1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved Possible Virus infection?

Discussion in 'Virus & Other Malware Removal' started by Coach_Z, Oct 16, 2018.

Thread Status:
Not open for further replies.
Advertisement
  1. Coach_Z

    Coach_Z Thread Starter

    Joined:
    Jun 13, 2005
    Messages:
    79
    Hello,

    It's been a while since my computer has been comprimised (3 computers in fact) but I've recently started getting popup-notifications on my google chrome which certainly never used to happen. So where else to turn than to the professionals that helped me out back when I was a kid. Whats happening to my chrome app seems pretty indicitive of some sort of virus/malware. I ran an AVG scan and it came up blank. I've since uninstalled my google chrome and am resorting to IE right now :/

    Here is my TSG info, I await further instruction. Thanks for the help!
     
  2. Coach_Z

    Coach_Z Thread Starter

    Joined:
    Jun 13, 2005
    Messages:
    79
    sorry for the premature bump, just noticed that I never actually posted my TSG info:

    Tech Support Guy System Info Utility version 1.0.0.4
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz, Intel64 Family 6 Model 58 Stepping 9
    Processor Count: 8
    RAM: 8088 Mb
    Graphics Card: Intel(R) HD Graphics 4000, -1984 Mb
    Hard Drives: C: 412 GB (182 GB Free); D: 274 GB (123 GB Free);
    Motherboard: Micro-Star International Co., Ltd., MS-16GA
    Antivirus: Microsoft Security Essentials, Enabled and Updated
     
  3. Coach_Z

    Coach_Z Thread Starter

    Joined:
    Jun 13, 2005
    Messages:
    79
  4. Coach_Z

    Coach_Z Thread Starter

    Joined:
    Jun 13, 2005
    Messages:
    79
    I feel so ignored :*-(
     
  5. Coach_Z

    Coach_Z Thread Starter

    Joined:
    Jun 13, 2005
    Messages:
    79
    still waitin for some help please
     
  6. Joeicam

    Joeicam Malware Trainee

    Joined:
    Oct 11, 2017
    Messages:
    193
    Hi Coach_Z, did you still require assistance? I apologize for the delay.
     
  7. Coach_Z

    Coach_Z Thread Starter

    Joined:
    Jun 13, 2005
    Messages:
    79
    It's okay! Yeah, so, I immediately uninstalled chrome, which I was using, and installed firefox instead, so the popups and such have gone away, but I still feel exposed
     
  8. Joeicam

    Joeicam Malware Trainee

    Joined:
    Oct 11, 2017
    Messages:
    193
    If you would like, I can have you run some scans and I can take a look through them to see if it's malware related?
     
  9. Coach_Z

    Coach_Z Thread Starter

    Joined:
    Jun 13, 2005
    Messages:
    79
    Whatever you need me to do boss
     
  10. Joeicam

    Joeicam Malware Trainee

    Joined:
    Oct 11, 2017
    Messages:
    193
    Great, let's get started.

    My name is Joeicam :), you can call me Joe, and I will be assisting you every step of the way.

    Please Note: I am still in training and my fixes have to be approved by my instructor, so there may be a slight delay in my replies. Look at it as a good thing though, since you have two people looking at your problem.

    If you have any questions or comments, or aren't quite sure about what to do, STOP AND ASK.

    Step 1 of 1: FRST Scan

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce logs called FRST.txt and Addition.txt in the same directory the tool is run from.
    • Please copy and paste the logs back here.

    ===============================================

    When you reply to me, I need to see:
    • Any questions/concerns you might have, or if you were not able to complete any of the steps above
    • The copied and pasted results of the FRST.txt and Addition.txt logs
     
  11. Coach_Z

    Coach_Z Thread Starter

    Joined:
    Jun 13, 2005
    Messages:
    79
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.11.2018
    Ran by Darin Conway (administrator) on AYBABTU (18-11-2018 13:11:35)
    Running from C:\Users\Darin Conway\Downloads
    Loaded Profiles: Darin Conway (Available Profiles: Darin Conway & fbwuser & ZSNES)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
    (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
    (Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
    () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (f.lux Software LLC) C:\Users\Darin Conway\AppData\Local\FluxSoftware\Flux\flux.exe
    (Twitch Interactive, Inc.) C:\Users\Darin Conway\AppData\Roaming\Curse Client\Bin\Twitch.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxTray.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    (Twitch Interactive, Inc.) C:\Users\Darin Conway\AppData\Roaming\Curse Client\Bin\Electron\TwitchUI.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Twitch Interactive, Inc.) C:\Users\Darin Conway\AppData\Roaming\Curse Client\Bin\Electron\TwitchUI.exe
    (Twitch Interactive, Inc.) C:\Users\Darin Conway\AppData\Roaming\Curse Client\Bin\Electron\TwitchUI.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
    (Discord Inc.) C:\Users\Darin Conway\AppData\Local\Discord\app-0.0.301\Discord.exe
    (Discord Inc.) C:\Users\Darin Conway\AppData\Local\Discord\app-0.0.301\Discord.exe
    (Discord Inc.) C:\Users\Darin Conway\AppData\Local\Discord\app-0.0.301\Discord.exe
    (Discord Inc.) C:\Users\Darin Conway\AppData\Local\Discord\app-0.0.301\Discord.exe
    (Telegram Messenger LLP) D:\Telegram Desktop\Telegram.exe
    (TeamSpeak Systems GmbH) C:\Users\Darin Conway\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [290064 2018-10-15] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [] => [X]
    Winlogon\Notify\igfxcui: igfxdev.dll [X]
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
    HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
    HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\...\Run: [f.lux] => C:\Users\Darin Conway\AppData\Local\FluxSoftware\Flux\flux.exe [1820168 2018-10-24] (f.lux Software LLC)
    HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\...\Policies\Explorer: []
    HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\...\MountPoints2: {3c9ee778-9d0d-11e4-9c74-8c89a50b0e60} - F:\VZW_Software_upgrade_assistant.exe
    AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
    AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
    AppInit_DLLs-x32: , C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
    Startup: C:\Users\Darin Conway\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-10-18]
    ShortcutTarget: Twitch.lnk -> C:\Users\Darin Conway\AppData\Roaming\Curse Client\Bin\Twitch.exe (Twitch Interactive, Inc.)
    BootExecute: autocheck autochk /k:C *
    GroupPolicy: Restriction ? <==== ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Winsock: Catalog9 01 C:\windows\SysWOW64\BfLLR.dll [196096 2012-06-29] (Bigfoot Networks, Inc.)
    Winsock: Catalog9 02 C:\windows\SysWOW64\BfLLR.dll [196096 2012-06-29] (Bigfoot Networks, Inc.)
    Winsock: Catalog9 03 C:\windows\SysWOW64\BfLLR.dll [196096 2012-06-29] (Bigfoot Networks, Inc.)
    Winsock: Catalog9 04 C:\windows\SysWOW64\BfLLR.dll [196096 2012-06-29] (Bigfoot Networks, Inc.)
    Winsock: Catalog9 16 C:\windows\SysWOW64\BfLLR.dll [196096 2012-06-29] (Bigfoot Networks, Inc.)
    Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [216064 2012-06-29] (Bigfoot Networks, Inc.)
    Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [216064 2012-06-29] (Bigfoot Networks, Inc.)
    Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [216064 2012-06-29] (Bigfoot Networks, Inc.)
    Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [216064 2012-06-29] (Bigfoot Networks, Inc.)
    Winsock: Catalog9-x64 16 C:\Windows\system32\BfLLR.dll [216064 2012-06-29] (Bigfoot Networks, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 71.10.216.1 71.10.216.2 192.168.1.1
    Tcpip\..\Interfaces\{1F03CB45-11B1-4E09-9C22-F6EA602F2910}: [DhcpNameServer] 71.10.216.1 71.10.216.2 192.168.1.1
    Tcpip\..\Interfaces\{D9B99B64-5150-47F8-9801-8C26B9359248}: [DhcpNameServer] 71.10.216.1 71.10.216.2 192.168.1.1
    Tcpip\..\Interfaces\{F633BE6E-65FE-4F93-9CF3-18BC60D9407D}: [DhcpNameServer] 172.31.139.17 172.30.139.17

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\Software\Microsoft\Internet Explorer\Main,Start Page = dnf.neople.com
    HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi.msn.com
    SearchScopes: HKLM -> DefaultScope {CC3BD658-3F65-4D87-82C4-B6C1F3485D8A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {CC3BD658-3F65-4D87-82C4-B6C1F3485D8A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> DefaultScope value is missing
    SearchScopes: HKLM-x32 -> {CC3BD658-3F65-4D87-82C4-B6C1F3485D8A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3298448857-2117473325-2121461881-1001 -> DefaultScope {CC3BD658-3F65-4D87-82C4-B6C1F3485D8A} URL =
    SearchScopes: HKU\S-1-5-21-3298448857-2117473325-2121461881-1001 -> {49DA8EFB-0E66-46D1-8691-3A292BA95AE3} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2018-03-07] (Skype Technologies)

    FireFox:
    ========
    FF DefaultProfile: 1p39u99x.default-1539738292598
    FF ProfilePath: C:\Users\Darin Conway\AppData\Roaming\Mozilla\Firefox\Profiles\1p39u99x.default-1539738292598 [2018-11-18]
    FF Extension: (Adblock Plus) - C:\Users\Darin Conway\AppData\Roaming\Mozilla\Firefox\Profiles\1p39u99x.default-1539738292598\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-11-14]
    FF Extension: (Firefox Monitor) - C:\Users\Darin Conway\AppData\Roaming\Mozilla\Firefox\Profiles\1p39u99x.default-1539738292598\features\{bfdad1fc-2cf0-4aef-bd15-03491443b2e1}\[email protected] [2018-11-16]
    FF Extension: (Hotspot Shield Extension) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\[email protected] [2014-11-12] [Legacy] [not signed]
    FF HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => not found
    FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll [2018-11-13] ()
    FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll [2018-11-13] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-05] (Intel Corporation)
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-05] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
    FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-11-20] (Nullsoft, Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)

