 - 001619456 _____ (Farbar) C:\Users\Nick Torres\Desktop\FRST64.exe
2019-11-01 00:00 - 2019-11-01 00:01 - 000001000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2019.lnk
2019-10-31 20:56 - 2019-10-31 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goodhertz
2019-10-31 17:16 - 2019-10-31 17:16 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-10-31 17:11 - 2014-01-21 23:43 - 000523268 _____ C:\Users\Nick Torres\Desktop\505.mp4
2019-10-30 18:03 - 2019-10-30 18:03 - 000003530 _____ C:\Windows\system32\Tasks\{80C58CB3-A638-4C1D-A441-FA87CFFBFE19}
2019-10-30 17:46 - 2019-10-30 17:46 - 000000000 ____D C:\ProgramData\Max 8
2019-10-30 17:38 - 2019-10-30 17:38 - 000057085 _____ C:\Users\Nick Torres\Desktop\Authorize.auz
2019-10-30 17:37 - 2019-10-30 17:37 - 000000479 _____ C:\Users\Nick Torres\Desktop\Authorizing Ableton Live Offline.txt
2019-10-30 17:12 - 2019-10-30 17:12 - 000000000 ____D C:\Users\Nick Torres\AppData\Local\Ableton
2019-10-30 17:04 - 2019-10-30 17:04 - 000000617 _____ C:\Users\Nick Torres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 10 Suite.lnk
2019-10-27 16:06 - 2019-10-27 16:06 - 000000000 ____D C:\Users\Nick Torres\AppData\Local\NVIDIA
2019-10-26 20:30 - 2019-09-25 18:02 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2019-10-26 20:28 - 2019-09-27 14:20 - 001683032 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2019-10-26 20:28 - 2019-09-27 14:20 - 000228792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2019-10-26 20:28 - 2019-09-27 14:20 - 000047272 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2019-10-26 20:21 - 2019-09-26 19:23 - 005468016 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-10-26 20:21 - 2019-09-26 19:23 - 002635248 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2019-10-26 20:21 - 2019-09-26 19:23 - 001767464 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2019-10-26 20:21 - 2019-09-26 19:23 - 000653680 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2019-10-26 20:21 - 2019-09-26 19:23 - 000451056 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2019-10-26 20:21 - 2019-09-26 19:23 - 000124784 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2019-10-26 20:21 - 2019-09-26 19:23 - 000083440 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2019-10-26 20:21 - 2019-09-26 03:55 - 008716712 _____ C:\Windows\system32\nvcoproc.bin
2019-10-26 20:20 - 2019-10-26 20:20 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2019-10-22 20:24 - 2019-10-22 20:24 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\Aspyr Media
2019-10-22 20:24 - 2019-10-22 20:24 - 000000000 ____D C:\Users\Nick Torres\AppData\Local\TheObserver
2019-10-22 20:24 - 2019-10-22 20:24 - 000000000 ____D C:\Users\Nick Torres\AppData\Local\cache
2019-10-22 20:24 - 2019-10-22 20:24 - 000000000 ____D C:\Users\Nick Torres\AppData\Local\Aspyr Media
2019-10-22 20:18 - 2019-10-22 20:18 - 000000000 ____D C:\Users\Nick Torres\AppData\LocalLow\David OReilly
2019-10-21 21:34 - 2019-10-28 18:19 - 000004096 ___SH C:\{4F4C1BFD-149A-43F9-BAF4-282C17D47102}.CBM
2019-10-21 21:05 - 2019-10-21 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XLN Audio
2019-10-21 21:05 - 2019-10-21 21:05 - 000000000 ____D C:\Program Files\XLN Audio
2019-10-21 20:26 - 2019-10-21 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeatSkillz
2019-10-21 19:17 - 2019-10-21 19:17 - 000000000 ____D C:\Users\Mathieu
2019-10-21 19:17 - 2019-10-21 19:17 - 000000000 ____D C:\Program Files (x86)\Mathieu Demange
2019-10-15 18:00 - 2019-10-15 18:00 - 000000000 ____D C:\ProgramData\Nefarius Software Solutions e.U
2019-10-12 19:33 - 2019-10-12 19:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_HidGuardian_01009.Wdf
2019-10-12 18:57 - 2019-10-12 18:57 - 000003676 _____ C:\Windows\system32\Tasks\ViGEmBusUpdater
2019-10-12 18:57 - 2019-10-12 18:57 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ViGEmBus_01009.Wdf
2019-10-12 18:50 - 2019-10-12 18:50 - 000000000 ____D C:\Users\Nick Torres\AppData\LocalLow\Studio MDHR
2019-10-12 18:38 - 2019-10-12 20:28 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\DS4Windows
2019-10-12 18:20 - 2019-10-12 18:20 - 000000222 _____ C:\Users\Nick Torres\Desktop\Left 4 Dead 2.url
2019-10-12 17:34 - 2019-10-12 17:34 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\IO Interactive
2019-10-12 16:49 - 2019-10-12 16:49 - 000000225 _____ C:\Users\Nick Torres\Desktop\HITMAN 2.url
2019-10-10 17:48 - 2019-10-10 17:48 - 000001551 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-10-10 17:48 - 2019-10-10 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-10-10 17:48 - 2019-10-10 17:48 - 000000000 ____D C:\Program Files\iPod
2019-10-10 17:44 - 2019-10-10 17:44 - 000000000 ____D C:\Windows\system32\Tasks\Apple
2019-10-10 17:44 - 2019-10-10 17:44 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2019-10-07 22:05 - 2019-10-07 22:05 - 003784268 ____T C:\Users\Nick Torres\Desktop\D VIBESII.wav
2019-10-07 18:59 - 2019-10-07 18:59 - 003784268 ____T C:\Users\Nick Torres\Desktop\D VIBES.wav
2019-10-04 23:35 - 2019-10-04 23:35 - 000000000 ____D C:\Users\Nick Torres\AppData\LocalLow\RedCandleGames
2019-10-04 23:34 - 2019-10-04 23:34 - 000000825 _____ C:\Users\Nick Torres\Desktop\Devotion.lnk
2019-10-03 16:42 - 2019-09-27 17:12 - 026878208 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll
2019-10-03 16:42 - 2019-09-27 17:12 - 011561728 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-10-03 16:42 - 2019-09-27 17:12 - 009936640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-10-03 16:42 - 2019-09-27 17:12 - 001012432 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-10-03 16:42 - 2019-09-27 17:12 - 001012432 _____ C:\Windows\system32\vulkan-1.dll
2019-10-03 16:42 - 2019-09-27 17:12 - 000876240 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-10-03 16:42 - 2019-09-27 17:12 - 000876240 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-10-03 16:42 - 2019-09-27 17:12 - 000507808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2019-10-03 16:42 - 2019-09-27 17:12 - 000447576 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-10-03 16:42 - 2019-09-27 17:12 - 000423896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2019-10-03 16:42 - 2019-09-27 17:12 - 000351856 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-10-03 16:42 - 2019-09-27 17:12 - 000301264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-10-03 16:42 - 2019-09-27 17:12 - 000301264 _____ C:\Windows\system32\vulkaninfo.exe
2019-10-03 16:42 - 2019-09-27 17:12 - 000273104 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-10-03 16:42 - 2019-09-27 17:12 - 000273104 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-10-03 16:42 - 2019-09-27 17:11 - 135238592 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll
2019-10-03 16:42 - 2019-09-27 17:11 - 039732432 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2019-10-03 16:42 - 2019-09-27 17:11 - 029715336 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll
2019-10-03 16:42 - 2019-09-27 17:11 - 029175744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2019-10-03 16:42 - 2019-09-27 17:11 - 025077504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll
2019-10-03 16:42 - 2019-09-27 17:11 - 021996800 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2019-10-03 16:42 - 2019-09-27 17:11 - 000632768 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-10-03 16:42 - 2019-09-27 17:11 - 000428936 _____ C:\Windows\system32\nvofapi64.dll
2019-10-03 16:42 - 2019-09-27 17:11 - 000379328 _____ C:\Windows\SysWOW64\nvofapi.dll
2019-10-03 16:42 - 2019-09-27 17:11 - 000190344 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2019-10-03 16:42 - 2019-09-27 17:11 - 000172120 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2019-10-03 16:42 - 2019-09-27 17:11 - 000167624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2019-10-03 16:42 - 2019-09-27 17:11 - 000150104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 040445128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 035333888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 017296768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 014918536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 004968648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 004429760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 002050496 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 001726720 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6443648.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 001550208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 001491144 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6443648.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 001476816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 001246976 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 001140616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 000959424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 000545672 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 000526536 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 000524168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-10-03 16:42 - 2019-09-27 17:10 - 000474504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-10-03 16:42 - 2019-09-27 17:09 - 039573304 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2019-10-03 16:42 - 2019-09-27 17:09 - 034146592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2019-10-03 16:42 - 2019-09-27 17:09 - 021844632 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2019-10-03 16:42 - 2019-09-27 17:09 - 018195864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2019-10-03 16:42 - 2019-09-27 17:08 - 004848752 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-10-03 16:42 - 2019-09-27 17:08 - 004295424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-10-03 16:42 - 2019-09-26 21:25 - 000051568 _____ C:\Windows\system32\nvinfo.pb
2019-10-03 16:42 - 2019-09-26 21:25 - 000000671 _____ C:\Windows\SysWOW64\nv-vk32.json
2019-10-03 16:42 - 2019-09-26 21:25 - 000000671 _____ C:\Windows\system32\nv-vk64.json

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-01 10:34 - 2019-05-23 10:12 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\Blend
2019-11-01 10:34 - 2018-11-06 19:16 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\Splice
2019-11-01 10:26 - 2019-02-19 17:12 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\qBittorrent
2019-11-01 10:14 - 2015-06-17 20:24 - 000000942 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2790423112-85866878-2890688316-1000UA.job
2019-11-01 08:35 - 2013-07-19 23:30 - 000000952 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2790423112-85866878-2890688316-1000UA.job
2019-11-01 08:24 - 2017-11-30 21:39 - 000001892 _____ C:\Windows\Sandboxie.ini
2019-11-01 00:40 - 2013-08-10 00:21 - 000000000 ___RD C:\ProgramData\Arturia
2019-11-01 00:40 - 2013-08-10 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arturia
2019-11-01 00:40 - 2013-07-17 02:51 - 000000000 ____D C:\Program Files\Common Files\VST3
2019-11-01 00:01 - 2013-07-20 20:54 - 000000000 ____D C:\Program Files\Adobe
2019-11-01 00:01 - 2013-07-17 02:38 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\Adobe
2019-10-31 23:55 - 2013-12-15 20:16 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-10-31 23:52 - 2013-07-17 04:00 - 000000000 ____D C:\Users\Nick Torres\AppData\Local\Adobe
2019-10-31 23:39 - 2019-05-17 19:07 - 000000000 ____D C:\Users\Nick Torres\AppData\Local\ElevatedDiagnostics
2019-10-31 23:35 - 2013-07-19 23:30 - 000000930 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2790423112-85866878-2890688316-1000Core.job
2019-10-31 20:56 - 2018-04-25 12:22 - 000000000 ____D C:\ProgramData\Goodhertz
2019-10-31 17:17 - 2013-11-18 01:27 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\Dropbox
2019-10-31 16:52 - 2013-08-31 13:02 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-31 16:52 - 2013-08-31 13:02 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-31 16:49 - 2009-07-14 00:45 - 000032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-31 16:49 - 2009-07-14 00:45 - 000032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-31 16:41 - 2014-01-31 16:37 - 000000000 ____D C:\ProgramData\PACE
2019-10-31 16:40 - 2013-07-16 22:39 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-31 16:40 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-30 18:29 - 2013-12-14 03:23 - 000007618 _____ C:\Users\Nick Torres\AppData\Local\resmon.resmoncfg
2019-10-30 18:23 - 2013-07-20 00:09 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\Audacity
2019-10-30 18:14 - 2013-07-19 23:15 - 000000000 ____D C:\Windows\Minidump
2019-10-30 18:13 - 2013-07-16 22:37 - 000000000 ____D C:\Users\Nick Torres\AppData\Local\CrashDumps
2019-10-30 18:07 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\NDF
2019-10-30 17:46 - 2013-07-20 03:07 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\Cycling '74
2019-10-30 17:42 - 2014-01-04 22:49 - 000000000 ____D C:\ProgramData\ValhallaUberMod
2019-10-30 17:42 - 2014-01-04 22:49 - 000000000 ____D C:\ProgramData\ValhallaShimmer
2019-10-30 17:42 - 2014-01-04 22:49 - 000000000 ____D C:\ProgramData\ValhallaRoom
2019-10-30 17:41 - 2019-07-12 12:38 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\Eventide
2019-10-30 17:12 - 2013-07-17 00:22 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\Ableton
2019-10-30 17:08 - 2015-11-17 13:18 - 000000582 __RSH C:\ProgramData\ntuser.pol
2019-10-30 17:08 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2019-10-28 18:12 - 2019-09-26 16:47 - 000457728 ___SH C:\EUMONBMP.SYS
2019-10-28 18:12 - 2019-09-26 16:47 - 000000000 ____D C:\Windows\system32\config\regsave
2019-10-27 18:57 - 2013-07-16 22:38 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-10-27 14:30 - 2013-11-13 00:04 - 000000000 ____D C:\Users\Nick Torres\AppData\Local\NVIDIA Corporation
2019-10-26 20:30 - 2013-07-16 22:38 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-10-26 20:29 - 2013-07-16 22:38 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-10-26 20:28 - 2013-07-16 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-10-26 20:21 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\Help
2019-10-26 19:05 - 2017-01-20 17:54 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-10-21 21:10 - 2013-07-24 15:35 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\vlc
2019-10-21 21:05 - 2015-01-01 16:18 - 000000000 ____D C:\ProgramData\XLN Audio
2019-10-17 22:09 - 2019-10-01 21:54 - 000003446 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2019-10-17 13:14 - 2015-06-17 20:24 - 000000890 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2790423112-85866878-2890688316-1000Core.job
2019-10-16 16:16 - 2015-06-17 20:24 - 000000000 ____D C:\Users\Nick Torres\AppData\Local\Dropbox
2019-10-15 20:34 - 2014-12-30 13:35 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2019-10-12 18:57 - 2018-06-12 17:48 - 000000000 ____D C:\Program Files\Nefarius Software Solutions
2019-10-12 18:20 - 2013-07-16 23:19 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-10-12 17:48 - 2013-07-18 22:50 - 000000000 ____D C:\Users\Nick Torres\AppData\Local\4A Games
2019-10-12 16:04 - 2017-09-20 08:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-10-11 19:46 - 2019-09-06 14:57 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-10-10 17:44 - 2013-07-17 04:24 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2019-10-09 22:13 - 2018-03-13 16:13 - 000004484 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-09 22:13 - 2013-09-14 15:18 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-10-09 22:13 - 2013-07-29 15:27 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-10-09 22:13 - 2013-07-29 15:27 - 000000000 ____D C:\Windows\system32\Macromed
2019-10-09 22:13 - 2013-07-21 00:17 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-10-09 22:13 - 2013-07-20 20:52 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-08 17:07 - 2013-07-17 04:01 - 000000000 ____D C:\ProgramData\Adobe
2019-10-07 17:09 - 2013-07-16 22:32 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-07 17:09 - 2013-07-16 22:32 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-07 17:05 - 2013-07-16 22:32 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-05 18:18 - 2018-11-06 19:16 - 000000000 ____D C:\Users\Nick Torres\AppData\Local\SpliceSettings
2019-10-05 18:18 - 2018-11-06 19:16 - 000000000 ____D C:\Users\Nick Torres\AppData\Local\splice
2019-10-05 18:17 - 2018-11-06 19:16 - 000002171 _____ C:\Users\Nick Torres\Desktop\Splice.lnk
2019-10-05 18:17 - 2018-11-06 19:16 - 000000000 ____D C:\Users\Nick Torres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Splice
2019-10-04 23:34 - 2019-09-28 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devotion
2019-10-04 09:13 - 2015-01-01 16:21 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-10-02 08:27 - 2009-07-14 01:08 - 000032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories ========

2014-04-04 03:01 - 2014-06-14 23:10 - 000000132 _____ () C:\Users\Nick Torres\AppData\Roaming\Adobe IllExport Filter CC Prefs
2013-12-24 19:35 - 2015-05-13 14:20 - 000000132 _____ () C:\Users\Nick Torres\AppData\Roaming\Adobe PNG Format CC Prefs
2013-09-09 21:49 - 2013-12-01 19:42 - 000000132 _____ () C:\Users\Nick Torres\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-08-05 21:10 - 2017-05-22 17:43 - 000000033 _____ () C:\Users\Nick Torres\AppData\Roaming\AdobeWLCMCache.dat
2013-10-09 22:53 - 2013-10-10 22:21 - 000000096 _____ () C:\Users\Nick Torres\AppData\Roaming\Camdata.ini
2013-10-09 22:53 - 2013-10-10 22:21 - 000000408 _____ () C:\Users\Nick Torres\AppData\Roaming\CamLayout.ini
2013-10-09 22:53 - 2013-10-10 22:21 - 000000408 _____ () C:\Users\Nick Torres\AppData\Roaming\CamShapes.ini
2013-10-09 22:53 - 2013-10-10 22:21 - 000004520 _____ () C:\Users\Nick Torres\AppData\Roaming\CamStudio.cfg
2013-11-30 19:55 - 2015-10-24 22:15 - 000001456 _____ () C:\Users\Nick Torres\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-07-23 23:34 - 2019-07-09 12:11 - 000003584 _____ () C:\Users\Nick Torres\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-26 17:44 - 2018-09-26 17:44 - 000000000 _____ () C:\Users\Nick Torres\AppData\Local\oobelibMkey.log
2018-04-02 18:29 - 2018-04-02 18:29 - 000000840 _____ () C:\Users\Nick Torres\AppData\Local\recently-used.xbel
2013-12-14 03:23 - 2019-10-30 18:29 - 000007618 _____ () C:\Users\Nick Torres\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



ATTENTION: ==> Could not access BCD.  -> The boot configuration data store could not be opened.
The requested system device cannot be found.


LastRegBack: 2019-10-31 23:32
==================== End of FRST.txt ========================

Share this post


Link to post
Share on other sites

here's Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2019
Ran by Nick Torres (01-11-2019 21:09:35)
Running from C:\Users\Nick Torres\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-07-17 01:19:46)
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2790423112-85866878-2890688316-500 - Administrator - Disabled)
C4CE42A6A9964009A1CF (S-1-5-21-2790423112-85866878-2890688316-1109 - Limited - Enabled)
Guest (S-1-5-21-2790423112-85866878-2890688316-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2790423112-85866878-2890688316-1002 - Limited - Enabled)
Nick Torres (S-1-5-21-2790423112-85866878-2890688316-1000 - Administrator - Enabled) => C:\Users\Nick Torres