    Chrome:
    =======
    CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
    R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [325072 2018-10-15] (AVG Technologies CZ, s.r.o.)
    S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe [8237160 2018-10-15] (AVG Technologies CZ, s.r.o.)
    S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-04-27] ()
    S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-05-20] (EasyAntiCheat Ltd)
    R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
    S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-14] ()
    S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-14] (Intel Corporation)
    R2 Killer Network Service x64; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2318016 2018-04-02] (Rivet Networks)
    R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-06] (Logitech Inc.)
    S4 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [12800 2010-07-16] (MSI) [File not signed]
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
    S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
    S3 npggsvc; C:\windows\SysWOW64\GameMon.des [3533520 2015-07-08] (INCA Internet Co., Ltd.)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
    R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [489472 2012-06-29] () [File not signed]
    R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-19] ()
    S4 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
    S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 aftap0901; C:\windows\System32\DRIVERS\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
    R1 avgArPot; C:\windows\System32\drivers\avgArPot.sys [201264 2018-10-15] (AVG Technologies CZ, s.r.o.)
    R1 avgbidsdriver; C:\windows\System32\drivers\avgbidsdrivera.sys [230880 2018-10-15] (AVG Technologies CZ, s.r.o.)
    R0 avgbidsh; C:\windows\System32\drivers\avgbidsha.sys [202296 2018-10-15] (AVG Technologies CZ, s.r.o.)
    R0 avgblog; C:\windows\System32\drivers\avgbloga.sys [346616 2018-10-15] (AVG Technologies CZ, s.r.o.)
    R0 avgbuniv; C:\windows\System32\drivers\avgbuniva.sys [59520 2018-10-15] (AVG Technologies CZ, s.r.o.)
    S3 avgHwid; C:\windows\System32\drivers\avgHwid.sys [46920 2018-10-15] (AVG Technologies CZ, s.r.o.)
    R1 avgKbd; C:\windows\System32\drivers\avgKbd.sys [42312 2018-10-15] (AVG Technologies CZ, s.r.o.)
    R2 avgMonFlt; C:\windows\System32\drivers\avgMonFlt.sys [163224 2018-10-15] (AVG Technologies CZ, s.r.o.)
    R1 avgRdr; C:\windows\System32\drivers\avgRdr2.sys [111816 2018-10-15] (AVG Technologies CZ, s.r.o.)
    R0 avgRvrt; C:\windows\System32\drivers\avgRvrt.sys [87968 2018-10-15] (AVG Technologies CZ, s.r.o.)
    R1 avgSnx; C:\windows\System32\drivers\avgSnx.sys [1028696 2018-10-15] (AVG Technologies CZ, s.r.o.)
    R1 avgSP; C:\windows\System32\drivers\avgSP.sys [467760 2018-10-15] (AVG Technologies CZ, s.r.o.)
    R2 avgStm; C:\windows\System32\drivers\avgStm.sys [208488 2018-10-15] (AVG Technologies CZ, s.r.o.)
    R0 avgVmm; C:\windows\System32\drivers\avgVmm.sys [380992 2018-10-15] (AVG Technologies CZ, s.r.o.)
    R1 BfLwf; C:\windows\System32\DRIVERS\bflwfx64.sys [66928 2012-06-29] (Qualcomm Atheros, Inc.)
    R3 CorsairGamingAudioService; C:\windows\System32\DRIVERS\CorsairGamingAudioamd64.sys [95184 2018-02-05] (Corsair Components, Inc.)
    R3 CorsairVBusDriver; C:\windows\System32\DRIVERS\CorsairVBusDriver.sys [45528 2018-02-05] (Corsair)
    R3 CorsairVHidDriver; C:\windows\System32\DRIVERS\CorsairVHidDriver.sys [21968 2018-02-05] (Corsair)
    S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
    S3 EMVSCARD; C:\windows\System32\Drivers\EMVSCARD.sys [28544 2006-12-13] (USB Smart Card Reader)
    R1 HssDRV6; C:\windows\System32\DRIVERS\hssdrv6.sys [54984 2014-03-19] (AnchorFree Inc.)
    R3 KillerEth; C:\windows\System32\DRIVERS\e2xw7x64.sys [135104 2017-09-20] (Qualcomm Atheros, Inc.)
    S3 L1C; C:\windows\System32\DRIVERS\e22w7x64.sys [161648 2012-06-29] (Qualcomm Atheros, Inc.)
    R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
    R3 LGJoyXlCore; C:\windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
    S3 LGSHidFilt; C:\windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
    S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-20] (Malwarebytes Corporation)
    R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
    R3 NisDrv; C:\windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
    R3 RfeCoSvc; C:\windows\System32\DRIVERS\RfeCoW7X64.sys [102104 2018-04-02] (Rivet Networks, LLC.)
    R3 RzDxgk; C:\windows\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
    R1 RzFilter; C:\windows\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
    R2 rzpmgrk; C:\windows\system32\drivers\rzpmgrk.sys [43256 2017-07-18] (Razer, Inc.)
    R2 rzpnk; C:\windows\system32\drivers\rzpnk.sys [137208 2017-08-19] (Razer, Inc.)
    R3 taphss6; C:\windows\System32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
    U1 avgbdisk; no ImagePath
    S3 clwvd; system32\DRIVERS\clwvd.sys [X]
    S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
    S3 MGHwCtrl; \??\C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys [X]
    S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [X]
    S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
    S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
    S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-11-18 13:11 - 2018-11-18 13:16 - 000022647 _____ C:\Users\Darin Conway\Downloads\FRST.txt
    2018-11-18 13:09 - 2018-11-18 13:09 - 002416128 _____ (Farbar) C:\Users\Darin Conway\Downloads\FRST64.exe
    2018-11-16 16:54 - 2015-12-16 10:53 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
    2018-11-16 16:54 - 2015-12-16 10:53 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
    2018-11-16 16:54 - 2015-12-16 10:53 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
    2018-11-16 16:54 - 2015-12-16 10:48 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZE.DLL
    2018-11-16 16:54 - 2015-12-16 10:48 - 000006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdgeoqw.dll
    2018-11-16 16:54 - 2015-12-16 10:48 - 000006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZEL.DLL
    2018-11-16 15:24 - 2018-11-16 15:24 - 000001585 _____ C:\Users\Darin Conway\Desktop\CUE.exe - Shortcut.lnk
    2018-11-15 10:25 - 2018-11-15 10:25 - 000308504 _____ C:\windows\Minidump\111518-22027-01.dmp
    2018-11-13 18:51 - 2018-11-10 17:29 - 005551336 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
    2018-11-13 18:51 - 2018-11-10 17:28 - 000708328 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
    2018-11-13 18:51 - 2018-11-10 17:28 - 000262376 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
    2018-11-13 18:51 - 2018-11-10 17:28 - 000154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
    2018-11-13 18:51 - 2018-11-10 17:28 - 000095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
    2018-11-13 18:51 - 2018-11-10 17:27 - 001664352 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
    2018-11-13 18:51 - 2018-11-10 17:27 - 000631680 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
    2018-11-13 18:51 - 2018-11-10 17:26 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
    2018-11-13 18:51 - 2018-11-10 17:26 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
    2018-11-13 18:51 - 2018-11-10 17:26 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
    2018-11-13 18:51 - 2018-11-10 17:26 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
    2018-11-13 18:51 - 2018-11-10 17:26 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
    2018-11-13 18:51 - 2018-11-10 17:26 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
    2018-11-13 18:51 - 2018-11-10 17:26 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
    2018-11-13 18:51 - 2018-11-10 17:26 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
    2018-11-13 18:51 - 2018-11-10 17:26 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
    2018-11-13 18:51 - 2018-11-10 17:26 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
    2018-11-13 18:51 - 2018-11-10 17:26 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 002072576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 001461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 001211904 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 001163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 000731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 000516608 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 000419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
    2018-11-13 18:51 - 2018-11-10 17:25 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:14 - 004054248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
    2018-11-13 18:51 - 2018-11-10 17:14 - 003960040 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
    2018-11-13 18:51 - 2018-11-10 17:12 - 001314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
    2018-11-13 18:51 - 2018-11-10 17:11 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
    2018-11-13 18:51 - 2018-11-10 17:11 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
    2018-11-13 18:51 - 2018-11-10 17:11 - 000275968 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
    2018-11-13 18:51 - 2018-11-10 17:11 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
    2018-11-13 18:51 - 2018-11-10 17:11 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
    2018-11-13 18:51 - 2018-11-10 17:11 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
    2018-11-13 18:51 - 2018-11-10 17:11 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
    2018-11-13 18:51 - 2018-11-10 17:11 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
    2018-11-13 18:51 - 2018-11-10 17:11 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
    2018-11-13 18:51 - 2018-11-10 17:10 - 001425920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
    2018-11-13 18:51 - 2018-11-10 17:10 - 000554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
    2018-11-13 18:51 - 2018-11-10 17:10 - 000261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
    2018-11-13 18:51 - 2018-11-10 17:10 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
    2018-11-13 18:51 - 2018-11-10 17:10 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
    2018-11-13 18:51 - 2018-11-10 17:10 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
    2018-11-13 18:51 - 2018-11-10 17:10 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
    2018-11-13 18:51 - 2018-11-10 17:10 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
    2018-11-13 18:51 - 2018-11-10 17:10 - 000026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll
    2018-11-13 18:51 - 2018-11-10 17:10 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
    2018-11-13 18:51 - 2018-11-10 17:10 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 16:53 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
    2018-11-13 18:51 - 2018-11-10 16:53 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
    2018-11-13 18:51 - 2018-11-10 16:53 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
    2018-11-13 18:51 - 2018-11-10 16:52 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
    2018-11-13 18:51 - 2018-11-10 16:48 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
    2018-11-13 18:51 - 2018-11-10 16:48 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
    2018-11-13 18:51 - 2018-11-10 16:47 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
    2018-11-13 18:51 - 2018-11-10 16:47 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll
    2018-11-13 18:51 - 2018-11-10 16:45 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
    2018-11-13 18:51 - 2018-11-10 16:44 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
    2018-11-13 18:51 - 2018-11-10 16:44 - 000161280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
    2018-11-13 18:51 - 2018-11-10 16:44 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
    2018-11-13 18:51 - 2018-11-10 16:43 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
    2018-11-13 18:51 - 2018-11-10 16:43 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
    2018-11-13 18:51 - 2018-11-10 16:43 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
    2018-11-13 18:51 - 2018-11-10 16:43 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
    2018-11-13 18:51 - 2018-11-10 16:43 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
    2018-11-13 18:51 - 2018-11-10 16:43 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
    2018-11-13 18:51 - 2018-11-10 16:41 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
    2018-11-13 18:51 - 2018-11-10 16:41 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
    2018-11-13 18:51 - 2018-11-10 16:41 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
    2018-11-13 18:51 - 2018-11-10 16:41 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
    2018-11-13 18:51 - 2018-11-10 16:40 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
    2018-11-13 18:51 - 2018-11-10 16:40 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 16:40 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 16:40 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2018-11-13 18:51 - 2018-11-10 16:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2018-11-13 18:51 - 2018-10-26 19:42 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\scrobj.dll
    2018-11-13 18:51 - 2018-10-26 19:42 - 000202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
    2018-11-13 18:51 - 2018-10-26 19:42 - 000150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
    2018-11-13 18:51 - 2018-10-26 19:42 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\wshcon.dll
    2018-11-13 18:51 - 2018-10-26 19:41 - 000018944 _____ (Microsoft Corporation) C:\windows\system32\dispex.dll
    2018-11-13 18:51 - 2018-10-26 19:27 - 000173568 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrobj.dll
    2018-11-13 18:51 - 2018-10-26 19:27 - 000164352 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
    2018-11-13 18:51 - 2018-10-26 19:27 - 000121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
    2018-11-13 18:51 - 2018-10-26 19:11 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
    2018-11-13 18:51 - 2018-10-26 19:11 - 000156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
    2018-11-13 18:51 - 2018-10-26 19:05 - 003227648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2018-11-13 18:51 - 2018-10-26 19:04 - 000141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe
    2018-11-13 18:51 - 2018-10-26 19:04 - 000126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
    2018-11-13 18:51 - 2018-10-26 19:04 - 000025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshcon.dll
    2018-11-13 18:51 - 2018-10-26 19:04 - 000015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\dispex.dll
    2018-11-13 18:51 - 2018-10-18 11:49 - 000396888 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
    2018-11-13 18:51 - 2018-10-18 10:51 - 000348760 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
    2018-11-13 18:51 - 2018-10-17 18:48 - 025737728 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
    2018-11-13 18:51 - 2018-10-17 18:17 - 020281344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
    2018-11-13 18:51 - 2018-10-12 12:36 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
    2018-11-13 18:51 - 2018-10-12 12:26 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
    2018-11-13 18:51 - 2018-10-12 12:25 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
    2018-11-13 18:51 - 2018-10-12 12:25 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
    2018-11-13 18:51 - 2018-10-12 12:25 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
    2018-11-13 18:51 - 2018-10-12 12:24 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
    2018-11-13 18:51 - 2018-10-12 12:22 - 002295808 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
    2018-11-13 18:51 - 2018-10-12 12:20 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
    2018-11-13 18:51 - 2018-10-12 12:20 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
    2018-11-13 18:51 - 2018-10-12 12:18 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
    2018-11-13 18:51 - 2018-10-12 12:17 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
    2018-11-13 18:51 - 2018-10-12 12:17 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
    2018-11-13 18:51 - 2018-10-12 12:17 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
    2018-11-13 18:51 - 2018-10-12 12:11 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
    2018-11-13 18:51 - 2018-10-12 12:07 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
    2018-11-13 18:51 - 2018-10-12 12:07 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
    2018-11-13 18:51 - 2018-10-12 12:07 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
    2018-11-13 18:51 - 2018-10-12 12:05 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
    2018-11-13 18:51 - 2018-10-12 12:04 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
    2018-11-13 18:51 - 2018-10-12 12:03 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
    2018-11-13 18:51 - 2018-10-12 12:03 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
    2018-11-13 18:51 - 2018-10-12 12:02 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
    2018-11-13 18:51 - 2018-10-12 11:59 - 013680640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
    2018-11-13 18:51 - 2018-10-12 11:57 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
    2018-11-13 18:51 - 2018-10-12 11:56 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
    2018-11-13 18:51 - 2018-10-12 11:55 - 002059776 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
    2018-11-13 18:51 - 2018-10-12 11:55 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
    2018-11-13 18:51 - 2018-10-12 11:42 - 004386816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
    2018-11-13 18:51 - 2018-10-12 11:38 - 001330176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
    2018-11-13 18:51 - 2018-10-12 11:36 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
    2018-11-13 18:51 - 2018-10-11 18:23 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
    2018-11-13 18:51 - 2018-10-11 18:23 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
    2018-11-13 18:51 - 2018-10-11 18:12 - 002902016 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
    2018-11-13 18:51 - 2018-10-11 18:11 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
    2018-11-13 18:51 - 2018-10-11 18:10 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
    2018-11-13 18:51 - 2018-10-11 18:10 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
    2018-11-13 18:51 - 2018-10-11 18:10 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
    2018-11-13 18:51 - 2018-10-11 18:10 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
    2018-11-13 18:51 - 2018-10-11 18:04 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
    2018-11-13 18:51 - 2018-10-11 18:03 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
    2018-11-13 18:51 - 2018-10-11 18:01 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
    2018-11-13 18:51 - 2018-10-11 18:00 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
    2018-11-13 18:51 - 2018-10-11 18:00 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
    2018-11-13 18:51 - 2018-10-11 17:59 - 005779456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
    2018-11-13 18:51 - 2018-10-11 17:59 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
    2018-11-13 18:51 - 2018-10-11 17:59 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
    2018-11-13 18:51 - 2018-10-11 17:54 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
    2018-11-13 18:51 - 2018-10-11 17:51 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
    2018-11-13 18:51 - 2018-10-11 17:46 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
    2018-11-13 18:51 - 2018-10-11 17:45 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
    2018-11-13 18:51 - 2018-10-11 17:44 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
    2018-11-13 18:51 - 2018-10-11 17:42 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
    2018-11-13 18:51 - 2018-10-11 17:42 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
    2018-11-13 18:51 - 2018-10-11 17:40 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
    2018-11-13 18:51 - 2018-10-11 17:38 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
    2018-11-13 18:51 - 2018-10-11 17:30 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
    2018-11-13 18:51 - 2018-10-11 17:27 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
    2018-11-13 18:51 - 2018-10-11 17:27 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
    2018-11-13 18:51 - 2018-10-11 17:26 - 002136064 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
    2018-11-13 18:51 - 2018-10-11 17:26 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
    2018-11-13 18:51 - 2018-10-11 17:25 - 015283712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
    2018-11-13 18:51 - 2018-10-11 17:19 - 004859904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
    2018-11-13 18:51 - 2018-10-11 17:06 - 001555968 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
    2018-11-13 18:51 - 2018-10-11 16:55 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
    2018-11-13 18:51 - 2018-10-06 08:02 - 000366824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
    2018-11-13 18:51 - 2018-10-06 05:42 - 001988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
    2018-11-13 18:51 - 2018-10-06 05:05 - 002565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
    2018-11-13 18:51 - 2018-09-22 18:55 - 002319872 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
    2018-11-13 18:51 - 2018-09-22 18:54 - 002222080 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
    2018-11-13 18:51 - 2018-09-22 18:54 - 000778240 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
    2018-11-13 18:51 - 2018-09-22 18:54 - 000491520 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
    2018-11-13 18:51 - 2018-09-22 18:54 - 000288256 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
    2018-11-13 18:51 - 2018-09-22 18:54 - 000115200 _____ (Microsoft Corporation) C:\windows\system32\mssitlb.dll
    2018-11-13 18:51 - 2018-09-22 18:54 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
    2018-11-13 18:51 - 2018-09-22 18:54 - 000075264 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
    2018-11-13 18:51 - 2018-09-22 18:54 - 000014336 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll
    2018-11-13 18:51 - 2018-09-22 18:37 - 001549312 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
    2018-11-13 18:51 - 2018-09-22 18:37 - 001400320 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
    2018-11-13 18:51 - 2018-09-22 18:37 - 000666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
    2018-11-13 18:51 - 2018-09-22 18:37 - 000337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
    2018-11-13 18:51 - 2018-09-22 18:37 - 000197120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
    2018-11-13 18:51 - 2018-09-22 18:37 - 000104448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssitlb.dll
    2018-11-13 18:51 - 2018-09-22 18:37 - 000059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscntrs.dll
    2018-11-13 18:51 - 2018-09-22 18:37 - 000034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
    2018-11-13 18:51 - 2018-09-22 18:34 - 000591872 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
    2018-11-13 18:51 - 2018-09-22 18:34 - 000249856 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
    2018-11-13 18:51 - 2018-09-22 18:33 - 000113664 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
    2018-11-13 18:51 - 2018-09-22 18:22 - 000427520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
    2018-11-13 18:51 - 2018-09-22 18:22 - 000164352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
    2018-11-13 18:51 - 2018-09-22 18:21 - 000086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
    2018-11-13 18:51 - 2018-09-22 18:21 - 000009728 _____ (Microsoft Corporation) C:\windows\SysWOW64\msshooks.dll
    2018-11-13 18:51 - 2018-08-27 19:48 - 000419608 _____ C:\windows\SysWOW64\locale.nls
    2018-11-13 18:51 - 2018-08-27 19:48 - 000419608 _____ C:\windows\system32\locale.nls
    2018-11-11 11:39 - 2018-11-15 10:25 - 893289153 _____ C:\windows\MEMORY.DMP
    2018-11-11 11:39 - 2018-11-11 11:39 - 001321984 _____ C:\windows\Minidump\111118-18969-01.dmp
    2018-10-30 18:43 - 2018-10-30 18:43 - 000001080 _____ C:\Users\Public\Desktop\VLC media player.lnk

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-11-18 13:14 - 2018-10-16 16:25 - 000000000 ____D C:\Users\Darin Conway\AppData\LocalLow\Mozilla
    2018-11-18 13:14 - 2009-07-13 20:45 - 000031712 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2018-11-18 13:14 - 2009-07-13 20:45 - 000031712 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2018-11-18 13:11 - 2018-10-16 16:05 - 000000000 ____D C:\FRST
    2018-11-18 13:08 - 2018-10-18 16:09 - 000000000 ____D C:\windows\System32\Tasks\AVAST Software
    2018-11-18 13:08 - 2018-10-16 17:07 - 000004474 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
    2018-11-18 13:08 - 2018-10-15 18:58 - 000004162 _____ C:\windows\System32\Tasks\Antivirus Emergency Update
    2018-11-18 13:08 - 2018-05-14 21:46 - 000003190 _____ C:\windows\System32\Tasks\{7B1AAA85-CB1D-4A6D-ABB5-939D888835EB}
    2018-11-18 13:08 - 2015-03-03 11:57 - 000003220 _____ C:\windows\System32\Tasks\{7461BBF2-30D7-4DAC-B699-A2D560399496}
    2018-11-18 13:08 - 2014-08-02 18:20 - 000003172 _____ C:\windows\System32\Tasks\{9D23353A-8F45-4A31-97EC-CDE7BA29AE3A}
    2018-11-18 13:08 - 2014-07-06 13:53 - 000003158 _____ C:\windows\System32\Tasks\{1CF7EF28-887C-4592-AA2F-0DE6FBC07B9F}
    2018-11-18 13:08 - 2014-05-21 14:01 - 000003200 _____ C:\windows\System32\Tasks\{16BA393B-388F-454E-923F-D0583C63A831}
    2018-11-18 13:08 - 2013-12-25 01:55 - 000004312 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
    2018-11-18 13:08 - 2012-09-03 17:11 - 000003492 _____ C:\windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
    2018-11-18 13:08 - 2012-09-03 17:11 - 000003188 _____ C:\windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
    2018-11-18 13:08 - 2012-09-03 17:11 - 000000830 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
    2018-11-18 13:08 - 2012-09-03 17:11 - 000000828 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
    2018-11-18 13:00 - 2014-04-24 20:56 - 000000000 ____D C:\Users\Darin Conway\AppData\Roaming\Curse Client
    2018-11-18 11:42 - 2014-08-26 08:32 - 000000000 ____D C:\Users\Darin Conway\AppData\Roaming\TS3Client
    2018-11-18 10:12 - 2013-07-16 08:16 - 000000000 ____D C:\Program Files (x86)\Steam
    2018-11-17 16:50 - 2012-09-03 17:45 - 000000000 ____D C:\windows\SysWOW64\Macromed
    2018-11-16 19:07 - 2018-10-16 16:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2018-11-16 19:07 - 2018-10-16 16:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
    2018-11-16 19:00 - 2014-08-02 19:06 - 000000000 __SHD C:\Users\Darin Conway\IntelGraphicsProfiles
    2018-11-16 17:10 - 2009-07-13 21:13 - 000797850 _____ C:\windows\system32\PerfStringBackup.INI
    2018-11-16 17:10 - 2009-07-13 19:20 - 000000000 ____D C:\windows\inf
    2018-11-16 17:04 - 2015-03-29 16:31 - 000000000 ____D C:\windows\SysWOW64\NV
    2018-11-16 17:04 - 2015-03-29 16:31 - 000000000 ____D C:\windows\system32\NV
    2018-11-16 17:02 - 2009-07-13 21:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
    2018-11-15 20:34 - 2016-07-10 07:35 - 000000000 ____D C:\Users\Darin Conway\AppData\Roaming\discord
    2018-11-15 10:25 - 2014-07-05 18:05 - 000000000 ____D C:\windows\Minidump
    2018-11-14 22:07 - 2009-07-13 19:20 - 000000000 ____D C:\windows\rescache
    2018-11-13 22:09 - 2009-07-13 20:45 - 000375832 _____ C:\windows\system32\FNTCACHE.DAT
    2018-11-13 19:12 - 2013-07-20 17:00 - 000000000 ____D C:\windows\system32\MRT
    2018-11-13 19:07 - 2013-07-20 16:56 - 137810048 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
    2018-11-13 19:04 - 2013-07-18 11:24 - 000790464 _____ C:\windows\SysWOW64\PerfStringBackup.INI
    2018-11-13 18:53 - 2015-10-16 21:53 - 006296064 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
    2018-11-13 18:53 - 2013-08-08 11:48 - 000000000 ____D C:\windows\system32\Macromed
    2018-11-13 18:53 - 2012-09-03 17:45 - 000842376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2018-11-13 18:53 - 2012-09-03 17:45 - 000175240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2018-11-08 19:27 - 2018-09-05 14:46 - 000002129 _____ C:\Users\Darin Conway\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
    2018-11-06 02:25 - 2013-08-03 13:45 - 000000000 ____D C:\windows\System32\Tasks\Games
    2018-11-04 20:42 - 2013-08-13 13:20 - 000000000 ____D C:\Users\Darin Conway\AppData\Roaming\vlc
    2018-10-30 18:16 - 2015-03-20 00:21 - 000000000 ____D C:\Users\Darin Conway\AppData\Roaming\qBittorrent
    2018-10-19 00:11 - 2014-08-26 08:32 - 000000000 ____D C:\Users\Darin Conway\AppData\Local\TeamSpeak 3 Client

    ==================== Files in the root of some directories =======

    2014-04-24 20:57 - 2014-04-24 20:57 - 000000036 ____H () C:\Program Files (x86)\.curseclient
    2014-05-21 14:02 - 2014-05-21 14:02 - 000607664 _____ (Neople inc) C:\Users\Darin Conway\AppData\Local\DFOIns.exe
    2014-05-21 14:01 - 2014-05-21 14:01 - 000477104 _____ (Neople inc) C:\Users\Darin Conway\AppData\Local\NeopleCustomURLStarter.exe
    2017-11-12 11:21 - 2017-11-12 11:21 - 000000218 _____ () C:\Users\Darin Conway\AppData\Local\recently-used.xbel
    2017-09-01 23:10 - 2017-09-01 23:10 - 000007616 _____ () C:\Users\Darin Conway\AppData\Local\Resmon.ResmonCfg
    2016-12-29 13:56 - 2016-12-29 13:56 - 000000000 _____ () C:\Users\Darin Conway\AppData\Local\{4E6F2E09-1100-4A0B-8E72-AAC3348097B8}

    Some files in TEMP:
    ====================
    2018-10-16 17:13 - 2018-10-16 17:13 - 000290304 _____ (Microsoft Corporation) C:\Users\Darin Conway\AppData\Local\Temp\CakeTubeSdk.Windows.Service.subinacl.exe
    2018-10-16 15:06 - 2018-10-16 15:08 - 002398688 _____ (Flexera Software LLC) C:\Users\Darin Conway\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
    2018-08-10 16:53 - 2018-08-10 16:53 - 000546952 _____ (Logitech) C:\Users\Darin Conway\AppData\Local\Temp\LDeviceInstaller.exe
    2018-07-20 15:34 - 2018-06-27 11:54 - 000058760 _____ (Logitech Inc.) C:\Users\Darin Conway\AppData\Local\Temp\LogiOptionsfileUninstaller.exe
    2018-07-20 15:34 - 2018-06-27 12:03 - 000259296 _____ (Logitech Inc.) C:\Users\Darin Conway\AppData\Local\Temp\LogiOptionsUninstaller.exe
    2018-08-10 16:53 - 2018-08-10 16:53 - 004139656 _____ (Logitech, Inc.) C:\Users\Darin Conway\AppData\Local\Temp\PlugInInstallerUtility.exe
    2018-08-10 16:53 - 2018-08-10 16:53 - 002665608 _____ (Logitech, Inc.) C:\Users\Darin Conway\AppData\Local\Temp\PlugInInstallLib.dll
    2018-05-02 16:27 - 2018-05-02 16:28 - 058834376 _____ (Skype Technologies S.A.) C:\Users\Darin Conway\AppData\Local\Temp\SkypeSetup.exe
    2018-04-28 11:27 - 2018-04-28 11:27 - 030950664 _____ () C:\Users\Darin Conway\AppData\Local\Temp\vlc-2.2.6-win32.exe
    2018-09-29 21:16 - 2018-10-30 18:42 - 040210008 _____ () C:\Users\Darin Conway\AppData\Local\Temp\vlc-3.0.4-win32.exe

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\windows\system32\winlogon.exe => File is digitally signed
    C:\windows\system32\wininit.exe => File is digitally signed
    C:\windows\SysWOW64\wininit.exe => File is digitally signed
    C:\windows\explorer.exe => File is digitally signed
    C:\windows\SysWOW64\explorer.exe => File is digitally signed
    C:\windows\system32\svchost.exe => File is digitally signed
    C:\windows\SysWOW64\svchost.exe => File is digitally signed
    C:\windows\system32\services.exe => File is digitally signed
    C:\windows\system32\User32.dll => File is digitally signed
    C:\windows\SysWOW64\User32.dll => File is digitally signed
    C:\windows\system32\userinit.exe => File is digitally signed
    C:\windows\SysWOW64\userinit.exe => File is digitally signed
    C:\windows\system32\rpcss.dll => File is digitally signed
    C:\windows\system32\dnsapi.dll => File is digitally signed
    C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2018-11-14 21:58

    ==================== End of FRST.txt ============================
     
  12. Coach_Z

    Coach_Z Thread Starter

    Joined:
    Jun 13, 2005
    Messages:
    79
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.11.2018
    Ran by Darin Conway (18-11-2018 13:16:44)
    Running from C:\Users\Darin Conway\Downloads
    Windows 7 Home Premium Service Pack 1 (X64) (2013-07-15 23:37:14)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3298448857-2117473325-2121461881-500 - Administrator - Disabled)
    Darin Conway (S-1-5-21-3298448857-2117473325-2121461881-1001 - Administrator - Enabled) => C:\Users\Darin Conway
    fbwuser (S-1-5-21-3298448857-2117473325-2121461881-1004 - Limited - Disabled) => C:\Users\fbwuser
    Guest (S-1-5-21-3298448857-2117473325-2121461881-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3298448857-2117473325-2121461881-1003 - Limited - Enabled)
    ZSNES (S-1-5-21-3298448857-2117473325-2121461881-1097 - Limited - Enabled) => C:\Users\ZSNES