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

${{arpDisplayName}} (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cufft_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
µTorrent (HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\uTorrent) (Version: 3.5.5.44994 - BitTorrent Inc.)
2KXL (HKLM-x32\...\{D5F849C4-C2E7-AA68-48E0-4AE4C54B2D3A}) (Version: 0.4.1 - UNKNOWN) Hidden
2KXL (HKLM-x32\...\com.tss.2KXL) (Version: 0.4.1 - UNKNOWN)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Ableton Live 10 Suite (HKLM\...\{B214E563-20EC-4CD4-9C8A-9BC4ED66C08D}) (Version: 10.0.0.0 - Ableton)
Ableton Live 9 Beta (HKLM-x32\...\{A0DEC165-FC09-4E5F-8B56-341ABBDD5713}) (Version: 9.0.0.0 - Ableton)
Ableton Live 9 Suite (HKLM-x32\...\{0037A2FF-F224-4F35-BA6B-0F486E990F4F}) (Version: 9.0.0.0 - Ableton)
Ableton Live 9 Suite (HKLM-x32\...\{ECC3F760-1D99-40F4-8988-7A6F50CE56C5}) (Version: 9.0.0.0 - Ableton)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20049 - Adobe Systems Incorporated)
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1_2) (Version: 15.1.2 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.504 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_7) (Version: 20.0.7 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Amazon Cloud Player (HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Amazon Amazon Cloud Player) (Version: 1.1.0.337 - Amazon Services LLC)
Amazon Kindle (HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (32-bit) (HKLM-x32\...\{FD52A2FF-4D16-49C4-A2CD-DAC752C18BA2}) (Version: 8.0 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9B061D60-4E2C-4987-BFFD-423E3D477660}) (Version: 8.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ARIA Engine v1.9.1.6 (HKLM\...\ARIA Engine_is1) (Version: v1.9.1.6 - Plogue Art et Technologie, Inc)
Arturia V Collection 7 (HKLM\...\V Collection 7_is1) (Version: 7.0.0 - Arturia)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Attribute Changer 8.10a (HKLM-x32\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 8.10 - Romain Petges)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.19 - Audible, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1997942755.48.56.37885306 - Audible, Inc.)
Backup and Sync from Google (HKLM\...\{04F8741C-2F6C-4324-BBAB-0CEB1E59FE67}) (Version: 3.46.7395.1225 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.61.24042 - Electronic Arts)
BeatDiscovery VST Plugins version 1.0.1716 (HKLM\...\{9B867D99-D975-4293-9E84-9F77D95BA0D2}}_is1) (Version: 1.0.1716 - Super High Power LLC)
BeatSkillz That Thing (HKLM\...\That Thing_is1) (Version: 1.3.0 - BeatSkillz)
Blend 1.2.0 (only current user) (HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\ba3688a4-42f9-52b4-a63e-810ad2ab9fac) (Version: 1.2.0 - The Blend Team)
Bombardier version 3.0.3 (HKLM\...\Bombardier_is1) (Version: 3.0.3 - Stillwell Audio LLC)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bulk Rename Utility 2.7.1.3 (HKLM-x32\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
Camel Audio CamelCrusher (HKLM-x32\...\Camel Audio CamelCrusher) (Version: 1.01.0 - Camel Audio)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
Command Line Tools (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_command_line_tools_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
Compiler (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_compiler_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CUBLAS Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cublas_dev_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
CUBLAS Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cublas_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
CUDA Documentation (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_documentation_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
CUDA Toolkit (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAToolkit_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
CUDA Version (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAVersion_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
CUDART Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cudart_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
CUFFT Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cufft_dev_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
CURAND Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_curand_dev_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
CURAND Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_curand_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
CUSOLVER Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusolver_dev_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
CUSOLVER Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusolver_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
CUSPARSE Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusparse_dev_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
CUSPARSE Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusparse_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 16.2 - Illustrate)
Decimort 2 (32bit) (HKLM-x32\...\{13FFD819-E40F-45D7-AC65-A1A14CE67AD0}) (Version: 2.0.0.0 - D16 Group Audio Software)
Delete Skype History Network Edition (HKLM-x32\...\Delete Skype History Network Edition) (Version: 1.2.1 - Soft Comfort, Inc.)
Demo Suite (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_demo_suite_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
Detention (HKLM-x32\...\{7D50FC29-C5A5-4306-B797-8C2AF114D6F5}) (Version: 1.0.0.0 - RedCandleGames)
Devotion (HKLM-x32\...\Devotion_is1) (Version:  - )
DIRECTV Player (HKLM-x32\...\{04f0c8c0-e0c8-4292-8676-db9174655d7a}) (Version: 12.1 - DIRECTV)
DirectWave (HKLM-x32\...\DirectWave) (Version:  - Image-Line)
Dropbox (HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Dropbox) (Version: 84.4.170 - Dropbox, Inc.)
Drumaxx (HKLM-x32\...\Drumaxx) (Version:  - Image-Line)
DX10 (HKLM-x32\...\DX10) (Version:  - Image-Line)
EaseUS Todo Backup Free 11.5 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 11.5 - CHENGDU YIWO Tech Development Co., Ltd)
Edison (HKLM-x32\...\Edison) (Version:  - Image-Line)
Epic Games Launcher (HKLM-x32\...\{53041896-BE90-4A26-9954-9E9FDC7D4495}) (Version: 1.1.229.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ExifPro 2.1 Photo Viewer (HKLM-x32\...\ExifPro 2.1) (Version:  - )
f.lux (HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Flux) (Version:  - f.lux Software LLC)
Final Draft (HKLM-x32\...\{E8FDC52C-83F4-4A0F-AA65-D0E8C0F3302F}) (Version: 9.0.0.163 - Final Draft, Inc.)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
Focusrite USB 4.15.0.172 (HKLM\...\Focusrite USB_is1) (Version: 4.15.0.172 - Focusrite Audio Engineering Ltd.)
Fortran Examples (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_fortran_examples_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
GForce - Minimonsta (HKLM-x32\...\Minimonsta) (Version:  - )
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Goodhertz (HKLM\...\{ADBF96B4-B293-4E37-8053-011FEE029048}_is1) (Version: 3.4.1.1 - Goodhertz & Team V.R)
Goodhertz Plugins version 3.2.0 (HKLM\...\{8DC6D2E6-292C-4A23-8957-D029395BEF0B}_is1) (Version: 3.2.0 - Goodhertz, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.87 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Groove Machine (HKLM-x32\...\Groove Machine) (Version:  - Image-Line)
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version:  - UltimateOutsider)
Hardcore (HKLM-x32\...\Hardcore) (Version:  - Image-Line bvba)
Hola VPN 1.155.300 (HKLM\...\Hola) (Version: 1.155.300 - Hola Networks Ltd.)
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL DrumSynth Live (HKLM-x32\...\IL DrumSynth Live) (Version:  - Image-Line)
IL Gross Beat (HKLM-x32\...\IL Gross Beat) (Version:  - Image-Line)
IL Harmless (HKLM-x32\...\IL Harmless) (Version:  - Image-Line)
IL Harmor (HKLM-x32\...\IL Harmor) (Version:  - Image-Line)
IL MiniHost (HKLM-x32\...\IL MiniHost) (Version:  - Image-Line)
IL Ogun (HKLM-x32\...\IL Ogun) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
IL Slicex (HKLM-x32\...\IL Slicex) (Version:  - Image-Line)
IL Vocodex (HKLM-x32\...\IL Vocodex) (Version:  - Image-Line)
iMazing 2.3.2.0 (HKLM\...\iMazing_is1) (Version: 2.3.2.0 - DigiDNA)
Infinite HD™ App (HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
InputMapper HidGuardian (HKLM-x32\...\{3753F0EF-7F58-4BBA-B4EA-9E1B83C13B97}) (Version: 1.0.6320.17641 - DSDCS)
Instagiffer version 1.75 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.75 - Justin Todd)
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.10 - PACE Anti-Piracy, Inc.)
iTunes (HKLM\...\{227F49DB-D6E0-4AE2-8348-AA8F5AAB2F1F}) (Version: 12.10.1.4 - Apple Inc.)
iZotope Alloy 2 (HKLM-x32\...\iZotope Alloy 2_is1) (Version: 2.03 - iZotope, Inc.)
iZotope Iris 2 (HKLM-x32\...\iZotope Iris 2_is1) (Version: 2.00 - iZotope, Inc.)
iZotope Iris 2 Abstract Library (HKLM-x32\...\iZotope Iris 2 Abstract Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Core Library (HKLM-x32\...\iZotope Iris 2 Core Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 EuroRack Modular Library (HKLM-x32\...\iZotope Iris 2 EuroRack Modular Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Instruments Library (HKLM-x32\...\iZotope Iris 2 Instruments Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Objects Library (HKLM-x32\...\iZotope Iris 2 Objects Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Synthesizers 1 Library (HKLM-x32\...\iZotope Iris 2 Synthesizers 1 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Synthesizers 2 Library (HKLM-x32\...\iZotope Iris 2 Synthesizers 2 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Toys Library (HKLM-x32\...\iZotope Iris 2 Toys Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Ozone 6 Advanced (HKLM-x32\...\iZotope Ozone 6 Advanced_is1) (Version: 6.01 - iZotope, Inc.)
iZotope RX 7 Audio Editor (HKLM\...\RX 7 Audio Editor_is1) (Version: 7.0.1 - iZotope)
iZotope Stutter Edit (HKLM-x32\...\iZotope Stutter Edit_is1) (Version: 1.05 - iZotope, Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Keying Suite v11.1.5 (HKLM-x32\...\{21AD9423-3C17-43E2-AFD7-8305C965500F}_is1) (Version: 11.1.5 - Red Giant, LLC)
Kickbox version 1.0.2 (HKLM\...\Kickbox_is1) (Version: 1.0.2 - )
Kinoni Remote Desktop 1.27 (HKLM-x32\...\Kinoni Remote Desktop) (Version: 1.27 - Kinoni)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Liquid Notes version 1.5.2.1 (HKLM\...\{5AC1D63D-6772-417E-B7B8-1E5F686D9703}_is1) (Version: 1.5.2.1 - Re-Compose)
LoopBe30 - Internal MIDI Ports (HKLM-x32\...\LoopBe30) (Version:  - )
Magic Bullet Suite (HKLM\...\Magic Bullet Suite_is1) (Version: 12.0.0 - Team V.R)
Magic Bullet Suite 64-bit (HKLM\...\{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version:  - )
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version:  - )
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.10 - Electronic Arts)
Max 7 (64-bit) (HKLM\...\{9F3A5CA1-9DC4-4D53-8305-4DF97928AB9B}) (Version: 7.0.3 - Cycling '74)
Max 7 (HKLM-x32\...\{708D718F-E5C4-4778-BBA6-8F1F01C1718A}) (Version: 7.0.3 - Cycling '74)
Maximus (HKLM-x32\...\Maximus) (Version:  - Image-Line)
Melodyne 3.1 (HKLM-x32\...\{9D623E1A-30E1-4E55-BD80-5C1359DB120B}) (Version: 3.1.0200 - Celemony Software GmbH) Hidden
Melodyne 3.1 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.1.0200 - Celemony Software GmbH)
Melodyne Runtime 4.1 (x64) (HKLM\...\{53EE2829-E9DB-4913-B3EA-96F10F84E98B}) (Version: 1.0.1 - Celemony Software GmbH)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Morphine (HKLM-x32\...\Morphine) (Version:  - Image-Line bvba)
MPC Editor V3 (HKLM-x32\...\ST6UNST #1) (Version:  - )
Nalpeiron Service Update to 6.3.9.2 (HKLM-x32\...\{251D3D16-D48D-40E3-9B35-243274D64B78}) (Version: 7.3.1 - Nalpeiron) Hidden
Nalpeiron Service Update to 6.3.9.2 (HKLM-x32\...\Nalpeiron Service Update to 6.3.9.2) (Version: 7.3.1 - Nalpeiron)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.4.1.1599 - Native Instruments)
Native Instruments Kinetic Metal (HKLM-x32\...\Native Instruments Kinetic Metal) (Version: 1.0.0.12 - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments VC 2A FX (HKLM-x32\...\Native Instruments VC 2A FX) (Version: 1.1.1.427 - Native Instruments)
NPP Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_npp_dev_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
NPP Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_npp_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
NVGRAPH Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvgraph_dev_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
NVGRAPH Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvgraph_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
NVIDIA CUDA Development 8.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADevelopment_8.0) (Version: 8.0 - NVIDIA Corporation)
NVIDIA CUDA Documentation 8.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocument_8.0) (Version: 8.0 - NVIDIA Corporation)
NVIDIA CUDA Runtime 8.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDARuntimes_8.0) (Version: 8.0 - NVIDIA Corporation)
NVIDIA CUDA Samples 8.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_samples_8.0) (Version: 8.0 - NVIDIA Corporation)
NVIDIA CUDA Visual Studio Integration 8.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_visual_studio_integration_8.0) (Version: 8.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 436.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.48 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Nsight Visual Studio Edition 5.2.0.16321 (HKLM\...\{39F2CF8F-DE76-49F1-85D5-FC215853B709}) (Version: 5.2.0.16321 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{B56D2F88-8865-40FD-B7AC-F074EE4D201D}) (Version: 1.00.00.00 - NVIDIA Corporation)
NVML Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvml_dev_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
NVRTC Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvrtc_dev_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
NVRTC Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvrtc_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
Occupancy Calculator (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_occupancy_calculator_8.0) (Version: 8.0 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.52.32372 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PACE License Support Win64 (HKLM\...\{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.3.0756 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.3.0756 - PACE Anti-Piracy, Inc.)
Panasonic GH4 Camera Pack (HKLM-x32\...\{1C105C74-3967-48DE-BAEF-B90F50759BD2}) (Version: 1.00.0000 - Rubber Monkey Software)
Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
photoFXlab (HKLM-x32\...\photoFXlab) (Version: 1.2.9 - Topaz Labs)
Plogue AlterEgo v1.516 (HKLM\...\__ARIA_1019___is1) (Version: v1.516 - Plogue)
Plogue chipspeech v1.502 (HKLM\...\__ARIA_1017___is1) (Version: v1.502 - Plogue)
Pluggo 3.6.1 (HKLM-x32\...\{6030B0B7-EE59-40E7-9A19-4EC13EF0310C}) (Version: 3.6.1004 - Cycling '74)
Pluggo Runtime 3.6.1 (HKLM-x32\...\{D1DB1160-769F-461C-9727-34202D9B5FBF}) (Version: 3.6.1004 - Cycling '74)
PoiZone (HKLM-x32\...\PoiZone) (Version:  - Image-Line)
PSP VintageWarmer 2.0.0 (HKLM-x32\...\PSP VintageWarmer 2.0.0) (Version: 2.0.0 - PSPaudioware.com)
qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Rdio (HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\978ebae4705a27c4) (Version: 1.12.0.0 - Rdio)
RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6_is1) (Version: 6.0.4 - Team V.R)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.7.30 - Red Giant, LLC)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games)
RX950 Classic AD/DA Converter (HKLM-x32\...\RX950) (Version: 1.0.4 - Mathieu Demange)
Sakura (HKLM-x32\...\Sakura) (Version:  - Image-Line)
SampleTank 2 (HKLM-x32\...\{6559654F-2F38-491F-8411-211517C3E635}) (Version: 2.5.2 - IK Multimedia)
Sandboxie 5.22 (64-bit) (HKLM\...\Sandboxie) (Version: 5.22 - Sandboxie Holdings, LLC)
Sawer (HKLM-x32\...\Sawer) (Version:  - Image-Line)
Scarlett MixControl 1.7 (HKLM-x32\...\Saffire USB 26_is1) (Version: 1.7 - Focusrite Audio Engineering Limited)
Scarlett Plug-in Suite 1.7 (HKLM-x32\...\{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1) (Version: 1.7 - Focusrite)
ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
SimSynth (HKLM-x32\...\SimSynth) (Version:  - Image-Line)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Softube Plug-Ins (VST AAX 32-bit) (HKLM-x32\...\Softube Plug-Ins (VST AAX 32-bit)) (Version: 2.2.32 - Softube AB)
Sonnox Oxford Inflator Native VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Limiter Native VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 Dynamics Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 EQ Native VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Reverb Native VST v1.0 (HKLM-x32\...\Sonnox Oxford Reverb Native VST_is1) (Version:  - Team AiR 2007)
SoundToys Native Effects V4 (HKLM-x32\...\SoundToys Native Effects V4_is1) (Version:  - SoundToys Inc)
SoundToys Native Effects VST RTAS v4.1.0 (HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\SoundToys Native Effects_is1) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Splice (HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\splice) (Version: 3.5.71 - Distributed Creation, Inc.)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.43428 - Electronic Arts)
Sylenth1 v2.20 (HKLM-x32\...\Sylenth1_is1) (Version:  - )
Sytrus (HKLM-x32\...\Sytrus) (Version:  - Image-Line)
TAL-U-NO-LX-V2 (32bit) (HKLM-x32\...\{0010F366-67FD-43D4-9EBD-DC44B7412B9C}) (Version: 1.3.7 - TAL - Togu Audio Line)
TDR Kotelnikov version 1.0.4 (HKLM\...\TDR Kotelnikov_is1) (Version: 1.0.4 - Tokyo Dawn Labs)
TDR VOS SlickEQ version 1.1.1 (HKLM\...\TDR VOS SlickEQ_is1) (Version: 1.1.1 - Tokyo Dawn Labs)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
Tom Clancy's The Division PTS (HKLM-x32\...\Uplay Install 3502) (Version:  - Ubisoft)
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1.0 - Topaz Labs, LLC)
Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.2.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz ReMask 5 (HKLM-x32\...\Topaz ReMask 5) (Version: 5.0.1 - Topaz Labs, LLC)
Topaz ReStyle (HKLM-x32\...\Topaz ReStyle) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.1.1 - Topaz Labs, LLC)
Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.1.0 - Topaz Labs, LLC)
TorrentsTime Media Player (HKLM\...\TorrentsTime Media Player_is1) (Version: 1.1.9.8 - Torrents Time)
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version:  - Image-Line bvba)
Trapcode Suite 64-bit (HKLM\...\{9528F9CB-29E3-4E33-8BAA-181B336E24F8}) (Version:  - )
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{9528F9CB-29E3-4E33-8BAA-181B336E24F8}) (Version:  - )
Trapcode Suite v12.1.8 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 12.1.8 - Red Giant, LLC)
TreeSize Free V3.2.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.2.1 - JAM Software)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VCV Rack (HKLM\...\VCV Rack) (Version: 1.1.4 - VCV)
Vengeance Producer Suite - Scope 1.0.4 (HKLM-x32\...\{8BB53BA8-F9CC-4A53-A498-1AF91D040F63}_is1) (Version:  - keilwerth Audio / Vengeance Sound)
ViGEm Bus Driver (HKLM\...\{869109FC-8D5A-46D0-B619-47D7E4173D93}) (Version: 1.16.115 - Nefarius Software Solutions e.U.)
Vir2 Mojo Horn Section (HKLM\...\{57a5abe5-b208-46fd-86f9-dcf3b1c75066}) (Version: 1.0.0.001 - Vir2) Hidden
Vir2 Mojo Horn Section (HKLM-x32\...\Vir2 Mojo Horn Section) (Version:  - Vir2)
VMR Complete Bundle (HKLM\...\Slate Digital VMR Complete Bundle_is1) (Version:  - Slate Digital)
Waves Central 10.0.1.3 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}_is1) (Version: 10.0.1 - Waves, Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\WinDirStat) (Version:  - )
Windows Driver Package - Focusrite USB 2.0 Audio Driver (12/19/2013 2.5.128.1) (HKLM\...\BC4288DDDB37EAB6BACBF6889CF68A00653D80FF) (Version: 12/19/2013 2.5.128.1 - Focusrite)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
XLN Audio RC-20 Retro Color (HKLM\...\RC-20 Retro Color_is1) (Version: 1.0.5 - XLN Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> D:\Applications\BlendThumb64.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-10] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-10] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-10] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Applications\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1-x32: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => D:\Applications\Bulk Rename Utility\BRUhere.dll [2014-06-24] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-01-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-10] (Google LLC -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2016-07-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Applications\PowerISO\PWRISOSH.DLL [2013-07-03] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => D:\Applications\Todo Backup\bin\x64\ImageSh.dll [2019-09-02] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => D:\Applications\Attribute Changer\acshell.dll [2015-01-09] (Romain Petges) [File not signed]
ContextMenuHandlers2-x32: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => D:\Applications\Bulk Rename Utility\BRUhere.dll [2014-06-24] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-01-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => D:\Applications\Todo Backup\bin\x64\ImageSh.dll [2019-09-02] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => D:\Applications\Attribute Changer\acshell.dll [2015-01-09] (Romain Petges) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Applications\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4-x32: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => D:\Applications\Bulk Rename Utility\BRUhere.dll [2014-06-24] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-01-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-10] (Google LLC -> Google)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Applications\PowerISO\PWRISOSH.DLL [2013-07-03] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => D:\Applications\Todo Backup\bin\x64\ImageSh.dll [2019-09-02] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-09-26] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Applications\PowerISO\PWRISOSH.DLL [2013-07-03] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers1_S-1-5-21-2790423112-85866878-2890688316-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2790423112-85866878-2890688316-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2790423112-85866878-2890688316-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\system32\vorbis.acm [1470976 2012-11-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [163840 2009-08-23] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Nick Torres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF ePub DRM Removal\Website.lnk -> hxxp://www.ebook-converter.com
ShortcutWithArgument: C:\Users\Nick Torres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\JSTorrent Lite.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=abmohcnlldaiaodkpacnldcdnjjgldfh

==================== Loaded Modules (Whitelisted) =============

2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] D:\Applications\7-Zip\7-zip.dll
2016-01-27 10:36 - 2015-01-09 08:00 - 000119296 _____ (Romain Petges) [File not signed] D:\Applications\Attribute Changer\acshell.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Application Data:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Microsoft:1pBjbbFxzW3ljQXnyqnkIj4QNYM [2510]
AlternateDataStreams: C:\ProgramData\Microsoft:3kSzkfXZMBh0VXVnOV6RfWuzkFC3C [2074]
AlternateDataStreams: C:\ProgramData\Microsoft:8cY09adyMgLSI0NtLgDcKs [2598]
AlternateDataStreams: C:\ProgramData\Microsoft:jKSCGNPDelPtrztxTmiXb61zflG [2502]
AlternateDataStreams: C:\ProgramData\Microsoft:LaRCMd3UUh1QaTYuJF69t [2102]
AlternateDataStreams: C:\ProgramData\Microsoft:mRB5oVNMDScitsCZRR0NIVfZCG [2300]
AlternateDataStreams: C:\ProgramData\Microsoft:Q0ZAbXCXsTsgrJLxqFpsLYnLr [2074]
AlternateDataStreams: C:\ProgramData\Microsoft:QIeIf93BAr6wMLcdL2x6xSwUdNt [2248]
AlternateDataStreams: C:\ProgramData\Microsoft:QvtS3ct2y2yUd8sBy2vA [2312]
AlternateDataStreams: C:\ProgramData\Microsoft:tmYwYkajVhj0Ju5m1hdSDPnvEs [2048]
AlternateDataStreams: C:\ProgramData\Microsoft:trAL0Ng5VY4dNtdw1T5 [2222]
AlternateDataStreams: C:\ProgramData\Microsoft:VGG78F8osbDNvKspNnfac8F1 [587]
AlternateDataStreams: C:\ProgramData\PACE:070D1E3B86C49A33 [1]
AlternateDataStreams: C:\Users\Nick Torres\Cookies:176hCN16tqfCUxhg7DH9ZAGf [2190]
AlternateDataStreams: C:\Users\Nick Torres\Cookies:Anb67W2We92Mwe4LZSEQBut [2384]
AlternateDataStreams: C:\Users\Nick Torres\Local Settings:pVTcVLXWi4jT1l2WWCZfP1 [2258]
AlternateDataStreams: C:\Users\Nick Torres\Local Settings:UqeVGOFBwrGh3BoS2TI [2256]
AlternateDataStreams: C:\Users\Nick Torres\Desktop\Metro: 2033 Redux.url [271]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local:pVTcVLXWi4jT1l2WWCZfP1 [2258]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local:UqeVGOFBwrGh3BoS2TI [2256]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\4Hoka9A25X:DxmxBbmOAwdsZtlBc [2550]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\4rTrINdCuRPKth:MRWo4Kg30KcMAlBHEXa7ftm [2202]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Application Data:pVTcVLXWi4jT1l2WWCZfP1 [2258]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Application Data:UqeVGOFBwrGh3BoS2TI [2256]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\EqJR1BHOsuXb:zP7TQF7uGHAOscftA4ot3f [2408]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\k9OetowVx6uE2:XGCuYiKy8fzqBB5i8Z [631]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temp:5I7UzOc47ZA6zIH4zP [1860]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temp:bM07OFqgN2hN0KD74KiZ [2306]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temporary Internet Files:3AnEMP39Q62ftsWtJwiiy [2362]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temporary Internet Files:5HBe9LPcbFbjQZ97 [2598]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temporary Internet Files:BPcdKQXA8EXDZGtYEZn3t [1970]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temporary Internet Files:Ffz1cVS9NuZ7WWsc8b14qAJu41JcSk [1922]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temporary Internet Files:jAFFbXUh6mTBY9RBzSEsaE8BR [2186]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temporary Internet Files:MFoYhrtvF9kJbiQ82SW [2000]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\wFVXzWvejUk:UPOfCpGaY5RxdIq3EnukngdsvEgz [2344]
AlternateDataStreams: C:\Users\Public\AppData:CSM [226]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\hola.org -> hxxp://hola.org