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
    AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
    AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
    ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
    Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.2.202.228 - Adobe Systems Incorporated)
    Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
    Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.19 - Audible, Inc.)
    AutoCAD 2017 - English (HKLM\...\{28B89EEF-0001-0409-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
    AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
    AutoCAD 2017 Language Pack - English (HKLM\...\{28B89EEF-0001-0409-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
    Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
    AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.7.3069 - AVG Technologies)
    Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1105.1601 - Micro-Star International Co., Ltd.)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 3.0.1103.1801 - Micro-Star International Co., Ltd.)
    CDisplayEx 1.9.9 (HKLM\...\CDisplayEx_is1) (Version: - cdisplayex.com)
    Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Corsair Utility Engine (HKLM-x32\...\{BB25387A-061E-42E9-AB2F-64073B3E3180}) (Version: 2.24.50 - Corsair)
    Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Deluge 1.3.11 (HKLM-x32\...\Deluge) (Version: - )
    Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
    Discord (HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
    Electrum (HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\...\Electrum) (Version: 2.9.3 - Electrum Technologies GmbH)
    Epic Games Launcher (HKLM-x32\...\{CA3B6D8B-2437-4C7C-84A3-97AF21EDBE20}) (Version: 1.1.144.0 - Epic Games, Inc.)
    Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    ETDWare PS/2-X64 8.0.5.7_WHQL (HKLM\...\Elantech) (Version: 8.0.5.7 - ELAN Microelectronic Corp.)
    f.lux (HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\...\Flux) (Version: - f.lux Software LLC)
    FootSwitch V6.7.1 (HKLM-x32\...\{7DC1ABD8-2574-487E-A499-CB95386A8290}) (Version: 1.0.0 - PCsensor)
    Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.)
    Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    hakchi2 (HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\...\93c4910ae71b1193) (Version: 2.0.30.14 - Alexey 'Cluster' Avdyukhin)
    Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
    Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
    Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
    Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
    Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
    Intel® PROSet/Wireless WiFi Software (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation)
    Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
    iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
    Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
    Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Killer Performance Driver Suite (HKLM\...\{086AF290-0E96-4EF9-B8A1-617836F0BE44}) (Version: 1.5.1859 - Rivet Networks)
    Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
    Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.13291.0 - Linksys LLC)
    Logitech Gaming Software 8.78 (HKLM\...\Logitech Gaming Software) (Version: 8.78.129 - Logitech Inc.)
    Logitech Options (HKLM\...\LogiOptions) (Version: 6.92.275 - Logitech)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Mozilla Firefox 63.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.3 (x64 en-US)) (Version: 63.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.3 - Mozilla)
    MSI HOUSE (HKLM-x32\...\{DA5597C9-9216-44FF-9670-D1E48817B998}) (Version: 10.07.1601 - MSI)
    MSI Software Install (HKLM-x32\...\{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}) (Version: 4.0.1105.1701 - Micro-Star International Co., Ltd.)
    MTGArena (HKLM-x32\...\{5503879A-BDB7-45DB-A5B8-4D5DAAAC8DFA}) (Version: 0.1.786.0 - Wizards of the Coast) Hidden
    MTGArena (HKLM-x32\...\MTGArena) (Version: 0.1.786.0 - Wizards of the Coast)
    NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
    NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
    NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
    OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
    Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
    qBittorrent 3.2.3 (HKLM-x32\...\qBittorrent) (Version: 3.2.3 - The qBittorrent project)
    Qualcomm Atheros Killer Network Manager (HKLM\...\{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.367 - Qualcomm Atheros) Hidden
    Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.367 - Qualcomm Atheros)
    Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
    Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.18.115 - Razer Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.)
    Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
    SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.100 - NVIDIA Corporation) Hidden
    SketchUp Import 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
    Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
    TeamSpeak 3 Client (HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
    Telegram Desktop version 1.4.3 (HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.4.3 - Telegram Messenger LLP)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
    Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
    Winamp (HKLM-x32\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
    Winamp Detector Plug-in (HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
    WinRAR 5.00 beta 7 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.7 - win.rar GmbH)
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3298448857-2117473325-2121461881-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> D:\AutoCad\AutoCAD 2017\acad.exe /Automation => No File
    CustomCLSID: HKU\S-1-5-21-3298448857-2117473325-2121461881-1001_Classes\CLSID\{3eee8b44-5b77-4e1a-84e9-3761a0c20eca}\InprocServer32 -> C:\windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3298448857-2117473325-2121461881-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> D:\AutoCad\AutoCAD 2017\acad.exe => No File
    CustomCLSID: HKU\S-1-5-21-3298448857-2117473325-2121461881-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
    CustomCLSID: HKU\S-1-5-21-3298448857-2117473325-2121461881-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\AutoCad\AutoCAD 2017\en-US\acadficn.dll => No File
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2016-02-06] (Autodesk, Inc.)
    ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-06] (Autodesk)
    ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-10-15] (AVG Technologies CZ, s.r.o.)
    ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-07-15] (Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-07-15] (Alexander Roshal)
    ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
    ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll -> No File
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2015-08-27] (Intel Corporation)
    ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2015-08-27] (Intel Corporation)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2015-03-13] (NVIDIA Corporation)
    ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-10-15] (AVG Technologies CZ, s.r.o.)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-07-15] (Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-07-15] (Alexander Roshal)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0E91BC41-0AEE-4471-967A-2D78D77E6086} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2018-10-15] (AVG Technologies CZ, s.r.o.)
    Task: {1BACC7DB-F9D9-4E2A-860B-796B725DC7C7} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
    Task: {1D7C678B-E428-41C6-A6AA-36CE9F746998} - System32\Tasks\{9D23353A-8F45-4A31-97EC-CDE7BA29AE3A} => C:\windows\system32\pcalua.exe -a "C:\Users\Darin Conway\Desktop\Win64_153322.exe" -d "C:\Users\Darin Conway\Desktop"
    Task: {30EFCBE9-15EE-427B-B852-67811C8F3338} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
    Task: {3D9E1061-AB32-4434-A1D4-107CC5191222} - System32\Tasks\{16BA393B-388F-454E-923F-D0583C63A831} => C:\windows\system32\pcalua.exe -a "C:\Users\Darin Conway\Downloads\NeopleCustomURLBuilder.exe" -d "C:\Users\Darin Conway\Downloads"
    Task: {452C84B0-43E0-46D8-A5A8-97D863033328} - System32\Tasks\{7B1AAA85-CB1D-4A6D-ABB5-939D888835EB} => C:\windows\system32\pcalua.exe -a "C:\Users\Darin Conway\Desktop\AudibleDM_iTunesSetup.exe" -d "C:\Users\Darin Conway\Desktop"
    Task: {6D3093B2-A147-4007-B034-9D16F52CECE2} - System32\Tasks\{7461BBF2-30D7-4DAC-B699-A2D560399496} => C:\windows\system32\pcalua.exe -a "C:\Users\Darin Conway\Desktop\forge-1.8-11.14.1.1334-installer-win.exe" -d "C:\Users\Darin Conway\Desktop"
    Task: {89C558F7-1601-4DE8-9763-6D5FCC7D1658} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [2018-11-13] (Adobe Systems Incorporated)
    Task: {99340450-6FBA-42C6-8BA9-EC93DB934E5C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-13] (Adobe Systems Incorporated)
    Task: {AF99BCD1-39A4-42D0-9099-C228D45008BA} - System32\Tasks\{1CF7EF28-887C-4592-AA2F-0DE6FBC07B9F} => C:\windows\system32\pcalua.exe -a "C:\Users\Darin Conway\Desktop\setup.exe" -d "C:\Users\Darin Conway\Desktop"
    Task: {B3727C3D-A157-4ECE-8DF7-BC0033C7FA3D} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-28] (AVG Technologies CZ, s.r.o.)
    Task: {CB73A2D7-FC32-48D9-9F55-60C4826FBCE6} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
    Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    ==================== Loaded Modules (Whitelisted) ==============

    2012-06-29 10:14 - 2012-06-29 10:14 - 000489472 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
    2011-05-09 19:46 - 2011-05-09 19:46 - 002760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
    2011-05-09 19:56 - 2011-05-09 19:56 - 009856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
    2011-05-09 19:47 - 2011-05-09 19:47 - 000416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
    2012-06-29 10:14 - 2012-06-29 10:14 - 000217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
    2011-05-10 11:32 - 2011-05-10 11:32 - 000731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
    2011-05-09 19:48 - 2011-05-09 19:48 - 000990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
    2017-07-19 14:09 - 2017-07-19 14:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    2012-09-03 17:14 - 2015-03-13 11:41 - 000011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2012-09-03 17:14 - 2015-03-13 08:16 - 000118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2018-09-01 10:36 - 2018-10-30 10:06 - 001057056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
    2018-09-01 10:36 - 2018-09-22 16:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
    2018-09-01 10:36 - 2018-09-22 16:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
    2018-09-01 10:36 - 2018-09-22 16:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
    2014-02-28 01:14 - 2018-10-19 00:12 - 000174744 _____ () C:\Users\Darin Conway\AppData\Local\TeamSpeak 3 Client\quazip.dll
    2017-09-08 17:46 - 2017-12-15 02:08 - 000020632 _____ () C:\Users\Darin Conway\AppData\Local\TeamSpeak 3 Client\libEGL.DLL
    2017-09-08 17:46 - 2017-12-15 02:08 - 001981592 _____ () C:\Users\Darin Conway\AppData\Local\TeamSpeak 3 Client\libGLESv2.dll
    2014-08-04 05:43 - 2018-10-19 00:12 - 000125592 _____ () C:\Users\Darin Conway\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
    2014-08-04 05:43 - 2018-10-19 00:12 - 000150680 _____ () C:\Users\Darin Conway\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
    2017-09-08 17:47 - 2017-09-08 17:47 - 000345880 _____ () C:\Users\Darin Conway\AppData\Roaming\TS3Client\plugins\clientquery_plugin_win64.dll
    2017-09-08 17:47 - 2017-09-08 17:47 - 000157696 _____ () C:\Users\Darin Conway\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll
    2017-09-08 17:47 - 2017-09-08 17:47 - 000012288 _____ () C:\Users\Darin Conway\AppData\Roaming\TS3Client\plugins\gamepad_joystick\api_stub.dll
    2018-10-15 18:58 - 2018-10-15 18:58 - 000919312 _____ () C:\Program Files\AVG\Antivirus\anen.dll
    2018-10-15 18:58 - 2018-10-15 18:58 - 000595728 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
    2018-10-15 18:58 - 2018-10-15 18:58 - 000496912 _____ () C:\Program Files\AVG\Antivirus\gui_cache.dll
    2018-10-15 18:58 - 2018-10-15 18:58 - 001112336 _____ () C:\Program Files\AVG\Antivirus\shepherdsync.dll
    2018-11-18 09:44 - 2018-11-18 09:44 - 005724360 _____ () C:\Program Files\AVG\Antivirus\defs\18111810\algo.dll
    2012-09-03 17:14 - 2015-03-13 11:41 - 000011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
    2018-10-15 18:59 - 2018-10-15 18:59 - 067127976 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
    2013-12-12 23:12 - 2015-11-12 09:07 - 000393608 _____ () C:\Users\Darin Conway\AppData\Roaming\Curse Client\Bin\opus.dll
    2015-11-12 09:07 - 2018-10-16 15:22 - 000535872 _____ () C:\Users\Darin Conway\AppData\Roaming\Curse Client\Bin\Curse.Presto.Interface.dll
    2016-12-06 21:33 - 2018-10-16 15:22 - 001705792 _____ () C:\Users\Darin Conway\AppData\Roaming\Curse Client\Bin\Electron\ffmpeg.dll
    2018-03-01 09:40 - 2018-10-16 15:22 - 000400384 _____ () \\?\C:\Users\Darin Conway\AppData\Roaming\Curse Client\Bin\Electron\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
    2018-03-01 09:40 - 2018-10-16 15:22 - 000129536 _____ () \\?\C:\Users\Darin Conway\AppData\Roaming\Curse Client\Bin\Electron\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
    2015-11-20 11:43 - 2018-10-30 10:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll
    2015-02-27 22:55 - 2016-08-31 17:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
    2015-11-20 11:43 - 2016-08-31 17:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
    2015-11-20 11:43 - 2016-08-31 17:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
    2015-11-20 11:43 - 2018-11-09 18:55 - 002649376 _____ () C:\Program Files (x86)\Steam\video.dll
    2017-12-14 00:17 - 2017-12-19 17:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
    2017-12-14 00:17 - 2017-12-19 17:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
    2017-12-14 00:17 - 2017-12-19 17:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
    2017-12-14 00:17 - 2017-12-19 17:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
    2017-12-14 00:17 - 2017-12-19 17:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
    2013-07-09 08:56 - 2018-11-09 18:55 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
    2016-04-14 15:14 - 2016-07-04 14:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
    2018-03-27 18:18 - 2018-03-27 18:18 - 000197120 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
    2018-03-27 18:11 - 2018-03-27 18:11 - 000097280 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll
    2018-03-27 18:11 - 2018-03-27 18:11 - 000044544 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll
    2018-03-27 18:42 - 2018-03-27 18:42 - 000151040 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll
    2017-10-02 07:54 - 2017-10-02 07:54 - 000013312 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL
    2017-10-02 07:54 - 2017-10-02 07:54 - 001950720 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll
    2018-06-10 13:43 - 2018-04-30 22:01 - 001891672 _____ () C:\Users\Darin Conway\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
    2018-06-10 13:43 - 2018-04-30 22:01 - 001937752 _____ () C:\Users\Darin Conway\AppData\Local\Discord\app-0.0.301\libglesv2.dll
    2018-06-10 13:43 - 2018-04-30 22:01 - 000095576 _____ () C:\Users\Darin Conway\AppData\Local\Discord\app-0.0.301\libegl.dll
    2018-06-10 13:43 - 2018-11-11 11:55 - 011283288 _____ () \\?\C:\Users\Darin Conway\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
    2018-06-10 13:43 - 2018-11-15 20:33 - 001639256 _____ () \\?\C:\Users\Darin Conway\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
    2018-06-10 13:43 - 2018-06-10 13:43 - 000512856 _____ () \\?\C:\Users\Darin Conway\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
    2018-06-10 13:43 - 2018-11-15 20:33 - 001658712 _____ () \\?\C:\Users\Darin Conway\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
    2018-10-11 18:07 - 2018-10-11 18:07 - 009621848 _____ () \\?\C:\Users\Darin Conway\AppData\Roaming\discord\0.0.301\modules\discord_cloudsync\discord_cloudsync.node
    2018-06-10 13:43 - 2018-11-11 11:56 - 001718104 _____ () \\?\C:\Users\Darin Conway\AppData\Roaming\discord\0.0.301\modules\discord_overlay2\discord_overlay2.node
    2018-06-10 13:43 - 2018-06-10 13:43 - 002722648 _____ () \\?\C:\Users\Darin Conway\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
    2018-08-11 23:45 - 2018-11-11 11:56 - 001261400 _____ () \\?\C:\Users\Darin Conway\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
    2018-08-11 23:45 - 2018-11-14 17:48 - 024875864 _____ () \\?\C:\Users\Darin Conway\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
    2018-06-10 13:45 - 2018-06-10 13:45 - 001249112 _____ () \\?\C:\Users\Darin Conway\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
    2018-06-10 13:43 - 2018-11-11 11:56 - 001639256 _____ () \\?\C:\Users\Darin Conway\AppData\Roaming\discord\0.0.301\modules\discord_hook\discord_hook.node

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\Public\AppData:CSM [472]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\Software\Classes\.scr: AutoCADScriptFile => C:\windows\system32\notepad.exe "%1"

    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 18:34 - 2018-11-15 09:30 - 000000826 _____ C:\windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3298448857-2117473325-2121461881-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Darin Conway\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 71.10.216.1 - 71.10.216.2
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.