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 000000824 ____N C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\ia32\compiler;C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v8.0\bin;C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v8.0\libnvvp;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Calibre2\;D:\Applications\Quicktime\QTSystem\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nick Torres\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{3AA50230-04DA-4C63-908F-E24317EC4C9A}] => (Allow) C:\Users\Nick Torres\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{41699A0A-13BC-4397-A8D2-A72358F161E1}] => (Allow) C:\Users\Nick Torres\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{B70987CF-165D-4AA3-B815-7E1AEBDF3296}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html No File
FirewallRules: [{ED73C77D-BD9E-40A0-93C9-A0C852DA3350}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html No File
FirewallRules: [{8BE61B68-999B-4C93-9305-ED8127A3DF78}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat No File
FirewallRules: [{2DDDC0AF-5FD6-4197-8A92-EEA46ED0F983}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat No File
FirewallRules: [{C0DB9FFF-2281-47ED-A866-6E39CBB8B650}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat No File
FirewallRules: [{C3131006-51FA-4FF9-90B2-5576D0EC4EA5}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat No File
FirewallRules: [TCP Query User{E6A6E506-4A76-4957-B19F-87BE4086B854}C:\users\nick torres\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nick torres\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{866C21B8-646B-4A4A-BB01-C1101174708E}C:\users\nick torres\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nick torres\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{A0EA5A53-9AEB-46EB-A93B-B8AB69827D82}C:\users\nick torres\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\nick torres\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [UDP Query User{37B4813C-49CB-4634-BB89-BE5A4943F071}C:\users\nick torres\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\nick torres\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [{FE831DF5-816F-4E4D-BD0E-34B02CC7D01F}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Medal of Honor\MP\mohmpgame.exe No File
FirewallRules: [{C7BF0267-AE4F-411C-88E7-0A6701807027}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Medal of Honor\MP\mohmpgame.exe No File
FirewallRules: [{54209A4C-FEFF-40CF-A594-7198CB73CEBA}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Medal of Honor\Binaries\moh.exe No File
FirewallRules: [{D1098D31-0CE0-4E54-88BE-E6B06C79B5F3}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Medal of Honor\Binaries\moh.exe No File
FirewallRules: [{E7CA6580-2DD1-4AA6-ADAC-BDC3AE04C883}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm No File
FirewallRules: [{3947B70B-BD81-4B2F-A0BD-F7CFF7046BA0}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm No File
FirewallRules: [{41DBD527-2150-4D5E-ADE4-89D67D66C3CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{34433A2D-34FD-42A8-8212-77023283005A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{54D8D4E6-0BFA-4B53-B14B-07DC43BB7989}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{64136F91-22A1-452A-A24F-632ABECB649F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{84F0B621-7808-4027-B38D-413A09EBED17}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe (Devolver) [File not signed]
FirewallRules: [{03F0B41D-C42F-476B-B74F-089783DD8FB8}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe (Devolver) [File not signed]
FirewallRules: [{2B93024D-5B69-49D3-9CAD-8D2352803C82}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat No File
FirewallRules: [{BC73DDC1-654D-4CBD-8171-9EC524FE54C9}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat No File
FirewallRules: [{A6E1DB2D-E7F1-4066-BBA6-CC15B87A58CD}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{3F6E6ABC-FEE8-46D3-A6F5-E4550E3627E4}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [TCP Query User{B9A562B0-75D2-4B58-BE02-4A7046E89069}D:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe] => (Allow) D:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe No File
FirewallRules: [UDP Query User{A29E80AF-117A-4E97-8119-DA7A6229E625}D:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe] => (Allow) D:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe No File
FirewallRules: [TCP Query User{C3CF6D0D-F348-4949-83E0-AD02F0528B98}D:\applications\ableton 9 x64\program\ableton live 9 suite.exe] => (Allow) D:\applications\ableton 9 x64\program\ableton live 9 suite.exe No File
FirewallRules: [UDP Query User{A529690F-EFB9-42EA-84FE-EF15C6BDE85C}D:\applications\ableton 9 x64\program\ableton live 9 suite.exe] => (Allow) D:\applications\ableton 9 x64\program\ableton live 9 suite.exe No File
FirewallRules: [TCP Query User{EE259676-6EA4-448D-A13E-160DE42BFAAC}C:\program files\next limit\realflow 2013\realflow.exe] => (Allow) C:\program files\next limit\realflow 2013\realflow.exe () [File not signed]
FirewallRules: [UDP Query User{0F87D409-533B-4775-87C5-A82E3F2370C8}C:\program files\next limit\realflow 2013\realflow.exe] => (Allow) C:\program files\next limit\realflow 2013\realflow.exe () [File not signed]
FirewallRules: [TCP Query User{4EF7D9FE-5DFA-44D0-A29C-FCC8471711D8}C:\users\nick torres\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nick torres\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [UDP Query User{C06FAC84-43C6-42AA-8768-13CB715226B7}C:\users\nick torres\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nick torres\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [{8BF3A7FC-D20C-43DF-8E78-50F3E9565DAE}] => (Allow) C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{573752AE-3F51-4674-A8AA-F912A31529B5}] => (Allow) C:\Users\Nick Torres\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{6334ADED-447A-46A4-AA7E-93E314F2D7BE}C:\users\nick torres\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\nick torres\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{2983D1AD-478B-4BC6-BAD1-9BD56EB89899}C:\users\nick torres\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\nick torres\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{3B78F8F7-D552-42D4-A620-0F63144B41BA}] => (Allow) D:\Applications\Episode 6\bin\EpisodeNode.exe () [File not signed]
FirewallRules: [{83FC122E-B9C6-4352-A939-2CD604F2818E}] => (Allow) D:\Applications\Episode 6\bin\EpisodeNode.exe () [File not signed]
FirewallRules: [{65691FA8-3CBC-4F9D-8050-B02DEF3DC862}] => (Allow) D:\Applications\Episode 6\bin\EpisodeIOServer.exe () [File not signed]
FirewallRules: [{A0215CC6-6834-4FA0-ACBD-4CC1162E9C94}] => (Allow) D:\Applications\Episode 6\bin\EpisodeIOServer.exe () [File not signed]
FirewallRules: [{277E966C-203C-4F3C-949D-85FA78077605}] => (Allow) D:\Applications\Episode 6\bin\EpisodeXMLRPCServer.exe () [File not signed]
FirewallRules: [{CCA6C92D-6E37-4B43-860F-5E0DE9E99536}] => (Allow) D:\Applications\Episode 6\bin\EpisodeXMLRPCServer.exe () [File not signed]
FirewallRules: [TCP Query User{C08C6756-B81B-49CD-B9B8-AEDB14C732D2}D:\applications\steam x64\steam\steam.exe] => (Allow) D:\applications\steam x64\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{591764D4-20AF-4ABE-B6EB-B8B0DCABD277}D:\applications\steam x64\steam\steam.exe] => (Allow) D:\applications\steam x64\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{12FD03B9-C442-43D8-88C7-31C05050482D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File
FirewallRules: [{138B2708-9BDF-45DF-8B61-D659759ADEFB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File
FirewallRules: [TCP Query User{2B20EC5C-11C1-4D35-BAF1-E2FC22D7F895}C:\users\nick torres\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nick torres\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{CEF84698-766D-4D7B-9BCE-12CC3BEA2A3A}C:\users\nick torres\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nick torres\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{0AC2EC4C-FBAD-481F-BA2D-94DFAF44A124}D:\applications\steam x64\steam\steam.exe] => (Allow) D:\applications\steam x64\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{1E920772-B113-4A8B-A7D9-7F22968A7FF3}D:\applications\steam x64\steam\steam.exe] => (Allow) D:\applications\steam x64\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{696C3B6B-A766-4C13-8222-FB3A0CBE6FA1}D:\applications\adobe\adobe after effects cc\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc\support files\afterfx.exe No File
FirewallRules: [UDP Query User{35B32A08-8C03-47E5-B32A-7CC35153D14E}D:\applications\adobe\adobe after effects cc\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc\support files\afterfx.exe No File
FirewallRules: [TCP Query User{000298C1-D19B-4C37-84E3-77DACA0F171A}D:\applications\adobe\adobe premiere pro cc\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc\adobe premiere pro.exe No File
FirewallRules: [UDP Query User{77946CF0-E5F7-4D24-B7D5-62B91A4AA297}D:\applications\adobe\adobe premiere pro cc\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc\adobe premiere pro.exe No File
FirewallRules: [TCP Query User{08B3A380-BF73-43B8-BE56-44C85228851A}D:\applications\adobe\adobe photoshop cc (64 bit)\photoshop.exe] => (Allow) D:\applications\adobe\adobe photoshop cc (64 bit)\photoshop.exe No File
FirewallRules: [UDP Query User{238F1003-E451-4314-8BD2-1578314C7F5A}D:\applications\adobe\adobe photoshop cc (64 bit)\photoshop.exe] => (Allow) D:\applications\adobe\adobe photoshop cc (64 bit)\photoshop.exe No File
FirewallRules: [{81F9745B-246A-4563-845E-1144F9ED1321}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{11E0E177-5C20-4C3E-B134-E5F4B3CAF085}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{2F433F0F-91AA-40A9-A524-70D3E9019E59}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{C7E59C5F-4ACD-4798-952B-08BCA0DA1397}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{DB95A5D0-2141-4385-8AA4-78EDEA90A88F}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe (Telltale Games) [File not signed]
FirewallRules: [{5447CB28-5616-41B5-ACDF-F28EE12E84FB}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe (Telltale Games) [File not signed]
FirewallRules: [{3E310245-3AB9-4E2C-800E-973E818D614C}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Hitman Absolution\HMA.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [{3DDC7C99-AD00-47D3-BF74-6CE268062434}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Hitman Absolution\HMA.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [{0554455C-5F44-47D0-9E04-68F928F87F9D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File
FirewallRules: [{677014C9-15C3-4C7A-9AC4-6F515890DAC5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File
FirewallRules: [{0AA8B040-A55A-4927-AEE1-66C689070D65}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe No File
FirewallRules: [{97428AF1-0C2E-4893-A52C-5550383891DA}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe No File
FirewallRules: [{E56CD62B-F5E6-4D58-A370-AB41EA500B65}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe No File
FirewallRules: [{4768878E-E1F0-4BF6-88F1-D75DE0C059A0}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe No File
FirewallRules: [{3BCE8096-3A8A-4ED7-9416-5EEBABBD6290}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe No File
FirewallRules: [{B6279B51-DEF6-4870-90DB-270C3A7C5AD9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe No File
FirewallRules: [{9E1F5444-EE1F-4D07-8F51-6707EDF8586F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe No File
FirewallRules: [{26A719FE-DACB-4640-90E2-64F37D8BF39F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe No File
FirewallRules: [{93C56EDF-A3EA-40C6-B6A5-77E0D7569790}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe No File
FirewallRules: [{77D15867-CD01-49EF-AE12-36B5A4D7167B}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe No File
FirewallRules: [{A547DD23-DC6F-4C31-9A92-6E68C00F04DB}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe No File
FirewallRules: [{31D65A78-0D33-4D2F-B228-F063F4E83ABF}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe No File
FirewallRules: [{61FC0B2B-8DBF-4C72-B353-FB225FD33B63}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Outlast\OutlastLauncher.exe No File
FirewallRules: [{1953F10C-B413-4CD2-B7A0-E31A03D8FA6B}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Outlast\OutlastLauncher.exe No File
FirewallRules: [TCP Query User{E05B2936-F8C2-4867-8E29-DE7B88414ADC}D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe No File
FirewallRules: [UDP Query User{25F6CA1F-E1FA-46A4-8A7C-CFAF46E250FD}D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe No File
FirewallRules: [{2CB66470-6ACF-4F61-9304-DB22831A2DC8}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{95AA6A9D-1B5C-48E5-917C-A12C30B701A3}D:\applications\lkbridge\lkbridge\lkbridge.exe] => (Allow) D:\applications\lkbridge\lkbridge\lkbridge.exe (Imaginando) [File not signed]
FirewallRules: [UDP Query User{A95FF2EB-5CF6-4AEA-BAFE-3333AA65589B}D:\applications\lkbridge\lkbridge\lkbridge.exe] => (Allow) D:\applications\lkbridge\lkbridge\lkbridge.exe (Imaginando) [File not signed]
FirewallRules: [TCP Query User{2C9F3823-7E1F-4920-AA7D-E38C36432F01}C:\program files (x86)\air mouse\air mouse\air mouse.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\air mouse.exe No File
FirewallRules: [UDP Query User{956D3729-CFF1-4265-B003-E373FAFA3932}C:\program files (x86)\air mouse\air mouse\air mouse.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\air mouse.exe No File
FirewallRules: [TCP Query User{C45F7DB4-871E-4BF2-8CB5-665931100C64}C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe No File
FirewallRules: [UDP Query User{E0F5CD9A-F680-4D0A-A40C-7472E67D01F1}C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe No File
FirewallRules: [TCP Query User{DA7881DC-175D-4F00-91AB-0356C21FEDCA}C:\program files (x86)\air mouse\air mouse\air mouse.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\air mouse.exe No File
FirewallRules: [UDP Query User{AB82C28D-A3BA-4453-BB98-AA32C628EB14}C:\program files (x86)\air mouse\air mouse\air mouse.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\air mouse.exe No File
FirewallRules: [TCP Query User{27C17B40-63E5-4398-9E44-9BC7EEA84514}C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe No File
FirewallRules: [UDP Query User{095706D3-4588-4708-A491-B7DC0251B70A}C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe No File
FirewallRules: [{8C93B60C-7298-404F-8B02-90C175F85747}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{DF5C2A85-1AF2-401B-8F60-2D73AB01A87C}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{43DAFBAB-810C-471E-8095-98D9FDA4408F}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{29BED9C8-5FFF-4173-B260-72835A1F3558}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{68677882-5FFF-4A9B-A2DD-E89655B37BB5}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{949BDF21-68E3-497E-A73B-FC368049B835}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{783BD061-09CD-47A0-8E5E-B07FD0FD2C9A}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{E26C8716-0E81-469A-BEE4-1047A687A8F7}D:\applications\bitwig\bitwig studio.exe] => (Allow) D:\applications\bitwig\bitwig studio.exe No File
FirewallRules: [UDP Query User{310523B3-8BF7-473B-BD1F-F3EDADF6B81E}D:\applications\bitwig\bitwig studio.exe] => (Allow) D:\applications\bitwig\bitwig studio.exe No File
FirewallRules: [TCP Query User{0B0702BD-788D-4C1D-A4E2-FBA24FC421BD}D:\applications\jack\jackd.exe] => (Block) D:\applications\jack\jackd.exe (Grame) [File not signed]
FirewallRules: [UDP Query User{5578FBC3-EBF7-4CA4-A5D9-24B38259CF08}D:\applications\jack\jackd.exe] => (Block) D:\applications\jack\jackd.exe (Grame) [File not signed]
FirewallRules: [{3B476523-414C-40D6-B729-DADAED7183E3}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{677B616D-1D55-4FE3-BC2C-C79C29CE59C7}D:\applications\adobe\adobe muse\adobe muse.exe] => (Allow) D:\applications\adobe\adobe muse\adobe muse.exe No File
FirewallRules: [UDP Query User{F75834A2-7E1F-4DC1-AE36-D0FE8E9644A2}D:\applications\adobe\adobe muse\adobe muse.exe] => (Allow) D:\applications\adobe\adobe muse\adobe muse.exe No File
FirewallRules: [{9E07940A-EFA6-459D-AB66-9B1F60639F5B}] => (Allow) D:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe No File
FirewallRules: [{88D80D29-6AF3-4682-A236-2357E9682AA4}] => (Allow) D:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe No File
FirewallRules: [{08DF4CF0-B691-47F2-BF09-4AAF428985F0}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{7B64F831-7563-4949-A4B1-46CCBA6083A3}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{D10CDC48-41F7-4733-83F3-F66A199D4E36}D:\applications\ableton 9 x32\live\program\ableton live 9 suite.exe] => (Allow) D:\applications\ableton 9 x32\live\program\ableton live 9 suite.exe (Ableton AG -> Ableton) [File not signed]
FirewallRules: [UDP Query User{C110EFE9-37E1-4168-A814-5E782BC87340}D:\applications\ableton 9 x32\live\program\ableton live 9 suite.exe] => (Allow) D:\applications\ableton 9 x32\live\program\ableton live 9 suite.exe (Ableton AG -> Ableton) [File not signed]
FirewallRules: [{7FDC47F2-E405-4B02-9FC2-5049A41807CC}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\DayZ\DayZ.exe No File
FirewallRules: [{BA7B2B64-711A-40CC-A3E1-B1AD4E84258C}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\DayZ\DayZ.exe No File
FirewallRules: [{06C57080-02BC-4E41-96C3-E9CF6FEE7C2F}] => (Block) %ProgramFiles% (x86)\Avid\Pro Tools\ProTools.exe No File
FirewallRules: [{0AB78F6F-7AFB-4B20-936E-B74CFF670E9E}] => (Block) %ProgramFiles% (x86)\Avid\Pro Tools\ProTools.exe No File
FirewallRules: [{5755F863-D085-4BCA-A7CA-390FDD5B7CD4}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{B3E4642A-5CCA-403A-9034-98B753F00063}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\KentuckyRouteZero\KentuckyRouteZero.exe No File
FirewallRules: [{86889947-5E56-4D11-B811-8A75557B72AE}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\KentuckyRouteZero\KentuckyRouteZero.exe No File
FirewallRules: [{149BE5C5-0BDE-4AB3-8ED5-6E5773FB1B8D}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{AEBC4287-20A6-4EC8-A98D-9743171192D4}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{CB2A4BD4-457C-4525-B498-CA2E2B4304EB}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe () [File not signed]
FirewallRules: [{791CEF62-605F-4833-A481-F3E103FE190C}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe () [File not signed]
FirewallRules: [{175A4AC5-4294-4C13-B0F3-CDAE057900E7}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{AEE91DFC-8BA3-479D-A282-CB3771727C08}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{27E0135E-2FD5-484B-B746-676E89547D74}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe No File
FirewallRules: [{C1913301-D770-4B8A-B6E8-2867BDE7340E}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe No File
FirewallRules: [{60212794-6466-493A-AA40-6BF738CA06AA}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{854B8424-E529-4E8B-8DB6-116580C1109D}] => (Allow) C:\Users\Nick Torres\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{677A9B8A-47E0-4493-B69E-3E6330CE33E6}] => (Allow) C:\Users\Nick Torres\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{C37766FC-0520-4E47-B626-79F89668B36F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{4D04BCEF-0277-47E0-B52D-6E98FE973223}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{E20A8DFD-2B4B-4DBF-8CC3-7EAAB9099519}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{D3340DA9-47BA-4ED8-A22E-E5A96F2142C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{A986F6DF-F7B1-465B-A472-211CA19885FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{87128CAC-A966-4ECE-B5D6-CF9A37D80D88}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{96714F1C-BD8C-45B7-9C34-8F0D6B51CD33}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{17BA758C-8C11-445A-9DCD-EB662297EF30}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{6482E31F-2884-4C84-B4EB-54385612980A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard) [File not signed]
FirewallRules: [{995F6BC0-2DEC-4FDE-8B79-F27EA2EBE943}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{8E2D7613-B537-4302-8440-6845C2F953C9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{67A1A9D9-937D-4401-9E5D-2DF3830CD150}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{2D815008-7B96-4932-9A37-3A7B713EB951}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [{6389F0D6-8EC8-4FF2-9BA5-3A4C2378532A}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{F63E9399-3625-431A-85E4-B915330C0085}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{DDA7C95C-5978-4B0D-BFD7-933DD36DC8DB}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{785FC912-B337-4D92-8DCA-708B73A9EF44}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{87C7720A-FE76-4D5B-97F3-A4937E7CEE6C}D:\applications\adobe\adobe after effects cc\support files\plug-ins\maxon cineware ae\(cineware support)\bin\cinerender 64bit.exe] => (Allow) D:\applications\adobe\adobe after effects cc\support files\plug-ins\maxon cineware ae\(cineware support)\bin\cinerender 64bit.exe No File
FirewallRules: [UDP Query User{95F6D979-C2FF-4C08-9A70-C577006AB55E}D:\applications\adobe\adobe after effects cc\support files\plug-ins\maxon cineware ae\(cineware support)\bin\cinerender 64bit.exe] => (Allow) D:\applications\adobe\adobe after effects cc\support files\plug-ins\maxon cineware ae\(cineware support)\bin\cinerender 64bit.exe No File
FirewallRules: [{A2792A4B-51D0-4A8B-92A2-D4C0DFB29F31}] => (Allow) LPort=8317
FirewallRules: [{E0737E36-52BE-437A-882C-1B3BD97EF494}] => (Block) D:\Applications\camtasia\CamtasiaStudio.exe (TechSmith Corporation -> TechSmith Corporation)
FirewallRules: [{A1AA64A2-CB1A-4A57-B7A0-E3D12FD06D43}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{BF7D468C-3BDF-42D7-B239-55EFBDF4B63D}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{813EB0FC-4785-43AE-98B7-591DE167A249}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{7DE991D8-FCBA-42C5-B6A5-EFA498F10595}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{5BB72596-7A8C-4486-80B5-DF9C227BB77E}] => (Allow) C:\Users\Nick Torres\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Software Sarl -> Skype Limited)
FirewallRules: [{87260EF6-F5CB-40CB-8700-219DAAACE746}] => (Allow) D:\Applications\Steam x64\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{7EC72238-D026-46B6-B80C-1FD99D00ADD8}] => (Allow) D:\Applications\Steam x64\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{41016AE0-2863-4E7D-899C-3062FF1F6002}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{65E02908-B777-49A4-879D-B245BC08EF45}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{FF3815C7-4BB2-4BA3-8363-E0D41C6DEC13}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{3A5B37EF-25A2-4645-A48E-B4E9368D5D73}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{5083BAB0-FD06-4F2D-A4EB-5AFF4597C53C}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{6AD0B97E-0535-4F43-9571-141977A2ADAA}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{15A31CB2-C1DA-426E-A051-683452670F34}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{0902E3E2-3C4B-47E0-BAB7-F70E46DD62E3}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Thinking with Time Machine\bin\p2map_publish.exe No File
FirewallRules: [{847DDDD3-184A-46BE-BEFE-677953656E7C}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Thinking with Time Machine\bin\p2map_publish.exe No File
FirewallRules: [{BA294BD1-41AD-438A-8BA9-CC851C148543}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{3BD07699-362D-4619-A9CD-AFD9EF703422}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{6D41016E-4E8A-443F-9FDA-701F6B62D8A1}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{12790BB3-F160-4385-AB1A-4ED16AF9B3FE}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Alien Isolation\AI.exe () [File not signed]
FirewallRules: [{6720D437-6108-4B3C-91CD-A2F553BD94C4}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Alien Isolation\AI.exe () [File not signed]
FirewallRules: [{4E810F77-7507-427A-BAE0-5D974AC2F7FA}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{1F256479-E350-42E1-9C43-70E4F5F86B53}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{63B9ED51-3942-49E2-861E-184A84A53715}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{4BC85DC1-BD5F-4328-8FD9-7AF510703651}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{9952592D-C3BD-46FD-9DF0-89490183725D}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{BD488B01-1C33-4883-A8E3-FE6B7C640027}] => (Allow) C:\Program Files (x86)\Kinoni\Remote Desktop\windowsserver.exe (Kinoni -> Kinoni)
FirewallRules: [{A268C066-906E-4DED-81A4-11083272D998}] => (Allow) C:\Program Files (x86)\Kinoni\Remote Desktop\windowsserver.exe (Kinoni -> Kinoni)
FirewallRules: [{0BAE2E80-4E93-4619-A980-84716B96DB4A}] => (Allow) C:\Program Files (x86)\Kinoni\Remote Desktop\windowsserver.exe (Kinoni -> Kinoni)
FirewallRules: [{A50CAC03-4864-4185-88BC-1498A11C4737}] => (Allow) C:\Program Files (x86)\Kinoni\Remote Desktop\windowsserver.exe (Kinoni -> Kinoni)
FirewallRules: [{C6356973-C535-4C7C-80E8-11D2E24F9ACE}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{67E657B4-8EE4-469D-A368-D1E612D687DE}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{A2866194-1C6F-4CCD-A598-98100297211A}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{17FA4D7A-488D-4ACA-A3C7-9EC92487DEC0}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{A4D25CCD-FEE5-4C11-AFD6-09417DBBC910}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{ACC05D52-F4AC-4169-8EAD-8F2AB042DF91}C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe No File
FirewallRules: [UDP Query User{2B7004C3-3D3C-4DE0-B997-BBE91A0F7BD6}C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe No File
FirewallRules: [{AF8244EE-4ABD-4013-B61B-1A7A3A33AB95}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{F9C200A3-A898-41B7-885A-6E6DED47D03B}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{A2CB9E8F-ECD2-4BBD-92E2-DC37C6FDDE8E}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{AF136274-2780-4C5B-ABC0-43E38AC995E5}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{711C1237-DD55-49B6-B49F-5A17A2879597}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{6941D317-D33E-45A6-B283-081F6E81D632}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{42BBEDE3-0D48-464E-93CF-2845FB7AB0D0}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{E990C9F9-CD0E-462A-B87B-9A6D4C7DF452}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{E5FD17E6-ECC9-4424-BA38-CD7EF4072682}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{13D68B9A-EA05-42B0-9D70-E2B978891B02}C:\program files (x86)\looksbuilder\magic bullet photolooks.exe] => (Allow) C:\program files (x86)\looksbuilder\magic bullet photolooks.exe (Red Giant Software LLC) [File not signed]
FirewallRules: [UDP Query User{A7FE2B39-32DE-4EA4-A3D1-9BE1358DA5EF}C:\program files (x86)\looksbuilder\magic bullet photolooks.exe] => (Allow) C:\program files (x86)\looksbuilder\magic bullet photolooks.exe (Red Giant Software LLC) [File not signed]
FirewallRules: [{9CD062A6-3D94-4CEC-9D28-A2173F7B610A}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{C87E4DE3-E3E7-4D09-9808-72D5E4557F3C}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{0B34C766-B953-46D4-B7AE-A038EEF94ECB}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{9E49C751-5174-4643-A022-07577E617AF7}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{8624B67F-1B89-4E55-86DB-46887A1F9685}D:\applications\mozilla firefox\firefox.exe] => (Allow) D:\applications\mozilla firefox\firefox.exe No File
FirewallRules: [UDP Query User{FEB32B6C-E3FE-4AEC-9E73-3DC15B96D87F}D:\applications\mozilla firefox\firefox.exe] => (Allow) D:\applications\mozilla firefox\firefox.exe No File
FirewallRules: [{41EE8E45-8EF4-4891-8086-E3974DBD94A8}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{9B7806E9-F128-418F-BD93-BF90223BDDB9}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [{B752BE02-6B41-4DD9-B54F-5012721EF962}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [TCP Query User{8F7964E8-B899-42AC-80BA-FB5F0019B141}D:\applications\adobe\adobe after effects cc 2014\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc 2014\support files\afterfx.exe No File
FirewallRules: [UDP Query User{F9511A49-0FAF-4B9F-99BA-1D09F447B0AD}D:\applications\adobe\adobe after effects cc 2014\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc 2014\support files\afterfx.exe No File
FirewallRules: [{43139697-9E48-4F97-9CDE-1FAD9FF1BB1D}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{AEF1EB7D-C142-40C0-9364-41CC40158A28}D:\applications\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe] => (Block) D:\applications\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe No File
FirewallRules: [UDP Query User{4B2D2BFB-D8C4-4550-A6AC-0BEC39FA8D8F}D:\applications\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe] => (Block) D:\applications\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe No File
FirewallRules: [{52AD3252-520C-4A78-B6A5-2B8310D8AA75}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{24AA58BF-7A26-4AD0-87EB-6F71B9EE34B7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [TCP Query User{B1DE9FEE-CA1A-4578-8E1D-4D7B887A5242}D:\applications\adobe\adobe photoshop cc 2014\photoshop.exe] => (Allow) D:\applications\adobe\adobe photoshop cc 2014\photoshop.exe No File
FirewallRules: [UDP Query User{5C9FE86D-9F91-4D06-9077-8483072F081E}D:\applications\adobe\adobe photoshop cc 2014\photoshop.exe] => (Allow) D:\applications\adobe\adobe photoshop cc 2014\photoshop.exe No File
FirewallRules: [TCP Query User{0A767F49-2A66-4882-BFF0-76A425AD8585}D:\applications\adobe\adobe media encoder cc 2014\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc 2014\adobe media encoder.exe No File
FirewallRules: [UDP Query User{2C5DC273-1DDF-48FD-A4F8-5685FBF0360F}D:\applications\adobe\adobe media encoder cc 2014\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc 2014\adobe media encoder.exe No File
FirewallRules: [TCP Query User{A8C7DB83-996D-4931-AD57-F6B71143D2E6}D:\applications\adobe\adobe media encoder cc\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc\adobe media encoder.exe No File