    MSCONFIG\Services: AMPPALR3 => 2
    MSCONFIG\Services: Apple Mobile Device Service => 2
    MSCONFIG\Services: BEService => 3
    MSCONFIG\Services: Bluetooth Device Monitor => 2
    MSCONFIG\Services: Bluetooth Media Service => 3
    MSCONFIG\Services: Bluetooth OBEX Service => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: BTHSSecurityMgr => 2
    MSCONFIG\Services: cphs => 3
    MSCONFIG\Services: EasyAntiCheat => 3
    MSCONFIG\Services: EvtEng => 2
    MSCONFIG\Services: FlexNet Licensing Service 64 => 3
    MSCONFIG\Services: IAStorDataMgrSvc => 2
    MSCONFIG\Services: ICCS => 3
    MSCONFIG\Services: IconMan_R => 2
    MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
    MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
    MSCONFIG\Services: Intel(R) ME Service => 2
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: jhi_service => 2
    MSCONFIG\Services: LMS => 2
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: MSI Foundation Service => 2
    MSCONFIG\Services: MyWiFiDHCPDNS => 3
    MSCONFIG\Services: RegSrvc => 2
    MSCONFIG\Services: RzOvlMon => 2
    MSCONFIG\Services: UNS => 2
    MSCONFIG\Services: ZeroConfigService => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\windows\pss\Audible Download Manager.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HandyAndy.lnk => C:\windows\pss\HandyAndy.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Control Center.lnk => C:\windows\pss\Killer Control Center.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\windows\pss\LOLRecorder.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Qualcomm Atheros Killer Network Manager.lnk => C:\windows\pss\Qualcomm Atheros Killer Network Manager.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^Darin Conway^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\windows\pss\Curse.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Darin Conway^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\windows\pss\CurseClientStartup.ccip.Startup
    MSCONFIG\startupfolder: C:^Users^Darin Conway^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Twitch.lnk => C:\windows\pss\Twitch.lnk.Startup
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
    MSCONFIG\startupreg: BLEServicesCtrl => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
    MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
    MSCONFIG\startupreg: Corsair Utility Engine => "C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe" --autorun
    MSCONFIG\startupreg: Discord => C:\Users\Darin Conway\AppData\Local\Discord\app-0.0.301\Discord.exe
    MSCONFIG\startupreg: ETDCtrl => %ProgramFiles%\Elantech\ETDCtrl.exe
    MSCONFIG\startupreg: f.lux => "C:\Users\Darin Conway\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
    MSCONFIG\startupreg: GoogleChromeAutoLaunch_B592B901BCCBFFB1DC9ECC68448D4A2C => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
    MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: Jing => C:\Program Files (x86)\TechSmith\Jing\Jing.exe
    MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
    MSCONFIG\startupreg: LogiOptions => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe /noui
    MSCONFIG\startupreg: McAfeeSafeConnect => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
    MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
    MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    MSCONFIG\startupreg: ShadowPlay => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
    MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    MSCONFIG\startupreg: uTorrent => "C:\Users\Darin Conway\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
    MSCONFIG\startupreg: WildHeap => "D:\Wildstar\WildHeap.exe"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{025CAB00-816F-40B5-A292-9D76494B636B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{E8859BA9-65AB-4E63-A31B-8B5230FEF001}] => (Allow) LPort=2869
    FirewallRules: [{03A39A83-AA6E-428C-ADAC-2881AEC823B6}] => (Allow) LPort=1900
    FirewallRules: [{E4977473-A458-4EB1-9376-1837E0E85DB1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{9CE72CB8-ECDC-4AA8-BDED-B236271296AE}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
    FirewallRules: [{6224E65E-1E07-41EC-8A3A-FB2FC1B89A0C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    FirewallRules: [{1E274A78-188F-41FE-A145-86163B7F71FA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{E9AF45A9-E1D2-4FF7-A31B-1A7A711626DF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{4A81F913-771E-4F4A-9F99-5A9A7C798192}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{2C59AFB2-4BFC-404D-8D60-90306810F87C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{12F8A63B-D5E7-4490-BC11-D6362F7DBCF9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{42C2DAEB-A532-4AC5-AAE0-DEE58525D2B8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{34F5A239-5F2A-4CCC-9E3C-26DD26680F64}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [TCP Query User{FAB4BF0F-B76E-44AD-8F73-2B0760CE7486}C:\program files (x86)\dolbyaxon\axon.exe] => (Allow) C:\program files (x86)\dolbyaxon\axon.exe
    FirewallRules: [UDP Query User{48BE1F69-C80D-4CC1-AB04-4A4610F4BC7E}C:\program files (x86)\dolbyaxon\axon.exe] => (Allow) C:\program files (x86)\dolbyaxon\axon.exe
    FirewallRules: [{B442FEC0-FEBF-4569-A20B-DBAA23D91395}] => (Allow) C:\Users\Darin Conway\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{6844FE2A-BE4A-408C-9154-28991D27352B}] => (Allow) C:\Users\Darin Conway\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [TCP Query User{798F9502-46AA-444A-A210-88DE69056737}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{181FD143-DB96-40A4-8A48-F1A6FA6F616A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
    FirewallRules: [TCP Query User{D7A4E3A8-3019-44E9-936F-E9EBA8B8435E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{765F8AAD-0751-482D-8822-0745F3A46E9E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [{F11147A1-EBDA-4E6E-87BD-CBBD4EB53ECA}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{E92A4A71-486B-4ECA-8D0C-A7C7BE557941}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [TCP Query User{8889A1B0-BB50-4BB1-881A-6EA933E01FFE}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
    FirewallRules: [UDP Query User{9556AC8C-0D60-4651-8AED-D2C18D003C7C}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
    FirewallRules: [TCP Query User{AEA7BB64-E583-42EC-B209-3CC8D7E408A1}C:\Program Files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\Program Files (x86)\lolreplay\lolreplay.exe
    FirewallRules: [UDP Query User{E66BB71B-35CE-478E-BEC5-854281855AF0}C:\Program Files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\Program Files (x86)\lolreplay\lolreplay.exe
    FirewallRules: [{5182D029-9F97-4079-915B-2897BF717CF4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
    FirewallRules: [{5FB08F1C-5C7C-4AF7-BD29-EEB791D309CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
    FirewallRules: [{1313EBB0-82C5-4ECA-A8A7-C705BBB54D34}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
    FirewallRules: [{54EFB2CE-837A-43C6-B12B-C9B4A9C7389B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
    FirewallRules: [{DE625539-923E-43B8-9079-1DB9231A8094}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{FBF6B25A-2A4A-4F05-8740-77AC8E9F96E6}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{E099FCA6-B411-4C41-A13B-3400E2CD734D}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{C956D1FC-D856-4B90-A450-C9F51687E719}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{656211C6-2B63-482C-B6BC-633B621FF7EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
    FirewallRules: [{3C42FE9D-C201-4D01-BE75-D4C1CC3F18AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
    FirewallRules: [{736083DC-28DD-4982-974E-0F74F1916E97}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{9CA156D4-BBF0-43D2-A170-88388019F638}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{E45360E2-51D0-4ED9-970D-3688C897D331}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{CC9AFFF7-0EB9-4343-97FF-A5F2B9ADFB93}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [TCP Query User{423C3047-135F-448C-9A23-BA28EDE42DE6}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
    FirewallRules: [UDP Query User{67B34DD1-BAB0-4644-AAFE-4658C2E42205}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
    FirewallRules: [TCP Query User{5BA89559-651E-49FB-BB30-63CAFA9EAA2D}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
    FirewallRules: [UDP Query User{7221E38F-B61F-4065-B1EB-49F15B3861D0}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
    FirewallRules: [TCP Query User{097724CC-326E-4526-BBA0-3E16BF9DC77E}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
    FirewallRules: [UDP Query User{7897B34A-061A-4CF3-9B65-DB87388AF231}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
    FirewallRules: [{F484F0C6-DFCD-48D4-87C7-F6B9BBD63200}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{30FFAE3E-2251-4DE3-850F-75C899EF5D8A}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{D1D2EFB3-6042-4878-A4FF-2AF6B724CAD8}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{9D87A41D-488D-4296-AB46-49E77E07C557}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{07758906-045E-419C-8934-12C65650DFE2}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{8539698C-3451-4FD5-B365-6C9CDD052912}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{5F8768B4-8B13-4FF8-8147-ED4EE2099075}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
    FirewallRules: [{5D34CB63-C2DB-4AA9-AF68-2E1BE68BFFE3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
    FirewallRules: [{D90CB133-2CD8-47EB-B62F-A5BD0484F1A7}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{F67932E2-2C91-43F2-AD24-6BCEBB53FA68}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{77C20E49-3FE2-4EA6-B832-37BE4EE339AA}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [{6A40010A-62B3-4CD7-A518-B77DE793E4B3}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [{BD4B8F32-5582-43CC-9433-DBCE362AA1F8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
    FirewallRules: [{E019836A-3A99-46C9-BA8F-74D6B94CB2BE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
    FirewallRules: [TCP Query User{23CCB38B-5E1D-46B9-AB7B-8640AF48EEDC}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
    FirewallRules: [UDP Query User{2E106568-DFED-499A-8367-6C4B19DF6E3C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
    FirewallRules: [{5C774A03-FB74-4E91-AE66-E437826B6D34}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
    FirewallRules: [{BB206E41-459C-4FC2-BFBF-2996EC4F6412}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
    FirewallRules: [{8E6BB8F8-CF6F-47E1-A844-1B1FB2522DF4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
    FirewallRules: [{0A9499D6-E4F5-4B52-BCBE-8D8199F06BD7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
    FirewallRules: [{1D28D4EB-76DF-40F0-A94C-1C76C8FFEE1F}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [{F8691D82-A9C8-4897-B660-C7AC5D681252}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [TCP Query User{308686C2-9EE8-4FE9-895D-626419DF1DA1}C:\program files (x86)\diablo iii\diablo iii.exe] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
    FirewallRules: [UDP Query User{2860FD92-ACF7-4D57-82C7-A8043C2B5FD1}C:\program files (x86)\diablo iii\diablo iii.exe] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
    FirewallRules: [{BC7329CB-711C-403C-9FD6-8C738C370ED2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
    FirewallRules: [{70B3CABF-29B3-4BAE-A9E4-AF6F70605E6C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
    FirewallRules: [{A130DC58-C6D4-461E-BE66-9949E4732DF1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
    FirewallRules: [{CF263E7E-A507-43C1-8E58-C4041FE1725F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
    FirewallRules: [{26C26C9E-7B9F-4BF6-8EDC-D461E765AEF4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
    FirewallRules: [{3BB2B6CF-E2DF-4984-AE3E-37ED6E4C2C9B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
    FirewallRules: [{55ADD610-E540-4ACD-BF9A-7E2528A35F4D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{22A1D2D8-28BB-4B0F-9909-FF8DC7DCD031}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{13E5A32F-F56B-4F6E-9F33-8C6FC7956865}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [{103C0A06-4FFE-4B3F-A8C8-BA7D84DC26A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [{9A759470-A05A-43E4-AC56-C3AFB6570033}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{6437F516-CC2E-46F7-911E-D279ED9CBF44}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{D33EB0B0-5587-4889-A436-2860F819A669}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [{B2BB652A-0004-4F05-9F32-42E932052679}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [{BD8F1BEA-3507-486A-8708-43388850DB3A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
    FirewallRules: [{6F2699CC-A243-43D3-8A2E-14B9544B250B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
    FirewallRules: [{5DBD130E-520E-4C1A-A001-A1E7122BB85F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
    FirewallRules: [{F5C90E97-EB23-4A19-9751-4043DD49AEE8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
    FirewallRules: [{3C13FE42-4FDD-42D4-85D3-0F200150D0E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [{19A4706E-3B23-43FA-81B6-09787BBE14ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [{F73D2048-4EA8-4CA7-B7BF-CBAEDC82D611}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [{1454E49C-7BB4-4CD4-AAAC-57973CB228F1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [{3C6E3227-8A03-40CF-9F25-F6C4A876A052}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [{E2E4E008-780D-4D86-9A81-7E0CB484F77D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [TCP Query User{A4C2CC6E-0F83-4C64-AB1D-908765A2F4FC}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{873CFA80-0FBD-40EF-8B32-099907B50A95}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [TCP Query User{AF164724-DFDC-4016-A7FB-D3DD9BF9425F}D:\dfo\dfo.exe] => (Allow) D:\dfo\dfo.exe
    FirewallRules: [UDP Query User{42936B20-8B5C-42F8-ADF0-A6FBA521CC53}D:\dfo\dfo.exe] => (Allow) D:\dfo\dfo.exe
    FirewallRules: [TCP Query User{AFAD46BF-CEB5-455D-8D4A-A753BB19CE08}D:\dfo\dfo.exe] => (Allow) D:\dfo\dfo.exe
    FirewallRules: [UDP Query User{372A31FB-590E-4ABA-B56B-52FEE63A0E2E}D:\dfo\dfo.exe] => (Allow) D:\dfo\dfo.exe
    FirewallRules: [TCP Query User{6D28D631-1E1F-40AE-9AB8-78FD0419A22D}D:\star citizen\starcitizen\citizenclient\bin64\starcitizen.exe] => (Allow) D:\star citizen\starcitizen\citizenclient\bin64\starcitizen.exe
    FirewallRules: [UDP Query User{E4B2B1A1-BAC9-498B-B411-53294BC02B1E}D:\star citizen\starcitizen\citizenclient\bin64\starcitizen.exe] => (Allow) D:\star citizen\starcitizen\citizenclient\bin64\starcitizen.exe
    FirewallRules: [{9E122C1B-95B4-47FA-87ED-60A1604E1D79}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{1C1606D3-E759-4787-90BA-A70FD90E55FF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{67F04B11-27A6-4169-901C-2BD5B29CA193}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{A01DBD6E-256D-4C03-BCD5-1417E1DFA688}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{90D6ED9A-A762-4AD4-975F-45D293C9EF42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{8F287B57-382C-4F3C-BF07-AFDE729AB12E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{42BEB7A7-3A0A-4A77-86BD-81D5727A37D9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{12455328-CD11-48CC-B2A0-169719274446}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{59700138-E441-4817-A4AE-BA03D1C58A7D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{8FD04CB5-F8A8-4FA4-B0EB-2FBE99A83172}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{FF9C79ED-1215-4173-85A9-CF39FC1EE8BE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{A51DA941-396F-40D5-A5D3-83E8362B34F7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{26A8527F-625B-453A-BBB2-B075F46A2277}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
    FirewallRules: [{4F412D2C-603E-4CE1-A30E-9CD7F39D033D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
    FirewallRules: [{65913E23-174F-4C74-8497-0CB69F58638F}] => (Allow) C:\Users\Darin Conway\AppData\Local\Apps\2.0\VALXX8Q6.E0A\XXZG5LLX.XV9\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
    FirewallRules: [{15CEA2B3-1599-44AA-834F-68AD2EA68F9D}] => (Allow) C:\Users\Darin Conway\AppData\Local\Apps\2.0\VALXX8Q6.E0A\XXZG5LLX.XV9\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
    FirewallRules: [{30437CA3-03EB-497B-9FFA-FD10194D4135}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{23D81544-0589-4DB9-A560-5447D0324068}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{C2C0A136-31ED-4302-BD17-3860477057A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{5174CCD4-232A-44E5-9603-FC1F142D0616}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [TCP Query User{AF81F83C-3D5B-428B-93C3-348BDD86DFF7}D:\warcraft 3\warcraft iii\war3.exe] => (Allow) D:\warcraft 3\warcraft iii\war3.exe
    FirewallRules: [UDP Query User{EE4E4260-781B-42FF-BEF1-4958AA0D5113}D:\warcraft 3\warcraft iii\war3.exe] => (Allow) D:\warcraft 3\warcraft iii\war3.exe
    FirewallRules: [TCP Query User{631044B7-1C31-4522-AB52-1E318F10812D}C:\users\darin conway\desktop\wc3 cracked\war3.exe] => (Allow) C:\users\darin conway\desktop\wc3 cracked\war3.exe
    FirewallRules: [UDP Query User{4C984A53-9830-4EFB-9849-0B138EAEAC3D}C:\users\darin conway\desktop\wc3 cracked\war3.exe] => (Allow) C:\users\darin conway\desktop\wc3 cracked\war3.exe
    FirewallRules: [TCP Query User{4B27CB92-B033-4EDE-A718-DB8F84697AE4}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe
    FirewallRules: [UDP Query User{16A18003-9407-4126-83E2-F3249AAE7ED2}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe
    FirewallRules: [TCP Query User{A3639711-BD61-4A3A-8750-0CD4ED931D95}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [UDP Query User{5277561E-3602-4AD2-970F-C0A6719E8518}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [TCP Query User{59F844AF-A7A5-4DDB-9C1E-A21364D255D1}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
    FirewallRules: [UDP Query User{4A9E7C8C-18C9-4645-81B2-0C506A070EBD}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
    FirewallRules: [TCP Query User{6F889292-AAD0-44CD-97AC-E0D3A020E01A}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [UDP Query User{B9E2EC33-3553-405E-ADE1-ED2FD5D3ADBF}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [{955B835F-1DB0-47AD-933A-48422351C2FF}] => (Block) %ProgramFiles%\Sony\Vegas Pro 13.0\vegas130.exe
    FirewallRules: [{6A573161-CED3-495F-BC97-82969A317455}] => (Allow) LPort=25565
    FirewallRules: [{C67BB1DB-D0D1-4DA1-842C-C4CFB57EF718}] => (Allow) LPort=25565
    FirewallRules: [TCP Query User{5464BB3F-A3E4-43F4-A7CB-0F6BA076FA3D}D:\heroes of the storm\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{68A46CAD-3C67-437A-868A-0FDE604E57E0}D:\heroes of the storm\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
    FirewallRules: [TCP Query User{0C98E629-D627-4831-B2CE-AD1BFF03ACE1}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe
    FirewallRules: [UDP Query User{D721A4BB-31C9-45F6-A4E5-7387F5EE7D55}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe
    FirewallRules: [{F2CA3A95-08A7-408A-892D-15E573BDC6E3}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{BE5DC7AB-FEBF-4725-B72C-41601710CDDC}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
    FirewallRules: [{E75DFEC1-0D6E-499A-83B3-EEB1B3649551}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
    FirewallRules: [TCP Query User{4164F1EF-FFE6-4C06-AFC6-8DC6FEB3B703}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [UDP Query User{CF919E53-67DA-43FB-BF35-260BD9C57222}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [TCP Query User{9C016616-6066-4CFB-8AD7-5ED1A5B425E9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [UDP Query User{E3C47AA7-DD3F-46EB-9C72-D1883D4107EA}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [TCP Query User{6C7BBB11-95BC-4938-A682-9EF3D65F4C99}D:\warlords of dreanor\overwatch\overwatch.exe] => (Allow) D:\warlords of dreanor\overwatch\overwatch.exe
    FirewallRules: [UDP Query User{9877B71A-4080-4493-A4CE-1FD950DA1943}D:\warlords of dreanor\overwatch\overwatch.exe] => (Allow) D:\warlords of dreanor\overwatch\overwatch.exe
    FirewallRules: [{5544C4ED-28AB-496B-ADEB-6018164C0AF7}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
    FirewallRules: [{821BB6AB-481A-41F2-8457-B5BF7847E3C0}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
    FirewallRules: [{BBFF4557-C2C2-4434-B443-FCE691F315BC}] => (Allow) C:\Users\Darin Conway\AppData\Local\Temp\andy-x64\Setup.exe
    FirewallRules: [{166A28F3-B073-47AA-9820-24E8F0537D75}] => (Allow) C:\Program Files\Andy\andy.exe
    FirewallRules: [{50FAB6A1-D9D5-4F82-BCD8-B1F1A3A11A11}] => (Allow) C:\Program Files\Andy\andy.exe
    FirewallRules: [{FD3038FB-7E7C-4DEA-AB84-FBAB37BC1EC2}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
    FirewallRules: [{38C68B45-71AE-4FE8-9E2B-55A2264315BE}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
    FirewallRules: [{0624B6C7-18DE-417C-80A3-617B70DD62BC}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
    FirewallRules: [{EFBBFF1F-1347-45DF-A53A-7DF24CFC656C}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
    FirewallRules: [{881273B9-CDA0-4566-8BAD-970FCB849C1E}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
    FirewallRules: [{E30961BF-D270-48A7-BAF3-905A4F39E2EA}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
    FirewallRules: [{F855CAF3-CB1A-4314-B0AB-9A66BCC7DE4A}] => (Allow) C:\Users\Darin Conway\AppData\Local\Temp\andy-x64\Setup.exe
    FirewallRules: [{F6F475E3-C340-4BAB-B96F-3B016A5759B4}] => (Allow) C:\Users\Darin Conway\AppData\Local\Apps\2.0\VALXX8Q6.E0A\XXZG5LLX.XV9\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
    FirewallRules: [{F35554EA-57B3-4D0D-8F01-08B6250D5C03}] => (Allow) C:\Users\Darin Conway\AppData\Local\Apps\2.0\VALXX8Q6.E0A\XXZG5LLX.XV9\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
    FirewallRules: [TCP Query User{36203694-5785-4FC5-81CE-E8A2B4EF3EDB}D:\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\cloud imperium games\patcher\cigpatcher.exe
    FirewallRules: [UDP Query User{8F19D057-AD9F-46EF-BB64-98F6E301852F}D:\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\cloud imperium games\patcher\cigpatcher.exe
    FirewallRules: [TCP Query User{6D7542A8-FE35-4A3C-9257-7014DFC2619F}D:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
    FirewallRules: [UDP Query User{BA1545B6-ECA6-43B0-BCDF-6726CAC4F86F}D:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
    FirewallRules: [{554DB0BB-4F12-44E5-9B18-ED68CFB168DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{1408BECB-433C-4EA5-93F9-0D51C01DAB0C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{F3792627-9E14-4273-9809-74898D8F0130}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
    FirewallRules: [{7774D209-3878-469C-A16A-FBB230DCDED8}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
    FirewallRules: [{7CC0AC12-0367-41BB-86C0-50ECF3EA7AFF}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
    FirewallRules: [{62DC275B-FB02-4B6A-B574-879D87A04FDE}] => (Allow) D:\DotA 2\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
    FirewallRules: [TCP Query User{C67194EB-8938-4451-AFB5-D9AD4B7F011B}D:\dota 2\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\dota 2\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
    FirewallRules: [UDP Query User{B9EC2317-8737-40EF-9E5B-6C4C8CE522D2}D:\dota 2\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\dota 2\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
    FirewallRules: [{85DDE697-B427-48DA-823D-05EE9E852917}] => (Allow) D:\DotA 2\SteamApps\common\Golf It!\GolfIt.exe
    FirewallRules: [{CDA4D99F-027B-44A5-9F55-D1367564E937}] => (Allow) D:\DotA 2\SteamApps\common\Golf It!\GolfIt.exe
    FirewallRules: [TCP Query User{5D83A185-F49E-4610-8ADF-3ACD817E8597}D:\dota 2\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) D:\dota 2\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe
    FirewallRules: [UDP Query User{24C95B63-D423-45A3-85F0-05016DCBA851}D:\dota 2\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) D:\dota 2\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe
    FirewallRules: [{E1706D67-91D2-4E8B-84F5-12EA3D53A3FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
    FirewallRules: [{75973F1B-8510-490F-A699-5DC9054A575E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
    FirewallRules: [{491C6F62-A2E4-4283-8CCF-1931041D43D7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
    FirewallRules: [{3AEB0130-8E34-4C75-AC77-C96B48FE11CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
    FirewallRules: [{BF24C8A9-FFC2-4DB5-86FE-31D83A93523D}] => (Allow) D:\DotA 2\SteamApps\common\Battlerite\Battlerite.exe
    FirewallRules: [{DD48EA70-8D93-4BFA-8AF3-4C5DA6DAE1F6}] => (Allow) D:\DotA 2\SteamApps\common\Battlerite\Battlerite.exe
    FirewallRules: [TCP Query User{F76E4AB4-321A-4A05-8CAB-523210831FDD}C:\users\darin conway\appdata\local\bisq\bisq.exe] => (Allow) C:\users\darin conway\appdata\local\bisq\bisq.exe
    FirewallRules: [UDP Query User{15A04BFE-3219-4436-BE08-3AD40D437163}C:\users\darin conway\appdata\local\bisq\bisq.exe] => (Allow) C:\users\darin conway\appdata\local\bisq\bisq.exe
    FirewallRules: [{A5ABE9E6-D505-4DC8-BD9D-1524323C71EF}] => (Allow) D:\DotA 2\SteamApps\common\Legion TD 2\Legion TD 2.exe
    FirewallRules: [{21A327DC-92DE-459E-A1C0-37B1B0B9E0A8}] => (Allow) D:\DotA 2\SteamApps\common\Legion TD 2\Legion TD 2.exe
    FirewallRules: [{B479E846-DD31-4E3B-98C6-9B83A164B27E}] => (Allow) %USERPROFILE%\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
    FirewallRules: [TCP Query User{A30E6AC5-08D0-4988-B0A0-49297B81E36F}D:\warcraft 3\warcraft iii\warcraft iii.exe] => (Allow) D:\warcraft 3\warcraft iii\warcraft iii.exe
    FirewallRules: [UDP Query User{152EC8C0-5C8A-40C9-94AE-BC4086B3831E}D:\warcraft 3\warcraft iii\warcraft iii.exe] => (Allow) D:\warcraft 3\warcraft iii\warcraft iii.exe
    FirewallRules: [{9D1275F6-7AC7-407E-BA2E-9BB0C973631C}] => (Allow) D:\DotA 2\SteamApps\common\Overcooked\Overcooked.exe
    FirewallRules: [{F3A55264-DAC1-4D43-9560-EC429413E5A7}] => (Allow) D:\DotA 2\SteamApps\common\Overcooked\Overcooked.exe
    FirewallRules: [TCP Query User{A9D99A42-9790-4885-9111-61DFAB55714E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{F25575E8-5B57-458A-90BB-69440F79BEBD}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{75D78821-F99E-4474-935E-532AEE371373}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
    FirewallRules: [UDP Query User{0FE383F1-A211-4BEC-AFA7-A304DCE7AAC2}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
    FirewallRules: [TCP Query User{12159F5D-BEB4-4994-BE8B-C3CF3E7E9FB2}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
    FirewallRules: [UDP Query User{BD1B6524-4C75-4713-B64E-F4B6806769DE}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
    FirewallRules: [TCP Query User{C246868D-F559-4E0C-83D3-CCD15C6D53B2}D:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
    FirewallRules: [UDP Query User{DFC7D84A-DD53-4A40-9B67-BA73E76470C7}D:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
    FirewallRules: [TCP Query User{C490CB89-ECC9-4CE5-A1DB-38E863DF3E2A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{6BBE3ADE-77E2-4E4E-8033-6E1845F46BFF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{3A0E03C5-EFA6-4269-A677-CD7FABD00375}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{4B104EE6-58DD-4CC1-A46F-FDEE8730B977}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{C33CD032-9E5E-4D60-92F0-A80CE3D7D1B8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{09F36495-6069-4A79-A017-52BBBDB9FA8A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{99B62405-F3F1-447E-85A3-CC1B78C54929}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{4877A683-F38E-4BDD-8865-B0B644910373}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{AEEF80B6-FC3D-480E-AF80-B053903F7E5D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{2CF0D55B-B494-4517-9F67-12245FB3EA2F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{445AEAF4-DC46-4FBB-B273-39618A470587}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{6D061E26-ECEB-42F5-A934-E4C7DE386368}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
    FirewallRules: [{F0BC369D-B589-42EB-910A-FFE8B5060A95}] => (Allow) D:\DotA 2\SteamApps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{7B4C9268-9556-4E06-98C2-F1E8F088AD67}] => (Allow) D:\DotA 2\SteamApps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [TCP Query User{B2C697F3-AE46-4F1A-A256-EDA10929DE98}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{527813F5-7694-43B5-A7E9-C15E1DE91FFF}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{9728E02C-2FC9-4A63-8993-BA4ABCC77129}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{6C868C13-A225-4155-BE68-594AFEFE9ECF}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{12840B72-2390-4F6E-8166-CBC7897C2B8B}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{B008F005-419E-4299-99D3-67EBB260BC80}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
    FirewallRules: [{AD4E8311-0F62-4E14-A1C7-C137BD46D2D2}] => (Allow) D:\DotA 2\steamapps\common\Darwin Project\Darwin.exe
    FirewallRules: [{54A4331B-55D1-4305-A779-153A58A4FAD6}] => (Allow) D:\DotA 2\steamapps\common\Darwin Project\Darwin.exe
    FirewallRules: [{36B1DF84-1B46-47E4-9A23-BCEEA00A5E26}] => (Allow) D:\DotA 2\steamapps\common\Darwin Project\Darwin\Binaries\Win64\Darwin-Win64-Shipping.exe
    FirewallRules: [{14F5EF2F-532C-4224-85E8-C1150ED65C2A}] => (Allow) D:\DotA 2\steamapps\common\Darwin Project\Darwin\Binaries\Win64\Darwin-Win64-Shipping.exe
    FirewallRules: [TCP Query User{AE59D8B8-2A79-454D-998D-C5070C7C304E}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.145\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.145\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{F58454DA-4C18-4190-B02C-7843FC926A18}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.145\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.145\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{2D646A74-5E73-40F8-AF5A-5DBB223DEFD1}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.146\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.146\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{AE10EEFA-0926-4A89-98C2-551A4691EA44}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.146\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.146\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{83767756-BC6C-4956-9FD5-3CB8A8A70469}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{86366C54-76A9-479D-A217-0D924CAC5B74}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{0DEE47EC-C7C3-4692-BF7D-C68493FEEABC}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{79CF1B23-FC88-48AC-8BE0-93DA77E9966B}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{60F3B0A1-13BC-40D2-B808-65138354C511}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{76E7AE86-EFE5-4F94-9539-45B0E7274448}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{D0C59229-870A-43FD-B87B-77B445A2EE5E}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{E431E3BE-869F-4D75-A498-68CA221832BB}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{A53CC8CE-5B97-4CE2-9B75-368B3D22C7D4}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{A84EBDFF-EB70-45B3-8594-401118CE6740}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
    FirewallRules: [{F4F5E816-5D3B-49B7-B33B-1413DABE0726}] => (Allow) D:\DotA 2\steamapps\common\SlayTheSpire\SlayTheSpire.exe
    FirewallRules: [{A50DEB02-2D06-46AA-BFBE-EB9D2F35E4D5}] => (Allow) D:\DotA 2\steamapps\common\SlayTheSpire\SlayTheSpire.exe
    FirewallRules: [TCP Query User{DF9DFD9F-1786-42C9-BCC2-F1E2F7BDF93B}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [UDP Query User{4D360509-DE7A-4CD1-91DF-A8FF516E1A1A}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
    FirewallRules: [TCP Query User{8F744CCC-3F5E-4536-BF72-82F85136999A}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{F82881A6-7863-4697-9682-9A1E48274392}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
    FirewallRules: [{BF32CA7A-9125-4570-8830-897F2647E78A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe
    FirewallRules: [{30D0BDD4-A6E4-41DA-B342-F91A161FE5F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe
    FirewallRules: [TCP Query User{8A469422-6F4C-4C77-BBA1-6D8F21257DBC}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{2753F7F7-4045-4996-B9FD-8E4E8E958B5E}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{EA9C90BF-F42B-4C40-AF87-64AC20C7EF6F}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{F554C367-574C-4E75-BBDE-3D1E26854C7C}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
    FirewallRules: [{3E198659-AFC4-4050-B2BD-78063CB5E020}] => (Allow) D:\DotA 2\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe
    FirewallRules: [{5F3D34CE-3632-4631-9D64-5AC7113EC615}] => (Allow) D:\DotA 2\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe
    FirewallRules: [TCP Query User{41EAF1BC-278F-467E-A9F4-345DA32E12BD}D:\dota 2\steamapps\common\orcsmustdieunchained\binaries\win64\spitfiregame.exe] => (Allow) D:\dota 2\steamapps\common\orcsmustdieunchained\binaries\win64\spitfiregame.exe
    FirewallRules: [UDP Query User{555997E3-C89D-40BB-B482-5DD2833D0791}D:\dota 2\steamapps\common\orcsmustdieunchained\binaries\win64\spitfiregame.exe] => (Allow) D:\dota 2\steamapps\common\orcsmustdieunchained\binaries\win64\spitfiregame.exe
    FirewallRules: [{9FA06FC6-2C04-4656-8132-41A91111DC58}] => (Allow) D:\DotA 2\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
    FirewallRules: [{1D9D1E47-B299-4B59-9473-06336F8EE8F9}] => (Allow) D:\DotA 2\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
    FirewallRules: [{A231710D-6293-416E-AE10-8A27DF88F6E9}] => (Allow) D:\DotA 2\steamapps\common\Overcooked! 2\Overcooked2.exe
    FirewallRules: [{53C3097B-B9B6-41C0-9A25-C3344183EAFA}] => (Allow) D:\DotA 2\steamapps\common\Overcooked! 2\Overcooked2.exe
    FirewallRules: [TCP Query User{A5B76ED0-E4CD-4013-87D2-A1E2B142AC15}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{EDB659CE-B9B8-4BAF-9F27-B8408F291EC6}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
    FirewallRules: [{21CC82E1-6305-48A2-8B08-E053F9D8457C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
    FirewallRules: [{FEFF63C9-4212-4666-A075-B788D5C0993E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
    FirewallRules: [{93653612-8EF4-40DF-AD83-4642BBDC3997}] => (Allow) D:\DotA 2\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
    FirewallRules: [{C46D43FA-79CC-43EF-AA3F-EF3E257A3297}] => (Allow) D:\DotA 2\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
    FirewallRules: [TCP Query User{6840BFC2-27CB-4C15-A714-3723A839BBAE}D:\dota 2\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) D:\dota 2\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
    FirewallRules: [UDP Query User{D9996915-D54F-424F-9CFA-F93D571DE882}D:\dota 2\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) D:\dota 2\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
    FirewallRules: [{A42B9612-9D19-4584-B03B-7B7366B58097}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE
    FirewallRules: [TCP Query User{8435FE30-68D6-4D1A-9192-C2D63E4F4F8B}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{B9BEEC16-E6CC-411A-8100-A68B0C275631}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{C55C6C26-B9D1-44D3-96DD-508F7DE16F90}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{C44665FD-2ECA-4DAE-9A35-7C30CEF3AA07}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{60BF949C-44FF-450A-A83F-871417EB9738}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{81CD14E2-B532-431C-88B2-6C67327C742B}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{98FD9939-8BB1-4CEE-8F1A-ECD627A403CD}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{33E0E018-36D4-4501-A4E2-31CF2761250F}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{2F43D5F6-5208-414C-84FE-85384808F92F}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{55A1CAE1-575B-46D5-A77A-6F36482AA4F4}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe
    FirewallRules: [{F9DDD9B3-1399-4FE0-BAB8-BB48A38FBF13}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
    FirewallRules: [{5F37E738-1C00-4722-BB18-AD9C5F699E60}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
    FirewallRules: [{D517F6A1-54FA-4179-8B25-25BF3F8E1E67}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{47D903E0-5D4B-4707-98AF-AC097AA785C2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{087022A4-D8F3-43D9-8394-F796A89DBADB}] => (Allow) D:\DotA 2\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
    FirewallRules: [{2ECD4A8A-D2CF-4315-93E8-9D3068F024BE}] => (Allow) D:\DotA 2\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
    FirewallRules: [TCP Query User{F9F0C102-673F-4EB1-87E2-A426C4159347}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{CFA3D18C-8E39-4066-AEC7-5EBFBA8BC215}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{8712DD0B-2EFD-414B-8E3C-9EE325B7F8E5}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{4AD1A592-5FAF-4584-8CB0-86B5E02A4CAA}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe
    FirewallRules: [TCP Query User{6817AF2C-AC41-4C27-8A94-4DA52A5A3C62}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe
    FirewallRules: [UDP Query User{926449F2-0409-47CE-BEF8-144C1ADD4403}D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe

    ==================== Restore Points =========================


    ==================== Faulty Device Manager Devices =============

    Name: Intel(R) Centrino(R) Wireless-N 135
    Description: Intel(R) Centrino(R) Wireless-N 135
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel Corporation
    Service: NETwNs64
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (11/18/2018 02:55:12 AM) (Source: System Restore) (EventID: 8211) (User: )
    Description: The scheduled restore point could not be created. Additional information: (0x80042308).

    Error: (11/18/2018 02:55:12 AM) (Source: System Restore) (EventID: 8193) (User: )
    Description: Failed to create restore point (Process = C:\windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80042308).

    Error: (11/17/2018 08:07:36 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ts3client_win64.exe, version: 3.2.3.0, time stamp: 0x5bb32afe
    Faulting module name: ucrtbase.DLL, version: 10.0.14393.2247, time stamp: 0x5adc1d0b
    Exception code: 0x40000015
    Fault offset: 0x000000000006eacf
    Faulting process id: 0x3108
    Faulting application start time: 0x01d47ef429497871
    Faulting application path: C:\Users\Darin Conway\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
    Faulting module path: C:\windows\system32\ucrtbase.DLL
    Report Id: 7b1e4809-eae7-11e8-9245-8c89a50b0e60

    Error: (11/17/2018 12:26:13 AM) (Source: System Restore) (EventID: 8211) (User: )
    Description: The scheduled restore point could not be created. Additional information: (0x80042308).

    Error: (11/17/2018 12:26:13 AM) (Source: System Restore) (EventID: 8193) (User: )
    Description: Failed to create restore point (Process = C:\windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80042308).

    Error: (11/16/2018 05:03:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (11/16/2018 04:58:21 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: CUE.exe, version: 2.24.50.0, time stamp: 0x5aba745c
    Faulting module name: libGLESv2.dll, version: 0.0.0.0, time stamp: 0x59d1d48f
    Exception code: 0xc0000005
    Fault offset: 0x000cfa9a
    Faulting process id: 0xcf8
    Faulting application start time: 0x01d47e0373f6392f
    Faulting application path: C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
    Faulting module path: C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll
    Report Id: e02e2963-ea03-11e8-ada6-8c89a50b0e60

    Error: (11/16/2018 12:31:37 AM) (Source: System Restore) (EventID: 8211) (User: )
    Description: The scheduled restore point could not be created. Additional information: (0x80042308).


    System errors:
    =============
    Error: (11/18/2018 02:55:11 AM) (Source: volsnap) (EventID: 14) (User: )
    Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

    Error: (11/17/2018 12:26:12 AM) (Source: volsnap) (EventID: 14) (User: )
    Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

    Error: (11/16/2018 05:04:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The avgbIDSAgent service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (11/16/2018 05:04:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the avgbIDSAgent service to connect.

    Error: (11/16/2018 04:56:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80070103: NVIDIA - Display - 3/29/2017 12:00:00 AM - 21.21.13.7719.

    Error: (11/16/2018 04:56:00 PM) (Source: volsnap) (EventID: 14) (User: )
    Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

    Error: (11/16/2018 10:36:22 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: Microsoft Antimalware has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.281.118.0

    Update Source: Microsoft Update Server

    Update Stage: Search

    Source Path: http://www.microsoft.com

    Signature Type: AntiVirus

    Update Type: Full

    User: NT AUTHORITY\SYSTEM

    Current Engine Version:

    Previous Engine Version: 1.1.15400.5

    Error code: 0x8024402f

    Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

    Error: (11/16/2018 12:31:36 AM) (Source: volsnap) (EventID: 14) (User: )
    Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.


    Windows Defender:
    ===================================
    Date: 2015-02-12 07:26:35.357
    Description:
    Windows Defender scan has been stopped before completion.
    Scan ID:{3A2DEBC2-71FB-413C-AD30-490902E84223}
    Scan Type:AntiSpyware
    Scan Parameters:Quick Scan

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
    Percentage of memory in use: 36%
    Total physical RAM: 8088.95 MB
    Available physical RAM: 5124.85 MB
    Total Virtual: 16176.03 MB
    Available Virtual: 11864.64 MB

    ==================== Drives ================================

    Drive c: (OS_Install) (Fixed) (Total:412.19 GB) (Free:173.94 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (Data) (Fixed) (Total:274.8 GB) (Free:138.56 GB) NTFS

    \\?\Volume{acde3bd8-b6a6-11e2-88de-806e6f6e6963}\ (BIOS_RVY) (Fixed) (Total:11.55 GB) (Free:0.31 GB) NTFS
    \\?\Volume{acde3bd9-b6a6-11e2-88de-806e6f6e6963}\ (System) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 319ECC8B)
    Partition 1: (Not Active) - (Size=11.6 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=27)
    Partition 3: (Not Active) - (Size=412.2 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=274.8 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
  13. Joeicam

    Joeicam Malware Trainee

    Joined:
    Oct 11, 2017
    Messages:
    193
    Hi Coach_Z, let's continue with the steps below:

    ***Multiple Antivirus Warning***

    I do not recommend that you have more than one anti-virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
    1) False Alarms: When the anti-virus software tells you that your PC has a virus when it actually doesn't.
    2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

    The particular antivirus programs that you have installed consist of:
    • AVG Antivirus
    • Microsoft Security Essentials
    Personally, I would recommend Microsoft Security Essentials. That's what I use on my W7 machine and it's been very reliable. There's many reviews out there with good and bad about both of the products. However, it's important to pick one and go with it to prevent unnecessary system slowage [​IMG].


    ***P2P Warning***

    While they are legal in themselves, P2P programs are often used to download illegal material such as movies, music, and cracks/keygens, etc, which comes the high possibility that the creator may have attached malicious material along with the download. Currently, using P2P programs are one of the best ways to get infected. Getting an infection puts all of your computer's files and passwords at risk. Is it really worth the risk? While I can only warn you about the risks associated with these types of programs, it is ultimately your decision whether you keep them.

    However:
    While receiving my assistance
    , I only ask that you refrain from using again until the cleaning procedure is complete.

    I see that you have following P2P program(s) installed on your computer:
    • Deluge
    • qBittorrent
    I would strongly recommend that you uninstall the above software to prevent future infections. To do so:

    Windows 7:
    • Start > Control Panel > Add or Remove Programs > Deluge, qBittorrent > Uninstall


    Step 1 of 1: Download/Run CKScanner
    • Download CKScanner from here
    • Important - Save it to your desktop.
    • Doubleclick CKScanner.exe (Right click and "Run as administrator" in Vista/Win7).
    • Give permission if necessary, and click Search For Files.
    • After about 5 minutes, when the cursor hourglass disappears, click Save List To File.
    • A message box will verify the file saved. Please run the program once only.
    • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
    ===============================================

    When you reply to me, I need to see:
    • Any questions/concerns you might have, or if you were not able to complete any of the steps above
    • The copied and pasted results of the CKFiles.txt file
     