FirewallRules: [UDP Query User{9D304EF4-0F3C-4BC8-9AB9-D8A071523A9C}D:\applications\adobe\adobe media encoder cc\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc\adobe media encoder.exe No File
FirewallRules: [TCP Query User{5CB9E7D5-E774-4E34-AA9F-B340E81E39FA}D:\applications\adobe\adobe premiere pro cc 2014\pproheadless.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2014\pproheadless.exe No File
FirewallRules: [UDP Query User{9A9EFF5C-E416-4CF6-A61D-0F440A0C1B43}D:\applications\adobe\adobe premiere pro cc 2014\pproheadless.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2014\pproheadless.exe No File
FirewallRules: [{E8504035-DFFB-4F1C-9219-720798C5293D}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{494F7761-4827-45F5-B4A8-A68F536772DA}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{74F55A18-5468-4F8D-B5FF-977942F750F3}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe No File
FirewallRules: [{230CAB5A-B6D3-4D7B-AD79-F4C76EC3C31B}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe No File
FirewallRules: [{FF9C288C-D169-431A-9ACB-8C3D9C0EBF28}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{76D805F0-163D-423D-AD21-A36A36E8D3FE}C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe No File
FirewallRules: [UDP Query User{6D816E19-7073-4A90-82ED-076ABA4BA92D}C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe No File
FirewallRules: [{BDD6D1CC-8D5E-4337-A0FF-9F5752DD9064}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{88C410FA-5C77-4E82-8C02-E6D3CE12E55C}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{13505173-5D4C-4DFB-996F-068FE6369310}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{27C83147-4467-435C-872E-D35E447758EE}D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe No File
FirewallRules: [UDP Query User{89930658-A721-49E1-90A6-BD185AF040CA}D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe No File
FirewallRules: [TCP Query User{8ED67DBE-583D-4D2F-9776-A0EAA53F8AB3}D:\applications\cycling 74\max 7\max.exe] => (Allow) D:\applications\cycling 74\max 7\max.exe (Cycling '74) [File not signed]
FirewallRules: [UDP Query User{6EA582CB-D462-46DE-B1BA-63EC79B1E33A}D:\applications\cycling 74\max 7\max.exe] => (Allow) D:\applications\cycling 74\max 7\max.exe (Cycling '74) [File not signed]
FirewallRules: [{8FF222EA-8549-4B6C-955A-EA52234F1280}] => (Block) D:\applications\cycling 74\max 7\max.exe (Cycling '74) [File not signed]
FirewallRules: [{4B0C423D-23FE-4FAC-9EC4-31D316A0708A}] => (Block) D:\applications\cycling 74\max 7\max.exe (Cycling '74) [File not signed]
FirewallRules: [TCP Query User{42B5E31A-B405-4860-BB2E-ADD931A22F31}D:\applications\cycling 74\max 7 x32\max.exe] => (Allow) D:\applications\cycling 74\max 7 x32\max.exe (Cycling '74) [File not signed]
FirewallRules: [UDP Query User{8CB3D20C-A5A8-4316-A4B4-8B41BA3DB8F7}D:\applications\cycling 74\max 7 x32\max.exe] => (Allow) D:\applications\cycling 74\max 7 x32\max.exe (Cycling '74) [File not signed]
FirewallRules: [{E8269CC9-121A-423A-B55C-FC9381ED5C59}] => (Block) D:\applications\cycling 74\max 7 x32\max.exe (Cycling '74) [File not signed]
FirewallRules: [{AFFCC242-C39A-4D6E-AC36-5D9E1CD10857}] => (Block) D:\applications\cycling 74\max 7 x32\max.exe (Cycling '74) [File not signed]
FirewallRules: [{6F03E2FF-A05D-4825-9CF7-1095B25CCDD5}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{5B69CE02-7203-4DD0-AF17-4A1A5AC7DFB3}C:\program files\next limit\realflow 2013\realflow.exe] => (Allow) C:\program files\next limit\realflow 2013\realflow.exe () [File not signed]
FirewallRules: [UDP Query User{7ABEEBB9-97F9-4E07-BEC7-E01C52F7626C}C:\program files\next limit\realflow 2013\realflow.exe] => (Allow) C:\program files\next limit\realflow 2013\realflow.exe () [File not signed]
FirewallRules: [{FE8FBB1F-A746-44A1-A7A2-3D91977D3E7F}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{C5F877B2-86E1-4F84-88AB-BEB1754A9C74}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{0D93F949-6A90-4866-A841-55161E12A1FB}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{CC679396-1633-4FEB-994E-C3F2779F8F88}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{C12E7F02-082B-47E4-9148-C80FF4D37E39}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{92AC5161-6DF4-4171-8BCB-89195CEDED35}D:\applications\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe No File
FirewallRules: [UDP Query User{3B96D97E-4AA5-4540-8ED1-2B46C7962D9E}D:\applications\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe No File
FirewallRules: [TCP Query User{FBE204AB-B1AC-4B5C-91F2-3D3439CF97D7}D:\applications\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc 2015\adobe media encoder.exe No File
FirewallRules: [UDP Query User{0301D042-A5E5-431A-900F-E0D1B203153C}D:\applications\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc 2015\adobe media encoder.exe No File
FirewallRules: [TCP Query User{6D621BFD-A3BA-4710-A4A9-E69C03E0F6A4}D:\applications\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc 2015\support files\afterfx.exe No File
FirewallRules: [UDP Query User{87930D31-97A4-4817-8952-163668648866}D:\applications\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc 2015\support files\afterfx.exe No File
FirewallRules: [{F3A897A9-F668-48C0-AEB7-381AA19E8A8C}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{69B6A4CC-BE08-4A56-AFE6-6B6E0DDC406F}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{A72C84A1-EEDA-4DED-B6E5-58A9C6E80AF8}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{7C924959-D653-4726-902E-2FB310098355}D:\downloads\utorrent (1).exe] => (Block) D:\downloads\utorrent (1).exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{3C8663C8-ADEF-407D-9EFE-5E7241364BDB}D:\downloads\utorrent (1).exe] => (Block) D:\downloads\utorrent (1).exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{73B805B5-CFE2-48CA-896E-DC815414F965}D:\applications\steam x64\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\applications\steam x64\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [UDP Query User{E2B5139D-ABFF-4C87-8E0C-C2CCF9F54E2E}D:\applications\steam x64\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\applications\steam x64\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [{33B9C255-7DC7-4C00-9530-4EA8477A94F5}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe No File
FirewallRules: [{0A3F0C91-67C2-42D7-89B9-9FB25A889812}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe No File
FirewallRules: [{C6BDD602-376A-4C49-B7B3-FAC11CB47790}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A61F7E69-AA57-4A10-BA0C-6B79E4ACCA37}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3014A433-845C-43F4-BE14-D2DDE66C5D53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{51705155-02E0-44AD-8DCD-4ABBED266644}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A18EBD20-3F1F-4DE0-9927-1AE00C6FA896}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{74BD061C-5238-4E74-BA9A-70478A82563B}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{E273C856-3FDB-4706-A25E-8C21643294F3}C:\users\nick torres\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\nick torres\appdata\local\directv player\ndspcshowserver.exe (DIRECTV, LLC. -> )
FirewallRules: [UDP Query User{38B0ED7E-1133-42D5-87B6-222E320A09C0}C:\users\nick torres\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\nick torres\appdata\local\directv player\ndspcshowserver.exe (DIRECTV, LLC. -> )
FirewallRules: [{4D82FC12-F9D7-4816-9AE2-E60D199C73B6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{64CC4289-4192-467D-B970-05E60B528D7B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{00BE6974-8DCA-416F-92BB-8106987E9D9A}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{DA7C0F17-21B8-4BF1-BC8D-E5A564A31D10}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{C7C4939B-32BA-4C01-A60B-D12681E44426}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{CBF614F8-FA96-480B-986E-D7B296E1110F}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{5C6E81E0-117C-4D69-A92D-C22C94A349B5}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{4F54D810-FE2D-4EA9-847D-18CDE33AEADF}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{437DEE8C-0EFA-4239-BF8D-F49B024E82AC}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{82BDC8DD-5F08-4DEC-874A-BE3383F2B98C}] => (Block) D:\Applications\Live 9.5\Program\Ableton Live 9 Suite.exe (Ableton AG -> Ableton) [File not signed]
FirewallRules: [{D0B863FA-807C-4B0B-8B3F-F95A0BA29920}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{FFE9DE2C-07CE-4AC3-9432-4E43906CD6B9}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{DC6A3B2A-C840-4516-9A59-02D2DF31407F}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{5F10203D-0B80-479A-8237-655047E1CA73}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{BDA780E7-E42E-40B2-A938-BFAA464797B6}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{05ADB7AA-F317-45FC-8166-60488549C4FA}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{D2F2CA39-3D4D-4A38-9E06-E87327F3AC04}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{F4BE89E0-24EA-40D7-BE88-E02516B3753B}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{416F1F6A-8C36-42FB-9726-47E1F35C9FF9}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{DF594931-6785-432B-9464-8C971C1A076F}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{EAC56A70-1280-4E73-BF16-21D312B85133}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{F5946BED-4F02-4003-88D1-A6E45D34CAE9}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{00FFEB5D-D3BE-41CC-8577-5B35BF698262}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{1CA15EE2-E178-4C51-9A0B-A001E4E57481}] => (Allow) D:\Documents\Ubisoft Games\Tom Clancy's The Division PTS\TheDivision.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{B036D548-E8F2-4034-9803-237848432594}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{B08A8808-CAF9-48C2-AF18-C7933EE5B463}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{1D6A60E5-6E57-4946-9057-BE1FB0E2419B}D:\documents\battle net\games\overwatch\overwatch.exe] => (Allow) D:\documents\battle net\games\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{7D8CD0B4-3695-4FF0-BB6E-2895A87042EA}D:\documents\battle net\games\overwatch\overwatch.exe] => (Allow) D:\documents\battle net\games\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{8D7E770E-4A3C-4002-8A81-17BAC11C8DEB}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{F23690F2-483E-4A14-BAC1-B7F5B8C6B1FB}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{C72AA873-2604-497A-80B4-C8BE3608E9D7}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{47EFDF8E-6E30-4299-B91E-88B9D902EB8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe No File
FirewallRules: [{34505668-62EC-47BE-A98D-C3D715255028}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe No File
FirewallRules: [{F28E6203-EC95-424E-88CC-B5D389053453}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{08D3CE3F-D2DB-495E-BC34-40EDFD9B4E3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File
FirewallRules: [{9E5CC8B2-AF99-4B2D-A5C3-CACE41662987}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File
FirewallRules: [{CCB14115-5046-4E65-853E-D90AE6557D93}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{88DC11F5-136F-4F0F-8ABF-DA628F1430CC}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{F6AAA918-59FA-4E6D-984F-814F627AC8C4}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{396B419C-9548-4543-8E8E-4CE450D90B93}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{E558B318-D029-4FAC-A383-E61115847AC0}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{5B22FBCF-99C4-466D-B12B-4D78176CE0E1}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{F62F1047-7B31-416F-96CA-85C0782A5728}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{ED0D4498-50B4-4899-83DF-91C0FCEF87F8}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{F76E047A-F81F-44D1-AAD2-778CC09E4AA0}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{714D27AE-1AA5-464E-A54A-2023008502B7}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{C9E4A1D3-4631-4F8B-9AF0-D22C255BB808}] => (Allow) D:\Applications\Steam x64\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{94DB6687-F5CF-41CC-9A4D-7445DFC0273C}] => (Allow) D:\Applications\Steam x64\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{2BF45E85-5456-4C44-9963-1B7A1D4F1EC0}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{AB214292-B915-461B-9705-803E2A4F37ED}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2CA61D8C-42C0-4DD3-97FE-BA82535142D4}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{9275C40D-65D4-4624-AB98-B899983DB3C5}D:\documents\ubisoft games\tom clancy's the division\thedivision.exe] => (Allow) D:\documents\ubisoft games\tom clancy's the division\thedivision.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [UDP Query User{0D136C62-B407-4566-AE51-58ADFFAF1CB0}D:\documents\ubisoft games\tom clancy's the division\thedivision.exe] => (Allow) D:\documents\ubisoft games\tom clancy's the division\thedivision.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{053FDDF4-785E-4409-AB73-8946903D2CE7}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{187D3C5E-05B4-4C84-A5A3-06224795C1D8}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{63140856-562F-44E4-AC02-AF6FA9EBFBE6}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{19847C84-E700-40F5-9C98-6309ECFFA1D7}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{4725F03F-DC6E-4C63-8798-84C955BA5F96}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{DF6A80B5-6A5A-4FEF-8672-A400ECFDE53C}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{AA422B45-21F8-4988-8BA1-5C98EF589F40}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{CF9E5D34-D2B8-44DE-817E-2A340601861B}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{38B3B642-C354-4257-A1B3-DC73E85F79D4}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{CB24C66C-E4A7-4688-BE27-4ED000EFF0A4}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{DA4A3E97-CC0B-42ED-A19E-CCC0397D8E27}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{C5F3FD7A-ED49-4EAA-B300-C6A1B59D435C}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{4DB332A7-B2FD-4DE7-A301-A49E2ECEB97F}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{89BA99DA-80A2-45DE-99E6-029DBD321A28}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{98CBE374-EEAE-45B5-B413-2E278432B529}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{411BFA83-7065-48B5-BB4A-04938375FB3D}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{EA10A61B-2625-4977-B449-BBF2E4D7092F}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{CC8F6AE7-08FA-4299-9AE2-A753F3274193}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{1EF8E08E-7818-43BB-96DF-287D33E61DF5}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{3F0E115D-4DAD-4D3A-86FF-028AB93C2F5F}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{8E2B6EE6-C471-45D8-8A91-CFA4F3BDD94C}D:\applications\adobe\adobe muse cc 2017\muse.exe] => (Allow) D:\applications\adobe\adobe muse cc 2017\muse.exe No File
FirewallRules: [UDP Query User{8C60E898-B1B6-40A4-BFCD-6439B018F2C6}D:\applications\adobe\adobe muse cc 2017\muse.exe] => (Allow) D:\applications\adobe\adobe muse cc 2017\muse.exe No File
FirewallRules: [{4FA70FE7-2EEB-4FFB-92D9-04876D9A1D58}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{8C255641-4CDB-4300-932D-28FD8BEBA564}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{ACCA687A-DDF2-4EC5-B73C-0F9F82454557}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{0039397C-6E7B-4FB2-9455-97D65E20BA69}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\RESIDENT EVIL 7 biohazard\re7.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{561F0DEE-A98D-4F41-8839-08EA7BC72608}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\RESIDENT EVIL 7 biohazard\re7.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{86ED50D6-464D-4213-8DF6-B67B68700CE7}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{9AF430BE-3220-45CC-95F9-0DCDA5E9F957}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [{D6EB1942-D0B7-441C-B871-BF97904E82CF}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [TCP Query User{C27A5CF8-A28B-47E7-A737-6C0D9553645A}D:\applications\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe No File
FirewallRules: [UDP Query User{F3B7594B-CE1F-4EF9-BE4D-07B3F97CE141}D:\applications\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe No File
FirewallRules: [TCP Query User{F36DBBD4-7853-492C-B77A-0306AF9FAF96}D:\applications\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc 2017\support files\afterfx.exe No File
FirewallRules: [UDP Query User{611EDE27-16C0-4C41-A395-7CFD61CA2750}D:\applications\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc 2017\support files\afterfx.exe No File
FirewallRules: [TCP Query User{18A0EC39-DC3D-4A0D-A97B-21DC83B80C42}D:\applications\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc 2017\adobe media encoder.exe No File
FirewallRules: [UDP Query User{38EEC19F-E93F-4EAF-A7AD-CD97627969C2}D:\applications\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc 2017\adobe media encoder.exe No File
FirewallRules: [{FB47F69E-C51E-4D0A-9091-2900330812E8}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{BEE09273-E509-4840-8C4E-8FAF137B5CE1}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe No File
FirewallRules: [{EE73A8C6-F5AE-4AB1-B57E-6B0B4227AFDE}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe No File
FirewallRules: [{B7C4B782-3B91-442A-8B01-D6C3EF4CE16D}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{C8519C90-5EC1-4FE9-A181-EFAE578F1CBF}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{0F0B5736-EE03-4FD6-ABDD-926D9377D34E}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{42D3626F-665F-4BCD-A2ED-CC28935A36D4}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{207B1DC7-E7C1-4D52-B787-05E4FEB745E1}D:\applications\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe No File
FirewallRules: [UDP Query User{DCE33C5B-A061-4B28-B391-6926908F16F5}D:\applications\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe No File
FirewallRules: [{1EBB1646-931C-4F1C-97F0-49F11C48DD34}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{F8C34400-14B3-494C-8187-D15096901B82}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ECD37832-9B29-4DAB-B348-B5231850A06B}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{4CCA1291-D1A2-4E1D-B6B9-2F78D9E88322}D:\applications\epic\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\applications\epic\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{43566C21-8629-460A-A957-301F74895BE3}D:\applications\epic\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\applications\epic\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{D7073514-9733-4EFF-90DE-43047A4F25B7}D:\applications\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\applications\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{FD652C5F-F29A-410B-8C4F-A596AF790868}D:\applications\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\applications\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{0AC78B80-925F-42CA-8460-CEB643816699}D:\applications\epic\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\applications\epic\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{A56D15FB-284A-4BD7-8BAA-F4F100C9193D}D:\applications\epic\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\applications\epic\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [TCP Query User{A5F8A1FF-F0A5-476E-9E1C-E4C65B6B4D8C}D:\applications\epic\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\applications\epic\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe No File
FirewallRules: [UDP Query User{471FD087-DA78-411A-BF55-5AFA95984B52}D:\applications\epic\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\applications\epic\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe No File
FirewallRules: [{20BDC80F-A1E2-465F-B074-6B30499F9797}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{E656E7FD-F228-43CB-B50B-177BA713AB39}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{36C3B867-EC47-4BD5-B4C3-3167590DBC07}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{F12C1EC7-147A-4563-9F99-A9DA48D469D5}] => (Allow) D:\Applications\Steam x64\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E33EC59F-A2CA-4DF9-871F-61C46FA48595}] => (Allow) D:\Applications\Steam x64\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BDA9A84F-FB63-4B58-841E-3060A18F6327}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Yakuza 0\media\Yakuza0.exe () [File not signed]
FirewallRules: [{CA5B7F3F-61C9-4232-878F-D730A5FA3211}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Yakuza 0\media\Yakuza0.exe () [File not signed]
FirewallRules: [{2B38563B-A7C3-4C27-9F49-0A750418576B}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{F9C24D08-5846-49DE-9543-404B2FAEC791}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{9775FF5A-9356-4EBA-A276-FD657F29E1C8}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe No File
FirewallRules: [{D54BD1F9-0299-4443-B190-CE35C329211D}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe No File
FirewallRules: [{318CD652-FC40-4300-A6B3-2B2A68365945}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{A426624D-D4F0-44FF-85F9-78817570DF57}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{729A8803-5956-4450-B340-CC64BE1C1522}] => (Allow) D:\Applications\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{D116F7D7-BBD0-4F93-B7FB-9BF453647ABB}] => (Allow) D:\Applications\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{1846E996-8C7F-4A44-86BD-BB3ACA79418D}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{04B98B00-7E5C-47AD-A554-38BC0CAA158C}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{4D7B02B7-B815-407B-B398-1C3C3E1D4365}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{9119E571-6158-47DC-99A9-7E94BE500880}C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{A2EA9E61-519A-4194-8466-2152E39331C1}C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{3BD31066-1741-4D3B-A7C5-BE03B04D35B0}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [UDP Query User{99B583E1-C050-446B-A7A8-CFE8C9E9A1AA}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [{24B3EF71-C0E0-4A1E-8B2C-21BD8502E702}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{BB7BC6F9-3A14-4898-B9BB-183B13385E9C}] => (Allow) D:\Documents\Origin\Detention\Detention.exe () [File not signed]
FirewallRules: [{B5B4FB45-E911-4413-8947-69DD1AD9282E}] => (Allow) D:\Documents\Origin\Detention\Detention.exe () [File not signed]
FirewallRules: [{0B1CCE28-4884-4C1D-8DDB-1289C670BD74}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{5660AE20-7910-42A4-80AD-1DEFDB57D36A}] => (Allow) D:\Documents\Origin\Mass Effect Andromeda\MassEffectAndromedaTrial.exe (Electronic Arts - BioWare) [File not signed]
FirewallRules: [{FE70E5E7-A26C-41DB-B9BB-3E0A348F018C}] => (Allow) D:\Documents\Origin\Mass Effect Andromeda\MassEffectAndromedaTrial.exe (Electronic Arts - BioWare) [File not signed]
FirewallRules: [{76EFED46-8650-4DF0-A713-7E678444C94C}] => (Allow) D:\Documents\Origin\Mass Effect Andromeda\MassEffectAndromeda.exe (Electronic Arts -> Electronic Arts - BioWare)
FirewallRules: [{084DD881-90E5-4DFC-87AC-1E1B4A613A90}] => (Allow) D:\Documents\Origin\Mass Effect Andromeda\MassEffectAndromeda.exe (Electronic Arts -> Electronic Arts - BioWare)
FirewallRules: [{6435189E-5908-444D-BEA3-12D13B464795}] => (Allow) D:\Documents\Origin\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{8CADDF41-1F70-4D9B-9FAA-991BDC84A46C}] => (Allow) D:\Documents\Origin\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{F21DFB3F-06A4-4C81-92A2-7A6757421BC5}] => (Allow) D:\Documents\Origin\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{1FB70FAA-3424-4078-BF54-E38F0786A951}] => (Allow) D:\Documents\Origin\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{49AE1541-B8D1-4A12-A04B-F1A8C6FB4F6A}] => (Allow) D:\Documents\Origin\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{F018D386-0C7C-4F4B-9284-1121E5FD72C4}] => (Allow) D:\Documents\Origin\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{11D831B7-B568-4FAF-BDA9-C339961708F8}] => (Allow) D:\Documents\Origin\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{FF67BDEB-44E8-40C1-B3B7-932D48CF7B8F}] => (Allow) D:\Documents\Origin\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{AB9AC3F9-FF74-40F5-B768-A73157AB2608}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{6CB0789E-438B-4FCA-9363-115FB4375D19}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{E6470A08-285C-4DCD-BE6A-D6C7CA424C57}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{EF040A51-9B7C-416C-8CA8-DE502A3883B8}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{871130F8-B8EA-463C-887B-7875E8A671C4}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{CDD7F5DE-8068-4ACF-9A31-AAF9E27AA4D2}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [TCP Query User{8E3D4022-26BF-4A83-94C3-6405F162DCB4}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [UDP Query User{71129185-4FB9-4B5D-9864-8BBC4451BB68}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [{9BB8F3ED-BCDF-4AD9-ACAE-CE9BC5DD5364}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{E156077A-CBA8-4932-86AA-520126416624}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{3FE59D55-8D19-4425-983A-3B2C32AFC817}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{FD0D5958-A692-4B89-A258-C4BB5632EC5A}] => (Allow) D:\Applications\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{EF731362-3147-416C-850D-F697E51F7026}] => (Allow) D:\Applications\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{C3ED3E49-5278-4AF7-BE65-320EE82EEFBA}] => (Allow) D:\Applications\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{A6D1B3C9-33C0-4827-BF71-0FF56A58059E}] => (Allow) D:\Applications\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{7AD81537-0AAF-4E52-A0A5-0BF028BAB049}] => (Allow) D:\Applications\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{90D210A0-1D5C-4E80-86F6-01C0216446F4}] => (Allow) D:\Applications\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{084F5438-7CC8-40E8-A95F-41F6365DA086}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{1BA52F0B-E64B-4F05-925F-C9FB817FB0D0}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{D96C6C4A-1D6B-4C35-A8ED-377F04C35E32}] => (Block) D:\Applications\Devotion\Devotion.exe No File
FirewallRules: [{B5D48772-A665-45F9-9498-281E16548CDB}] => (Allow) D:\Applications\Mozilla Firefox\plugin-container.exe No File
FirewallRules: [{A26299B1-DF34-401A-B8CD-F6CFA74B3385}] => (Allow) D:\Applications\Mozilla Firefox\plugin-container.exe No File
FirewallRules: [{D6DC5C25-7133-46DE-9397-63F79F03FE2C}] => (Allow) C:\Program Files (x86)\TorrentsTime Media Player\bin\chromecast\node.exe (Joyent Inc -> Joyent, Inc)
FirewallRules: [{17538D76-3325-4D3B-A770-CE6681781D2E}] => (Allow) C:\Program Files (x86)\TorrentsTime Media Player\bin\chromecast\node.exe (Joyent Inc -> Joyent, Inc)
FirewallRules: [TCP Query User{EE2E168A-C4D6-421C-AEF9-AF3005D27F5B}D:\applications\devotion game\devotion\devotion.exe] => (Allow) D:\applications\devotion game\devotion\devotion.exe () [File not signed]
FirewallRules: [UDP Query User{F0B9F39E-1258-4DFB-9659-E2ACA23BAEE8}D:\applications\devotion game\devotion\devotion.exe] => (Allow) D:\applications\devotion game\devotion\devotion.exe () [File not signed]
FirewallRules: [{E566D9C2-1191-419D-A899-CA598054A1E3}] => (Block) D:\applications\devotion game\devotion\devotion.exe () [File not signed]
FirewallRules: [{D7CAF029-644A-404F-9CEE-CF14AD16FE98}] => (Block) D:\applications\devotion game\devotion\devotion.exe () [File not signed]
FirewallRules: [{8AD2269F-502E-451D-A4B5-688F244A260D}] => (Allow) D:\Applications\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2CF11C72-CE2D-4A38-BB73-E33E8BCA6F57}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\HITMAN2\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{5EF8F13F-9E15-4B9D-B270-0892C9120787}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\HITMAN2\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{2620AE5A-399B-479F-A356-F9B547856AD1}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{BC6B2277-0368-4247-9A6F-FA000D24D8CE}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{566FB74A-158C-4073-8AD5-CDCCA2272FBB}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{24620C41-076E-41E1-9422-1BA0C4319D91}] => (Allow) C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe (Tobias Erichsen) [File not signed]
FirewallRules: [{ABCE02BF-980B-4328-BF4D-11D2AAB5AFAE}] => (Block) D:\Applications\Live 10.1\Program\Ableton Live 10 Suite.exe (Ableton AG -> Ableton) [File not signed]
FirewallRules: [{995A4AF7-8EA2-4533-918D-7BF0146DB91C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/01/2019 08:39:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/01/2019 08:39:26 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "D:\Waves\Applications\wlc.exe".Error in manifest or policy file "D:\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/01/2019 08:39:26 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "D:\Waves\Applications\wlc.exe".Error in manifest or policy file "D:\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/01/2019 08:39:26 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "D:\Waves\Applications\GTR 3.5.exe".Error in manifest or policy file "D:\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/01/2019 08:39:26 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "D:\Waves\Applications\GTRSolo 3.5.exe".Error in manifest or policy file "D:\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/01/2019 08:39:26 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "D:\Waves\Applications\GTR 3.5.exe".Error in manifest or policy file "D:\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/01/2019 08:39:25 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "D:\Waves\Applications\GTRSolo 3.5.exe".Error in manifest or policy file "D:\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/01/2019 08:39:01 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "D:\Waves\Applications\GTR 3.5.exe".Error in manifest or policy file "D:\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (11/01/2019 09:09:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
The dependency service or group failed to start.

Error: (11/01/2019 09:09:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
The dependency service or group failed to start.

Error: (11/01/2019 09:08:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
The dependency service or group failed to start.

Error: (11/01/2019 09:08:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
The dependency service or group failed to start.

Error: (11/01/2019 09:08:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
The dependency service or group failed to start.

Error: (11/01/2019 09:08:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
The dependency service or group failed to start.

Error: (11/01/2019 09:08:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
The dependency service or group failed to start.

Error: (11/01/2019 09:08:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
The dependency service or group failed to start.


Windows Defender:
===================================
Date: 2017-12-09 03:24:07.673
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{AD3BCB40-9529-4294-82A2-5D1A4710B560}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2016-06-19 18:37:27.316
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Penzievs&threatid=226179
Name:SoftwareBundler:Win32/Penzievs
ID:226179
Severity:High
Category:Software Bundler
Path Found:containerfile:D:\Downloads\Ableton live Suite v9.5 WiN x86 x64-d33p57a7u5\Ableton live Suite v9.5 WiN x86 x64-d33p57a7u5.exe;file:D:\Downloads\Ableton live Suite v9.5 WiN x86 x64-d33p57a7u5\Ableton live Suite v9.5 WiN x86 x64-d33p57a7u5.exe->(nsis-instdata)
Detection Type:Concrete
Detection Source:Real-Time Protection
Status:Unknown
Process Name:

Date: 2016-06-18 20:00:18.200
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Penzievs&threatid=226179
Name:SoftwareBundler:Win32/Penzievs
ID:226179
Severity:High
Category:Software Bundler
Path Found:containerfile:D:\Downloads\Ableton live Suite v9.5 WiN x86 x64-d33p57a7u5\crack\run_8da0d.exe;file:D:\Downloads\Ableton live Suite v9.5 WiN x86 x64-d33p57a7u5\crack\run_8da0d.exe->(nsis-instdata);webfile:D:\Downloads\Ableton live Suite v9.5 WiN x86 x64-d33p57a7u5\crack\run_8da0d.exe|about:internet
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:

Date: 2015-10-31 02:32:03.182
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{6421922A-2836-440E-9454-90F876D46D42}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2015-09-28 04:56:48.681
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Diplugem&threatid=213571
Name:BrowserModifier:Win32/Diplugem
ID:213571
Severity:High
Category:Browser Modifier
Path Found:file:C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000002;file:C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000003;file:C:\Users\Nick Torres\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000000
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:c:\program files\windows defender\MpCmdRun.exe

Date: 2019-09-16 15:22:50.687
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8009200d
Error description:Not a cryptographic message or the cryptographic message is not formatted correctly. 
Signature version:1.301.1007.0
Engine version:1.1.16300.1

Date: 2019-09-16 15:22:44.521
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x8009200d
Error description:Not a cryptographic message or the cryptographic message is not formatted correctly. 
Signature version:1.301.1191.0
Engine version:1.1.16300.1

Date: 2016-04-21 11:23:18.170
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

CodeIntegrity:
===================================

Date: 2017-03-10 10:40:50.972
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-10 10:40:50.878
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-09 20:15:57.910
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-09 20:15:57.800
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-08 17:22:43.003
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-08 17:22:42.956
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-07 16:59:46.409
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-07 16:59:46.315
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 4005 04/18/2013
Motherboard: ASUSTeK COMPUTER INC. P9X79 LE
Processor: Intel(R) Core(TM) i7-3930K CPU @ 3.20GHz
Percentage of memory in use: 10%
Total physical RAM: 32714.43 MB
Available physical RAM: 29274.41 MB
Total Virtual: 65427.04 MB
Available Virtual: 62025.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.57 GB) (Free:3.28 GB) NTFS
Drive d: (SEAGATE2TB) (Fixed) (Total:1863.01 GB) (Free:351.53 GB) NTFS
Drive j: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1175.47 GB) NTFS

\\?\Volume{a8e33b13-07d4-11e6-bb21-806e6f6e6963}\ () (Fixed) (Total:0.09 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 5BC53D8B)
Partition 1: (Active) - (Size=100 MB) - (Type=0C)
Partition 2: (Not Active) - (Size=111.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: B019EEEF)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 08C9DEA1)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Remove this program in bold via the Control Panel > Programs > Programs and Features.
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version:  - UltimateOutsider)
===

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

If the problem persists and Chrome is Synced with other Devices check this out.

https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/

Execute the suggested fix.

Restart the computer normally.
===========

Please post the Fixlog.txt and let me know if the problem is solved.
 

fixlist.txt

Share this post


Link to post
Share on other sites

thanks for the feedback! I uninstalled the GWX program and ran the fix per your instructions. Should I use Malwarebytes and Windows Sercurity to scan for Occamy.B again? here's my fixlog:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-11-2019
Ran by Nick Torres (02-11-2019 12:36:23) Run:1
Running from C:\Users\Nick Torres\Desktop
Loaded Profiles: Nick Torres (Available Profiles: Nick Torres)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2499520 2019-09-27] (Hola Networks Ltd -> Hola Networks Ltd.) <==== ATTENTION
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Run: [GoogleChromeAutoLaunch_EBB015BB97B9A4FB709628EE396F6237] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1696920 2019-10-30] (Google LLC -> Google LLC)
AppInit_DLLs-x32:  => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk [2014-02-01]
ShortcutTarget: Air Mouse.lnk -> C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe (No File)
Task: {0F69D5D5-C833-42F6-85F1-081C0456265E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {10CB32FB-337A-475A-94C5-4913B7718E49} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {241BB97F-6CDA-4B72-B7C5-59D3CE876B5C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2C662CDB-2B3F-4B70-BC2E-BE2B06B84B0E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {50E65739-FBAF-4117-AA76-CC02060298CD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C2604471-81F5-499A-8AC5-AA76436D29AB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C261E754-177A-4EA4-8E77-CE52BA031673} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E2A2D03D-285B-4605-968D-BF5CC1CF2F9C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
URLSearchHook: HKU\S-1-5-21-2790423112-85866878-2890688316-1000 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc. -> Yahoo! Inc.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc. -> Yahoo! Inc.)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28] (Yahoo! Inc. -> Yahoo! Inc)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc. -> Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-2790423112-85866878-2890688316-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll [2014-04-27] (AVG Technologies -> AVG Secure Search)
FF Extension: (Block site) - C:\Users\Nick Torres\AppData\Roaming\Mozilla\Firefox\Profiles\cgned1kc.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-06-19] [Legacy]
FF SearchPlugin: C:\Users\Nick Torres\AppData\Roaming\Mozilla\Firefox\Profiles\cgned1kc.default\searchplugins\safeguard-secure-search.xml [2013-10-28]
FF HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll [No File]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]
FF Plugin-x32: adobe.com/AdobeExManDetect -> D:\Applications\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]
FF Plugin HKU\S-1-5-21-2790423112-85866878-2890688316-1000: @hola.org/vlc -> C:\Users\Nick Torres\AppData\Local\Hola\firefox\app\vlc\npvlc.dll [No File]
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://mysearch.avg.com?cid={67F08C8D-2466-4021-A2FD-6E3BF32F3EED}&mid=f16efd7d216647d3a8d2b1ed0ab72454-56b671731fea097ab6370bfd8e7d45a06eb1536b&lang=en&ds=ts024&coid=avgtbdists&pr=sa&d=2013-10-28 16:59:48&v=17.0.0.12&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={56E035D4-2744-4FB3-B26A-8D61CE132ACA}&mid=f16efd7d216647d3a8d2b1ed0ab72454-56b671731fea097ab6370bfd8e7d45a06eb1536b&lang=en&ds=is015&coid=avgtbdisis&cmpid=... (long line)
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\18.1.0.443\avg.crx <not found>
S2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [21052864 2019-09-27] (Hola Networks Ltd -> Hola Networks Ltd.) <==== ATTENTION
S2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [20986416 2019-08-30] (Hola Networks Ltd -> Hola Networks Ltd.) <==== ATTENTION
S2 luminati_net_updater_win_hola_org; C:\Program Files\Hola\app\net_updater64.exe [2677184 2019-09-16] (Luminati Networks -> Luminati Networks Ltd.)
S2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X]
S3 SysCMD; cmd /K start [X]
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2017-11-30] (Slimware Utilities, Inc. -> )
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S4 nvvhci; system32\DRIVERS\nvvhci.sys [X]
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Nick Torres\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Application Data:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Microsoft:1pBjbbFxzW3ljQXnyqnkIj4QNYM [2510]
AlternateDataStreams: C:\ProgramData\Microsoft:3kSzkfXZMBh0VXVnOV6RfWuzkFC3C [2074]
AlternateDataStreams: C:\ProgramData\Microsoft:8cY09adyMgLSI0NtLgDcKs [2598]
AlternateDataStreams: C:\ProgramData\Microsoft:jKSCGNPDelPtrztxTmiXb61zflG [2502]
AlternateDataStreams: C:\ProgramData\Microsoft:LaRCMd3UUh1QaTYuJF69t [2102]
AlternateDataStreams: C:\ProgramData\Microsoft:mRB5oVNMDScitsCZRR0NIVfZCG [2300]
AlternateDataStreams: C:\ProgramData\Microsoft:Q0ZAbXCXsTsgrJLxqFpsLYnLr [2074]
AlternateDataStreams: C:\ProgramData\Microsoft:QIeIf93BAr6wMLcdL2x6xSwUdNt [2248]
AlternateDataStreams: C:\ProgramData\Microsoft:QvtS3ct2y2yUd8sBy2vA [2312]
AlternateDataStreams: C:\ProgramData\Microsoft:tmYwYkajVhj0Ju5m1hdSDPnvEs [2048]
AlternateDataStreams: C:\ProgramData\Microsoft:trAL0Ng5VY4dNtdw1T5 [2222]
AlternateDataStreams: C:\ProgramData\Microsoft:VGG78F8osbDNvKspNnfac8F1 [587]
AlternateDataStreams: C:\ProgramData\PACE:070D1E3B86C49A33 [1]
AlternateDataStreams: C:\Users\Nick Torres\Cookies:176hCN16tqfCUxhg7DH9ZAGf [2190]
AlternateDataStreams: C:\Users\Nick Torres\Cookies:Anb67W2We92Mwe4LZSEQBut [2384]
AlternateDataStreams: C:\Users\Nick Torres\Local Settings:pVTcVLXWi4jT1l2WWCZfP1 [2258]
AlternateDataStreams: C:\Users\Nick Torres\Local Settings:UqeVGOFBwrGh3BoS2TI [2256]
AlternateDataStreams: C:\Users\Nick Torres\Desktop\Metro: 2033 Redux.url [271]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local:pVTcVLXWi4jT1l2WWCZfP1 [2258]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local:UqeVGOFBwrGh3BoS2TI [2256]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\4Hoka9A25X:DxmxBbmOAwdsZtlBc [2550]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\4rTrINdCuRPKth:MRWo4Kg30KcMAlBHEXa7ftm [2202]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Application Data:pVTcVLXWi4jT1l2WWCZfP1 [2258]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Application Data:UqeVGOFBwrGh3BoS2TI [2256]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\EqJR1BHOsuXb:zP7TQF7uGHAOscftA4ot3f [2408]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\k9OetowVx6uE2:XGCuYiKy8fzqBB5i8Z [631]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temp:5I7UzOc47ZA6zIH4zP [1860]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temp:bM07OFqgN2hN0KD74KiZ [2306]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temporary Internet Files:3AnEMP39Q62ftsWtJwiiy [2362]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temporary Internet Files:5HBe9LPcbFbjQZ97 [2598]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temporary Internet Files:BPcdKQXA8EXDZGtYEZn3t [1970]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temporary Internet Files:Ffz1cVS9NuZ7WWsc8b14qAJu41JcSk [1922]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temporary Internet Files:jAFFbXUh6mTBY9RBzSEsaE8BR [2186]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\Temporary Internet Files:MFoYhrtvF9kJbiQ82SW [2000]
AlternateDataStreams: C:\Users\Nick Torres\AppData\Local\wFVXzWvejUk:UPOfCpGaY5RxdIq3EnukngdsvEgz [2344]
AlternateDataStreams: C:\Users\Public\AppData:CSM [226]
IE trusted site: HKU\S-1-5-21-2790423112-85866878-2890688316-1000\...\hola.org -> hxxp://hola.org
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{3AA50230-04DA-4C63-908F-E24317EC4C9A}] => (Allow) C:\Users\Nick Torres\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{41699A0A-13BC-4397-A8D2-A72358F161E1}] => (Allow) C:\Users\Nick Torres\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{8BE61B68-999B-4C93-9305-ED8127A3DF78}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat No File
FirewallRules: [{2DDDC0AF-5FD6-4197-8A92-EEA46ED0F983}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat No File
FirewallRules: [{C3131006-51FA-4FF9-90B2-5576D0EC4EA5}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat No File
FirewallRules: [TCP Query User{E6A6E506-4A76-4957-B19F-87BE4086B854}C:\users\nick torres\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nick torres\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{866C21B8-646B-4A4A-BB01-C1101174708E}C:\users\nick torres\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nick torres\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{A0EA5A53-9AEB-46EB-A93B-B8AB69827D82}C:\users\nick torres\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\nick torres\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [UDP Query User{37B4813C-49CB-4634-BB89-BE5A4943F071}C:\users\nick torres\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\nick torres\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [{FE831DF5-816F-4E4D-BD0E-34B02CC7D01F}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Medal of Honor\MP\mohmpgame.exe No File
FirewallRules: [{C7BF0267-AE4F-411C-88E7-0A6701807027}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Medal of Honor\MP\mohmpgame.exe No File
FirewallRules: [{54209A4C-FEFF-40CF-A594-7198CB73CEBA}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Medal of Honor\Binaries\moh.exe No File
FirewallRules: [{D1098D31-0CE0-4E54-88BE-E6B06C79B5F3}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Medal of Honor\Binaries\moh.exe No File
FirewallRules: [{2B93024D-5B69-49D3-9CAD-8D2352803C82}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat No File
FirewallRules: [{BC73DDC1-654D-4CBD-8171-9EC524FE54C9}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat No File
FirewallRules: [TCP Query User{B9A562B0-75D2-4B58-BE02-4A7046E89069}D:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe] => (Allow) D:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe No File
FirewallRules: [UDP Query User{A29E80AF-117A-4E97-8119-DA7A6229E625}D:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe] => (Allow) D:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe No File
FirewallRules: [TCP Query User{C3CF6D0D-F348-4949-83E0-AD02F0528B98}D:\applications\ableton 9 x64\program\ableton live 9 suite.exe] => (Allow) D:\applications\ableton 9 x64\program\ableton live 9 suite.exe No File
FirewallRules: [UDP Query User{A529690F-EFB9-42EA-84FE-EF15C6BDE85C}D:\applications\ableton 9 x64\program\ableton live 9 suite.exe] => (Allow) D:\applications\ableton 9 x64\program\ableton live 9 suite.exe No File
FirewallRules: [TCP Query User{4EF7D9FE-5DFA-44D0-A29C-FCC8471711D8}C:\users\nick torres\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nick torres\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [UDP Query User{C06FAC84-43C6-42AA-8768-13CB715226B7}C:\users\nick torres\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nick torres\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [{12FD03B9-C442-43D8-88C7-31C05050482D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File
FirewallRules: [{138B2708-9BDF-45DF-8B61-D659759ADEFB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File
FirewallRules: [TCP Query User{2B20EC5C-11C1-4D35-BAF1-E2FC22D7F895}C:\users\nick torres\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nick torres\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{CEF84698-766D-4D7B-9BCE-12CC3BEA2A3A}C:\users\nick torres\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nick torres\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{696C3B6B-A766-4C13-8222-FB3A0CBE6FA1}D:\applications\adobe\adobe after effects cc\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc\support files\afterfx.exe No File
FirewallRules: [UDP Query User{35B32A08-8C03-47E5-B32A-7CC35153D14E}D:\applications\adobe\adobe after effects cc\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc\support files\afterfx.exe No File
FirewallRules: [TCP Query User{000298C1-D19B-4C37-84E3-77DACA0F171A}D:\applications\adobe\adobe premiere pro cc\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc\adobe premiere pro.exe No File
FirewallRules: [UDP Query User{77946CF0-E5F7-4D24-B7D5-62B91A4AA297}D:\applications\adobe\adobe premiere pro cc\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc\adobe premiere pro.exe No File
FirewallRules: [TCP Query User{08B3A380-BF73-43B8-BE56-44C85228851A}D:\applications\adobe\adobe photoshop cc (64 bit)\photoshop.exe] => (Allow) D:\applications\adobe\adobe photoshop cc (64 bit)\photoshop.exe No File
FirewallRules: [UDP Query User{238F1003-E451-4314-8BD2-1578314C7F5A}D:\applications\adobe\adobe photoshop cc (64 bit)\photoshop.exe] => (Allow) D:\applications\adobe\adobe photoshop cc (64 bit)\photoshop.exe No File
FirewallRules: [{0554455C-5F44-47D0-9E04-68F928F87F9D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File
FirewallRules: [{677014C9-15C3-4C7A-9AC4-6F515890DAC5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File
FirewallRules: [{0AA8B040-A55A-4927-AEE1-66C689070D65}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe No File
FirewallRules: [{97428AF1-0C2E-4893-A52C-5550383891DA}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe No File
FirewallRules: [{E56CD62B-F5E6-4D58-A370-AB41EA500B65}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe No File
FirewallRules: [{4768878E-E1F0-4BF6-88F1-D75DE0C059A0}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe No File
FirewallRules: [{3BCE8096-3A8A-4ED7-9416-5EEBABBD6290}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe No File
FirewallRules: [{B6279B51-DEF6-4870-90DB-270C3A7C5AD9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe No File
FirewallRules: [{9E1F5444-EE1F-4D07-8F51-6707EDF8586F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe No File
FirewallRules: [{26A719FE-DACB-4640-90E2-64F37D8BF39F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe No File
FirewallRules: [{93C56EDF-A3EA-40C6-B6A5-77E0D7569790}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe No File
FirewallRules: [{77D15867-CD01-49EF-AE12-36B5A4D7167B}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe No File
FirewallRules: [{A547DD23-DC6F-4C31-9A92-6E68C00F04DB}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe No File
FirewallRules: [{31D65A78-0D33-4D2F-B228-F063F4E83ABF}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe No File
FirewallRules: [{61FC0B2B-8DBF-4C72-B353-FB225FD33B63}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Outlast\OutlastLauncher.exe No File
FirewallRules: [{1953F10C-B413-4CD2-B7A0-E31A03D8FA6B}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Outlast\OutlastLauncher.exe No File
FirewallRules: [TCP Query User{E05B2936-F8C2-4867-8E29-DE7B88414ADC}D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe No File
FirewallRules: [UDP Query User{25F6CA1F-E1FA-46A4-8A7C-CFAF46E250FD}D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe No File
FirewallRules: [TCP Query User{2C9F3823-7E1F-4920-AA7D-E38C36432F01}C:\program files (x86)\air mouse\air mouse\air mouse.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\air mouse.exe No File
FirewallRules: [UDP Query User{956D3729-CFF1-4265-B003-E373FAFA3932}C:\program files (x86)\air mouse\air mouse\air mouse.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\air mouse.exe No File
FirewallRules: [TCP Query User{C45F7DB4-871E-4BF2-8CB5-665931100C64}C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe No File
FirewallRules: [UDP Query User{E0F5CD9A-F680-4D0A-A40C-7472E67D01F1}C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe No File
FirewallRules: [TCP Query User{DA7881DC-175D-4F00-91AB-0356C21FEDCA}C:\program files (x86)\air mouse\air mouse\air mouse.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\air mouse.exe No File
FirewallRules: [UDP Query User{AB82C28D-A3BA-4453-BB98-AA32C628EB14}C:\program files (x86)\air mouse\air mouse\air mouse.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\air mouse.exe No File
FirewallRules: [TCP Query User{27C17B40-63E5-4398-9E44-9BC7EEA84514}C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe No File
FirewallRules: [UDP Query User{095706D3-4588-4708-A491-B7DC0251B70A}C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe] => (Allow) C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe No File
FirewallRules: [TCP Query User{E26C8716-0E81-469A-BEE4-1047A687A8F7}D:\applications\bitwig\bitwig studio.exe] => (Allow) D:\applications\bitwig\bitwig studio.exe No File
FirewallRules: [UDP Query User{310523B3-8BF7-473B-BD1F-F3EDADF6B81E}D:\applications\bitwig\bitwig studio.exe] => (Allow) D:\applications\bitwig\bitwig studio.exe No File
FirewallRules: [TCP Query User{677B616D-1D55-4FE3-BC2C-C79C29CE59C7}D:\applications\adobe\adobe muse\adobe muse.exe] => (Allow) D:\applications\adobe\adobe muse\adobe muse.exe No File
FirewallRules: [UDP Query User{F75834A2-7E1F-4DC1-AE36-D0FE8E9644A2}D:\applications\adobe\adobe muse\adobe muse.exe] => (Allow) D:\applications\adobe\adobe muse\adobe muse.exe No File
FirewallRules: [{9E07940A-EFA6-459D-AB66-9B1F60639F5B}] => (Allow) D:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe No File
FirewallRules: [{88D80D29-6AF3-4682-A236-2357E9682AA4}] => (Allow) D:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe No File
FirewallRules: [{BA7B2B64-711A-40CC-A3E1-B1AD4E84258C}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\DayZ\DayZ.exe No File
FirewallRules: [{06C57080-02BC-4E41-96C3-E9CF6FEE7C2F}] => (Block) %ProgramFiles% (x86)\Avid\Pro Tools\ProTools.exe No File
FirewallRules: [{0AB78F6F-7AFB-4B20-936E-B74CFF670E9E}] => (Block) %ProgramFiles% (x86)\Avid\Pro Tools\ProTools.exe No File
FirewallRules: [{B3E4642A-5CCA-403A-9034-98B753F00063}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\KentuckyRouteZero\KentuckyRouteZero.exe No File
FirewallRules: [{86889947-5E56-4D11-B811-8A75557B72AE}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\KentuckyRouteZero\KentuckyRouteZero.exe No File
FirewallRules: [{27E0135E-2FD5-484B-B746-676E89547D74}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe No File
FirewallRules: [{C1913301-D770-4B8A-B6E8-2867BDE7340E}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe No File
FirewallRules: [{854B8424-E529-4E8B-8DB6-116580C1109D}] => (Allow) C:\Users\Nick Torres\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{677A9B8A-47E0-4493-B69E-3E6330CE33E6}] => (Allow) C:\Users\Nick Torres\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [TCP Query User{87C7720A-FE76-4D5B-97F3-A4937E7CEE6C}D:\applications\adobe\adobe after effects cc\support files\plug-ins\maxon cineware ae\(cineware support)\bin\cinerender 64bit.exe] => (Allow) D:\applications\adobe\adobe after effects cc\support files\plug-ins\maxon cineware ae\(cineware support)\bin\cinerender 64bit.exe No File
FirewallRules: [UDP Query User{95F6D979-C2FF-4C08-9A70-C577006AB55E}D:\applications\adobe\adobe after effects cc\support files\plug-ins\maxon cineware ae\(cineware support)\bin\cinerender 64bit.exe] => (Allow) D:\applications\adobe\adobe after effects cc\support files\plug-ins\maxon cineware ae\(cineware support)\bin\cinerender 64bit.exe No File
FirewallRules: [{87260EF6-F5CB-40CB-8700-219DAAACE746}] => (Allow) D:\Applications\Steam x64\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{7EC72238-D026-46B6-B80C-1FD99D00ADD8}] => (Allow) D:\Applications\Steam x64\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{0902E3E2-3C4B-47E0-BAB7-F70E46DD62E3}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Thinking with Time Machine\bin\p2map_publish.exe No File
FirewallRules: [{847DDDD3-184A-46BE-BEFE-677953656E7C}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Thinking with Time Machine\bin\p2map_publish.exe No File
FirewallRules: [TCP Query User{ACC05D52-F4AC-4169-8EAD-8F2AB042DF91}C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe No File
FirewallRules: [UDP Query User{2B7004C3-3D3C-4DE0-B997-BBE91A0F7BD6}C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe No File
FirewallRules: [TCP Query User{8624B67F-1B89-4E55-86DB-46887A1F9685}D:\applications\mozilla firefox\firefox.exe] => (Allow) D:\applications\mozilla firefox\firefox.exe No File
FirewallRules: [UDP Query User{FEB32B6C-E3FE-4AEC-9E73-3DC15B96D87F}D:\applications\mozilla firefox\firefox.exe] => (Allow) D:\applications\mozilla firefox\firefox.exe No File
FirewallRules: [{9B7806E9-F128-418F-BD93-BF90223BDDB9}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [{B752BE02-6B41-4DD9-B54F-5012721EF962}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [TCP Query User{8F7964E8-B899-42AC-80BA-FB5F0019B141}D:\applications\adobe\adobe after effects cc 2014\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc 2014\support files\afterfx.exe No File
FirewallRules: [UDP Query User{F9511A49-0FAF-4B9F-99BA-1D09F447B0AD}D:\applications\adobe\adobe after effects cc 2014\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc 2014\support files\afterfx.exe No File
FirewallRules: [TCP Query User{AEF1EB7D-C142-40C0-9364-41CC40158A28}D:\applications\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe] => (Block) D:\applications\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe No File
FirewallRules: [{52AD3252-520C-4A78-B6A5-2B8310D8AA75}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{24AA58BF-7A26-4AD0-87EB-6F71B9EE34B7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [TCP Query User{B1DE9FEE-CA1A-4578-8E1D-4D7B887A5242}D:\applications\adobe\adobe photoshop cc 2014\photoshop.exe] => (Allow) D:\applications\adobe\adobe photoshop cc 2014\photoshop.exe No File
FirewallRules: [UDP Query User{5C9FE86D-9F91-4D06-9077-8483072F081E}D:\applications\adobe\adobe photoshop cc 2014\photoshop.exe] => (Allow) D:\applications\adobe\adobe photoshop cc 2014\photoshop.exe No File
FirewallRules: [TCP Query User{0A767F49-2A66-4882-BFF0-76A425AD8585}D:\applications\adobe\adobe media encoder cc 2014\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc 2014\adobe media encoder.exe No File
FirewallRules: [UDP Query User{2C5DC273-1DDF-48FD-A4F8-5685FBF0360F}D:\applications\adobe\adobe media encoder cc 2014\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc 2014\adobe media encoder.exe No File
FirewallRules: [TCP Query User{A8C7DB83-996D-4931-AD57-F6B71143D2E6}D:\applications\adobe\adobe media encoder cc\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc\adobe media encoder.exe No File
FirewallRules: [UDP Query User{9D304EF4-0F3C-4BC8-9AB9-D8A071523A9C}D:\applications\adobe\adobe media encoder cc\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc\adobe media encoder.exe No File
FirewallRules: [TCP Query User{5CB9E7D5-E774-4E34-AA9F-B340E81E39FA}D:\applications\adobe\adobe premiere pro cc 2014\pproheadless.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2014\pproheadless.exe No File
FirewallRules: [UDP Query User{9A9EFF5C-E416-4CF6-A61D-0F440A0C1B43}D:\applications\adobe\adobe premiere pro cc 2014\pproheadless.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2014\pproheadless.exe No File
FirewallRules: [{74F55A18-5468-4F8D-B5FF-977942F750F3}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe No File
FirewallRules: [{230CAB5A-B6D3-4D7B-AD79-F4C76EC3C31B}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe No File
FirewallRules: [TCP Query User{76D805F0-163D-423D-AD21-A36A36E8D3FE}C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe No File
FirewallRules: [UDP Query User{6D816E19-7073-4A90-82ED-076ABA4BA92D}C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe No File
FirewallRules: [TCP Query User{27C83147-4467-435C-872E-D35E447758EE}D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe No File
FirewallRules: [UDP Query User{89930658-A721-49E1-90A6-BD185AF040CA}D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe No File
FirewallRules: [TCP Query User{92AC5161-6DF4-4171-8BCB-89195CEDED35}D:\applications\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe No File
FirewallRules: [UDP Query User{3B96D97E-4AA5-4540-8ED1-2B46C7962D9E}D:\applications\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe No File
FirewallRules: [TCP Query User{FBE204AB-B1AC-4B5C-91F2-3D3439CF97D7}D:\applications\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc 2015\adobe media encoder.exe No File
FirewallRules: [UDP Query User{0301D042-A5E5-431A-900F-E0D1B203153C}D:\applications\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc 2015\adobe media encoder.exe No File
FirewallRules: [TCP Query User{6D621BFD-A3BA-4710-A4A9-E69C03E0F6A4}D:\applications\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc 2015\support files\afterfx.exe No File
FirewallRules: [UDP Query User{87930D31-97A4-4817-8952-163668648866}D:\applications\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc 2015\support files\afterfx.exe No File
FirewallRules: [TCP Query User{73B805B5-CFE2-48CA-896E-DC815414F965}D:\applications\steam x64\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\applications\steam x64\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [UDP Query User{E2B5139D-ABFF-4C87-8E0C-C2CCF9F54E2E}D:\applications\steam x64\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\applications\steam x64\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [{33B9C255-7DC7-4C00-9530-4EA8477A94F5}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe No File
FirewallRules: [{0A3F0C91-67C2-42D7-89B9-9FB25A889812}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe No File
FirewallRules: [{4D82FC12-F9D7-4816-9AE2-E60D199C73B6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{64CC4289-4192-467D-B970-05E60B528D7B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{47EFDF8E-6E30-4299-B91E-88B9D902EB8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe No File
FirewallRules: [{34505668-62EC-47BE-A98D-C3D715255028}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe No File
FirewallRules: [{F28E6203-EC95-424E-88CC-B5D389053453}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{08D3CE3F-D2DB-495E-BC34-40EDFD9B4E3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File
FirewallRules: [{9E5CC8B2-AF99-4B2D-A5C3-CACE41662987}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File
FirewallRules: [{C9E4A1D3-4631-4F8B-9AF0-D22C255BB808}] => (Allow) D:\Applications\Steam x64\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{94DB6687-F5CF-41CC-9A4D-7445DFC0273C}] => (Allow) D:\Applications\Steam x64\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{8E2B6EE6-C471-45D8-8A91-CFA4F3BDD94C}D:\applications\adobe\adobe muse cc 2017\muse.exe] => (Allow) D:\applications\adobe\adobe muse cc 2017\muse.exe No File
FirewallRules: [UDP Query User{8C60E898-B1B6-40A4-BFCD-6439B018F2C6}D:\applications\adobe\adobe muse cc 2017\muse.exe] => (Allow) D:\applications\adobe\adobe muse cc 2017\muse.exe No File
FirewallRules: [{9AF430BE-3220-45CC-95F9-0DCDA5E9F957}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [{D6EB1942-D0B7-441C-B871-BF97904E82CF}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [TCP Query User{C27A5CF8-A28B-47E7-A737-6C0D9553645A}D:\applications\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe No File
FirewallRules: [UDP Query User{F3B7594B-CE1F-4EF9-BE4D-07B3F97CE141}D:\applications\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe No File
FirewallRules: [TCP Query User{F36DBBD4-7853-492C-B77A-0306AF9FAF96}D:\applications\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc 2017\support files\afterfx.exe No File
FirewallRules: [UDP Query User{611EDE27-16C0-4C41-A395-7CFD61CA2750}D:\applications\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) D:\applications\adobe\adobe after effects cc 2017\support files\afterfx.exe No File
FirewallRules: [TCP Query User{18A0EC39-DC3D-4A0D-A97B-21DC83B80C42}D:\applications\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc 2017\adobe media encoder.exe No File
FirewallRules: [UDP Query User{38EEC19F-E93F-4EAF-A7AD-CD97627969C2}D:\applications\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Allow) D:\applications\adobe\adobe media encoder cc 2017\adobe media encoder.exe No File
FirewallRules: [{BEE09273-E509-4840-8C4E-8FAF137B5CE1}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe No File
FirewallRules: [{EE73A8C6-F5AE-4AB1-B57E-6B0B4227AFDE}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe No File
FirewallRules: [TCP Query User{207B1DC7-E7C1-4D52-B787-05E4FEB745E1}D:\applications\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe No File
FirewallRules: [UDP Query User{DCE33C5B-A061-4B28-B391-6926908F16F5}D:\applications\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Allow) D:\applications\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe No File
FirewallRules: [TCP Query User{0AC78B80-925F-42CA-8460-CEB643816699}D:\applications\epic\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\applications\epic\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{A56D15FB-284A-4BD7-8BAA-F4F100C9193D}D:\applications\epic\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\applications\epic\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [TCP Query User{A5F8A1FF-F0A5-476E-9E1C-E4C65B6B4D8C}D:\applications\epic\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\applications\epic\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe No File
FirewallRules: [UDP Query User{471FD087-DA78-411A-BF55-5AFA95984B52}D:\applications\epic\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\applications\epic\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe No File
FirewallRules: [{9775FF5A-9356-4EBA-A276-FD657F29E1C8}] => (Allow) D:\Applications\Steam x64\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe No File
FirewallRules: [{D96C6C4A-1D6B-4C35-A8ED-377F04C35E32}] => (Block) D:\Applications\Devotion\Devotion.exe No File
FirewallRules: [{B5D48772-A665-45F9-9498-281E16548CDB}] => (Allow) D:\Applications\Mozilla Firefox\plugin-container.exe No File
FirewallRules: [{A26299B1-DF34-401A-B8CD-F6CFA74B3385}] => (Allow) D:\Applications\Mozilla Firefox\plugin-container.exe No File
C:\Program Files\Hola
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk
C:\Windows\System32\DRIVERS\SWDUMon.sys

*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\hola" => removed successfully
"HKU\S-1-5-21-2790423112-85866878-2890688316-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_EBB015BB97B9A4FB709628EE396F6237" => removed successfully
"AppInit_DLLs-x32:  => No File" => Value data not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk => moved successfully
"C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F69D5D5-C833-42F6-85F1-081C0456265E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F69D5D5-C833-42F6-85F1-081C0456265E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10CB32FB-337A-475A-94C5-4913B7718E49}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10CB32FB-337A-475A-94C5-4913B7718E49}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{241BB97F-6CDA-4B72-B7C5-59D3CE876B5C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{241BB97F-6CDA-4B72-B7C5-59D3CE876B5C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2C662CDB-2B3F-4B70-BC2E-BE2B06B84B0E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C662CDB-2B3F-4B70-BC2E-BE2B06B84B0E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50E65739-FBAF-4117-AA76-CC02060298CD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50E65739-FBAF-4117-AA76-CC02060298CD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C2604471-81F5-499A-8AC5-AA76436D29AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2604471-81F5-499A-8AC5-AA76436D29AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C261E754-177A-4EA4-8E77-CE52BA031673}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C261E754-177A-4EA4-8E77-CE52BA031673}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2A2D03D-285B-4605-968D-BF5CC1CF2F9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2A2D03D-285B-4605-968D-BF5CC1CF2F9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKU\S-1-5-21-2790423112-85866878-2890688316-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\" => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => removed successfully
"HKU\S-1-5-21-2790423112-85866878-2890688316-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Wow6432Node\Classes\PROTOCOLS\Handler\viprotocol => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} => removed successfully
C:\Users\Nick Torres\AppData\Roaming\Mozilla\Firefox\Profiles\cgned1kc.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} => moved successfully
C:\Users\Nick Torres\AppData\Roaming\Mozilla\Firefox\Profiles\cgned1kc.default\searchplugins\safeguard-secure-search.xml => moved successfully
"HKU\S-1-5-21-2790423112-85866878-2890688316-1000\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8}" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect => removed successfully
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\Software\MozillaPlugins\@hola.org/vlc => removed successfully
"C:\Users\Nick Torres\AppData\Local\Hola\firefox\app\vlc\npvlc.dll" => not found
"Chrome StartupUrls" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof => removed successfully
HKLM\System\CurrentControlSet\Services\hola_svc => removed successfully
hola_svc => service removed successfully
HKLM\System\CurrentControlSet\Services\hola_updater => removed successfully
hola_updater => service removed successfully
HKLM\System\CurrentControlSet\Services\luminati_net_updater_win_hola_org => removed successfully
luminati_net_updater_win_hola_org => service removed successfully
PaceLicenseDServices => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\PaceLicenseDServices => removed successfully
PaceLicenseDServices => service removed successfully
HKLM\System\CurrentControlSet\Services\SysCMD => removed successfully
SysCMD => service removed successfully
HKLM\System\CurrentControlSet\Services\SWDUMon => removed successfully
SWDUMon => service removed successfully
HKLM\System\CurrentControlSet\Services\nvvad_WaveExtensible => removed successfully
nvvad_WaveExtensible => service removed successfully
HKLM\System\CurrentControlSet\Services\nvvhci => removed successfully
nvvhci => service removed successfully
HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5} => removed successfully
HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-2790423112-85866878-2890688316-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
C:\ProgramData => ":482EE99B1E21CE8C" ADS removed successfully
"C:\Users\All Users" => ":482EE99B1E21CE8C" ADS not found.
"C:\ProgramData\Application Data" => ":482EE99B1E21CE8C" ADS not found.
C:\ProgramData\Microsoft => ":1pBjbbFxzW3ljQXnyqnkIj4QNYM" ADS removed successfully
C:\ProgramData\Microsoft => ":3kSzkfXZMBh0VXVnOV6RfWuzkFC3C" ADS removed successfully
C:\ProgramData\Microsoft => ":8cY09adyMgLSI0NtLgDcKs" ADS removed successfully
C:\ProgramData\Microsoft => ":jKSCGNPDelPtrztxTmiXb61zflG" ADS removed successfully
C:\ProgramData\Microsoft => ":LaRCMd3UUh1QaTYuJF69t" ADS removed successfully
C:\ProgramData\Microsoft => ":mRB5oVNMDScitsCZRR0NIVfZCG" ADS removed successfully
C:\ProgramData\Microsoft => ":Q0ZAbXCXsTsgrJLxqFpsLYnLr" ADS removed successfully
C:\ProgramData\Microsoft => ":QIeIf93BAr6wMLcdL2x6xSwUdNt" ADS removed successfully
C:\ProgramData\Microsoft => ":QvtS3ct2y2yUd8sBy2vA" ADS removed successfully
C:\ProgramData\Microsoft => ":tmYwYkajVhj0Ju5m1hdSDPnvEs" ADS removed successfully
C:\ProgramData\Microsoft => ":trAL0Ng5VY4dNtdw1T5" ADS removed successfully
C:\ProgramData\Microsoft => ":VGG78F8osbDNvKspNnfac8F1" ADS removed successfully
C:\ProgramData\PACE => ":070D1E3B86C49A33" ADS removed successfully
C:\Users\Nick Torres\Cookies => ":176hCN16tqfCUxhg7DH9ZAGf" ADS removed successfully
C:\Users\Nick Torres\Cookies => ":Anb67W2We92Mwe4LZSEQBut" ADS removed successfully
C:\Users\Nick Torres\Local Settings => ":pVTcVLXWi4jT1l2WWCZfP1" ADS removed successfully
C:\Users\Nick Torres\Local Settings => ":UqeVGOFBwrGh3BoS2TI" ADS removed successfully
C:\Users\Nick Torres\Desktop\Metro => ": 2033 Redux.url" ADS removed successfully
"C:\Users\Nick Torres\AppData\Local" => ":pVTcVLXWi4jT1l2WWCZfP1" ADS not found.
"C:\Users\Nick Torres\AppData\Local" => ":UqeVGOFBwrGh3BoS2TI" ADS not found.
C:\Users\Nick Torres\AppData\Local\4Hoka9A25X => ":DxmxBbmOAwdsZtlBc" ADS removed successfully
C:\Users\Nick Torres\AppData\Local\4rTrINdCuRPKth => ":MRWo4Kg30KcMAlBHEXa7ftm" ADS removed successfully
"C:\Users\Nick Torres\AppData\Local\Application Data" => ":pVTcVLXWi4jT1l2WWCZfP1" ADS not found.
"C:\Users\Nick Torres\AppData\Local\Application Data" => ":UqeVGOFBwrGh3BoS2TI" ADS not found.
C:\Users\Nick Torres\AppData\Local\EqJR1BHOsuXb => ":zP7TQF7uGHAOscftA4ot3f" ADS removed successfully
C:\Users\Nick Torres\AppData\Local\k9OetowVx6uE2 => ":XGCuYiKy8fzqBB5i8Z" ADS removed successfully
C:\Users\Nick Torres\AppData\Local\Temp => ":5I7UzOc47ZA6zIH4zP" ADS removed successfully
C:\Users\Nick Torres\AppData\Local\Temp => ":bM07OFqgN2hN0KD74KiZ" ADS removed successfully
C:\Users\Nick Torres\AppData\Local\Temporary Internet Files => ":3AnEMP39Q62ftsWtJwiiy" ADS removed successfully
C:\Users\Nick Torres\AppData\Local\Temporary Internet Files => ":5HBe9LPcbFbjQZ97" ADS removed successfully
C:\Users\Nick Torres\AppData\Local\Temporary Internet Files => ":BPcdKQXA8EXDZGtYEZn3t" ADS removed successfully
C:\Users\Nick Torres\AppData\Local\Temporary Internet Files => ":Ffz1cVS9NuZ7WWsc8b14qAJu41JcSk" ADS removed successfully
C:\Users\Nick Torres\AppData\Local\Temporary Internet Files => ":jAFFbXUh6mTBY9RBzSEsaE8BR" ADS removed successfully
C:\Users\Nick Torres\AppData\Local\Temporary Internet Files => ":MFoYhrtvF9kJbiQ82SW" ADS removed successfully
C:\Users\Nick Torres\AppData\Local\wFVXzWvejUk => ":UPOfCpGaY5RxdIq3EnukngdsvEgz" ADS removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully
HKU\S-1-5-21-2790423112-85866878-2890688316-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP-NoScope" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3AA50230-04DA-4C63-908F-E24317EC4C9A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{41699A0A-13BC-4397-A8D2-A72358F161E1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8BE61B68-999B-4C93-9305-ED8127A3DF78}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2DDDC0AF-5FD6-4197-8A92-EEA46ED0F983}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3131006-51FA-4FF9-90B2-5576D0EC4EA5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E6A6E506-4A76-4957-B19F-87BE4086B854}C:\users\nick torres\appdata\roaming\spotify\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{866C21B8-646B-4A4A-BB01-C1101174708E}C:\users\nick torres\appdata\roaming\spotify\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A0EA5A53-9AEB-46EB-A93B-B8AB69827D82}C:\users\nick torres\appdata\local\akamai\netsession_win.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{37B4813C-49CB-4634-BB89-BE5A4943F071}C:\users\nick torres\appdata\local\akamai\netsession_win.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE831DF5-816F-4E4D-BD0E-34B02CC7D01F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C7BF0267-AE4F-411C-88E7-0A6701807027}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{54209A4C-FEFF-40CF-A594-7198CB73CEBA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D1098D31-0CE0-4E54-88BE-E6B06C79B5F3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B93024D-5B69-49D3-9CAD-8D2352803C82}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BC73DDC1-654D-4CBD-8171-9EC524FE54C9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B9A562B0-75D2-4B58-BE02-4A7046E89069}D:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A29E80AF-117A-4E97-8119-DA7A6229E625}D:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C3CF6D0D-F348-4949-83E0-AD02F0528B98}D:\applications\ableton 9 x64\program\ableton live 9 suite.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A529690F-EFB9-42EA-84FE-EF15C6BDE85C}D:\applications\ableton 9 x64\program\ableton live 9 suite.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4EF7D9FE-5DFA-44D0-A29C-FCC8471711D8}C:\users\nick torres\appdata\local\akamai\netsession_win.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C06FAC84-43C6-42AA-8768-13CB715226B7}C:\users\nick torres\appdata\local\akamai\netsession_win.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{12FD03B9-C442-43D8-88C7-31C05050482D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{138B2708-9BDF-45DF-8B61-D659759ADEFB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2B20EC5C-11C1-4D35-BAF1-E2FC22D7F895}C:\users\nick torres\appdata\roaming\spotify\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CEF84698-766D-4D7B-9BCE-12CC3BEA2A3A}C:\users\nick torres\appdata\roaming\spotify\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{696C3B6B-A766-4C13-8222-FB3A0CBE6FA1}D:\applications\adobe\adobe after effects cc\support files\afterfx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{35B32A08-8C03-47E5-B32A-7CC35153D14E}D:\applications\adobe\adobe after effects cc\support files\afterfx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{000298C1-D19B-4C37-84E3-77DACA0F171A}D:\applications\adobe\adobe premiere pro cc\adobe premiere pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{77946CF0-E5F7-4D24-B7D5-62B91A4AA297}D:\applications\adobe\adobe premiere pro cc\adobe premiere pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{08B3A380-BF73-43B8-BE56-44C85228851A}D:\applications\adobe\adobe photoshop cc (64 bit)\photoshop.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{238F1003-E451-4314-8BD2-1578314C7F5A}D:\applications\adobe\adobe photoshop cc (64 bit)\photoshop.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0554455C-5F44-47D0-9E04-68F928F87F9D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{677014C9-15C3-4C7A-9AC4-6F515890DAC5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0AA8B040-A55A-4927-AEE1-66C689070D65}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{97428AF1-0C2E-4893-A52C-5550383891DA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E56CD62B-F5E6-4D58-A370-AB41EA500B65}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4768878E-E1F0-4BF6-88F1-D75DE0C059A0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3BCE8096-3A8A-4ED7-9416-5EEBABBD6290}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B6279B51-DEF6-4870-90DB-270C3A7C5AD9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E1F5444-EE1F-4D07-8F51-6707EDF8586F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26A719FE-DACB-4640-90E2-64F37D8BF39F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{93C56EDF-A3EA-40C6-B6A5-77E0D7569790}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{77D15867-CD01-49EF-AE12-36B5A4D7167B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A547DD23-DC6F-4C31-9A92-6E68C00F04DB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{31D65A78-0D33-4D2F-B228-F063F4E83ABF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61FC0B2B-8DBF-4C72-B353-FB225FD33B63}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1953F10C-B413-4CD2-B7A0-E31A03D8FA6B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E05B2936-F8C2-4867-8E29-DE7B88414ADC}D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{25F6CA1F-E1FA-46A4-8A7C-CFAF46E250FD}D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2C9F3823-7E1F-4920-AA7D-E38C36432F01}C:\program files (x86)\air mouse\air mouse\air mouse.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{956D3729-CFF1-4265-B003-E373FAFA3932}C:\program files (x86)\air mouse\air mouse\air mouse.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C45F7DB4-871E-4BF2-8CB5-665931100C64}C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E0F5CD9A-F680-4D0A-A40C-7472E67D01F1}C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DA7881DC-175D-4F00-91AB-0356C21FEDCA}C:\program files (x86)\air mouse\air mouse\air mouse.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AB82C28D-A3BA-4453-BB98-AA32C628EB14}C:\program files (x86)\air mouse\air mouse\air mouse.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{27C17B40-63E5-4398-9E44-9BC7EEA84514}C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{095706D3-4588-4708-A491-B7DC0251B70A}C:\program files (x86)\air mouse\air mouse\mobile mouse service.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E26C8716-0E81-469A-BEE4-1047A687A8F7}D:\applications\bitwig\bitwig studio.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{310523B3-8BF7-473B-BD1F-F3EDADF6B81E}D:\applications\bitwig\bitwig studio.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{677B616D-1D55-4FE3-BC2C-C79C29CE59C7}D:\applications\adobe\adobe muse\adobe muse.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F75834A2-7E1F-4DC1-AE36-D0FE8E9644A2}D:\applications\adobe\adobe muse\adobe muse.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E07940A-EFA6-459D-AB66-9B1F60639F5B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{88D80D29-6AF3-4682-A236-2357E9682AA4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BA7B2B64-711A-40CC-A3E1-B1AD4E84258C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{06C57080-02BC-4E41-96C3-E9CF6FEE7C2F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0AB78F6F-7AFB-4B20-936E-B74CFF670E9E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B3E4642A-5CCA-403A-9034-98B753F00063}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86889947-5E56-4D11-B811-8A75557B72AE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{27E0135E-2FD5-484B-B746-676E89547D74}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1913301-D770-4B8A-B6E8-2867BDE7340E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{854B8424-E529-4E8B-8DB6-116580C1109D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{677A9B8A-47E0-4493-B69E-3E6330CE33E6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{87C7720A-FE76-4D5B-97F3-A4937E7CEE6C}D:\applications\adobe\adobe after effects cc\support files\plug-ins\maxon cineware ae\(cineware support)\bin\cinerender 64bit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{95F6D979-C2FF-4C08-9A70-C577006AB55E}D:\applications\adobe\adobe after effects cc\support files\plug-ins\maxon cineware ae\(cineware support)\bin\cinerender 64bit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{87260EF6-F5CB-40CB-8700-219DAAACE746}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7EC72238-D026-46B6-B80C-1FD99D00ADD8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0902E3E2-3C4B-47E0-BAB7-F70E46DD62E3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{847DDDD3-184A-46BE-BEFE-677953656E7C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ACC05D52-F4AC-4169-8EAD-8F2AB042DF91}C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2B7004C3-3D3C-4DE0-B997-BBE91A0F7BD6}C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8624B67F-1B89-4E55-86DB-46887A1F9685}D:\applications\mozilla firefox\firefox.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FEB32B6C-E3FE-4AEC-9E73-3DC15B96D87F}D:\applications\mozilla firefox\firefox.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9B7806E9-F128-418F-BD93-BF90223BDDB9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B752BE02-6B41-4DD9-B54F-5012721EF962}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8F7964E8-B899-42AC-80BA-FB5F0019B141}D:\applications\adobe\adobe after effects cc 2014\support files\afterfx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F9511A49-0FAF-4B9F-99BA-1D09F447B0AD}D:\applications\adobe\adobe after effects cc 2014\support files\afterfx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AEF1EB7D-C142-40C0-9364-41CC40158A28}D:\applications\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52AD3252-520C-4A78-B6A5-2B8310D8AA75}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{24AA58BF-7A26-4AD0-87EB-6F71B9EE34B7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B1DE9FEE-CA1A-4578-8E1D-4D7B887A5242}D:\applications\adobe\adobe photoshop cc 2014\photoshop.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5C9FE86D-9F91-4D06-9077-8483072F081E}D:\applications\adobe\adobe photoshop cc 2014\photoshop.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0A767F49-2A66-4882-BFF0-76A425AD8585}D:\applications\adobe\adobe media encoder cc 2014\adobe media encoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2C5DC273-1DDF-48FD-A4F8-5685FBF0360F}D:\applications\adobe\adobe media encoder cc 2014\adobe media encoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A8C7DB83-996D-4931-AD57-F6B71143D2E6}D:\applications\adobe\adobe media encoder cc\adobe media encoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9D304EF4-0F3C-4BC8-9AB9-D8A071523A9C}D:\applications\adobe\adobe media encoder cc\adobe media encoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5CB9E7D5-E774-4E34-AA9F-B340E81E39FA}D:\applications\adobe\adobe premiere pro cc 2014\pproheadless.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9A9EFF5C-E416-4CF6-A61D-0F440A0C1B43}D:\applications\adobe\adobe premiere pro cc 2014\pproheadless.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{74F55A18-5468-4F8D-B5FF-977942F750F3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{230CAB5A-B6D3-4D7B-AD79-F4C76EC3C31B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{76D805F0-163D-423D-AD21-A36A36E8D3FE}C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6D816E19-7073-4A90-82ED-076ABA4BA92D}C:\users\nick torres\appdata\local\hola\firefox\app\hola_plugin.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{27C83147-4467-435C-872E-D35E447758EE}D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{89930658-A721-49E1-90A6-BD185AF040CA}D:\applications\steam x64\steam\steamapps\common\outlast\binaries\win64\olgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{92AC5161-6DF4-4171-8BCB-89195CEDED35}D:\applications\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3B96D97E-4AA5-4540-8ED1-2B46C7962D9E}D:\applications\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FBE204AB-B1AC-4B5C-91F2-3D3439CF97D7}D:\applications\adobe\adobe media encoder cc 2015\adobe media encoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0301D042-A5E5-431A-900F-E0D1B203153C}D:\applications\adobe\adobe media encoder cc 2015\adobe media encoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6D621BFD-A3BA-4710-A4A9-E69C03E0F6A4}D:\applications\adobe\adobe after effects cc 2015\support files\afterfx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{87930D31-97A4-4817-8952-163668648866}D:\applications\adobe\adobe after effects cc 2015\support files\afterfx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{73B805B5-CFE2-48CA-896E-DC815414F965}D:\applications\steam x64\steam\steamapps\common\grand theft auto v\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E2B5139D-ABFF-4C87-8E0C-C2CCF9F54E2E}D:\applications\steam x64\steam\steamapps\common\grand theft auto v\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{33B9C255-7DC7-4C00-9530-4EA8477A94F5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A3F0C91-67C2-42D7-89B9-9FB25A889812}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4D82FC12-F9D7-4816-9AE2-E60D199C73B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{64CC4289-4192-467D-B970-05E60B528D7B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47EFDF8E-6E30-4299-B91E-88B9D902EB8B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{34505668-62EC-47BE-A98D-C3D715255028}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F28E6203-EC95-424E-88CC-B5D389053453}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{08D3CE3F-D2DB-495E-BC34-40EDFD9B4E3F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E5CC8B2-AF99-4B2D-A5C3-CACE41662987}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C9E4A1D3-4631-4F8B-9AF0-D22C255BB808}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{94DB6687-F5CF-41CC-9A4D-7445DFC0273C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8E2B6EE6-C471-45D8-8A91-CFA4F3BDD94C}D:\applications\adobe\adobe muse cc 2017\muse.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8C60E898-B1B6-40A4-BFCD-6439B018F2C6}D:\applications\adobe\adobe muse cc 2017\muse.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9AF430BE-3220-45CC-95F9-0DCDA5E9F957}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6EB1942-D0B7-441C-B871-BF97904E82CF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C27A5CF8-A28B-47E7-A737-6C0D9553645A}D:\applications\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F3B7594B-CE1F-4EF9-BE4D-07B3F97CE141}D:\applications\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F36DBBD4-7853-492C-B77A-0306AF9FAF96}D:\applications\adobe\adobe after effects cc 2017\support files\afterfx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{611EDE27-16C0-4C41-A395-7CFD61CA2750}D:\applications\adobe\adobe after effects cc 2017\support files\afterfx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{18A0EC39-DC3D-4A0D-A97B-21DC83B80C42}D:\applications\adobe\adobe media encoder cc 2017\adobe media encoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{38EEC19F-E93F-4EAF-A7AD-CD97627969C2}D:\applications\adobe\adobe media encoder cc 2017\adobe media encoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BEE09273-E509-4840-8C4E-8FAF137B5CE1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE73A8C6-F5AE-4AB1-B57E-6B0B4227AFDE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{207B1DC7-E7C1-4D52-B787-05E4FEB745E1}D:\applications\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DCE33C5B-A061-4B28-B391-6926908F16F5}D:\applications\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0AC78B80-925F-42CA-8460-CEB643816699}D:\applications\epic\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A56D15FB-284A-4BD7-8BAA-F4F100C9193D}D:\applications\epic\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A5F8A1FF-F0A5-476E-9E1C-E4C65B6B4D8C}D:\applications\epic\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{471FD087-DA78-411A-BF55-5AFA95984B52}D:\applications\epic\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9775FF5A-9356-4EBA-A276-FD657F29E1C8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D96C6C4A-1D6B-4C35-A8ED-377F04C35E32}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5D48772-A665-45F9-9498-281E16548CDB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A26299B1-DF34-401A-B8CD-F6CFA74B3385}" => removed successfully
C:\Program Files\Hola => moved successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk" => not found
C:\Windows\System32\DRIVERS\SWDUMon.sys => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 57727335 B
Java, Flash, Steam htmlcache => 240416224 B
Windows/system/drivers => 6931329442 B
Edge => 0 B
Chrome => 346091457 B
Firefox => 15617544 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42322157 B
systemprofile32 => 42397687 B
LocalService => 42463915 B
NetworkService => 43376295 B
Nick Torres => 501326187 B
UpdatusUser => 501326187 B

RecycleBin => 0 B
EmptyTemp: => 8.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:37:35 ====

Share this post


Link to post
Share on other sites

Hi,

Quote

Should I use Malwarebytes and Windows Sercurity to scan for Occamy.B again? here's my fixlog:

 Yes please do.

Please post the logs for my review if still identified. 

 

 

Share this post


Link to post
Share on other sites

Hi, so I ran MB and there were quite a few threats detected within program installers I had downloaded in the past, though none of them seem to be Occamy.B. MB quarantined and deleted them all. Here's my scan log. Thank you again. All of your help has been greatly appreciated.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/3/19
Scan Time: 12:57 PM
Log File: 6adf2e8a-fe63-11e9-8529-60a44c53cda7.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.13163
License: Free

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: NickTorres-PC\Nick Torres

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 3895074
Threats Detected: 74
Threats Quarantined: 74
Time Elapsed: 8 hr, 55 min, 49 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 74
Generic.Malware/Suspicious, D:\DOWNLOADS\XLN.AUDIO.RC-20.RETRO.COLOR.V1.0.3.INCL.KEYGEN.HAPPY.NEW.YEAR-R2R\R2R\XLN_KEYGEN.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\XLN.AUDIO.RC-20.RETRO.COLOR.V1.0.5.WIN.OSX-R2R\R2R\XLN_KEYGEN.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\TAL-U-NO-LX V2.50 VST PLUGIN-R2R\TAL-U-NO-LX V2.50 VST PLUGIN-R2R\KAYGEN\TAL_KEYGEN.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\FOCUSRITE PLUGIN SUITE AU VST X86 X64-R2R [ODDSOX]\FOCUSRITE.MIDNIGHT.PLUG-IN.SUITE.V1.6.INCL.PATCH.AND.KEYGEN-R2R\R2R-2390.R00, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\FOCUSRITE PLUGIN SUITE AU VST X86 X64-R2R [ODDSOX]\FOCUSRITE.MIDNIGHT.PLUG-IN.SUITE.V1.6.MACOSX.INCL.PATCHED.AND.KEYGEN-R2R\R2R-2391.RAR, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\FOCUSRITE PLUGIN SUITE AU VST X86 X64-R2R [ODDSOX]\FOCUSRITE.SCARLETT.PLUG-IN.SUITE.V1.6.MACOSX.INCL.PATCHED.AND.KEYGEN-R2R\R2R-2393.RAR, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\FOCUSRITE PLUGIN SUITE AU VST X86 X64-R2R [ODDSOX]\FOCUSRITE.GUITAR.FX.PLUG-IN.SUITE.V1.21.INCL.PATCH.AND.KEYGEN-R2R\R2R-2389.RAR, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\SONIC ACADEMY KICK NICKY ROMERO EDITION V1.01 WIN MACOSX INCL. KEYGEN-R2R [DEEPSTATUS][H33T][1337X][FLASHTORRENTS]\SONIC ACADEMY KICK NICKY ROMERO\SONIC.ACADEMY.KICK.NICKY.ROMERO.EDITION.V1.01.INCL.KEYGEN-R2R\R2R\SONICACADEMY_KEYGEN.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\SONIC ACADEMY KICK NICKY ROMERO EDITION V1.01 WIN MACOSX INCL. KEYGEN-R2R [DEEPSTATUS][H33T][1337X][FLASHTORRENTS]\SONIC ACADEMY KICK NICKY ROMERO\SONIC.ACADEMY.KICK.NICKY.ROMERO.EDITION.V1.01.INCL.KEYGEN-R2R\R2R-1830.RAR, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\FOCUSRITE PLUGIN SUITE AU VST X86 X64-R2R [ODDSOX]\FOCUSRITE.GUITAR.FX.PLUG-IN.SUITE.V1.20.MACOSX.INCL.PATCHED.AND.KEYGEN-R2R\R2R-2388.RAR, Delete-on-Reboot, [0], [392686],1.0.13163
MachineLearning/Anomalous.100%, D:\DOWNLOADS\IZOTOPE.STUTTER.EDIT.V1.0.5-R2R - [ATOM]\R2R-2742.R03, Delete-on-Reboot, [0], [392687],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\SONIC ACADEMY KICK NICKY ROMERO EDITION V1.01 WIN MACOSX INCL. KEYGEN-R2R [DEEPSTATUS][H33T][1337X][FLASHTORRENTS]\SONIC ACADEMY KICK NICKY ROMERO\SONIC.ACADEMY.KICK.NICKY.ROMERO.EDITION.V1.01.MACOSX.INCL.KEYGEN-R2R\R2R-1831.R02, Delete-on-Reboot, [0], [392686],1.0.13163
MachineLearning/Anomalous.100%, D:\DOWNLOADS\IZOTOPE.STUTTER.EDIT.V1.0.5-R2R - [ATOM]\NEW FOLDER\R2R-2742.R03, Delete-on-Reboot, [0], [392687],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\FOCUSRITE PLUGIN SUITE AU VST X86 X64-R2R [ODDSOX]\FOCUSRITE.SCARLETT.PLUG-IN.SUITE.V1.6.INCL.PATCH.AND.KEYGEN-R2R\R2R-2392.RAR, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\D16.GROUP.DECIMORT.2.V2.1.4.INCL.PATCHED.AND.KEYGEN-R2R\R2R\D16_RSA_KEYGEN.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\BEATSKILLZ.THAT.THING.V1.3.0.INCL.KEYGEN-R2R\WIN\R2R\BEATSKILLZ_KEYGEN.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT COLOR SUITE 11.1.4\CSUITEWIN11.1\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\KEYINGSUITE11_KEYMAKER.ZIP, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT COLOR SUITE 11.1.4\CSUITEWIN11.1\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\EFFECTS.SUITE.V11_KEYMAKER.ZIP, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT COLOR SUITE 11.1.4\CSUITEWIN11.1\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\MAGICBULLETSUITE_11_KEYMAKER.ZIP, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT COLOR SUITE 11.1.4\CSUITEWIN11.1\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\TRAPCODESUITE12_KEYMAKER.ZIP, Delete-on-Reboot, [0], [392686],1.0.13163
Trojan.Delf, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT COLOR SUITE 11.1.4\CSUITEWIN11.1\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\TRAPCODESUITE12_KEYMAKER.ZIP, Delete-on-Reboot, [4047], [132206],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT KEYING SUITE 11.1.2\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\EFFECTS.SUITE.V11_KEYMAKER.ZIP, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT KEYING SUITE 11.1.2\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\TRAPCODESUITE12_KEYMAKER.ZIP, Delete-on-Reboot, [0], [392686],1.0.13163
Trojan.Delf, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT KEYING SUITE 11.1.2\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\TRAPCODESUITE12_KEYMAKER.ZIP, Delete-on-Reboot, [4047], [132206],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT TRAPCODE SUITE 12.1.6\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\KEYINGSUITE11_KEYMAKER.ZIP, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT TRAPCODE SUITE 12.1.6\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\EFFECTS.SUITE.V11_KEYMAKER.ZIP, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT TRAPCODE SUITE 12.1.6\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\MAGICBULLETSUITE_11_KEYMAKER.ZIP, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT TRAPCODE SUITE 12.1.6\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\TRAPCODESUITE12_KEYMAKER.ZIP, Delete-on-Reboot, [0], [392686],1.0.13163
Trojan.Delf, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT TRAPCODE SUITE 12.1.6\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\TRAPCODESUITE12_KEYMAKER.ZIP, Delete-on-Reboot, [4047], [132206],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE OZONE 6 [MEBN2-]\MEBN2-\INSIGHT\WIN32\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT KEYING SUITE 11.1.2\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\KEYINGSUITE11_KEYMAKER.ZIP, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE OZONE 6 [MEBN2-]\MEBN2-\INSIGHT\WIN64\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\RED GIANT COMPLETE SUITE FOR ADOBE CREATIVE CLOUD (2015) {B@TMAN}\RED GIANT KEYING SUITE 11.1.2\SERIALNUMBER + KEYMAKER\KEYMAKER_TEAMVR\MAGICBULLETSUITE_11_KEYMAKER.ZIP, Delete-on-Reboot, [0], [392686],1.0.13163
PUP.Optional.InstallCore, D:\DOWNLOADS\DANZIG-4P.CPL, Delete-on-Reboot, [464], [300938],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\TAL-U-NO-LX V2.50 VST PLUGIN-R2R.ZIP, Delete-on-Reboot, [0], [392686],1.0.13163
PUP.Optional.OneClickDownloader, D:\DOWNLOADS\MICHAEL_NAURA_-_CALL_(1970-71)_[FLAC]_{1999_CD_RE-ISSUE}.EXE, Delete-on-Reboot, [10982], [77013],1.0.13163
PUP.Optional.SlimCleanerPlus, D:\DOWNLOADS\SLIMDRIVERS-SETUP.EXE, Delete-on-Reboot, [1562], [472306],1.0.13163
PUP.Optional.Somoto, D:\DOWNLOADS\CLICKHERETODOWNLOAD-6G43EP8.EXE, Delete-on-Reboot, [547], [297618],1.0.13163
PUP.Optional.Somoto, D:\DOWNLOADS\CLICKHERETODOWNLOAD-DHDPN5E.EXE, Delete-on-Reboot, [547], [297618],1.0.13163
PUP.Optional.Somoto, D:\DOWNLOADS\CLICKHERETODOWNLOAD-DFOVLXY.EXE, Delete-on-Reboot, [547], [297618],1.0.13163
PUP.Optional.SlimCleanerPlus, D:\DOWNLOADS\SLIMDRIVERS-SETUP (1).EXE, Delete-on-Reboot, [1562], [472306],1.0.13163
PUP.Optional.CoolMirage, D:\DOWNLOADS\DOWNLOAD_FILE.EXE, Delete-on-Reboot, [563], [301022],1.0.13163
PUP.Optional.OneClickDownloader, D:\DOWNLOADS\GANGSTER_SOUL_HARMONY_-_VOL._1_-_5_(RARE_OLDIES).EXE, Delete-on-Reboot, [10982], [77013],1.0.13163
PUP.Optional.OpenCandy, D:\DOWNLOADS\POWERISO5.EXE, Delete-on-Reboot, [1193], [297667],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\POWERISO5.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\MUSIC\SAMPLE COLLECTION\138040\XLN.AUDIO.RC-20.RETRO.COLOR.V1.0.3.INCL.KEYGEN.HAPPY.NEW.YEAR-R2R\R2R-6638\R2R\XLN_KEYGEN.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\MUSIC\SAMPLE COLLECTION\138040\XLN.AUDIO.RC-20.RETRO.COLOR.V1.0.3.INCL.KEYGEN.HAPPY.NEW.YEAR-R2R\R2R\XLN_KEYGEN.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\MUSIC\SAMPLE COLLECTION\138040\XLN.AUDIO.RC-20.RETRO.COLOR.V1.0.3.INCL.KEYGEN.HAPPY.NEW.YEAR-R2R\R2R-6638.R03, Delete-on-Reboot, [0], [392686],1.0.13163
PUP.Optional.OneClickDownloader, D:\MUSIC\2014 MUSIC SAMPLES\AIRTO_MOREIRA_SEEDS_ON_THE_GROUND.EXE, Delete-on-Reboot, [10982], [77013],1.0.13163
PUP.Optional.SlimCleanerPlus, D:\WINDOWS\INSTALLER\8B805.MSI, Delete-on-Reboot, [1562], [472306],1.0.13163
Generic.Malware/Suspicious, D:\DOCUMENTS\OZONE 6\AUTHASSISTANTS\DYNAMICS\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOCUMENTS\OZONE 6\AUTHASSISTANTS\DYNEQ\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOCUMENTS\OZONE 6\AUTHASSISTANTS\EQUALIZER\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOCUMENTS\OZONE 6\AUTHASSISTANTS\EXCITER\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOCUMENTS\OZONE 6\AUTHASSISTANTS\MAXIMIZER\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOCUMENTS\OZONE 6\AUTHASSISTANTS\STEREOIMAGER\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\NEW FOLDER\NEW FOLDER\R2R-3166\R2R\INSIGHT\WIN32\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\NEW FOLDER\R2R-3166\R2R\INSIGHT\WIN32\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\R2R-3166\R2R\OZONE 6\WIN32\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\NEW FOLDER\NEW FOLDER\R2R\INSIGHT\WIN64\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\NEW FOLDER\R2R\INSIGHT\WIN64\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\R2R\INSIGHT\WIN64\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\NEW FOLDER\NEW FOLDER\R2R\OZONE 6\WIN64\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\NEW FOLDER\R2R\OZONE 6\WIN64\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\R2R-3166\R2R\INSIGHT\WIN32\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\NEW FOLDER\NEW FOLDER\R2R\INSIGHT\WIN32\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\NEW FOLDER\NEW FOLDER\R2R-3166\R2R\INSIGHT\WIN64\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\NEW FOLDER\R2R\INSIGHT\WIN32\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\NEW FOLDER\R2R-3166\R2R\INSIGHT\WIN64\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\R2R\INSIGHT\WIN32\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\R2R-3166\R2R\OZONE 6\WIN64\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\R2R-3166\R2R\INSIGHT\WIN64\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\IZOTOPE.OZONE.6.ADVANCED.V6.10.INCL.EMULATOR-R2R\NEW FOLDER\R2R-3166\R2R\OZONE 6\WIN64\AUTHASSISTANT.EXE, Delete-on-Reboot, [0], [392686],1.0.13163
Generic.Malware/Suspicious, D:\DOWNLOADS\EZVID0981.EXE, Delete-on-Reboot, [0], [392686],1.0.13163

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

Share this post


Link to post
Share on other sites

Hi. I thought I was in the clear but I noticed that there was a new name in my users folder named “Mathieu”. Inside of C/Users/Mathieu/AppData/Local/Temp is an exe file called vc_redist.x64

That has me worried. I looked at some of my backups from the one before 10/28 (my most recent one) and none of my backups have that folder in them. It looks like the folder was created on 10/21. I’m thinking maybe I need to restore my computer to one of my older restore points to be safe.

Share this post


Link to post
Share on other sites

Hi,

The file is defined as:

Visual C++ Redistributable for Visual Studio 2015
https://www.microsoft.com/en-ca/download/details.aspx?id=48145

A number of Visual C++ appilications are installed on your computer but not the 2015 year.

I did find this entry in your Addition.txt log installed by  Mathieu Demange 

RX950 Classic AD/DA Converter (HKLM-x32\...\RX950) (Version: 1.0.4 - Mathieu Demange)

Do you need this?
Did you install it?

This may help https://www.gearslutz.com/board/product-alerts-older-than-2-months/1207389-rx950-classic-ad-da-converter.html

Share this post


Link to post
Share on other sites

Ah right yep I did download that. I think my machine is clean now. I’ve upgraded to MB Premium and will be more cautious from here on out. Thank you for all of your help!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.