  14. Coach_Z

    Coach_Z Thread Starter

    Joined:
    Jun 13, 2005
    Messages:
    79
    CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
    c:\users\darin conway\desktop\wc3 cracked\blizzard.ax
    c:\users\darin conway\desktop\wc3 cracked\bncache.dat
    c:\users\darin conway\desktop\wc3 cracked\bnupdate.exe
    c:\users\darin conway\desktop\wc3 cracked\bnupdate.log
    c:\users\darin conway\desktop\wc3 cracked\customkeyinfo.txt
    c:\users\darin conway\desktop\wc3 cracked\customkeyssample.txt
    c:\users\darin conway\desktop\wc3 cracked\frozen throne - shortcut.lnk
    c:\users\darin conway\desktop\wc3 cracked\frozen throne.exe
    c:\users\darin conway\desktop\wc3 cracked\game.dll
    c:\users\darin conway\desktop\wc3 cracked\icons-war3.bni
    c:\users\darin conway\desktop\wc3 cracked\ijl15.dll
    c:\users\darin conway\desktop\wc3 cracked\license.txt
    c:\users\darin conway\desktop\wc3 cracked\licenseuk.txt
    c:\users\darin conway\desktop\wc3 cracked\microsoft.vc80.crt.manifest
    c:\users\darin conway\desktop\wc3 cracked\mss32.dll
    c:\users\darin conway\desktop\wc3 cracked\msvcm80.dll
    c:\users\darin conway\desktop\wc3 cracked\msvcp80.dll
    c:\users\darin conway\desktop\wc3 cracked\msvcr80.dll
    c:\users\darin conway\desktop\wc3 cracked\patch.txt
    c:\users\darin conway\desktop\wc3 cracked\register frozen throne.url
    c:\users\darin conway\desktop\wc3 cracked\register warcraft iii.url
    c:\users\darin conway\desktop\wc3 cracked\replays.ico
    c:\users\darin conway\desktop\wc3 cracked\storm.dll
    c:\users\darin conway\desktop\wc3 cracked\techsupport.url
    c:\users\darin conway\desktop\wc3 cracked\war3.exe
    c:\users\darin conway\desktop\wc3 cracked\war3.mpq
    c:\users\darin conway\desktop\wc3 cracked\war3patch.mpq
    c:\users\darin conway\desktop\wc3 cracked\war3x.mpq
    c:\users\darin conway\desktop\wc3 cracked\war3xlocal.mpq
    c:\users\darin conway\desktop\wc3 cracked\warcraft iii - the frozen throne install log.html
    c:\users\darin conway\desktop\wc3 cracked\warcraft iii documentation.pdf
    c:\users\darin conway\desktop\wc3 cracked\warcraft iii install log.html
    c:\users\darin conway\desktop\wc3 cracked\warcraft iii.exe
    c:\users\darin conway\desktop\wc3 cracked\world editor.exe
    c:\users\darin conway\desktop\wc3 cracked\worldedit.exe
    c:\users\darin conway\desktop\wc3 cracked\ai scripts\gruntmaster.wai
    c:\users\darin conway\desktop\wc3 cracked\ai scripts\wyrmmonger.wai
    c:\users\darin conway\desktop\wc3 cracked\campaigns\democampaign.w3n
    c:\users\darin conway\desktop\wc3 cracked\errors\2014-06-10 22.03.50 crash.dmp
    c:\users\darin conway\desktop\wc3 cracked\errors\2014-06-10 22.03.50 crash.txt
    c:\users\darin conway\desktop\wc3 cracked\maps\(10)dustwallowkeys.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(12)divideandconquer.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(12)icecrown.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(2)bootybay.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(2)harrow.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(2)hillsofglory.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(2)ogremound.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(2)plunderisle.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(3)forestwalk.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(3)isleofdread.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(3)nighthaven.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(4)adrenaline.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(4)borderlands.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(4)burbenogtdv2.32.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\(4)deadwaterdrop.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(4)dragonmountain.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(4)duskwood.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(4)frostsabre.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(4)harvestmoon.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(4)hearttoheart.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(4)legends.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(4)losttemple.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(4)mysticisles.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(4)tranquilpaths.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(5)theglaive.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(6)darkforest.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(6)dragonfire.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(6)drywatergulch.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(6)gnollwood.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(6)moonglade.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(6)scorchedbasin.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(6)stromguarde.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(6)swampofsorrows.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(6)timbermawhold.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(8) cube defense v4.8.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(8) uther party vultima-q.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\(8)battleground.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(8)blastedlands.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(8)bloodvenomfalls.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(8)gardenofwar.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(8)golemsinthemist.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(8)petrifiedforest.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(8)plaguelands.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(8)plainsofsnow.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(8)thecrucible.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\(9)riverrun.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\adult swim 3.6.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\air-striketdv4.0beta.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\air-striketdv4[1].0beta.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\autumn crossing td v282.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\big td.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\bosons td titan.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\burbenog td v8 hb - ( high .w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\burb_cheaper_hybridx.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\citymaul professional 1.0 protected.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\darwin's island 0.84.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\darwins island.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\dixel's tower d v3.5 beta.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\dota allstars v6.64.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\dotaallstarsv6.27baiv1.70.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\dota_allstars_v6.38b_ai_v1.93b.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\dragonmaul3.0.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\element td 3.0 beta6.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\element_td_3.0_beta10_rc2.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\enfo's team survival 2006 early v.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\enfo's_team_survival_2007_very early_v.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\enforo1.8b.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\enfos team survival by xxcriminalxx.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\enfos team survival lordbr editionv2.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\enfosteamsurvival.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\enfos_mt_v190c.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\enfos_team_survival_3003.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\enfos_team_survival_4000[1].w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\etsmteditionv17.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\ets_mt_edition_v16b.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\ets_mt_edition_v17_1.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\ets_mt_edition_v18.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\ets_mt_edition_v181.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\ets_mt_edition_v182.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\ets_mt_edition_v182~1.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\ets_mt_edition_v183.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\ets_mt_edition_v19.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\ets_mt_edition_v191.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\ff maul added tower.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\ff maul xi.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\fiend td tft v1.70pr.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\footmen_frenzy v4.2.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\halo maze.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\halomaul.renewed.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\halomaulv.2.5.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\herolinewarveromega~6.0c my.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\island defense 2.6.8d.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\island defense v2.7.8.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\lasers and rockets td v1.01 protected.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\line tower war 22[1].9 v.l.n..w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\line tower war 23.1 v.l.n..w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\linetowerwarsv8.5a protecte.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\liquid tower defense version 6.0.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\mario maul.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\marvelvsblizzard.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\maul maul 1.7.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\midnight td v2.0.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\mountain td v2.4.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\multiple missile td v1.39f.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\multiple missile td v1.5.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\multiplication defense 2.2p.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\new_bow_1[1].23.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\nintendo td v8.2 protected.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\paladintd025-1.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\protect the one td v3[1].05.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\pudge wars advanced v1.18b.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\shadowmaulwarsfinal-unprote.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\shopping_maul_usa_4.38_gold_h.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\soldier_tower_defense_v7[1][1][1][1].1-english.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\spellcraft 0.40 beta.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\splatter td rerevised.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\square-enix maul 2.1.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\stackerz_td_v1[1].32.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\team line tower v.2.3 [no air].w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\technology maul 1.5.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\underground td.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\vampirismfire4.02b.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\video game maul 5.711.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\warcraft maul deluxe editio.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\warcraft maul remade 4.0.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\web td survivor.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul advanced fb and .w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul advanced fb and x-9.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul advanced fb.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul fb.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul midnight 1.1.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul modified x9.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul remade beta b.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul remade v 1.0 beta.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul remade v 1.0 beta~1.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul v.2.1b.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul v.2.1b~1.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul v.72.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul x10.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul x6final.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul xy2.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul_v.75.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\wintermaul_v[1].72.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\x_hero_siege_v3.11.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\zelda td v2.35-beta.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\[bk's] gem tower defense v2.7.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\[bk's] gem tower defense v3.1.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\(11)legendary gladiators v3.9.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\(8)cubedefensev5.0.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\download\ai 6.59 dota
    c:\users\darin conway\desktop\wc3 cracked\maps\download\anime maul v1.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\archer wars 2.0.11 protected.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\archer wars 2.1 protected.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\autumn crossing td v1.2d gold.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\azure tower defense (final).w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\download\cs assault 1.2.2.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\cube defense 5.2.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\custom hero survival-cdr-8.01.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\dawnofthedead 5.3a beta4.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\don't move your panda v4.0.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\dota allstars v6.52c.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\dota allstars v6.56 aiplus 1.52 rev. 02.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\dota allstars v6.57b (2).w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\dota allstars v6.57b aiplus 1.52 rev. 02.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\dota allstars v6.57b.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\dota allstars v6.58.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\dota allstars v6.59 #613f9f.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\dota allstars v6.59d.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\dota allstars v6.60.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\dota.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\dota_allstars_v6.66b_ai_0.2141.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\element td 4.3b.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\element td 5.2 b14.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\enfos_mt_v185b.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\enfos_mt_v191.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\enfos_mt_v193.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\ets mt edition v17.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\ets_mt_edition_v191.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\footman ninja.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\download\footman_frenzy_v3.9_ridz.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\fortress survival alpha 4.10p.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\gang wars v6.1.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\gang wars....w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\download\helm's deep real v10.5.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\download\helm's deep realistic v1.1.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\download\helms.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\download\hungryhungryfelhounds.99.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\is you an retard 2.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\island defense 2.8.5c.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\islanddefense2.8.5c.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\kodotag_x-treme_2.0_open_beta.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\legendary monsters 2.6.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\legion td hell v3.98c.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\legiontdwar160bp.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\line tower war 23.8 v.l.n..w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\line tower wars 11.0 hell a.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\line tower wars 7 v1.1.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\download\loap starship troopers official.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\download\montymaul v.2.1.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\murder at the sleeping town.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\download\night of the dead ii final 1.3.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\night_of_the_dead_ii_final_1.3.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\night_of_the_dead_special_ops_v1.07d.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\opt-soldier_tower_defense.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\opt-team custom hero survival (best).w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\parasite_2_[vbeta_1.12a].w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\parasite_2_[vbeta_1.12a]~1.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\pokemaul_emerald_v8.0.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\pudge_wars_advanced_v1.20b.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\tank wars evolution v10.06 opt.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\team line tower v4.2 [no ai.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\tech_wars_0[1].77b.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\download\undead assault ii 1.5b beta 7 ow.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\undead assault ii 1.5b beta.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\unprot_anime fight beta 1.5.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\unprot_anime fight beta 1.500.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\uxtreetag5.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\vampirismfire5.0.1.14p.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\vampirismfire5.0.1.19p.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\vampirismfire5.0.1.19p~1.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\warlock 077b.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\werewolf-transylvania1.15b.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\whos the alien 18.1.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\wintermaul dv.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\download\wintermaul td x12 fastbui.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\wolf pack v1.3.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\world_war_z_v1.19.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\zoator td final classic.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\zoator_td_final.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\zombie arena v0.58.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\zombie tag v1.07 prot.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\download\_vampirismspeed_2.48e.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(10)ragingstream.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(12)emeraldgardens.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(2)banditridge.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(2)circumvention.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(2)echoisles.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(2)glacialthaw.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(2)korea.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(2)meltingvalley.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(2)roadtostratholme.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(2)secretvalley.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(2)shrineoftheancients.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(2)terenasstand.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(2)thetworivers.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(2)tirisfalglades.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)adrenaline.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)avalanche.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)bridgetoonear.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)brokenshard.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)centaurgrove.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)coldheart.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)deathrose.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)desertstrife.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)devilscauldron.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)excavationsite.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)floodplains.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)floodplains1v1.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)frozenclover.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)goldshire.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)hailstone.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)hearthglenhills.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)hellfire.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)iceflow.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)iceforge.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)islands.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)losttemple.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)paradiseislands.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)phantomgrove.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)predators.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)roundabout.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)ruins.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)stonecoldmountain.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)tanaris.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)tidewaterglades.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)turtlerock.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)twistedmeadows.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)venetia.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)wetlands.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)whirlwind.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(4)windywaste.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)andorhal.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)bloodstonemesa.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)coppercanyon.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)demon'scrossing.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)dragonblight.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)duststorm.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)emeraldshores.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)enakrosway.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)everfrost.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)gnollwood.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)havenofthedamned.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)highperch.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)hinterlandraid.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)jack-o-lantern.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)junglefever.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)monsoon.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)moonglade.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)ricefields.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)riverofsouls.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)rollinghills.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)ruinsofstratholme.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)savagestorm.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)scorchedbasin.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)silverpineforest.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)stranglethornvale.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)sunrockcove.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)thunderlake.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)timbermawhold.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)typhoon.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)upperkingdom.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)wellspring.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)wheelofchaos.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(6)wizardsretreat.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)battleground.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)cherryville.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)deadlands.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)deadlock.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)deathknell.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)dragonfalls.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)feralas.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)friends.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)fullscaleassault.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)gardenofwar.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)goldrush.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)hurricaneisle.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)lastmanstanding.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)marketsquare.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)mur'guloasis.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)northshire.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)plainsofsnow.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)rockquarry.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)sanctuary.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)shamrockreef.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)slalom.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)spiderfalls.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)thecrossroads.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(8)twilightruins.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\(9)roundvillage.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\scenario\(10)extremecandywar2004.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\scenario\(10)skibi'scastletd.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\scenario\(12)wormwar.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\scenario\(4)monolith.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\scenario\(6)blizzardtd.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\scenario\(6)bombercommand.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\scenario\(8)azerothgrandprix.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\scenario\(8)azuretowerdefense.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\frozenthrone\scenario\(8)funnybunnysegghunt.w3x
    c:\users\darin conway\desktop\wc3 cracked\maps\scenario\(1)thedeathsheep.w3m
    c:\users\darin conway\desktop\wc3 cracked\maps\scenario\(4)warchasers.w3m
    c:\users\darin conway\desktop\wc3 cracked\movies\humaned.mpq
    c:\users\darin conway\desktop\wc3 cracked\movies\humanop.mpq
    c:\users\darin conway\desktop\wc3 cracked\movies\introx.mpq
    c:\users\darin conway\desktop\wc3 cracked\movies\nightelfed.mpq
    c:\users\darin conway\desktop\wc3 cracked\movies\orced.mpq
    c:\users\darin conway\desktop\wc3 cracked\movies\outrox.mpq
    c:\users\darin conway\desktop\wc3 cracked\movies\tutorialin.mpq
    c:\users\darin conway\desktop\wc3 cracked\movies\tutorialop.mpq
    c:\users\darin conway\desktop\wc3 cracked\movies\undeaded.mpq
    c:\users\darin conway\desktop\wc3 cracked\redist\miles\mp3dec.asi
    c:\users\darin conway\desktop\wc3 cracked\redist\miles\mssdolby.m3d
    c:\users\darin conway\desktop\wc3 cracked\redist\miles\msseax2.m3d
    c:\users\darin conway\desktop\wc3 cracked\redist\miles\mssfast.m3d
    c:\users\darin conway\desktop\wc3 cracked\redist\miles\reverb3.flt
    c:\users\darin conway\desktop\wc3 cracked\replay\lastreplay.w3g
    c:\users\darin conway\desktop\wc3 cracked\save\profile2\campaigns.w3p
    c:\users\darin conway\desktop\wc3 cracked\save\profile2\campaigns.w3v
    c:\users\darin conway\documents\hakchi2\games_snes\clv-h-jtiuu\crackout_(e)_[_p].nes.7z
    c:\users\darin conway\music\youtube\ytcracker\thumbs.db
    scanner sequence 3.ZZ.11.POAAW0
    ----- EOF -----
     
  15. Joeicam

    Joeicam Malware Trainee

    Joined:
    Oct 11, 2017
    Messages:
    193
    Hi Coach_Z,

    I'll need you to uninstall Warcraft III before I continue my assistance, as I can see that the cracked version is installed. This also goes against the Terms of Service at Tech Support Guy. If you would like to continue, please uninstall that software and run another scan with FRST with the steps below:

    Step 1 of 2:Re-Scan with FRST

    Please move FRST from your Downloads folder to your Desktop.
    • Right-click the FRST application and select run as administrator. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce logs called FRST.txt and Addition.txt in the same directory the tool is run from.
    • Please copy and paste the logs back here.
    Step 2 of 2: Re-Scan with CKScanner
    • Doubleclick CKScanner.exe on your Desktop, Right click and "Run as administrator" in Vista/Win7).
    • Give permission if necessary, and click Search For Files.
    • After about 5 minutes, when the cursor hourglass disappears, click Save List To File.
    • A message box will verify the file saved. Please run the program once only.
    • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
    ===============================================

    When you reply to me, I need to see:
    • Any questions/concerns you might have, or if you were not able to complete any of the steps above
    • The copied and pasted results of the FRST.txt and Addition.txt logs
    • The copied/pasted contents of the CKFiles.txt log
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1217939

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice