Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 31

Thread: Computer gets very slow. Even in safe mode

  1. #21
    Junior Member
    Join Date
    Jun 2017
    Posts
    20

    Default Things are looking better (Malwaybye log file (Part 1)

    I reran the Malwarebyte. I see what happened. There was an extra button to hit to move things to Quarantine. I thought that check-box would automatically do that. I have attached that log file here. And things have been quaranteened now. I'll just try this log file first and then follow with the Rogue file.

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 6/27/17
    Scan Time: 4:45 PM
    Log File:
    Administrator: Yes

    -Software Information-
    Version: 3.1.2.1733
    Components Version: 1.0.141
    Update Package Version: 1.0.2243
    License: Trial

    -System Information-
    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Battlefield-PC\Battlefield

    -Scan Summary-
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 883222
    Threats Detected: 757
    Threats Quarantined: 755
    Time Elapsed: 14 min, 18 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 8
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [1171], [-1],0.0.0
    PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-3544609310-1622349089-2069013866-1018\SOFTWARE\AskPartnerNetwork, Quarantined, [9732], [186876],1.0.2243
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{452FC3DC-21CF-4862-9CD3-16C94BC7D5FA}, Quarantined, [247], [346382],1.0.2243
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8C9F38C0-15B4-45AC-9762-1670E04D9FC4}, Quarantined, [1171], [356684],1.0.2243
    PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-3544609310-1622349089-2069013866-1019\SOFTWARE\AskPartnerNetwork, Quarantined, [9732], [186876],1.0.2243
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AGProxyCheck, Quarantined, [1171], [356698],1.0.2243
    PUP.Optional.Hosts, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\updater.exe, Quarantined, [2717], [186805],1.0.2243
    PUP.Optional.ASKPartnerNetwork, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ckadhkfhcieallpikidnjojofenjpfni, Quarantined, [15420], [245531],1.0.2243

    Registry Value: 14
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Removal Failed, [1171], [-1],0.0.0
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1171], [-1],0.0.0
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-21-3544609310-1622349089-2069013866-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1171], [-1],0.0.0
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-21-3544609310-1622349089-2069013866-1018\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1171], [-1],0.0.0
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-21-3544609310-1622349089-2069013866-1019\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1171], [-1],0.0.0
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-21-3544609310-1622349089-2069013866-1018\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Quarantined, [1171], [-1],0.0.0
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-21-3544609310-1622349089-2069013866-1019\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Quarantined, [1171], [-1],0.0.0
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-21-3544609310-1622349089-2069013866-1018\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Quarantined, [1171], [-1],0.0.0
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-21-3544609310-1622349089-2069013866-1019\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Quarantined, [1171], [-1],0.0.0
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Removal Failed, [1171], [-1],0.0.0
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1171], [-1],0.0.0
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{452FC3DC-21CF-4862-9CD3-16C94BC7D5FA}|PATH, Quarantined, [247], [346382],1.0.2243
    PUP.Optional.AnonymizerGadget.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8C9F38C0-15B4-45AC-9762-1670E04D9FC4}|PATH, Quarantined, [1171], [356684],1.0.2243
    PUP.Optional.ASKPartnerNetwork, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ckadhkfhcieallpikidnjojofenjpfni|PATH, Quarantined, [15420], [245531],1.0.2243

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 155
    PUP.Optional.PCAP, C:\PROGRAM FILES (X86)\Installer_P.C.A.P, Quarantined, [8947], [383709],1.0.2243
    PUP.Optional.SpecialSearchOffer.ShrtCln, C:\PROGRAM FILES (X86)\SSO, Quarantined, [9515], [405206],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\search-box-DLA-teoma, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\avery-homepage, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\mindspark, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\v5parity, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\taskbar, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\avira, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\imesh, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\plain, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-hide, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\search-suggestion, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\hack, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\shims, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\_metadata, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\settings, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\USERS\BATTLEFIELD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\CKADHKFHCIEALLPIKIDNJOJOFENJPFNI, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\search-box-DLA-teoma, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\avery-homepage, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\mindspark, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\v5parity, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\taskbar, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\avira, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\imesh, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\plain, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-hide, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\search-suggestion, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\hack, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\shims, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\_metadata, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\settings, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\USERS\CJ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\CKADHKFHCIEALLPIKIDNJOJOFENJPFNI, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\search-box-DLA-teoma, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\avery-homepage, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\mindspark, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\v5parity, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\taskbar, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\avira, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\imesh, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\plain, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-hide, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\search-suggestion, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\hack, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\shims, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\_metadata, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\settings, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\USERS\JORDAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\CKADHKFHCIEALLPIKIDNJOJOFENJPFNI, Quarantined, [2130], [385788],1.0.2243

    File: 580
    PUP.Optional.RelevantKnowledge, C:\USERS\BATTLEFIELD\APPDATA\ROAMING\PRIMITIVES\RKINSTALLER.EXE, Quarantined, [1217], [296186],1.0.2243
    Adware.GorillaPrice, C:\USERS\BATTLEFIELD\APPDATA\ROAMING\PRIMITIVES\MY.EXE, Quarantined, [1676], [401367],1.0.2243
    PUP.Optional.AnonymizerGadget, C:\USERS\BATTLEFIELD\APPDATA\ROAMING\PRIMITIVES\ANONYMIZERGADGETSETUP.1.000.1666.EXE, Quarantined, [1578], [338559],1.0.2243
    PUP.Optional.SpecialSearchOffer.ShrtCln, C:\PROGRAM FILES (X86)\SSO\COM.SPECIAL.SEARCH.OFFER.JSON, Quarantined, [9515], [405206],1.0.2243
    PUP.Optional.SpecialSearchOffer.ShrtCln, C:\Program Files (x86)\SSO\chelper.exe, Quarantined, [9515], [405206],1.0.2243
    PUP.Optional.SpecialSearchOffer.ShrtCln, C:\Program Files (x86)\SSO\specialsearchoffer-host.exe, Quarantined, [9515], [405206],1.0.2243
    PUP.Optional.APNToolBar, C:\USERS\JORDAN\DOWNLOADS\OFFERCASTINSTALLER_AVR_U-0085-01-P_.EXE, Quarantined, [7237], [76243],1.0.2243
    PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\AGPROXYCHECK, Quarantined, [1171], [356709],1.0.2243
    PUP.Optional.Teoma, C:\USERS\BATTLEFIELD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\CKADHKFHCIEALLPIKIDNJOJOFENJPFNI\135.6_0\MANIFEST.JSON, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\background-options.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\background.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\background.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\browser-action.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\cache-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\cookies.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\feeds.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\fixup-jquery-for-ie.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\history.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\ie-bg-shim.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\init-bg-messaging.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\install-api.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\lifecycle.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\localStorage.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\popup.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\preference.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\rebuttal.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\registry.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\reporting.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\search.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\security.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\sideByside.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\tabs.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\utils.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\avira\avira.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\imesh\imesh.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\mindspark\mindspark.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\mindspark\new-search-button-mid.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\mindspark\new-search-button-sides.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\plain\plain.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\taskbar\taskbar.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\v5parity\v5parity.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\bl-new-tab.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\chrome-options.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\containers.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\hp-new-tab.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\new-tab.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\searchbox.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\toolbar.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_128x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_16x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_19x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_20x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_24x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_32x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\newtablogo.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\toolbar-icon-ask.ico, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\toolbar-icons.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\bl-homepage_logo.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\btn_x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\homepage_logo.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\manifier.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\thirdparty_icons.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\btn_search_ask_taskbar.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\line.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\logo_cobrand_18px.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\logo_cobrand_24px.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\new-search-button-mid.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\new-search-button-sides.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\search-button-mid.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\search-button-sides.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_1.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_10.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_10plus.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_2.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_3.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_4.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_5.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_6.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_7.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_8.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_9.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_exclaim.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_numbers.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\bdg-gradient.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\bg.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\curved-divider.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\left-bg.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\IDR_WEBSTORE_ICON.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\js\init-tb-stuff.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\js\newtab-overlay.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\js\newtab-subscript.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\avery-homepage\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-hide\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\css\options.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\button-blue-1x20.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\button-grey-1x26.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\icons.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\lightblue-1x43.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\trans-big.gif, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\js\options.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\js\translations.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\js\translations.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\options.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery\avery_logo.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery\button.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery\button.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery\button.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\chrome-options.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\newtab-overlay.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\overlay.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\toolbar.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\toolbar.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widget-bundled.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widget-hosted.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\build.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\lang-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\tb-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\test-widget-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\widget-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\widget-config.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\hack\facebook.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\hack\relative.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\hack\static.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\content-script.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\injector.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\inline-html.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\notify-presence.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\overlay.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\positioning.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\toolbar.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\widget-hosted.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\widget.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\shims\console.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\shims\jquery.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\async-gate.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\browser-shim.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\constant.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\constant.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\DataStore.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\default-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\i18n.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\jquery.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\logger.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\polyfill.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\protocol.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\state-machine.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\tb-config-update.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\tb-message.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\update-constant.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\widget-config-update.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\widget-messaging.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\window-position.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\js\background.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\css\dialog.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\images\search_assist.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\js\background.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\js\dialog.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\settings\assets.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\settings\redirect.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\chrome-options.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\ieCS.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\IFrameButton.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\init-toolbar.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\rebuttal.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\reel.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\searchbox.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\shimIE.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\SimpleButton.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\toolbar.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\button-blue-1x20.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\button-grey-1x26.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\icons.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\lightblue-1x43.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\options.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\options.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\options.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\images\warning.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\rebuttal.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\rebuttal.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\rebuttal.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\search-suggestion\search-suggestion.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\search-suggestion\search-suggestion.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\search-suggestion\search-suggestion.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images\footer_gradient.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images\footer_shadow.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images\image_placeholder.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images\item-bg.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\menu.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\js\api.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\js\feed.js, Quarantined, [2130], [385788],1.0.2243

  2. #22
    Junior Member
    Join Date
    Jun 2017
    Posts
    20

    Default Things are looking better (Malwaybye log file (Part 2)

    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\js\menu.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\feed.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\menu.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\_metadata\verified_contents.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\icon.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\USERS\CJ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\CKADHKFHCIEALLPIKIDNJOJOFENJPFNI\135.6_0\MANIFEST.JSON, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\background-options.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\background.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\background.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\browser-action.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\cache-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\cookies.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\feeds.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\fixup-jquery-for-ie.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\history.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\ie-bg-shim.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\init-bg-messaging.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\install-api.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\lifecycle.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\localStorage.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\popup.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\preference.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\rebuttal.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\registry.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\reporting.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\search.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\security.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\sideByside.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\tabs.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\utils.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\avira\avira.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\imesh\imesh.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\mindspark\mindspark.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\mindspark\new-search-button-mid.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\mindspark\new-search-button-sides.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\plain\plain.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\taskbar\taskbar.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\v5parity\v5parity.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\bl-new-tab.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\chrome-options.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\containers.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\hp-new-tab.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\new-tab.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\searchbox.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\toolbar.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_128x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_16x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_19x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_20x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_24x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_32x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\newtablogo.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\toolbar-icon-ask.ico, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\toolbar-icons.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\bl-homepage_logo.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\btn_x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\homepage_logo.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\manifier.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\thirdparty_icons.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\btn_search_ask_taskbar.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\line.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\logo_cobrand_18px.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\logo_cobrand_24px.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\new-search-button-mid.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\new-search-button-sides.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\search-button-mid.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\search-button-sides.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_1.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_10.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_10plus.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_2.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_3.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_4.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_5.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_6.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_7.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_8.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_9.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_exclaim.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_numbers.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\bdg-gradient.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\bg.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\curved-divider.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\left-bg.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\IDR_WEBSTORE_ICON.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\js\init-tb-stuff.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\js\newtab-overlay.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\js\newtab-subscript.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\avery-homepage\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-hide\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\css\options.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\button-blue-1x20.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\button-grey-1x26.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\icons.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\lightblue-1x43.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\trans-big.gif, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\js\options.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\js\translations.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\js\translations.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\options.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery\avery_logo.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery\button.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery\button.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery\button.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\chrome-options.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\newtab-overlay.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\overlay.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\toolbar.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\toolbar.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widget-bundled.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widget-hosted.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\build.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\lang-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\tb-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\test-widget-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\widget-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\widget-config.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\hack\facebook.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\hack\relative.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\hack\static.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\content-script.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\injector.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\inline-html.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\notify-presence.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\overlay.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\positioning.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\toolbar.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\widget-hosted.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\widget.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\shims\console.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\shims\jquery.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\async-gate.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\browser-shim.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\constant.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\constant.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\DataStore.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\default-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\i18n.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\jquery.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\logger.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\polyfill.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\protocol.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\state-machine.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\tb-config-update.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\tb-message.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\update-constant.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\widget-config-update.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\widget-messaging.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\window-position.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\js\background.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\css\dialog.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\images\search_assist.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\js\background.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\js\dialog.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\settings\assets.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\settings\redirect.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\chrome-options.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\ieCS.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\IFrameButton.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\init-toolbar.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\rebuttal.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\reel.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\searchbox.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\shimIE.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\SimpleButton.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\toolbar.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\button-blue-1x20.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\button-grey-1x26.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\icons.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\lightblue-1x43.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\options.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\options.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\options.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\images\warning.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\rebuttal.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\rebuttal.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\rebuttal.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\search-suggestion\search-suggestion.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\search-suggestion\search-suggestion.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\search-suggestion\search-suggestion.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images\footer_gradient.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images\footer_shadow.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images\image_placeholder.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images\item-bg.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\menu.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\js\api.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\js\feed.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\js\menu.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\feed.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\menu.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\_metadata\verified_contents.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\icon.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\USERS\JORDAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\CKADHKFHCIEALLPIKIDNJOJOFENJPFNI\135.6_0\MANIFEST.JSON, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\background-options.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\background.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\background.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\browser-action.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\cache-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\cookies.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\feeds.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\fixup-jquery-for-ie.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\history.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\ie-bg-shim.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\init-bg-messaging.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\install-api.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\lifecycle.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\localStorage.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\popup.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\preference.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\rebuttal.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\registry.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\reporting.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\search.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\security.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\sideByside.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\tabs.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\background\utils.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\avira\avira.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\imesh\imesh.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\mindspark\mindspark.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\mindspark\new-search-button-mid.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\mindspark\new-search-button-sides.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\plain\plain.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\taskbar\taskbar.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\themes\v5parity\v5parity.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\bl-new-tab.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\chrome-options.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\containers.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\hp-new-tab.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\new-tab.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\searchbox.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\css\toolbar.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_128x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_16x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_19x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_20x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_24x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\logo_32x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\newtablogo.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\toolbar-icon-ask.ico, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\logo\toolbar-icons.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\bl-homepage_logo.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\btn_x.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\homepage_logo.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\manifier.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\newtab\thirdparty_icons.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\btn_search_ask_taskbar.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\line.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\logo_cobrand_18px.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\logo_cobrand_24px.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\new-search-button-mid.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\new-search-button-sides.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\search-button-mid.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\search\search-button-sides.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_1.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_10.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_10plus.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_2.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_3.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_4.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_5.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_6.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_7.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_8.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_9.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_exclaim.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\badge_numbers.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\bdg-gradient.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\bg.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\curved-divider.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\vanilla\left-bg.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\images\IDR_WEBSTORE_ICON.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\js\init-tb-stuff.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\js\newtab-overlay.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\js\newtab-subscript.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\avery-homepage\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-hide\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\css\options.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\button-blue-1x20.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\button-grey-1x26.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\icons.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\lightblue-1x43.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\images\trans-big.gif, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\js\options.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\js\translations.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\js\translations.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\SPE-options-teoma\options.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery\avery_logo.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery\button.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery\button.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widgets\togglesearch-avery\button.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\chrome-options.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\newtab-overlay.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\overlay.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\toolbar.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\toolbar.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widget-bundled.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\skin\widget-hosted.xul, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\build.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\lang-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\tb-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\test-widget-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\widget-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\config\widget-config.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\hack\facebook.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\hack\relative.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\hack\static.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\content-script.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\injector.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\inline-html.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\notify-presence.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\overlay.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\positioning.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\toolbar.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\widget-hosted.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\content_script\widget.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\shims\console.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\shims\jquery.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\async-gate.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\browser-shim.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\constant.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\constant.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\DataStore.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\default-config.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\i18n.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\jquery.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\logger.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\polyfill.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\protocol.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\state-machine.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\tb-config-update.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\tb-message.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\update-constant.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\widget-config-update.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\widget-messaging.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\lib\window-position.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\js\background.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\css\dialog.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\images\search_assist.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\js\background.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\newtab\restoresettings-popup\js\dialog.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\settings\assets.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\settings\redirect.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\chrome-options.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\ieCS.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\IFrameButton.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\init-toolbar.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\rebuttal.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\reel.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\searchbox.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\shimIE.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\SimpleButton.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\tb_ux\toolbar.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\button-blue-1x20.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\button-grey-1x26.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\button.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\icons.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\images\lightblue-1x43.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\options.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\options.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\options\options.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\images\warning.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\rebuttal.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\rebuttal.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\rebuttal\rebuttal.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\search-suggestion\search-suggestion.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\search-suggestion\search-suggestion.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\search-suggestion\search-suggestion.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images\footer_gradient.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images\footer_shadow.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images\image_placeholder.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\images\item-bg.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\css\menu.css, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\js\api.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\js\feed.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\js\menu.js, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\feed.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\widgets\templates\menu.html, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\_metadata\verified_contents.json, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.Teoma, C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckadhkfhcieallpikidnjojofenjpfni\135.6_0\icon.png, Quarantined, [2130], [385788],1.0.2243
    PUP.Optional.CrossRider, C:\WINDOWS\TASKS\updater.exe.job, Quarantined, [247], [346380],1.0.2243
    PUP.Optional.Hosts, C:\WINDOWS\SYSTEM32\TASKS\updater.exe, Quarantined, [2717], [190266],1.0.2243

    Physical Sector: 0
    (No malicious items detected)


    (end)

  3. #23
    Junior Member
    Join Date
    Jun 2017
    Posts
    20

    Default Things are looking better (ROgue Log File)

    RogueKiller V12.11.4.0 (x64) [Jun 26 2017] (Free) by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : https://forum.adlice.com
    Website : http://www.adlice.com/download/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Battlefield [Administrator]
    Started from : C:\Users\Battlefield\Downloads\RogueKiller_portable64.exe
    Mode : Scan -- Date : 06/27/2017 14:51:16 (Duration : 01:21:53)

    ¤¤¤ Processes : 2 ¤¤¤
    [VT.Unknown] AdvHardwareService.exe(1796) -- C:\Program Files (x86)\CenterEdge Software\AdvHardwareService.exe[-] -> Found
    [MalPE.26|VT.Unknown] (SVC) AdvHardwareService -- "C:\Program Files (x86)\CenterEdge Software\AdvHardwareService.exe"[-] -> Found

    ¤¤¤ Registry : 46 ¤¤¤
    [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3544609310-1622349089-2069013866-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Found
    [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3544609310-1622349089-2069013866-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{DF65D74C-9B1B-4B95-B3F1-A3DDF5244D01}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe|Name=timer - server.exe|Desc=timer - server.exe|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{40DB3F85-FEF2-416D-B5D1-1359F5955083}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe|Name=timer - server.exe|Desc=timer - server.exe|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{E85343FA-1DDE-49EC-B83E-924DEE851515}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe|Name=timer - server.exe|Desc=timer - server.exe|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{922EEBDB-6C5C-4ABA-B1E8-396AF7752035}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe|Name=timer - server.exe|Desc=timer - server.exe|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {05918C4D-8299-4390-9787-EDA0DFEDABB2} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Battlefield\AppData\Local\Temp\7zS3FDA\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C3AA7D0D-43E5-46DC-8C8E-64020D07A6D8} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Battlefield\AppData\Local\Temp\7zS3FDA\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {590D6C04-06B1-4D89-82D2-F25917535253} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Battlefield\AppData\Local\Temp\7zS595D\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {FAFE6BB6-202E-4663-BBE1-F571742FAD74} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Battlefield\AppData\Local\Temp\7zS595D\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{4200CE53-85D0-4116-BAC1-AAD65ACC42D5}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe|Name=timer - server.exe|Desc=timer - server.exe|Defer=User| [-] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{2F64B061-BC36-4F53-A50C-94BD4616343D}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe|Name=timer - server.exe|Desc=timer - server.exe|Defer=User| [-] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{2F18F209-B725-4C19-A8FD-B11BBD5CB61A}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe|Name=lasertag server.exe|Desc=lasertag server.exe|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{E543AE50-D63E-4EC9-83E7-241E0FF02D1F}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe|Name=lasertag server.exe|Desc=lasertag server.exe|Defer=User| [x] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A580A19F-08CF-4A7B-9B22-DA53C61D9A4D}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe|Name=medic_control(development).exe|Desc=medic_control(development).exe|Defer=User| [-] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{AB8EE24A-7D93-485D-86BA-C50DCBE1E7A4}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe|Name=medic_control(development).exe|Desc=medic_control(development).exe|Defer=User| [-] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5B75FDC7-3F67-4E93-ABAB-5CF6733C4B03} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Battlefield\AppData\Local\Temp\7zS0DB2\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DF878058-CFD4-4D53-B026-CF1A840A41FB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Battlefield\AppData\Local\Temp\7zS0DB2\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{B4221ADF-98C2-4706-B89E-B9D455C29ED8}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe|Name=command_center.exe|Desc=command_center.exe|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{514ECBDA-412E-433C-B7C0-F31C84FE655B}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe|Name=command_center.exe|Desc=command_center.exe|Defer=User| [x] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{7A167FBE-5C9C-400A-B9EA-ED678B7439D2}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe|Name=command_center.exe|Desc=command_center.exe|Defer=User| [-] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{0F32E4EE-F3A5-42C4-AD2E-D8A7EDB4C755}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe|Name=command_center.exe|Desc=command_center.exe|Defer=User| [-] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{33F19B68-CEA3-4F6D-AB0E-B239E20BB9A1}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe|Name=command_center.exe|Desc=command_center.exe|Defer=User| [-] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{911FBC84-2506-4725-B246-22A54B3302F2}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe|Name=command_center.exe|Desc=command_center.exe|Defer=User| [-] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{DF65D74C-9B1B-4B95-B3F1-A3DDF5244D01}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe|Name=timer - server.exe|Desc=timer - server.exe|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{40DB3F85-FEF2-416D-B5D1-1359F5955083}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe|Name=timer - server.exe|Desc=timer - server.exe|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{E85343FA-1DDE-49EC-B83E-924DEE851515}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe|Name=timer - server.exe|Desc=timer - server.exe|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{922EEBDB-6C5C-4ABA-B1E8-396AF7752035}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe|Name=timer - server.exe|Desc=timer - server.exe|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {05918C4D-8299-4390-9787-EDA0DFEDABB2} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Battlefield\AppData\Local\Temp\7zS3FDA\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C3AA7D0D-43E5-46DC-8C8E-64020D07A6D8} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Battlefield\AppData\Local\Temp\7zS3FDA\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {590D6C04-06B1-4D89-82D2-F25917535253} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Battlefield\AppData\Local\Temp\7zS595D\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {FAFE6BB6-202E-4663-BBE1-F571742FAD74} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Battlefield\AppData\Local\Temp\7zS595D\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{4200CE53-85D0-4116-BAC1-AAD65ACC42D5}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe|Name=timer - server.exe|Desc=timer - server.exe|Defer=User| [-] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{2F64B061-BC36-4F53-A50C-94BD4616343D}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe|Name=timer - server.exe|Desc=timer - server.exe|Defer=User| [-] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{2F18F209-B725-4C19-A8FD-B11BBD5CB61A}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe|Name=lasertag server.exe|Desc=lasertag server.exe|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{E543AE50-D63E-4EC9-83E7-241E0FF02D1F}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe|Name=lasertag server.exe|Desc=lasertag server.exe|Defer=User| [x] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A580A19F-08CF-4A7B-9B22-DA53C61D9A4D}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe|Name=medic_control(development).exe|Desc=medic_control(development).exe|Defer=User| [-] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{AB8EE24A-7D93-485D-86BA-C50DCBE1E7A4}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe|Name=medic_control(development).exe|Desc=medic_control(development).exe|Defer=User| [-] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5B75FDC7-3F67-4E93-ABAB-5CF6733C4B03} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Battlefield\AppData\Local\Temp\7zS0DB2\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DF878058-CFD4-4D53-B026-CF1A840A41FB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Battlefield\AppData\Local\Temp\7zS0DB2\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{B4221ADF-98C2-4706-B89E-B9D455C29ED8}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe|Name=command_center.exe|Desc=command_center.exe|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{514ECBDA-412E-433C-B7C0-F31C84FE655B}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe|Name=command_center.exe|Desc=command_center.exe|Defer=User| [x] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{7A167FBE-5C9C-400A-B9EA-ED678B7439D2}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe|Name=command_center.exe|Desc=command_center.exe|Defer=User| [-] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{0F32E4EE-F3A5-42C4-AD2E-D8A7EDB4C755}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe|Name=command_center.exe|Desc=command_center.exe|Defer=User| [-] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{33F19B68-CEA3-4F6D-AB0E-B239E20BB9A1}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe|Name=command_center.exe|Desc=command_center.exe|Defer=User| [-] -> Found
    [Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{911FBC84-2506-4725-B246-22A54B3302F2}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe|Name=command_center.exe|Desc=command_center.exe|Defer=User| [-] -> Found

    ¤¤¤ Tasks : 0 ¤¤¤

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ WMI : 0 ¤¤¤

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

    ¤¤¤ Web browsers : 2 ¤¤¤
    [PUM.SearchEngine][Firefox:Config] yvro0wpn.default : user_pref("browser.search.selectedEngine", "Yahoo powered search"); -> Found
    [PUM.SearchEngine][Firefox:Config] yvro0wpn.default : user_pref("browser.search.defaultenginename", "Yahoo powered search"); -> Found

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: Hitachi HDS723020BLA642 SATA Disk Device +++++
    --- User ---
    [MBR] 7d52a7ba918d0c658f09f3ca7751e852
    [BSP] 1b82dcc429af07e204f5a48f06c7968d : Windows Vista/7/8|VT.Unknown MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 1907627 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

  4. #24
    Junior Member
    Join Date
    Jun 2017
    Posts
    20

    Default Things are looking better (Re-Ran FRST Scan)

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2017 01
    Ran by Battlefield (administrator) on BATTLEFIELD-PC (27-06-2017 17:24:12)
    Running from C:\Users\Battlefield\Desktop
    Loaded Profiles: Battlefield & QBDataServiceUser24 (Available Profiles: Battlefield & QBDataServiceUser21 & QBDataServiceUser24 & Jordan & CJ & MSSQL$TESTSERVER & ReportServer & MSSQLFDLauncher & MSSQLSERVER)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (DigitalPersona, Inc.) C:\Program Files (x86)\CenterEdge Software\Bin\DpHostW.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
    (CenterEdge Software) C:\Program Files (x86)\CenterEdge Software\AdvHardwareService.exe
    (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
    (National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
    (Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    (Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
    (Wireless Service) C:\Program Files (x86)\KEEBOX\150N Wireless Utility\ANIWZCSdS.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    () C:\Program Files (x86)\Windows NT\Accessories\WinUtilityHelper\wuhelper.exe
    (National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
    (National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    (Intuit, Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2014\QBDBMgrN.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (RingCentral, Inc.) C:\Program Files (x86)\RingCentral\RingCentral Softphone\RCHotKey.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
    (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Microsoft Corporation) C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe
    (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
    (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe

    ==================== Registry (Whitelisted) ====================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
    HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3776824 2015-11-03] (Intuit Inc. All rights reserved.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM-x32\...\Run: [EMET 4.1 Update 1 Agent] => C:\Program Files (x86)\EMET 4.1\EMET_agent.exe [88272 2014-05-28] (Microsoft Corporation)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2017-04-04] (Adobe Systems Inc.)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [DpTsClnt] => Regsvr32.exe /s "Bin\DpTsClnt.dll"
    HKLM-x32\...\Run: [] => [X]
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKLM\...\Policies\Explorer: [NoDesktop] 0
    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\Run: [RCHotKey] => C:\Program Files (x86)\RingCentral\RingCentral Softphone\RCHotKey.exe [30000 2014-06-09] (RingCentral, Inc.)
    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [5915776 2016-03-21] (Safer-Networking Ltd.)
    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\RunOnce: [Uninstall C:\Users\Battlefield\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Battlefield\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"
    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\Winlogon: [Userinit] C:\Windows\System32\userinit.exe, [30720 2010-11-20] (Microsoft Corporation)
    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)
    HKU\S-1-5-18\...A8F59079A8D5}\localserver32: <==== ATTENTION
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
    ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-09-11] (Autodesk, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-06-25]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2013-12-03]
    ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2013-12-03]
    ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
    Startup: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-01-26]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Winsock: Catalog5 09 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512 2013-05-11] (National Instruments Corporation)
    Winsock: Catalog5-x64 09 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560 2013-05-11] (National Instruments Corporation)
    Tcpip\..\Interfaces\{5E6EDCD9-41B9-471A-9F74-AE95EF4B6233}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{CE60960A-05CC-4685-B18F-B63497DE832F}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131430642751029692&GUID=653699AA-22FC-461D-B9FA-6D0230F7AE28
    SearchScopes: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000 -> DefaultScope {15BFE470-906B-4A79-A375-221C945C87F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
    SearchScopes: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000 -> {15BFE470-906B-4A79-A375-221C945C87F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
    BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
    BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23] (Hewlett-Packard Co.)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
    BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
    BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
    BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2014-11-10] (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
    BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
    BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23] (Hewlett-Packard Co.)
    Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
    Toolbar: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
    DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
    DPF: HKLM-x32 {1851174C-97BD-4217-A0CC-E908F60D5B7A} hxxps://h50203.www5.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
    DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
    DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
    DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
    DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP32EP5-14362/webex/ieatgpc1.cab
    DPF: HKLM-x32 {E0FEE963-BB53-4215-81AD-B28C77384644} hxxps://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller64.cab
    Handler-x32: intu-help-qb7 - {5A03BD9D-766D-47A6-8E87-CD90F60BE245} - C:\Program Files (x86)\Intuit\QuickBooks 2014\HelpAsyncPluggableProtocol.dll [2017-03-01] (Intuit, Inc.)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
    Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Battlefield\AppData\Roaming\Mozilla\Firefox\Profiles\yvro0wpn.default [2017-06-27]
    FF SelectedSearchEngine: Mozilla\Firefox\Profiles\yvro0wpn.default -> Yahoo powered search
    FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\yvro0wpn.default -> Yahoo powered search
    FF DefaultSearchEngine: Mozilla\Firefox\Profiles\yvro0wpn.default -> Yahoo powered search
    FF Extension: (Adblock Plus) - C:\Users\Battlefield\AppData\Roaming\Mozilla\Firefox\Profiles\yvro0wpn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-04-18]
    FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
    FF Extension: (DivX Plus Web Player HTML5 &video&) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-01] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-06-25] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
    FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-05-24]
    FF HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll [2013-09-10] ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
    FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-10-05] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
    FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll [2013-09-10] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-11] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll [2010-04-30] (Alcatel-Lucent)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-22] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-22] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)
    FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
    FF Plugin HKU\S-1-5-21-3544609310-1622349089-2069013866-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Battlefield\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-12-03] (Citrix Online)
    FF Plugin HKU\S-1-5-21-3544609310-1622349089-2069013866-1000: @ringcentral.com/RingCentralMeetingsPlugin -> C:\Users\Battlefield\AppData\Roaming\RingCentralMeetings\bin\nprcmsplugin.dll [2015-05-18] (Zoom Video Communications, Inc. and RingCentral Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll [2014-01-08] (National Instruments)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2013win32.dll [2014-01-09] (National Instruments)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-07-03] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-07-03] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-07-03] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-07-03] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-07-03] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-07-03] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-07-03] (Apple Inc.)

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR HomePage: Default -> hxxp://www.google.com/
    CHR StartupUrls: Default -> "hxxp://www.google.com/"
    CHR DefaultSearchURL: Default -> hxxps://www.teoma.com/web?q={searchTerms}
    CHR DefaultSearchKeyword: Default -> hxxps://teoma.com
    CHR DefaultSuggestURL: Default -> hxxp://www.teoma.com/ss?type=prefix&li=ff&q={searchTerms}
    CHR Profile: C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default [2017-06-27]
    CHR Extension: (Google Drive) - C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-14]
    CHR Extension: (YouTube) - C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
    CHR Extension: (Google Search) - C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14]
    CHR Extension: (AdBlock) - C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-26]
    CHR Extension: (Pixlr Touch Up) - C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\jklljiahjgoglchglekebfljnmbaleig [2014-03-10]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-21]
    CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-04-21]
    CHR Extension: (Gmail) - C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]
    CHR Extension: (Chrome Media Router) - C:\Users\Battlefield\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-17]
    CHR HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\BATTLE~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-06]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
    R2 AdvHardwareService; C:\Program Files (x86)\CenterEdge Software\AdvHardwareService.exe [23552 2017-03-27] (CenterEdge Software) [File not signed]
    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
    S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-09-11] ()
    R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-10-12] (ASUSTeK Computer Inc.)
    S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-10-12] (ASUSTeK Computer Inc.)
    S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
    S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-27] (Dropbox, Inc.)
    S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-27] (Dropbox, Inc.)
    R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
    S4 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8998800 2013-05-08] (DisplayLink Corp.)
    R2 DpHost; C:\Program Files (x86)\CenterEdge Software\Bin\DpHostW.exe [326720 2009-08-10] (DigitalPersona, Inc.) [File not signed]
    S4 EPSON_Device_Control_Log_Service; C:\Program Files\epson\portcommunicationservice\DeviceControlLog.exe [395776 2012-06-22] (SEIKO EPSON CORPORATION) [File not signed]
    S4 EPSON_Port_Communication_Service; C:\Program Files\epson\portcommunicationservice\PCSVC.exe [584704 2012-06-22] (SEIKO EPSON CORPORATION) [File not signed]
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
    R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
    R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-23] (Hewlett-Packard Co.) [File not signed]
    R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
    R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
    R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [53544 2013-06-12] (National Instruments Corporation)
    R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [63792 2013-06-12] (National Instruments Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
    R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-04-30] (Alcatel-Lucent) [File not signed]
    R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-04-30] (Alcatel-Lucent) [File not signed]
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
    R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
    S2 MSSQL$TESTSERVER; c:\Program Files\Microsoft SQL Server\MSSQL11.TESTSERVER\MSSQL\Binn\sqlservr.exe [192192 2015-05-05] (Microsoft Corporation)
    S3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [49752 2012-02-11] (Microsoft Corporation)
    S3 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [192192 2015-05-05] (Microsoft Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57696 2013-12-10] (National Instruments Corporation)
    S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [81248 2013-12-10] (National Instruments Corporation)
    R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [380720 2013-06-12] (National Instruments Corporation)
    S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
    R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [260976 2013-05-11] (National Instruments Corporation)
    S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
    R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [90440 2013-12-10] (National Instruments Corporation)
    R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57680 2013-12-10] (National Instruments Corporation)
    R2 Nonbrand_WUS-N; C:\Program Files (x86)\KEEBOX\150N Wireless Utility\ANIWZCSdS.exe [126976 2010-06-21] (Wireless Service) [File not signed]
    S4 Nonbrand_WUS-N_WPS; C:\Program Files (x86)\KEEBOX\150N Wireless Utility\ANIWConnService.exe [53248 2010-06-21] () [File not signed]
    S4 NovacomD; C:\Program Files (x86)\HP webOS\SDK\bin\novacomd\x86\novacomd.exe [61440 2011-09-19] (Palm) [File not signed]
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)
    S4 Palm_TCP_Relay; C:\Program Files (x86)\HP webOS\PDK\tcprelay.exe [11776 2011-12-21] () [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
    S4 POSPerformanceCounters; c:\Program Files (x86)\Microsoft Point Of Service\Microsoft.PointOfService.Service.exe [35648 2006-01-24] (Microsoft Corporation)
    R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2017-03-01] (Intuit) [File not signed]
    S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2013-10-10] (Intuit Inc.) [File not signed]
    R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2013-10-10] (Intuit Inc.) [File not signed]
    R3 QuickBooksDB24; C:\Program Files (x86)\Intuit\QuickBooks 2014\QBDBMgrN.exe [679936 2013-10-10] (Intuit, Inc.) [File not signed]
    S3 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2423792 2012-10-20] (Microsoft Corporation)
    S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
    S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
    S4 SQLAgent$TESTSERVER; c:\Program Files\Microsoft SQL Server\MSSQL11.TESTSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2015-05-05] (Microsoft Corporation)
    S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2015-05-05] (Microsoft Corporation)
    S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
    S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
    S3 VsEtwService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89240 2014-11-10] (Microsoft Corporation)
    S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [147664 2014-11-10] (Microsoft Corporation)
    R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-06-02] (Western Digital Technologies, Inc.)
    R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-06-02] (Western Digital Technologies, Inc.)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    R2 wuhelper; C:\Program Files (x86)\Windows NT\Accessories\WinUtilityHelper\wuhelper.exe [139776 2017-05-19] () [File not signed]
    S4 CarboniteService; "C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe" [X]

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
    R0 AiChargerPlus; C:\Windows\SysWOW64\DRIVERS\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
    S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [77912 2015-09-23] (SafeNet Inc.)
    S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [322560 2015-09-23] (SafeNet Inc.)
    R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2010-06-21] ()
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-10-12] ()
    R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
    S3 cebal2_x64; C:\Windows\System32\DRIVERS\cebal2_x64.sys [47368 2014-06-12] ()
    S3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.2.47873.0.sys [44944 2013-05-13] ()
    S2 DLPortIO; C:\Windows\SysWow64\Drivers\DLPortIO.sys [3584 1999-01-10] () [File not signed]
    S2 EPSON_PCS_Parallel_Port_Driver; C:\Windows\system32\DRIVERS\pcslpt.sys [21640 2012-06-22] (SEIKO EPSON CORPORATION)
    R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-05-25] ()
    R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [350552 2015-09-23] (SafeNet Inc.)
    S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2014-01-04] (hxxp://libusb-win32.sourceforge.net)
    R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188312 2017-06-27] (Malwarebytes)
    R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [113592 2017-06-27] (Malwarebytes)
    R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [44960 2017-06-27] (Malwarebytes)
    R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [252832 2017-06-27] (Malwarebytes)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
    S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-04-30] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-04-30] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
    S3 npf; C:\Windows\System32\drivers\npf.sys [35344 2013-07-28] (CACE Technologies, Inc.)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)
    R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
    R1 RegHiveRecovery; C:\Windows\system32\drivers\RegHiveRecovery.sys [48304 2014-02-20] (Microsoft Corporation)
    S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-20] (Microsoft Corporation)
    S3 SpotUsb; C:\Windows\System32\DRIVERS\MFUSB_Netduino.sys [34912 2012-04-11] (Microsoft Corporation)
    S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
    S3 STTub30; C:\Windows\System32\Drivers\STTub30.sys [44184 2012-07-09] (STMicroelectronics)
    S3 STTub30; C:\Windows\SysWOW64\Drivers\STTub30.sys [37808 2009-11-23] (STMicroelectronics)
    U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-03-01] (Seiko Epson Corporation)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-06-27] ()
    S3 WIMMount; C:\Program Files (x86)\Windows Kits\8.1\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [40552 2013-08-22] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-06-27 16:44 - 2017-06-27 16:44 - 00052452 _____ C:\Users\Battlefield\Downloads\RogueLog.txt
    2017-06-27 14:11 - 2017-06-27 14:44 - 00001094 _____ C:\Users\QBDataServiceUser24\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2017-06-27 14:11 - 2017-06-27 14:11 - 00001094 _____ C:\Users\ReportServer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2017-06-27 14:11 - 2017-06-27 14:11 - 00001094 _____ C:\Users\QBDataServiceUser21\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2017-06-27 14:11 - 2017-06-27 14:11 - 00001094 _____ C:\Users\MSSQLSERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2017-06-27 14:11 - 2017-06-27 14:11 - 00001094 _____ C:\Users\MSSQLFDLauncher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2017-06-27 13:31 - 2017-06-27 14:51 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2017-06-27 13:30 - 2017-06-27 13:30 - 00000000 ____D C:\ProgramData\RogueKiller
    2017-06-27 13:29 - 2017-06-27 13:30 - 26424392 _____ C:\Users\Battlefield\Downloads\RogueKiller_portable64.exe
    2017-06-27 13:03 - 2017-06-27 17:12 - 00113592 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
    2017-06-27 13:03 - 2017-06-27 17:12 - 00044960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2017-06-27 13:03 - 2017-06-27 14:50 - 00188312 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
    2017-06-27 13:02 - 2017-06-27 17:11 - 00252832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2017-06-27 13:02 - 2017-06-27 13:02 - 64025992 _____ (Malwarebytes ) C:\Users\Battlefield\Downloads\mb3-setup-1878.1878-3.1.2.1733-10139.exe
    2017-06-27 13:02 - 2017-06-27 13:02 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-06-27 13:02 - 2017-06-27 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-06-27 13:02 - 2017-06-27 13:02 - 00000000 ____D C:\Program Files\Malwarebytes
    2017-06-27 13:02 - 2017-05-25 11:58 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
    2017-06-27 13:01 - 2017-06-27 13:02 - 64232976 _____ (Malwarebytes ) C:\Users\Battlefield\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.141-1.0.2092.exe
    2017-06-27 12:56 - 2017-06-27 12:56 - 22851472 _____ (Malwarebytes ) C:\Users\Battlefield\Downloads\mbam-setup-bc.1878-2.2.1.1043.exe
    2017-06-27 12:56 - 2017-06-27 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2017-06-27 11:15 - 2017-06-27 11:17 - 00132327 _____ C:\Users\Battlefield\Desktop\Addition.txt
    2017-06-27 11:14 - 2017-06-27 17:24 - 00052604 _____ C:\Users\Battlefield\Desktop\FRST.txt
    2017-06-27 11:06 - 2017-06-27 11:09 - 00002784 _____ C:\Users\Battlefield\Desktop\Rkill.txt
    2017-06-27 11:06 - 2017-06-27 11:06 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Battlefield\Downloads\rkill.exe
    2017-06-27 10:57 - 2017-06-27 10:57 - 00065349 _____ C:\Users\Battlefield\Desktop\JRT.txt
    2017-06-27 10:50 - 2017-06-27 10:51 - 01663672 _____ (Malwarebytes) C:\Users\Battlefield\Downloads\JRT.exe
    2017-06-27 09:34 - 2017-06-27 10:05 - 00000000 ____D C:\AdwCleaner
    2017-06-27 09:26 - 2017-06-27 12:44 - 00013900 _____ C:\Users\Battlefield\Desktop\Fixlog.txt
    2017-06-27 09:25 - 2017-06-26 17:47 - 02441216 _____ (Farbar) C:\Users\Battlefield\Desktop\FRST64.exe
    2017-06-26 17:47 - 2017-06-26 17:47 - 00000000 ____D C:\Users\Battlefield\Downloads\FRST-OlderVersion
    2017-06-26 17:28 - 2017-06-26 17:24 - 04110280 _____ C:\Users\Battlefield\Desktop\AdwCleaner.exe
    2017-06-26 17:09 - 2013-02-28 21:08 - 00001711 _____ C:\Users\Battlefield\Downloads\Google Drive.lnk
    2017-06-26 17:07 - 2017-06-27 09:21 - 00008847 _____ C:\Users\Battlefield\Downloads\Fixlog.txt
    2017-06-26 17:07 - 2017-06-27 09:21 - 00008281 _____ C:\Users\Battlefield\Downloads\fixlist.txt
    2017-06-26 17:02 - 2017-06-26 17:02 - 00000000 ____D C:\ProgramData\Sun
    2017-06-26 05:27 - 2017-06-26 05:27 - 00049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
    2017-06-26 05:27 - 2017-06-26 05:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
    2017-06-26 05:27 - 2017-06-26 05:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
    2017-06-26 05:27 - 2017-06-26 05:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
    2017-06-24 18:47 - 2017-06-24 18:47 - 00000449 _____ C:\Users\Battlefield\Desktop\aswMBR.txt
    2017-06-24 18:45 - 2017-06-24 18:45 - 05198336 _____ (AVAST Software) C:\Users\Battlefield\Downloads\aswMBR (1).exe
    2017-06-24 18:32 - 2017-06-24 18:36 - 00131130 _____ C:\Users\Battlefield\Downloads\Addition.txt
    2017-06-24 18:30 - 2017-06-24 18:36 - 00102502 _____ C:\Users\Battlefield\Downloads\FRST.txt
    2017-06-24 18:29 - 2017-06-27 17:24 - 00000000 ____D C:\FRST
    2017-06-24 18:29 - 2017-06-26 17:47 - 02441216 _____ (Farbar) C:\Users\Battlefield\Downloads\FRST64.exe
    2017-06-24 18:26 - 2017-06-27 17:11 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
    2017-06-24 18:25 - 2017-06-24 18:25 - 00000962 _____ C:\Windows\Tweaking.com - Registry Backup Setup Log.txt
    2017-06-24 18:24 - 2017-06-24 18:24 - 05766144 _____ (Tweaking.com) C:\Users\Battlefield\Downloads\tweaking.com_registry_backup_setup (1).exe
    2017-06-24 18:23 - 2017-06-24 18:23 - 05766144 _____ (Tweaking.com) C:\Users\Battlefield\Downloads\tweaking.com_registry_backup_setup.exe
    2017-06-24 18:19 - 2017-06-27 17:23 - 00000000 ___HD C:\Users\Public\Documents\AdobeGC
    2017-06-24 14:10 - 2017-06-24 14:10 - 00000000 ____D C:\Users\Battlefield\Documents\ProcAlyzer Dumps
    2017-06-24 14:02 - 2017-06-24 14:02 - 00000000 ____D C:\Users\Battlefield\AppData\Local\Tempzxpsignbf528d65aa2f44e5
    2017-06-24 14:02 - 2017-06-24 14:02 - 00000000 ____D C:\Users\Battlefield\AppData\Local\Tempzxpsign8d14837c4143a0c1
    2017-06-24 14:02 - 2017-06-24 14:02 - 00000000 ____D C:\Users\Battlefield\AppData\Local\Tempzxpsign6fa10438927821b6
    2017-06-20 12:49 - 2017-06-20 12:49 - 00000000 ____D C:\CenterEdge
    2017-06-20 12:48 - 2017-06-20 12:48 - 00001084 _____ C:\Users\Public\Desktop\Advantage Manager Console.lnk
    2017-06-20 12:48 - 2017-06-20 12:48 - 00001079 _____ C:\Users\Public\Desktop\Advantage Groups.lnk
    2017-06-20 12:48 - 2017-06-20 12:48 - 00000000 ____D C:\Windows\DPDrv
    2017-06-18 15:36 - 2017-06-18 15:36 - 00000000 ____D C:\Program Files\Common Files\AV
    2017-06-18 15:36 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
    2017-06-18 14:30 - 2017-06-24 14:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2017-06-18 14:30 - 2017-06-18 14:30 - 00001455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2017-06-18 14:30 - 2017-06-18 14:30 - 00001443 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2017-06-18 14:30 - 2017-06-18 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2017-06-18 14:30 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
    2017-06-18 14:26 - 2017-06-18 14:27 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\CJ\Downloads\spybot-2.4.exe
    2017-06-14 03:24 - 2017-06-02 03:28 - 02317824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2017-06-14 03:24 - 2017-06-02 03:28 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
    2017-06-14 03:24 - 2017-06-02 03:28 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
    2017-06-14 03:24 - 2017-06-02 03:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
    2017-06-14 03:24 - 2017-06-02 03:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
    2017-06-14 03:24 - 2017-06-02 03:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
    2017-06-14 03:24 - 2017-06-02 03:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
    2017-06-14 03:24 - 2017-06-02 03:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
    2017-06-14 03:24 - 2017-06-02 03:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
    2017-06-14 03:24 - 2017-06-02 03:11 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2017-06-14 03:24 - 2017-06-02 03:11 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
    2017-06-14 03:24 - 2017-06-02 03:10 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
    2017-06-14 03:24 - 2017-06-02 03:10 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
    2017-06-14 03:24 - 2017-06-02 03:09 - 01549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2017-06-14 03:24 - 2017-06-02 03:09 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
    2017-06-14 03:24 - 2017-06-02 03:09 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
    2017-06-14 03:24 - 2017-06-02 03:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
    2017-06-14 03:24 - 2017-06-02 03:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
    2017-06-14 03:24 - 2017-06-02 03:09 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
    2017-06-14 03:24 - 2017-06-02 03:09 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
    2017-06-14 03:24 - 2017-06-02 03:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
    2017-06-14 03:24 - 2017-06-02 02:58 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2017-06-14 03:24 - 2017-06-02 02:58 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    2017-06-14 03:24 - 2017-06-02 02:57 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
    2017-06-14 03:24 - 2017-06-02 02:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
    2017-06-14 03:24 - 2017-05-20 23:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2017-06-14 03:24 - 2017-05-20 23:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2017-06-14 03:24 - 2017-05-20 23:24 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2017-06-14 03:24 - 2017-05-20 23:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2017-06-14 03:24 - 2017-05-20 23:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2017-06-14 03:24 - 2017-05-20 22:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2017-06-14 03:24 - 2017-05-20 22:48 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2017-06-14 03:24 - 2017-05-20 22:48 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2017-06-14 03:24 - 2017-05-20 22:48 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2017-06-14 03:24 - 2017-05-20 22:47 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2017-06-14 03:24 - 2017-05-20 22:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2017-06-14 03:24 - 2017-05-20 22:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
    2017-06-14 03:24 - 2017-05-16 13:19 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2017-06-14 03:24 - 2017-05-16 12:35 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2017-06-14 03:24 - 2017-05-14 15:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2017-06-14 03:24 - 2017-05-14 15:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2017-06-14 03:24 - 2017-05-14 15:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2017-06-14 03:24 - 2017-05-14 15:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2017-06-14 03:24 - 2017-05-14 15:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2017-06-14 03:24 - 2017-05-14 15:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2017-06-14 03:24 - 2017-05-14 15:26 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2017-06-14 03:24 - 2017-05-14 15:24 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2017-06-14 03:24 - 2017-05-14 15:19 - 25738752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2017-06-14 03:24 - 2017-05-14 15:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2017-06-14 03:24 - 2017-05-14 15:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2017-06-14 03:24 - 2017-05-14 15:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2017-06-14 03:24 - 2017-05-14 15:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2017-06-14 03:24 - 2017-05-14 15:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2017-06-14 03:24 - 2017-05-14 15:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2017-06-14 03:24 - 2017-05-14 15:10 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2017-06-14 03:24 - 2017-05-14 15:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2017-06-14 03:24 - 2017-05-14 14:57 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2017-06-14 03:24 - 2017-05-14 14:55 - 05975040 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2017-06-14 03:24 - 2017-05-14 14:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2017-06-14 03:24 - 2017-05-14 14:47 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2017-06-14 03:24 - 2017-05-14 14:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2017-06-14 03:24 - 2017-05-14 14:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2017-06-14 03:24 - 2017-05-14 14:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2017-06-14 03:24 - 2017-05-14 14:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2017-06-14 03:24 - 2017-05-14 14:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2017-06-14 03:24 - 2017-05-14 14:36 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2017-06-14 03:24 - 2017-05-14 14:23 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2017-06-14 03:24 - 2017-05-14 14:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2017-06-14 03:24 - 2017-05-14 14:22 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2017-06-14 03:24 - 2017-05-14 14:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2017-06-14 03:24 - 2017-05-14 14:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2017-06-14 03:24 - 2017-05-14 14:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2017-06-14 03:24 - 2017-05-14 14:20 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2017-06-14 03:24 - 2017-05-14 14:19 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2017-06-14 03:24 - 2017-05-14 14:18 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2017-06-14 03:24 - 2017-05-14 14:17 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2017-06-14 03:24 - 2017-05-14 14:16 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2017-06-14 03:24 - 2017-05-14 14:15 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2017-06-14 03:24 - 2017-05-14 14:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2017-06-14 03:24 - 2017-05-14 14:12 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2017-06-14 03:24 - 2017-05-14 14:11 - 20274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2017-06-14 03:24 - 2017-05-14 14:11 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2017-06-14 03:24 - 2017-05-14 14:10 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2017-06-14 03:24 - 2017-05-14 14:10 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2017-06-14 03:24 - 2017-05-14 14:02 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2017-06-14 03:24 - 2017-05-14 13:57 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2017-06-14 03:24 - 2017-05-14 13:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2017-06-14 03:24 - 2017-05-14 13:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2017-06-14 03:24 - 2017-05-14 13:54 - 15252992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2017-06-14 03:24 - 2017-05-14 13:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2017-06-14 03:24 - 2017-05-14 13:52 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2017-06-14 03:24 - 2017-05-14 13:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2017-06-14 03:24 - 2017-05-14 13:50 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2017-06-14 03:24 - 2017-05-14 13:49 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2017-06-14 03:24 - 2017-05-14 13:44 - 04549120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2017-06-14 03:24 - 2017-05-14 13:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2017-06-14 03:24 - 2017-05-14 13:40 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2017-06-14 03:24 - 2017-05-14 13:39 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2017-06-14 03:24 - 2017-05-14 13:38 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2017-06-14 03:24 - 2017-05-14 13:37 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2017-06-14 03:24 - 2017-05-14 13:30 - 13664768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2017-06-14 03:24 - 2017-05-14 13:27 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2017-06-14 03:24 - 2017-05-14 13:15 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2017-06-14 03:24 - 2017-05-14 13:11 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2017-06-14 03:24 - 2017-05-14 13:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2017-06-14 03:24 - 2017-05-12 13:27 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2017-06-14 03:24 - 2017-05-12 13:26 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2017-06-14 03:24 - 2017-05-12 13:26 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2017-06-14 03:24 - 2017-05-12 13:26 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2017-06-14 03:24 - 2017-05-12 13:24 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:07 - 04001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2017-06-14 03:24 - 2017-05-12 13:07 - 03945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2017-06-14 03:24 - 2017-05-12 13:07 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2017-06-14 03:24 - 2017-05-12 13:04 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 12:55 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2017-06-14 03:24 - 2017-05-12 12:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2017-06-14 03:24 - 2017-05-12 12:54 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2017-06-14 03:24 - 2017-05-12 12:52 - 03222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2017-06-14 03:24 - 2017-05-12 12:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2017-06-14 03:24 - 2017-05-12 12:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2017-06-14 03:24 - 2017-05-12 12:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2017-06-14 03:24 - 2017-05-12 12:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2017-06-14 03:24 - 2017-05-12 12:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2017-06-14 03:24 - 2017-05-12 12:41 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2017-06-14 03:24 - 2017-05-12 12:41 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2017-06-14 03:24 - 2017-05-12 12:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2017-06-14 03:24 - 2017-05-12 12:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 12:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 12:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 12:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2017-06-14 03:24 - 2017-05-12 11:25 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2017-06-14 03:24 - 2017-05-12 10:58 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2017-06-14 03:24 - 2017-05-12 10:58 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2017-06-14 03:24 - 2017-05-10 10:33 - 00091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
    2017-06-14 03:24 - 2017-05-10 10:29 - 14183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2017-06-14 03:24 - 2017-05-10 10:29 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2017-06-14 03:24 - 2017-05-10 10:29 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2017-06-14 03:24 - 2017-05-10 10:29 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2017-06-14 03:24 - 2017-05-10 10:29 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2017-06-14 03:24 - 2017-05-10 10:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2017-06-14 03:24 - 2017-05-10 10:16 - 00091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
    2017-06-14 03:24 - 2017-05-10 10:14 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2017-06-14 03:24 - 2017-05-10 10:13 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2017-06-14 03:24 - 2017-05-10 10:13 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2017-06-14 03:24 - 2017-05-10 10:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2017-06-14 03:24 - 2017-05-10 10:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2017-06-14 03:24 - 2017-05-10 10:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2017-06-14 03:24 - 2017-05-10 10:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2017-06-14 03:24 - 2017-05-10 10:12 - 12880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2017-06-14 03:24 - 2017-05-10 10:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
    2017-06-14 03:24 - 2017-05-10 10:12 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2017-06-14 03:24 - 2017-05-10 10:00 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2017-06-14 03:24 - 2017-05-10 10:00 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2017-06-14 03:24 - 2017-05-10 10:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2017-06-14 03:24 - 2017-05-10 10:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2017-06-14 03:24 - 2017-05-10 09:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2017-06-14 03:24 - 2017-05-09 10:30 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2017-06-14 03:24 - 2017-05-09 10:29 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2017-06-14 03:24 - 2017-05-09 10:11 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
    2017-06-14 03:24 - 2017-05-07 10:33 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2017-06-14 03:24 - 2017-05-07 10:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
    2017-06-14 03:24 - 2017-04-27 17:50 - 03550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
    2017-06-14 03:24 - 2017-04-12 08:05 - 04296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
    2017-06-14 03:24 - 2017-03-30 10:03 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
    2017-06-14 03:24 - 2017-03-30 09:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    2017-06-08 15:28 - 2017-06-08 15:28 - 00001209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
    2017-06-08 15:28 - 2017-06-08 15:28 - 00001197 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
    2017-06-07 14:12 - 2017-05-28 13:09 - 27071391 _____ C:\Users\Battlefield\Downloads\BFHMenu.psd
    2017-06-06 15:00 - 2017-06-06 15:00 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\DivX
    2017-06-06 13:42 - 2017-06-06 13:42 - 00000000 ____D C:\Users\Jordan\AppData\Local\Tempzxpsigne974a45c9caabc93
    2017-06-06 13:42 - 2017-06-06 13:42 - 00000000 ____D C:\Users\Jordan\AppData\Local\Tempzxpsign70ba92ffa88b188b
    2017-06-06 13:42 - 2017-06-06 13:42 - 00000000 ____D C:\Users\Jordan\AppData\Local\Tempzxpsign5a4936c86f71bbd5
    2017-06-06 13:42 - 2017-06-06 13:42 - 00000000 ____D C:\Users\Jordan\AppData\Local\Tempzxpsign4e4231ef06791530
    2017-06-01 12:06 - 2017-06-01 12:07 - 14664470 _____ C:\Users\Battlefield\Downloads\Pic.zip
    2017-05-31 15:47 - 2017-05-31 15:47 - 00000000 ____D C:\Users\Battlefield\AppData\Local\Tempzxpsign18a29e0bc9d89a08
    2017-05-31 15:44 - 2017-05-31 15:44 - 00000000 ____D C:\Users\Battlefield\AppData\Local\Tempzxpsignf4d480f6c159f900
    2017-05-31 15:44 - 2017-05-31 15:44 - 00000000 ____D C:\Users\Battlefield\AppData\Local\Tempzxpsigna146114e990e54a8
    2017-05-31 15:38 - 2017-05-31 15:39 - 00000000 ____D C:\Users\Battlefield\Documents\Battlefield FRONTLINES
    2017-05-31 15:37 - 2017-05-31 15:38 - 00000000 ____D C:\Users\Battlefield\Documents\Battlefield HOUSTON
    2017-05-31 15:35 - 2017-05-31 15:39 - 00000000 ____D C:\Users\Battlefield\Documents\West Little York
    2017-05-31 15:34 - 2017-05-31 15:39 - 00000000 ____D C:\Users\Battlefield\Documents\P-L
    2017-05-31 15:34 - 2017-05-31 15:39 - 00000000 ____D C:\Users\Battlefield\Documents\Balance Sheet
    2017-05-31 15:33 - 2017-05-31 15:33 - 00000000 ____D C:\Users\Battlefield\Documents\Valley Ridge Pkwy
    2017-05-31 15:27 - 2017-05-31 15:33 - 00000000 ____D C:\Users\Battlefield\Documents\Tax Return
    2017-05-31 15:09 - 2017-05-31 15:09 - 00002260 _____ C:\Users\Public\Desktop\QuickBooks Desktop File Doctor.lnk
    2017-05-31 15:09 - 2017-05-31 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks Desktop File Doctor
    2017-05-31 13:12 - 2017-05-31 13:12 - 00000000 ____D C:\Users\Jordan\AppData\Local\Tempzxpsign0df6eec6484a989b
    2017-05-31 12:46 - 2017-05-31 12:46 - 00000000 ____D C:\Users\Jordan\AppData\Local\Tempzxpsigne34feb0ccd073179
    2017-05-31 12:46 - 2017-05-31 12:46 - 00000000 ____D C:\Users\Jordan\AppData\Local\Tempzxpsign69ae824cf7844bc2
    2017-05-31 12:46 - 2017-05-31 12:46 - 00000000 ____D C:\Users\Jordan\AppData\Local\Tempzxpsign09d5ce34862afbb1
    2017-05-30 14:55 - 2017-05-30 14:55 - 00013465 _____ C:\Users\Battlefield\Downloads\BFHoustonBirthdayPricing.xlsx

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-06-27 17:23 - 2016-07-27 13:31 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
    2017-06-27 17:23 - 2015-07-27 21:48 - 00000000 ___RD C:\Users\Battlefield\OneDrive
    2017-06-27 17:20 - 2009-07-13 23:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2017-06-27 17:20 - 2009-07-13 23:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2017-06-27 17:10 - 2011-10-21 13:55 - 00000000 ____D C:\ProgramData\NVIDIA
    2017-06-27 17:10 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2017-06-27 17:02 - 2017-05-25 16:42 - 00000000 ____D C:\Users\Battlefield\AppData\Roaming\Primitives
    2017-06-27 16:51 - 2016-07-27 13:31 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
    2017-06-27 16:15 - 2015-08-16 17:32 - 00002243 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2017-06-27 16:15 - 2012-04-21 19:31 - 00002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-06-27 16:13 - 2013-09-30 12:16 - 00000000 ____D C:\Users\Battlefield\AppData\Local\CrashDumps
    2017-06-27 14:55 - 2009-07-14 00:13 - 00007920 _____ C:\Windows\system32\PerfStringBackup.INI
    2017-06-27 14:44 - 2013-11-08 14:57 - 00001094 _____ C:\Users\Battlefield\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2017-06-27 13:02 - 2013-01-12 15:37 - 00000000 ____D C:\ProgramData\Malwarebytes
    2017-06-27 12:56 - 2016-07-27 13:31 - 00000000 ____D C:\Program Files (x86)\Dropbox
    2017-06-27 12:47 - 2013-12-03 14:36 - 00000000 ____D C:\Users\QBDataServiceUser24
    2017-06-27 12:42 - 2016-11-23 17:01 - 00000000 ____D C:\Users\Jordan\AppData\LocalLow\Temp
    2017-06-27 12:41 - 2011-11-05 13:41 - 00000000 ____D C:\Users\Battlefield\AppData\LocalLow\Temp
    2017-06-27 10:04 - 2015-02-21 20:04 - 00000000 ____D C:\ProgramData\boost_interprocess
    2017-06-26 17:02 - 2011-10-25 13:36 - 00000000 ____D C:\Program Files (x86)\Java
    2017-06-26 16:49 - 2013-09-22 12:07 - 01621390 _____ C:\Windows\ntbtlog.txt
    2017-06-26 16:33 - 2012-09-29 10:12 - 00000000 ____D C:\ProgramData\epson
    2017-06-26 16:33 - 2012-09-29 10:12 - 00000000 ____D C:\Program Files\EPSON
    2017-06-25 01:25 - 2011-10-20 14:39 - 00000000 ____D C:\Users\Battlefield\AppData\Local\ElevatedDiagnostics
    2017-06-24 18:23 - 2011-10-20 14:58 - 00000000 ____D C:\QuickBookData
    2017-06-24 13:56 - 2016-11-18 23:14 - 00000000 ____D C:\Users\CJ
    2017-06-24 13:48 - 2009-07-13 23:45 - 05381648 _____ C:\Windows\system32\FNTCACHE.DAT
    2017-06-23 10:18 - 2016-01-05 16:21 - 00000000 ___RD C:\Users\Battlefield\Creative Cloud Files
    2017-06-23 10:18 - 2011-10-20 15:38 - 00000000 ____D C:\Users\Battlefield\AppData\Local\Adobe
    2017-06-20 12:49 - 2012-10-26 16:02 - 00000000 ____D C:\ProgramData\Package Cache
    2017-06-20 12:49 - 2011-10-20 14:55 - 00189784 _____ C:\Users\Battlefield\AppData\Local\GDIPFONTCACHEV1.DAT
    2017-06-20 12:48 - 2014-11-14 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CenterEdge Software
    2017-06-20 12:48 - 2013-03-16 19:56 - 00000000 ____D C:\Program Files (x86)\CenterEdge Software
    2017-06-18 15:33 - 2012-09-20 10:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2017-06-18 15:06 - 2011-10-21 13:49 - 00000000 ____D C:\Users\Battlefield
    2017-06-18 02:00 - 2016-11-18 23:14 - 00000000 ____D C:\Users\CJ\AppData\Local\Adobe
    2017-06-17 23:45 - 2015-05-14 11:20 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2017-06-17 23:33 - 2016-11-18 23:14 - 00189784 _____ C:\Users\CJ\AppData\Local\GDIPFONTCACHEV1.DAT
    2017-06-17 23:33 - 2016-11-18 23:14 - 00000000 ____D C:\Users\CJ\AppData\Local\Dropbox
    2017-06-17 14:01 - 2016-07-26 13:51 - 00000000 ____D C:\Users\Battlefield\Desktop\BATTLEFIELD PRINT OUTS
    2017-06-16 02:00 - 2016-11-16 14:41 - 00000000 ____D C:\Users\Jordan\AppData\Local\Adobe
    2017-06-15 04:33 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
    2017-06-15 03:31 - 2013-02-02 15:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2017-06-15 03:31 - 2013-02-02 15:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2017-06-15 03:29 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
    2017-06-15 03:29 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\migwiz
    2017-06-15 03:14 - 2015-05-14 03:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2017-06-15 03:12 - 2013-08-11 16:09 - 00000000 ____D C:\Windows\system32\MRT
    2017-06-15 03:03 - 2011-10-21 13:08 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2017-06-14 19:30 - 2016-11-16 14:41 - 00000000 ____D C:\Users\Jordan\AppData\Local\Dropbox
    2017-06-14 19:30 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
    2017-06-14 13:36 - 2015-07-16 12:45 - 00000000 ____D C:\Users\Battlefield\AppData\Local\Dropbox
    2017-06-13 12:17 - 2016-12-15 17:33 - 00003196 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
    2017-06-13 12:17 - 2015-07-27 21:48 - 00002184 _____ C:\Users\Battlefield\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
    2017-06-12 09:16 - 2016-11-16 14:41 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\Adobe
    2017-06-09 15:15 - 2011-10-20 15:38 - 00000000 ____D C:\Users\Battlefield\AppData\Roaming\Adobe
    2017-06-08 12:21 - 2011-10-20 15:38 - 00000000 ____D C:\Program Files (x86)\Adobe
    2017-06-07 14:12 - 2014-10-24 15:35 - 00000000 ____D C:\Users\Battlefield\Downloads\RGB123_LED_Matrix_Case
    2017-06-07 12:46 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\FxsTmp
    2017-06-06 16:04 - 2014-04-15 16:31 - 00000000 ____D C:\Users\Battlefield\Documents\LegalDocs
    2017-06-06 13:42 - 2016-11-16 17:54 - 00000033 _____ C:\Users\Jordan\AppData\Roaming\AdobeWLCMCache.dat
    2017-06-03 16:58 - 2014-08-10 14:50 - 00000033 _____ C:\Users\Battlefield\AppData\Roaming\AdobeWLCMCache.dat
    2017-06-02 21:19 - 2017-05-24 16:40 - 00000028 _____ C:\Users\Battlefield\AppData\Roaming\kulerdata.json
    2017-05-31 15:09 - 2011-10-20 14:48 - 00000000 ____D C:\Program Files (x86)\Intuit
    2017-05-31 15:08 - 2012-02-26 12:27 - 00000000 ____D C:\Users\Battlefield\AppData\Local\Downloaded Installations
    2017-05-31 14:59 - 2016-11-16 14:41 - 00000000 ____D C:\Users\Jordan\AppData\Local\Intuit
    2017-05-31 10:44 - 2016-11-16 14:41 - 00189784 _____ C:\Users\Jordan\AppData\Local\GDIPFONTCACHEV1.DAT
    2017-05-30 15:45 - 2010-11-20 22:27 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2017-05-29 20:35 - 2016-08-14 14:12 - 00000000 ____D C:\ProgramData\Sony Corporation
    2017-05-29 20:35 - 2012-04-09 15:57 - 00000000 ____D C:\Program Files (x86)\Sony
    2017-05-28 19:20 - 2011-10-20 14:48 - 00000090 _____ C:\Windows\QBChanUtil_Trigger.ini

    ==================== Files in the root of some directories =======

    2010-09-26 10:04 - 2010-09-26 10:04 - 0069632 _____ (Elibrium, LLC) C:\Program Files (x86)\Common Files\ClacAdv.dll
    2010-09-26 10:04 - 2010-09-26 10:04 - 0126976 _____ (Elibrium, LLC) C:\Program Files (x86)\Common Files\ClacStmp.dll
    2010-09-26 10:04 - 2010-09-26 10:04 - 0028672 _____ (Elibrium, Inc) C:\Program Files (x86)\Common Files\MYSWHelpComp.dll
    2010-09-26 10:04 - 2010-09-26 10:04 - 0094208 _____ (Avanquest Publishing USA Inc.) C:\Program Files (x86)\Common Files\regdll.dll
    2012-09-05 13:20 - 2014-09-21 22:36 - 0000132 _____ () C:\Users\Battlefield\AppData\Roaming\Adobe BMP Format CS6 Prefs
    2011-11-11 14:44 - 2012-02-19 11:52 - 0000132 _____ () C:\Users\Battlefield\AppData\Roaming\Adobe GIF Format CS5 Prefs
    2011-11-11 14:46 - 2012-06-08 12:44 - 0000132 _____ () C:\Users\Battlefield\AppData\Roaming\Adobe PNG Format CS5 Prefs
    2012-10-01 17:41 - 2014-07-18 03:06 - 0000132 _____ () C:\Users\Battlefield\AppData\Roaming\Adobe PNG Format CS6 Prefs
    2014-08-10 14:50 - 2017-06-03 16:58 - 0000033 _____ () C:\Users\Battlefield\AppData\Roaming\AdobeWLCMCache.dat
    2011-10-20 14:17 - 2013-06-11 12:50 - 0003284 _____ () C:\Users\Battlefield\AppData\Roaming\ANIWZCS{CE60960A-05CC-4685-B18F-B63497DE832F}
    2015-01-28 14:53 - 2015-01-28 14:53 - 0026458 _____ () C:\Users\Battlefield\AppData\Roaming\Comma Separated Values.ADR
    2013-12-05 15:17 - 2017-05-31 15:11 - 0003520 _____ () C:\Users\Battlefield\AppData\Roaming\FileDrTool.log
    2017-05-24 16:40 - 2017-06-02 21:19 - 0000028 _____ () C:\Users\Battlefield\AppData\Roaming\kulerdata.json
    2015-02-17 15:40 - 2016-10-31 13:08 - 0002785 _____ () C:\Users\Battlefield\AppData\Roaming\QBFileDrTool.log
    2011-11-30 12:51 - 2012-09-06 17:37 - 0001456 _____ () C:\Users\Battlefield\AppData\Local\Adobe Save for Web 12.0 Prefs
    2012-09-10 09:37 - 2017-02-08 16:10 - 0001456 _____ () C:\Users\Battlefield\AppData\Local\Adobe Save for Web 13.0 Prefs
    2014-08-07 18:01 - 2014-08-07 18:01 - 0000000 _____ () C:\Users\Battlefield\AppData\Local\debuggee.mdmp
    2013-07-27 19:52 - 2015-01-17 21:41 - 0000600 _____ () C:\Users\Battlefield\AppData\Local\PUTTY.RND
    2015-04-23 14:51 - 2015-04-23 14:51 - 0000751 _____ () C:\Users\Battlefield\AppData\Local\recently-used.xbel
    2013-03-24 13:36 - 2016-09-17 15:01 - 0007667 _____ () C:\Users\Battlefield\AppData\Local\Resmon.ResmonCfg
    2011-12-01 14:43 - 2011-12-01 14:43 - 0000057 _____ () C:\ProgramData\Ament.ini
    2013-06-25 19:01 - 2015-01-27 00:28 - 0004417 _____ () C:\ProgramData\hpzinstall.log
    2012-11-30 22:15 - 2015-06-07 00:07 - 0000039 _____ () C:\ProgramData\IpAndPort.fig
    2012-11-30 15:13 - 2015-06-07 00:07 - 0000227 _____ () C:\ProgramData\RmUserCfg.ini

    Some files in TEMP:
    ====================
    2017-06-27 13:30 - 2017-05-12 13:24 - 1732864 _____ (Microsoft Corporation) C:\Users\Battlefield\AppData\Local\Temp\dllnt_dump.dll

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2017-06-22 00:36

    ==================== End of FRST.txt ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01
    Ran by Battlefield (27-06-2017 17:25:30)
    Running from C:\Users\Battlefield\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) (2011-10-21 18:49:17)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3544609310-1622349089-2069013866-500 - Administrator - Disabled)
    Battlefield (S-1-5-21-3544609310-1622349089-2069013866-1000 - Administrator - Enabled) => C:\Users\Battlefield
    CJ (S-1-5-21-3544609310-1622349089-2069013866-1019 - Limited - Enabled) => C:\Users\CJ
    Guest (S-1-5-21-3544609310-1622349089-2069013866-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3544609310-1622349089-2069013866-1003 - Limited - Enabled)
    Jordan (S-1-5-21-3544609310-1622349089-2069013866-1018 - Limited - Enabled) => C:\Users\Jordan
    photoshop (S-1-5-21-3544609310-1622349089-2069013866-1006 - Limited - Enabled)
    QBDataServiceUser21 (S-1-5-21-3544609310-1622349089-2069013866-1004 - Limited - Enabled) => C:\Users\QBDataServiceUser21
    QBDataServiceUser24 (S-1-5-21-3544609310-1622349089-2069013866-1017 - Limited - Enabled) => C:\Users\QBDataServiceUser24

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    8600_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    8600_Readme (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
    Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)
    Adobe After Effects CS5.5 Third Party Content (HKLM-x32\...\{606A0AC5-5F90-4379-81AE-11B44707E094}) (Version: 10.5 - Adobe Systems Incorporated)
    Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11.0.4 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
    Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.2.0 - Adobe Systems Incorporated)
    Adobe Audition CS6 (HKLM-x32\...\{30FD541D-3C9D-41C4-B240-A994EE4E0231}) (Version: 5.0 - Adobe Systems Incorporated)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.1.1.202 - Adobe Systems Incorporated)
    Adobe Creative Suite 5.5 Production Premium (HKLM-x32\...\{7F05F449-4DC4-4E02-A8D1-4A3ED7DD5FA3}) (Version: 5.5 - Adobe Systems Incorporated)
    Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
    Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated)
    Adobe Edge Animate (HKLM-x32\...\{6A725C8E-E4E1-474A-A2B1-C17CCC48EC01}) (Version: 1.0 - Adobe Systems Incorporated)
    Adobe Edge Inspect (HKLM-x32\...\{BF73C0A4-5E3D-4C6F-8164-C0CCA57E32C8}) (Version: 1.0.327 - Adobe Systems Incorporated)
    Adobe Fireworks CS5 (HKLM-x32\...\{164965E8-4BB0-4EEB-AFBA-75785A2A2A7F}) (Version: 11.0 - Adobe Systems Incorporated)
    Adobe Fireworks CS6 (HKLM-x32\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.1 - Adobe Systems Incorporated)
    Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.168 - Adobe Systems Incorporated)
    Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
    Adobe Flash Professional CC 2014 (HKLM-x32\...\{AA704223-E11C-11E3-8A38-C09A633B72AF}) (Version: 14.1 - Adobe Systems Incorporated)
    Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_1_0) (Version: 21.1.0 - Adobe Systems Incorporated)
    Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
    Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_1_0) (Version: 12.1.0 - Adobe Systems Incorporated)
    Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.1.0.422 - Adobe Systems Incorporated)
    Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
    Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
    Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
    Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
    Adobe Photoshop Lightroom 4.1 64-bit (HKLM\...\{F7ADB493-B913-4D61-9A63-DA736C20C3F2}) (Version: 4.1.2 - Adobe)
    Adobe Photoshop Lightroom 5.5 64-bit (HKLM\...\{19BBD0F3-7A31-480D-8A23-19AE28035E9C}) (Version: 5.5.0 - Adobe Systems Incorporated)
    Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.2.0 - Adobe Systems Incorporated)
    Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
    Adobe SpeedGrade CC 2014 (HKLM-x32\...\{8EFF28F0-9DFD-4208-9E04-4D49A4812CF3}) (Version: 8.2.0 - Adobe Systems Incorporated)
    Adobe SpeedGrade CS6 (HKLM-x32\...\{3D46121C-A0E6-4259-B7E0-5127C218A096}) (Version: 6.0.0 - Adobe Systems Incorporated)
    Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
    Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
    Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
    Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
    AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.01 - ASUSTeK Computer Inc.)
    Akamai NetSession Interface (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
    Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
    Application Insights Tools for Visual Studio 2015 Preview (x32 Version: 3.0 - Microsoft Corporation) Hidden
    Arduino (HKLM-x32\...\Arduino) (Version: 1.6.3 - Arduino LLC)
    Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
    Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.210.0 - Autodesk)
    Avery Teoma Search App (HKLM-x32\...\{4156522D-5447-006A-76A7-A758B70C2D01}) (Version: 12.45.1.1317 - APN, LLC)
    AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
    AzureTools.Notifications (x32 Version: 2.4.20714.1601 - Microsoft Corporation) Hidden
    Battlefield Houston - Client (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\1df8928e2c062db7) (Version: 2.1.2.2 - Jessica Pittman)
    Battlefield Houston - Server (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\97442b722a32a1d7) (Version: 2.2.0.11 - Jessica Pittman)
    Battlefield Scoring (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\a517dafcecd8ee49) (Version: 1.0.0.4 - Jessica Pittman)
    Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50926.80 - Microsoft Corporation) Hidden
    Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50926.80 - Microsoft Corporation) Hidden
    bl (x32 Version: 1.0.0 - Your Company Name) Hidden
    Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    BPDSoftware (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    BrightAuthor (HKLM-x32\...\{98418140-3FEC-4866-9A08-D5E55567F3C6}) (Version: 3.7.0.37 - BrightSign)
    BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools 14.0 (amd64) (Version: 14.0.22310 - Microsoft Corporation) Hidden
    Build Tools 14.0 (x86) (x32 Version: 14.0.22310 - Microsoft Corporation) Hidden
    Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools Language Resources 14.0 (amd64) (Version: 14.0.22310 - Microsoft Corporation) Hidden
    Build Tools Language Resources 14.0 (x86) (x32 Version: 14.0.22310 - Microsoft Corporation) Hidden
    CenterEdge Advantage 17.1.26.1816 (HKLM-x32\...\{74c1a795-cf8e-40a8-81fb-6fa5d585fdde}) (Version: 17.1.26.1816 - CenterEdge Software)
    CenterEdge Advantage 17.1.26.1816 (x32 Version: 17.1.1816 - CenterEdge Software) Hidden
    CenterEdge Advantage Reporting 10.1.1 (HKLM-x32\...\{14FA5573-9162-4435-AB94-D50EF52628CD}) (Version: 10.1.1 - CenterEdge Software)
    CenterEdge Advantage Sign Editor 14.4.15.331 (HKLM-x32\...\{DEFE5D78-C354-4F64-8A50-C4B2AAB6DD52}) (Version: 14.4.0331 - CenterEdge Software)
    CenterEdge Advantage Signage 14.4.15.331 (HKLM-x32\...\{6F52E11B-C13E-49B8-8974-0AA2F3F5808D}) (Version: 14.4.0331 - CenterEdge Software)
    Check Designer (HKLM-x32\...\{A5E65B95-F016-474D-BC0D-6AF64412BBDF}) (Version: 11.0.0.0 - Avanquest North America, Inc.)
    Chief Architect X2 (HKLM-x32\...\{35AF2D74-7048-876E-1869-68B6D635F446}) (Version: 12.1.2.29 - Chief Architect)
    Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11299.0 - Cisco Consumer Products LLC)
    Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
    Citrix Online Launcher (HKLM-x32\...\{C1D35D06-E60A-4834-9B52-F1F3E65D03C9}) (Version: 1.0.239 - Citrix)
    Command Center (Development) (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\bde0a3ab2c906615) (Version: 1.1.5.3 - Jessica Pittman)
    Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
    Cura 1.1.1 (HKLM-x32\...\cura-type-a_1.1.1) (Version: - )
    CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DevExpress Components 14.2 (HKLM-x32\...\DevExpress Components 14.2) (Version: 14.2.4 - Developer Express Inc.)
    DevExpress Components 15.1 (HKLM-x32\...\DevExpress Components 15.1) (Version: 15.1.3 - Developer Express Inc.)
    DevExpress Documentation (HKLM-x32\...\DevExpress Documentation) (Version: - Developer Express Inc.)
    DevExpress WPF Demos (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\4e41a8afeb5c478d) (Version: 14.2.3.0 - Developer Express Inc.)
    DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
    Digi XCTU (HKLM\...\XCTU_6.1) (Version: 6.1.0.3 - Digi International)
    DisplayLink Core Software (HKLM\...\{DAA61D41-4809-46C6-9AE4-13A61C54FA23}) (Version: 7.2.47873.0 - DisplayLink Corp.)
    DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
    Dog Tag (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\87a4474b070f97dc) (Version: 1.0.0.7 - Microsoft)
    Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
    Dotfuscator and Analytics Community Edition 5.16.0 (x32 Version: 5.16.0.2178 - PreEmptive Solutions) Hidden
    Dropbox (HKLM-x32\...\Dropbox) (Version: 29.4.20 - Dropbox, Inc.)
    Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
    DWG TrueView 2015 - English (Version: 20.0.210.0 - Autodesk) Hidden
    EAGLE 6.5.0 (HKLM-x32\...\EAGLE 6.5.0) (Version: 6.5.0 - CadSoft Computer GmbH)
    EAGLE 7.1.0 (HKLM-x32\...\EAGLE 7.1.0) (Version: 7.1.0 - CadSoft Computer GmbH)
    EMET 4.1 Update 1 (HKLM-x32\...\{6A09FEB2-691C-456B-B982-2F6D21B19602}) (Version: 4.1.1 - Microsoft Corporation)
    Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
    Entity Framework 6.1.2 Tools Beta 1 for Visual Studio 14 (HKLM-x32\...\{FF33B0AD-CEAF-4EDF-8D68-AD34E601B039}) (Version: 14.0.31029.0 - Microsoft Corporation)
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{AFA4B0BF-3289-495A-B949-BA91F39B1A44}) (Version: 11.1.21009.00 - Microsoft Corporation)
    EPSON Advanced Printer Driver 4 (HKLM-x32\...\{11FF6AF6-0141-4EF8-829A-989459A1E5D8}) (Version: 4.53.0001 - SEIKO EPSON CORPORATION)
    EPSON APD4 Point and Print Support (x32 Version: 4.53.0001 - SEIKO EPSON CORPORATION) Hidden
    EPSON Port Communication Service (HKLM\...\{6F915A77-A189-424F-AC46-6201E7E380CF}) (Version: 3.4.2 - SEIKO EPSON CORPORATION)
    EPSON TM-T88V Utility Ver.1.31 (HKLM-x32\...\{F7174313-A545-4557-AB1B-BB79B086875C}) (Version: 1.6.0.2 - SEIKO EPSON CORPORATION)
    ErrorList (x32 Version: 1.0 - Microsoft Corporation) Hidden
    ezLCD30x Firmware Loader (HKLM-x32\...\{E08220E2-D867-44C0-8298-0EDCAB8E698B}) (Version: 1.0 - EarthLCD)
    Flash Builder (HKLM-x32\...\{C583836B-A856-4BB4-8377-0DA9BCECBDEA}) (Version: 4.6.1 - Adobe Systems Incorporated)
    GDR 3128 for SQL Server 2012 (KB2793634) (64-bit) (HKLM\...\KB2793634) (Version: 11.1.3128.0 - Microsoft Corporation)
    GDR 3153 for SQL Server 2012 (KB2977326) (64-bit) (HKLM\...\KB2977326) (Version: 11.1.3153.0 - Microsoft Corporation)
    GDR 3156 for SQL Server 2012 (KB3045318) (64-bit) (HKLM\...\KB3045318) (Version: 11.1.3156.0 - Microsoft Corporation)
    GDR 5520 for SQL Server 2008 (KB2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
    GDR 5538 for SQL Server 2008 (KB3045305) (64-bit) (HKLM\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
    GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
    Git version 1.9.0-preview20140217 (HKLM-x32\...\Git_is1) (Version: 1.9.0-preview20140217 - The Git Development Community)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
    Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
    Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
    GoPro App (x32 Version: 0.1.443 - GoPro, Inc.) Hidden
    GoPro Studio 2.5.5 (HKLM-x32\...\{5d43231e-c765-405a-a122-81de16acd8b4}) (Version: 2.5.5.443 - GoPro, Inc.)
    GoToMeeting 7.2.4.3215 (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\GoToMeeting) (Version: 7.2.4.3215 - CitrixOnline)
    GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
    HI-TECH C Compiler for the PIC10/12/16 MCUs V9.82PL0 (HKLM-x32\...\PICC 9.82) (Version: 9.82 - HI-TECH Software)
    HI-TECH C51-lite V9.60PL0 (HKLM-x32\...\HC51 9.60PL0) (Version: 9.60 - HI-TECH Software)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
    HP Officejet Pro K8600 (HKLM\...\{5FA67C2B-DAAB-4F7B-AE09-CA97FE73EA59}) (Version: 13.0 - HP)
    HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
    HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
    HP webOS SDK (HKLM\...\{53A97E00-7252-4ED0-A1EB-9F9712FC0AC9}) (Version: 3.0.676 - HP)
    HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
    iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
    IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
    Intel Edison Device USB driver (HKLM\...\Intel Edison Device USB driver) (Version: 1.0.0 - Intel)
    iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
    JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    K8600 (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    KEEBOX 150N Wireless Utility (HKLM-x32\...\{5C6B323C-863C-4B17-B8F7-198B5E0C4B50}) (Version: - Nonbrand)
    KeePass Password Safe 2.24 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.24 - Dominik Reichl)
    Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
    Lightroom 4.1 (HKLM-x32\...\{3c5418ff-7dea-4a37-8c52-45c670677773}) (Version: 4.1 - Adobe Systems Incorporated)
    LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
    LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
    LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
    Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
    Math Kernel Libraries (64-bit) (Version: 1.0.31.0 - National Instruments) Hidden
    Math Kernel Libraries (64-bit) (Version: 13.0.13 - National Instruments) Hidden
    Math Kernel Libraries (x32 Version: 1.0.31.0 - National Instruments) Hidden
    Math Kernel Libraries (x32 Version: 13.0.13 - National Instruments) Hidden
    Medic Control (Development) (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\f47e6bed37df04f6) (Version: 0.3.4.15 - Jessica Pittman)
    Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    MicroCode Studio (MCSX) (HKLM-x32\...\MicroCode Studio (MCSX)_is1) (Version: 5.0.0.5 - Mecanique UK)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.3 Preview Multi-Targeting Pack (ENU) (HKLM-x32\...\{6FF89029-E442-4346-BB1E-C73AA6F6D080}) (Version: 4.5.53346 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.3 Preview Multi-Targeting Pack (HKLM-x32\...\{861F6EBB-5856-4DB9-B812-363CFB1D2F56}) (Version: 4.5.53346 - Microsoft Corporation)
    Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft .NET Micro Framework SDK 4.3 (RTM) (HKLM-x32\...\{39855987-4CD2-4CA0-B9EB-C67B342699EA}) (Version: 4.3.0.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages 2 (HKLM-x32\...\{cb29be6c-39c4-493e-9da7-d585d5353714}) (Version: 2.0.20715.0 - Microsoft Corporation)
    Microsoft Expression Design 4 (HKLM-x32\...\Design_8.0.31217.1) (Version: 8.0.31217.1 - Microsoft Corporation)
    Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
    Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.22310 - Microsoft Corporation)
    Microsoft Office 365 Small Business Premium - en-us (HKLM\...\O365SmallBusPremRetail - en-us) (Version: 15.0.4737.1003 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
    Microsoft POS for .NET 1.1 (HKLM-x32\...\{C05ED040-923C-4175-8B8D-A8693B93598B}) (Version: 1.1.0603.1 - Microsoft Corporation)
    Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{F43ADE73-2880-4A95-B995-4FE386ECF667}) (Version: 10.3.5538.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{4F640A82-635E-431A-856A-F43E5EAAC130}) (Version: 11.1.3156.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Policies (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8AC82589-7217-48FE-9051-AE6D3B211B14}) (Version: 11.1.3156.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BA39D494-DDE8-407A-AE5A-18A43DFF74EA}) (Version: 11.1.3156.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{A67C75DE-BED6-4F1B-97EB-30CD1D40FFED}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (11.1.21208.0) (HKLM-x32\...\{EE43D481-9E18-4426-BDBA-9AD73F2FEC41}) (Version: 11.1.21208.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (14.0.41025.0) (HKLM-x32\...\{455A16B4-CD22-4529-B429-DD454573E76A}) (Version: 14.0.41025.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools 2012 (HKLM-x32\...\{b21eb07f-a9ca-423a-896d-7cc3a4fc6481}) (Version: 11.1.21208.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (11.1.21208.0) (HKLM-x32\...\{98A5B388-5ED7-42C5-9DCF-D9E8CF9E51C8}) (Version: 11.1.21208.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{DAF4DDA4-3B5A-407D-B4DF-07922C5A0D22}) (Version: 12.0.2360.29 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{659D2DBE-CA2C-4C8F-AF2B-2C8DE262B278}) (Version: 12.0.2360.29 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Preview Redistributable (x64) - 14.0.22310 (HKLM-x32\...\{eb6c06e7-8ff6-4978-ab4c-561383593306}) (Version: 14.0.22310.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Preview Redistributable (x86) - 14.0.22310 (HKLM-x32\...\{2e4043b7-cd84-44db-b81a-8f6e5ffb7398}) (Version: 14.0.22310.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio 2012 Shell (Integrated) (HKLM-x32\...\{55b160d2-8221-45fd-ab30-4388c69c0f3b}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio 2012 Shell (Integrated) Language Pack - ENU (HKLM-x32\...\{e1d01f79-be4a-4e83-b707-a009c4f6e53f}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio 2012 Shell (Isolated) (HKLM-x32\...\{d2e0df0f-bf0a-4a89-9530-ebf93842c393}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio 2012 Shell (Isolated) Language Pack - ENU (HKLM-x32\...\{b8df2deb-8a9f-48c8-9608-1eb3861b5630}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio 2015 Preview Secondary Installer (HKLM-x32\...\{B6CB8401-B0A8-4795-8BED-F7B49D51ABCF}_SecondaryInstaller) (Version: 14.0.22310 - Microsoft Corporation)
    Microsoft Visual Studio Express 2012 for Web - ENU (HKLM-x32\...\{4bd1cdab-bf82-42c1-af37-e4918141913f}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
    Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{02a877fe-5dac-4ac0-b869-4b9da00f651c}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
    Microsoft Visual Studio Ultimate 2015 Preview (HKLM-x32\...\{e1f58f60-306c-4f5b-9788-5b9292910779}) (Version: 14.0.22310.1 - Microsoft Corporation)
    Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft Web Deploy 3.6 Beta3 (HKLM\...\{07F0FC77-282E-42E5-BAE6-B8C098F8453E}) (Version: 3.1238.1942 - Microsoft Corporation)
    Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
    Microsoft Web Platform Installer 4.0 (HKLM\...\{75E2C40C-4345-4DD0-B5B3-B8EB92EEECB5}) (Version: 4.0.1679 - Microsoft Corporation)
    Module Microsoft Report Viewer pour Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Mozilla Firefox 17.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 17.0.1 (x86 en-US)) (Version: 17.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0.1 - Mozilla)
    MPLAB Tools v8.90 (HKLM-x32\...\InstallShield_{4BFBFE90-75A0-4728-8625-9776B82C99B3}) (Version: 8.90 - Microchip Technology Inc.)
    MPLAB Tools v8.90 (x32 Version: 8.90 - Microchip Technology Inc.) Hidden
    MPM (HKLM-x32\...\{BAB0F8F5-282A-45F1-B31A-EB894827456B}) (Version: 1.00.0000 - Hewlett-Packard)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.22310 - Microsoft Corporation) Hidden
    National Instruments Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
    Netduino Drivers (Version: 4.3.0001 - Secret Labs LLC) Hidden
    Netduino SDK Core (x32 Version: 4.3.0000 - Secret Labs LLC) Hidden
    Netduino SDK v4.3.0 (February 2013) (HKLM-x32\...\{21fb40c4-d906-4605-9916-2cd3c48c9e82}) (Version: 4.3.0.1 - Secret Labs LLC)
    NetViewer 2.1.373.0 (HKLM-x32\...\NetViewer) (Version: 2.1.373.0 - )
    Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
    NI .NET Framework 4.0 (x32 Version: 4.01.49152 - National Instruments) Hidden
    NI ActiveX Container (64-bit) (Version: 13.0.4 - National Instruments) Hidden
    NI ActiveX Container (x32 Version: 13.0.4 - National Instruments) Hidden
    NI Authentication 13.5.0 (64-bit) (Version: 13.5.70 - National Instruments) Hidden
    NI Authentication 13.5.0 (x32 Version: 13.5.70 - National Instruments) Hidden
    NI Circuit Design Suite 13.0.1 Core (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Circuit Design Suite 13.0.1 Edu Licenses (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Circuit Design Suite 13.0.1 Education (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Circuit Design Suite Master Database (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Curl 13.5.0 (64-bit) (Version: 13.5.69 - National Instruments) Hidden
    NI Curl 13.5.0 (x32 Version: 13.5.69 - National Instruments) Hidden
    NI Error Reporting 2013 SP1 (x32 Version: 13.1.98 - National Instruments) Hidden
    NI Error Reporting Interface Installer 5.5 (x32 Version: 5.50.49152 - National Instruments) Hidden
    NI Error Reporting Interface Installer 5.5 for Windows 64-bit (Version: 5.50.49152 - National Instruments) Hidden
    NI EulaDepot (x32 Version: 3.21.132 - National Instruments) Hidden
    NI Example Finder 13.0 (x32 Version: 13.0.324 - National Instruments) Hidden
    NI GMP Windows 32-bit Installer 13.5.0 (x32 Version: 13.50.15 - National Instruments) Hidden
    NI GMP Windows 64-bit Installer 13.5.0 (Version: 13.50.15 - National Instruments) Hidden
    NI Help Assistant 2.0 (64bit) (Version: 2.0.3 - National Instruments) Hidden
    NI Help Assistant 2.0 (x32 Version: 2.0.3 - National Instruments) Hidden
    NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 12.0.219.0 - National Instruments) Hidden
    NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 13.0.336 - National Instruments) Hidden
    NI LabVIEW 2012 Run-Time Engine Web Server (x32 Version: 12.5.198.0 - National Instruments) Hidden
    NI LabVIEW 2012 SP1 Run-Time Engine Non-English Support. (x32 Version: 12.1.52.0 - National Instruments) Hidden
    NI LabVIEW 2013 Deployment Framework (x32 Version: 13.0.428 - National Instruments) Hidden
    NI LabVIEW 2013 Run-Time Engine Web Server (x32 Version: 13.5.26 - National Instruments) Hidden
    NI LabVIEW 2013 SP1 Run-Time Engine Non-English Support. (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine 2012 SP1 f7 (x32 Version: 12.1.65.0 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine 2013 SP1 (x32 Version: 13.1.101 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine Interop 2012 SP1 (x32 Version: 12.1.65.0 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine Interop 2013 (x32 Version: 13.1.101 - National Instruments) Hidden
    NI LabVIEW-Multisim Co-simulation Plug-in 13.0 for LabVIEW 2012 (x32 Version: 13.0.995 - National Instruments) Hidden
    NI LabVIEW-Multisim Co-simulation Plug-in 13.0 for LabVIEW 2013 (x32 Version: 13.0.995 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 .NET Library (64-bit) (Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 .NET Library (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Analysis Library (64-bit) (Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Analysis Library (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Low-Level Driver (Original) (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Low-Level Driver (Updated) (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Network Streams Library (64-bit) (Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Network Streams Library (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Network Variable Library (64-bit) (Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Network Variable Library (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 TDMS Library (64-bit) (Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 TDMS Library (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI Run-Time Engine 2013 SP1 (Updated) (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI Shared Run-Time Engine 2013 SP1 (64-bit) (Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI Shared Run-Time Engine 2013 SP1 (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI Launcher (x32 Version: 3.21.136 - National Instruments) Hidden
    NI License Manager (x32 Version: 3.7.54 - National Instruments) Hidden
    NI Logos 5.5 (64-bit) (Version: 5.5.293 - National Instruments) Hidden
    NI Logos 5.5 (x32 Version: 5.5.293 - National Instruments) Hidden
    NI Logos XT Support (x32 Version: 5.5.294 - National Instruments) Hidden
    NI Logos64 XT Support (Version: 5.5.294 - National Instruments) Hidden
    NI Math Kernel Libraries (x32 Version: 1.0.861.0 - National Instruments) Hidden
    NI MAX Remote Configuration 64-bit Installer 5.6 (Version: 5.60.49152 - National Instruments) Hidden
    NI MAX Remote Configuration Installer 5.6 (x32 Version: 5.60.49152 - National Instruments) Hidden
    NI MDF Support (x32 Version: 3.21.132 - National Instruments) Hidden
    NI mDNS Responder 2.2 for Windows 64-bit (Version: 2.20.49152 - National Instruments) Hidden
    NI mDNS Responder 2.2.0 (x32 Version: 2.20.49152 - National Instruments) Hidden
    NI Measurement Studio ComponentWorks 3D Graph (x32 Version: 8.6.10603 - National Instruments) Hidden
    NI MetaSuite Installer (x32 Version: 3.20.363 - National Instruments) Hidden
    NI Multisim API Toolkit for LabVIEW 2012 (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Multisim API Toolkit for LabVIEW 2013 (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Multisim LabVIEW Interoperability Support 13.0.1 (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Security Update (KB 67L8LCQW) (64-bit) (Version: 1.0.29.0 - National Instruments) Hidden
    NI Security Update (KB 67L8LCQW) (x32 Version: 1.0.29.0 - National Instruments) Hidden
    NI Service Locator 13.5 (x32 Version: 13.5.70 - National Instruments) Hidden
    NI SSL LabVIEW RTE 2012 SP1 Support (x32 Version: 12.5.8.0 - National Instruments) Hidden
    NI SSL LabVIEW RTE 2013 SP1 Support (x32 Version: 13.5.26 - National Instruments) Hidden
    NI SSL Support (64-bit) (Version: 13.5.69 - National Instruments) Hidden
    NI SSL Support (x32 Version: 13.5.69 - National Instruments) Hidden
    NI System API Windows 32-bit 5.6.0 (x32 Version: 5.60.84 - National Instruments) Hidden
    NI System API Windows 64-bit 5.6.0 (Version: 5.60.84 - National Instruments) Hidden
    NI System State Publisher (64-bit) (Version: 13.1.97 - National Instruments) Hidden
    NI System State Publisher (x32 Version: 13.1.97 - National Instruments) Hidden
    NI System Web Server 13.5 (x32 Version: 13.5.69 - National Instruments) Hidden
    NI System Web Server Base 13.5.0 (64-bit) (Version: 13.5.69 - National Instruments) Hidden
    NI System Web Server Base 13.5.0 (x32 Version: 13.5.69 - National Instruments) Hidden
    NI TDM Streaming 2.5 (64-bit) (Version: 2.5.46 - National Instruments) Hidden
    NI TDM Streaming 2.5 (x32 Version: 2.5.46 - National Instruments) Hidden
    NI Trace Engine (64-bit) (Version: 13.5.69 - National Instruments) Hidden
    NI Trace Engine (x32 Version: 13.5.69 - National Instruments) Hidden
    NI Uninstaller (x32 Version: 3.21.132 - National Instruments) Hidden
    NI Update Service 2.3 (64-bit) (Version: 2.30.53 - National Instruments) Hidden
    NI Update Service 2.3 (x32 Version: 2.30.65 - National Instruments) Hidden
    NI USI 2.1.0 (x32 Version: 2.1.05374 - National Instruments) Hidden
    NI USI 2.1.0 64-Bit (Version: 2.1.05374 - National Instruments) Hidden
    NI VC2005MSMs x64 (Version: 8.05.0 - National Instruments) Hidden
    NI VC2005MSMs x86 (x32 Version: 8.05.0 - National Instruments) Hidden
    NI VC2008MSMs x64 (Version: 9.0.401 - National Instruments) Hidden
    NI VC2008MSMs x86 (x32 Version: 9.0.401 - National Instruments) Hidden
    NI VC2010SP1MSMs x64 (Version: 10.0.100 - National Instruments) Hidden
    NI VC2010SP1MSMs x86 (x32 Version: 10.0.100 - National Instruments) Hidden
    NI Visual C++ 2008 Redistributable Package (x32 Version: 9.00.49152 - National Instruments) Hidden
    NI Visual C++ 2010 Redistributable Package (x32 Version: 10.02.49152 - National Instruments) Hidden
    NI Web Application Server 13.5 (64-bit) (Version: 13.5.70 - National Instruments) Hidden
    NI Web Application Server 13.5 (x32 Version: 13.5.70 - National Instruments) Hidden
    NI-Mesa (Version: 13.0.3 - National Instruments) Hidden
    NI-Mesa (x32 Version: 13.0.3 - National Instruments) Hidden
    NI-RPC 4.4.0f0 (x32 Version: 4.40.49152 - National Instruments) Hidden
    NI-RPC 4.4.0f0 for 64 Bit Windows (Version: 4.40.49152 - National Instruments) Hidden
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
    NVIDIA 3D Vision Controller Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA GeForce Experience 1.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8 - NVIDIA Corporation)
    NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
    NVIDIA Virtual Audio 1.2.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.12 - NVIDIA Corporation)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
    Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
    OpenSCAD (remove only) (HKLM-x32\...\OpenSCAD) (Version: - )
    Pad2Pad 1.9.89 (HKLM-x32\...\Pad2Pad_is1) (Version: - Pad2Pad.com)
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    ph (x32 Version: 1.0.0 - Your Company Name) Hidden
    PICBASIC PRO(tm) Compiler 3.0.7.0 (HKLM-x32\...\PBP3_is1) (Version: 3.0.7.0 - microEngineering Labs, Inc.)
    PICkit 2 v2.60 (HKLM-x32\...\{9602161A-1B1D-4EDB-9AFD-AF71B184920D}) (Version: 2.60.00 - Microchip)
    PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
    ProductContext (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
    Python 3.3.2 (64-bit) (HKLM\...\{9FA9A2A6-19E4-381A-8AF3-F8CF12F0DCF0}) (Version: 3.3.2150 - Python Software Foundation)
    Python Tools for Visual Studio 2012 (HKLM-x32\...\{1B1B4164-E8DC-448B-926A-857E8A3E125B}) (Version: 2.0.10620.00 - Microsoft Corporation)
    Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
    Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
    Qt Creator (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\Qt Creator) (Version: 3.3.0 - Qt Project)
    Qt Enterprise (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\Qt Enterprise) (Version: 1.0.1 - Digia Plc)
    QuickBooks (x32 Version: 24.0.4016.2403 - Intuit Inc.) Hidden
    QuickBooks Desktop File Doctor (HKLM-x32\...\{5716778B-DC86-475F-9977-1E7153F7B588}) (Version: 3.7.0 - Inuit)
    QuickBooks File Doctor (HKLM-x32\...\{45780E89-7B52-4E92-A9DC-1172EF556708}) (Version: 3.6 - Intuit)
    QuickBooks Pro 2014 (HKLM-x32\...\{4A21D17E-2FE8-42CD-88B7-ACF8E8860834}) (Version: 24.0.4016.2403 - Intuit Inc.)
    QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
    QuickBooks SDK 5.0 (HKLM-x32\...\{9BE10B36-614C-4519-A7CB-0FCF2720863F}) (Version: 5.0.00203.0 - Intuit)
    QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
    Radlink Lite Launcher (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\11cff10e06d5938f) (Version: 1.0.0.0 - Radlink)
    RingCentral Meetings (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\RingCentralMeetings) (Version: 3.5 - Zoom Video Communications, Inc. and RingCentral Inc.)
    RingCentral Softphone (HKLM-x32\...\{52F10407-8CF3-4EEB-8D4A-9AA02AE861FC}) (Version: 6.04.001.50 - RingCentral, Inc)
    RingCentral Voicemail Player (HKLM-x32\...\{FB705754-66FB-4419-9EA9-EB020DEA8D50}) (Version: 1.4.31 - RingCentral Inc.)
    Roslyn Language Services - x86 (x32 Version: 14.0.22310 - Microsoft Corporation) Hidden
    SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
    Service Pack 1 for SQL Server 2012 (KB2674319) (64-bit) (HKLM\...\KB2674319) (Version: 11.1.3000.0 - Microsoft Corporation)
    Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
    SharePoint Client Components (Version: 15.0.4641.1002 - Microsoft Corporation) Hidden
    SharePoint Client Components (Version: 16.0.3104.1200 - Microsoft Corporation) Hidden
    SHIELD Streaming (Version: 1.6.75 - NVIDIA Corporation) Hidden
    SignagePlayer (HKLM-x32\...\SignagePlayer.86EE3EEE54D7DB049D16E358CDC443F088917621.1) (Version: 3.0.1110 - Signage)
    SignagePlayer (x32 Version: 3.0.1110 - Signage) Hidden
    SignageStudio (HKLM-x32\...\SignageStudio.86EE3EEE54D7DB049D16E358CDC443F088917621.1) (Version: 4.0.79 - Signage)
    SignageStudio (x32 Version: 4.0.79 - Signage) Hidden
    SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
    SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
    SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
    SketchUp 8 (HKLM-x32\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
    Skype™ 6.7 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.7.102 - Skype Technologies S.A.)
    SmartRF Packet Sniffer (HKLM-x32\...\Texas Instruments Packet Sniffer) (Version: 2.18.1 - Texas Instruments)
    Smartwaiver Kiosk (HKLM-x32\...\{3618D6B9-2C9A-463B-A2BE-5BFFCDF151AE}) (Version: 1.0.43029 - Smartwaiver)
    SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
    SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    SQL Server 2012 BI Development Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Client Tools (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Common Files (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Database Engine Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Database Engine Shared (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
    SQL Server 2012 Full text search (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Management Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Reporting Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
    SQL Server 2012 Reporting Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 SQL Data Quality Common (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
    Sql Server Customer Experience Improvement Program (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    Stamps.com (HKLM-x32\...\Stamps.com) (Version: - Stamps.com, Inc.)
    Stamps.com (x32 Version: 12.1.1.2876 - Stamps.com, Inc.) Hidden
    Stamps.com ProLabel Printer Driver (HKLM-x32\...\Stamps.com ProLabel Printer Driver) (Version: - Stamps.com, Inc.)
    Stamps.com ProLabel Printer Driver (x32 Version: 1.0.0.2 - Stamps.com) Hidden
    Stamps.com support for Intuit QuickBooks 2004-2011 (HKLM-x32\...\Stamps.com support for Intuit QuickBooks 2004-2011) (Version: - Stamps.com, Inc.)
    Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    STMicroelectronics DfuSe v3.0.2 (HKLM-x32\...\InstallShield_{7D99CBC9-46E9-4070-BF20-25136AE7052E}) (Version: 3.0.2 - STMicroelectronics)
    STMicroelectronics DfuSe v3.0.2 (x32 Version: 3.0.2 - STMicroelectronics) Hidden
    Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Team Explorer for Microsoft Visual Studio 2015 Preview (x32 Version: 14.0.22310 - Microsoft Corporation) Hidden
    TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.44109 - TeamViewer)
    Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
    Toolkit Documentation (x32 Version: 8.100.26866 - Microsoft) Hidden
    TortoiseGit 1.8.9.0 (64 bit) (HKLM\...\{D270F72A-913D-421E-AD56-5477132B1EC6}) (Version: 1.8.9.0 - TortoiseGit)
    Total Annihilation v3.9.01 Beta Patch (HKLM-x32\...\{28CEB942-CB26-4936-91A8-D9F3FC44EF80}) (Version: 3.9.01 - TAUniverse)
    TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
    TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
    TypeScript Power Tool (x32 Version: 1.3.0.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 14 (x32 Version: 1.3.0.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
    UltraEdit (HKLM-x32\...\InstallShield_{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}) (Version: 21.30.1010 - IDM Computer Solutions, Inc.)
    UltraEdit (x32 Version: 21.30.1010 - IDM Computer Solutions, Inc.) Hidden
    Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VCSetup (HKLM-x32\...\{4023F084-ADD3-4080-89FB-253373871BD6}) (Version: 1.0.0.0 - VCSetup)
    Vegas Pro 11.0 (64-bit) (HKLM\...\{CF411A4F-5ED9-11E1-B971-F04DA23A5C58}) (Version: 11.0.595 - Sony)
    Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
    VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
    VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
    Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
    Visual Studio 2012 Update 3 (KB2707250) (HKLM-x32\...\{29828f33-4679-462a-8c98-1c3507678922}) (Version: 11.0.60610 - Microsoft Corporation)
    Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
    VisualGDB (HKLM-x32\...\{5DAD3404-D23E-4AED-B4CE-3268B085F010}) (Version: 4.3.10.235 - Sysprogs)
    VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    VsHub (x32 Version: 1.0.0.0 - Microsoft Corporation) Hidden
    WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF Data Services 5.6.2 Runtime (x32 Version: 5.6.61937.2 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2014 (x32 Version: 5.6.61937.2 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
    WD Quick View (HKLM-x32\...\{324C58C7-A292-4523-A943-91DE1EB6A1FE}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
    WD SmartWare (HKLM\...\{F6ABA2F3-9759-48CD-B25B-A07A811E92E4}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
    WD SmartWare Installer (HKLM-x32\...\{72fda14f-5a07-49d5-b7f7-202377e9b522}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
    WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.2 - WebM Project)
    WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
    Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation)
    Windows Azure Authoring Tools - October 2012 Release (HKLM\...\{8748EE66-A92C-472A-805A-A86C41D22848}) (Version: 1.8.31004.1351 - Microsoft Corporation)
    Windows Azure Emulator - October 2012 Release (HKLM\...\Windows Azure Emulator - October 2012 Release) (Version: 1.8.31004.1351 - Microsoft Corporation)
    Windows Azure Libraries for .NET – October 2012 (HKLM\...\{72934D7D-3379-497D-8FA4-1E28D21AFA20}) (Version: 1.8 - Microsoft Corporation)
    Windows Azure Tools for Microsoft Visual Studio 2012 - October 2012 (HKLM-x32\...\{899c21e3-a373-47ea-bf3f-59eeae908cdb}) (Version: 1.8.51019.1603 - Microsoft Corporation)
    Windows Driver Package - BeagleBone CDM Driver Package - Bus/D2XX Driver (03/18/2011 2.08.14) (HKLM\...\E115CC79390C233F94F72330FE3603A63E5204E2) (Version: 03/18/2011 2.08.14 - BeagleBone)
    Windows Driver Package - BeagleBone CDM Driver Package - VCP Driver (03/18/2011 2.08.14) (HKLM\...\A627DA08A5F362713EB4C440F904A2D1B8CD7E74) (Version: 03/18/2011 2.08.14 - BeagleBone)
    Windows Driver Package - Linux Developer Community (usbser) Ports (11/15/2007 5.1.2600.0) (HKLM\...\78AF41F3450C5037A588E124A3CFD63F195CB249) (Version: 11/15/2007 5.1.2600.0 - Linux Developer Community)
    Windows Driver Package - Linux Developer Community Net (06/21/2006 6.0.6000.16384) (HKLM\...\F8DB389D3D629D89F82795C4EB490AE50D7FB01E) (Version: 06/21/2006 6.0.6000.16384 - Linux Developer Community)
    Windows Driver Package - Stamps.com Printer (01/02/2013 7.0.1.9) (HKLM\...\D6C304AF42E45E95BBBD32FE0040738D3D2C15CF) (Version: 01/02/2013 7.0.1.9 - Stamps.com)
    Windows Driver Package - STMicroelectronics (STTub30) USB (11/09/2009 3.0.1.0) (HKLM\...\53CE3E570993AB2791A87B0143B353B816401784) (Version: 11/09/2009 3.0.1.0 - STMicroelectronics)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)
    WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
    Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
    Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.41015.0 - Microsoft Corporation) Hidden
    Xamarin Android Player (HKLM-x32\...\{5f63cdbe-6d50-4fdf-8efb-add7866fe390}) (Version: 0.0.24 - Xamarin)
    Xamarin Android Player (Version: 0.0.24 - Xamarin) Hidden
    X-CTU (HKLM-x32\...\{BC535415-7F95-45BE-8860-7B69E43BD13E}) (Version: 5.2.86 - Digi)
    Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison)
    Xming-fonts 7.5.0.70 (HKLM-x32\...\Xming-fonts_is1) (Version: 7.5.0.70 - Colin Harrison)
    Zebra CardStudio (HKLM-x32\...\{D4AF1D5F-9CB1-4735-BD98-E1DBE853F82D}) (Version: 1.25.4100.00 - Zebra Technologies Corporation)
    Zebra ZXP S3 and S1 Card Printers (HKLM-x32\...\{1132009E-7E6B-43D3-8F24-5554F5E9483B}) (Version: 05.30.00.00 - Zebra Technologies Corporation)
    Zebra ZXP S3 and S1 Card Printers (x32 Version: 05.30.00.00 - Zebra) Hidden
    Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\dwgviewr.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Battlefield\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1960\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
    CustomCLSID: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll ()
    CustomCLSID: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {034F7867-71C0-4823-BE22-DA0202E4CC7F} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e1ae7d3f57d0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {0D00C31B-F8B3-41AB-9F0A-EF7BED98B23B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-14] (Adobe Systems Incorporated)
    Task: {1DAC4F16-6157-41B3-9DD4-2F9E085E9AAA} - System32\Tasks\AdobeAAMUpdater-1.0-Battlefield-PC-Jordan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
    Task: {2F8521DB-C1B8-4498-AA4F-358688DF68CF} - System32\Tasks\hpUrlLauncher.exe_{F00FFB5D-FD89-48A2-A7E4-B9113D6053A0} => C:\Program Files\HP\HP Officejet Pro 8600\Bin\utils\hpUrlLauncher.exe [2012-10-17] (Hewlett-Packard Co.)
    Task: {3940C9F8-E811-406C-A255-D6B9079A7A58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {4645320B-A77E-4ED1-8669-EF1B0A5B1BCF} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
    Task: {4EF28CCE-4250-4AAE-A1F7-3B5D52518FFA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {5E682862-FA1B-462B-999B-D6E206CAB558} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e1ae7d024ecb => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {626B862E-DE49-407F-BB09-27902105A199} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
    Task: {697CD93D-B2DE-445F-88BE-956C66EC9023} - System32\Tasks\AdobeAAMUpdater-1.0-Battlefield-PC-CJ => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
    Task: {74154FEB-930E-41F2-82FA-551306202112} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
    Task: {75ADB88E-002C-4734-A144-52C28D118AD0} - System32\Tasks\G2MUploadTask-S-1-5-21-3544609310-1622349089-2069013866-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\3215\g2mupload.exe [2015-08-14] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {89B59F6E-2D5F-4B42-9885-A493E9DA1C7C} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
    Task: {8D9A022D-3FEA-49CD-9528-225C92BFB5A2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-03] (Adobe Systems Incorporated)
    Task: {938D9F26-F22A-4150-B21B-18FC7000C39B} - System32\Tasks\AdobeAAMUpdater-1.0-Battlefield-PC-Battlefield => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
    Task: {982E12A9-69AC-4070-B1E9-71274408C30B} - System32\Tasks\G2MUpdateTask-S-1-5-21-3544609310-1622349089-2069013866-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\3215\g2mupdate.exe [2015-08-14] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {A1E28B8B-F5FA-446E-8B97-1DA9C022CEAB} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
    Task: {A2284A70-45A9-4609-AFD3-F087C7D3ED2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {AC49B223-7D5B-4C5D-9B58-97151745FD29} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [2013-05-28] (National Instruments)
    Task: {AE13DE98-72A8-4B30-BD3D-34E29D1A37A2} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2012-10-08] ()
    Task: {B3C6C769-ED46-46FF-AC2F-9705D360A29B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
    Task: {C6207098-8482-427E-90D0-2CBCB0589A17} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-06-09] (Microsoft Corporation)
    Task: {D52D7FE0-0FC7-43A9-8CA8-9EB7C46D44C7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
    Task: {EB19B095-71A6-4E2E-AD1B-0A6DEAA2C1A5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-27] (Dropbox, Inc.)
    Task: {F1E5514E-65D0-42BB-AB25-52435BE9129A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Battlefield-PC-Battlefield Battlefield-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-06-02] (Microsoft Corporation)
    Task: {FC7224EB-156A-4ADB-A313-7FBA5597A518} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-27] (Dropbox, Inc.)
    Task: {FFF8733F-DACF-468F-983F-C7DBCF42BD4E} - System32\Tasks\RunAsStdUser Task => C:\Users\Battlefield\AppData\Local\KangoBoxSA\bin\1.0.2.0\KangoBoxSA.exe

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3544609310-1622349089-2069013866-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\3215\g2mupdate.exe
    Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3544609310-1622349089-2069013866-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\3215\g2mupload.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    Shortcut: C:\Users\Battlefield\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chief Architect\Chief Architect X2\Chief Architect Website.lnk -> hxxp://chiefarchitect.com
    Shortcut: C:\Users\Battlefield\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chief Architect\Chief Architect X2\IRC Checklist.lnk -> hxxp://chiefarchitect.com/useraccess/ircchecklis

    ==================== Loaded Modules (Whitelisted) ==============

    2014-05-28 16:23 - 2014-05-28 16:23 - 00098512 _____ () C:\Program Files (x86)\EMET 4.1\EMET_CE64.DLL
    2011-03-20 17:33 - 2015-07-22 20:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2011-12-22 13:04 - 2009-11-05 09:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
    2011-10-25 14:36 - 2010-09-26 10:04 - 00012056 _____ () C:\Windows\system32\spool\PRTPROCS\x64\CAPPP2K.DLL
    2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-03-21 04:07 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2017-05-19 12:09 - 2017-05-19 12:09 - 00139776 _____ () C:\Program Files (x86)\Windows NT\Accessories\WinUtilityHelper\wuhelper.exe
    2014-06-09 23:00 - 2014-06-09 23:00 - 00772456 _____ () C:\Program Files\TortoiseGit\bin\libgit2_tgit.dll
    2014-06-09 23:00 - 2014-06-09 23:00 - 00087400 _____ () C:\Program Files\TortoiseGit\bin\zlib1_tgit.dll
    2017-05-15 02:38 - 2017-05-15 02:38 - 34957896 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    2016-07-24 09:18 - 2016-07-24 09:18 - 00299520 _____ () C:\Program Files (x86)\CenterEdge Software\Basic.dll
    2011-10-20 14:14 - 2011-10-20 14:14 - 00073728 _____ () C:\Program Files (x86)\KEEBOX\150N Wireless Utility\ANPDApi.dll
    2011-10-20 14:13 - 2010-07-05 17:41 - 00299008 _____ () C:\Program Files (x86)\KEEBOX\150N Wireless Utility\WlanApp.dll
    2017-06-18 14:30 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2017-06-18 14:30 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2016-08-10 11:14 - 2016-08-10 11:14 - 40523480 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
    2014-05-28 16:23 - 2014-05-28 16:23 - 00089808 _____ () C:\Program Files (x86)\EMET 4.1\EMET_CE.DLL
    2017-06-18 14:30 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2017-05-30 01:39 - 2017-05-30 01:39 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
    2017-05-30 01:39 - 2017-05-30 01:39 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
    2017-05-30 01:38 - 2017-05-30 01:38 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
    2017-05-30 01:39 - 2017-05-30 01:39 - 00125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
    2017-06-04 07:47 - 2017-06-04 07:47 - 00110688 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
    2017-05-30 01:39 - 2017-05-30 01:39 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
    2014-09-26 04:43 - 2014-11-21 05:31 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1"

    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\houstondogtags.com -> hxxp://www.houstondogtags.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:34 - 2017-06-27 12:41 - 00000035 _____ C:\Windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 8.8.8.8 - 8.8.4.4
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    MpsSvc => Firewall Service is not running.
    bfe => Firewall Service is not running.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: asComSvc => 2
    MSCONFIG\Services: AsSysCtrlService => 2
    MSCONFIG\Services: atashost => 2
    MSCONFIG\Services: AudioEndpointBuilder => 2
    MSCONFIG\Services: AudioSrv => 2
    MSCONFIG\Services: BFE => 2
    MSCONFIG\Services: BITS => 3
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: CarboniteService => 2
    MSCONFIG\Services: CryptSvc => 3
    MSCONFIG\Services: dbupdate => 2
    MSCONFIG\Services: dbupdatem => 3
    MSCONFIG\Services: DbxSvc => 2
    MSCONFIG\Services: DisplayLinkService => 2
    MSCONFIG\Services: DpHost => 2
    MSCONFIG\Services: EPSON_Device_Control_Log_Service => 2
    MSCONFIG\Services: EPSON_Port_Communication_Service => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: hasplms => 2
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: NILM License Manager => 3
    MSCONFIG\Services: nlsX86cc => 2
    MSCONFIG\Services: Nonbrand_WUS-N_WPS => 2
    MSCONFIG\Services: NovacomD => 2
    MSCONFIG\Services: Palm_TCP_Relay => 2
    MSCONFIG\Services: Steam Client Service => 3
    MSCONFIG\Services: SwitchBoard => 3
    MSCONFIG\Services: TeamViewer8 => 2
    MSCONFIG\startupfolder: C:^Users^Battlefield^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
    MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: ASUS AiChargerPlus Execute => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
    MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
    MSCONFIG\startupreg: GoPro Studio Importer => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
    MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
    MSCONFIG\startupreg: NI Update Service => "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask
    MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
    MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: Steam => "E:\Games\Steam\steam.exe" -silent
    MSCONFIG\startupreg: VsHub.exe => "C:\Program Files (x86)\Common Files\Microsoft Shared\VsHub\1.0.0.0\vshub.exe" Execute --delay 120 --console false
    MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
    MSCONFIG\startupreg: WZCSLDR2 => C:\Program Files (x86)\KEEBOX\150N Wireless Utility\WZCSLDR2.exe
    MSCONFIG\startupreg: zep32AsyncUI => C:\Windows\system32\zep32AsyncUIClient.exe

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [TCP Query User{21DE7197-2A96-440B-8409-3278672B3654}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe
    FirewallRules: [UDP Query User{80557B49-3216-460F-ACA1-F84986A301EC}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe
    FirewallRules: [TCP Query User{73DD5642-9E22-45DE-9D6F-CE6123C26EAF}C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe] => (Allow) C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe
    FirewallRules: [UDP Query User{A85C3AA6-18FA-4EA2-8481-CFBE7F13FF52}C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe] => (Allow) C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe
    FirewallRules: [TCP Query User{29D2D530-85F1-499D-B75C-931B2281BCDD}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe
    FirewallRules: [UDP Query User{DEC8ADEE-2243-4006-8C39-A25184F69A30}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe
    FirewallRules: [TCP Query User{C07B1519-468D-46A6-9BA8-31719F37208C}C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe] => (Allow) C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe
    FirewallRules: [UDP Query User{35193AD7-8C6A-475F-8A21-4851FECEF9B7}C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe] => (Allow) C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe
    FirewallRules: [TCP Query User{0CEF4E58-D8AB-4E9F-8BA0-C75837BE9F1F}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe
    FirewallRules: [UDP Query User{3DC2606A-321E-4D22-9D94-310ACA201C7D}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe
    FirewallRules: [{D90A8D18-AA4A-44C5-9128-7CA3CDED4CB6}] => (Allow) C:\Program Files (x86)\EPSON\EPSON Advanced Printer Driver 4\Tools\PrinterNetworkSetting\APDNetSetting.exe
    FirewallRules: [{DCE18B44-6F90-4796-9531-52A82619938F}] => (Allow) C:\Program Files (x86)\EPSON\EPSON Advanced Printer Driver 4\Tools\PrinterNetworkSetting\APDNetSetting.exe
    FirewallRules: [TCP Query User{E67AB731-0552-4643-8FC0-99ECE7804B89}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe
    FirewallRules: [UDP Query User{3CF3B027-5552-44B8-9D9C-49E2AF345A39}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe
    FirewallRules: [{8441DB24-EEB5-490E-862C-66ADA4AF4A49}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Edge Inspect\EdgeInspect.exe
    FirewallRules: [{6F8C3444-C1F4-4F38-A8A1-337C784337A0}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
    FirewallRules: [{7F9B4F10-148D-46BC-AF2A-0E2F20F80839}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
    FirewallRules: [{E0F42E96-2008-4AF8-AD52-966B4F8C46FB}] => (Allow) LPort=7935
    FirewallRules: [{840EDBFF-7BC8-4E54-B95C-D92FA4AEA50B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
    FirewallRules: [TCP Query User{10FD08C7-63C0-4044-80B4-51933AE708E6}C:\program files (x86)\transmission-qt\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission-qt\transmission-qt.exe
    FirewallRules: [UDP Query User{03ADF8D9-B839-45B4-A13D-D80ACC1CC3FC}C:\program files (x86)\transmission-qt\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission-qt\transmission-qt.exe
    FirewallRules: [TCP Query User{60E241D3-416C-4D86-9E98-5A96E23BF2AB}C:\program files (x86)\digi\xctu\x-ctu.exe] => (Allow) C:\program files (x86)\digi\xctu\x-ctu.exe
    FirewallRules: [UDP Query User{74A531AE-3881-438D-A19F-65ACAF3C7FE8}C:\program files (x86)\digi\xctu\x-ctu.exe] => (Allow) C:\program files (x86)\digi\xctu\x-ctu.exe
    FirewallRules: [TCP Query User{3DF1874E-12AC-4588-AF54-222A40DAC867}C:\hulapos\connector\altaconnector.exe] => (Allow) C:\hulapos\connector\altaconnector.exe
    FirewallRules: [UDP Query User{7DE2AEB1-6DC0-4AD8-99D5-BA3AF04791D6}C:\hulapos\connector\altaconnector.exe] => (Allow) C:\hulapos\connector\altaconnector.exe
    FirewallRules: [TCP Query User{00FE2257-6023-492C-A009-02AD9F279C8A}C:\hulapos\desktop\altadesktop.exe] => (Allow) C:\hulapos\desktop\altadesktop.exe
    FirewallRules: [UDP Query User{64B2B9E8-2081-45CD-BCE6-507EF3C5D54A}C:\hulapos\desktop\altadesktop.exe] => (Allow) C:\hulapos\desktop\altadesktop.exe
    FirewallRules: [TCP Query User{816D102D-5644-46D2-8E5F-29969B36FD0F}C:\program files\kreateck\kreaposc\xmlserver.exe] => (Allow) C:\program files\kreateck\kreaposc\xmlserver.exe
    FirewallRules: [UDP Query User{7D8DDC6F-CE8F-4847-B397-3EF48EF77BD4}C:\program files\kreateck\kreaposc\xmlserver.exe] => (Allow) C:\program files\kreateck\kreaposc\xmlserver.exe
    FirewallRules: [TCP Query User{6E832EC2-8DA1-45FC-A74C-8E5B6E4D219A}C:\program files\kreateck\kreaposc\kreasrv.exe] => (Allow) C:\program files\kreateck\kreaposc\kreasrv.exe
    FirewallRules: [UDP Query User{A24DBA6D-DC66-4CB9-AEDB-70758672B95E}C:\program files\kreateck\kreaposc\kreasrv.exe] => (Allow) C:\program files\kreateck\kreaposc\kreasrv.exe
    FirewallRules: [{5A811A09-70FB-4A78-AC62-483B536C67ED}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudInstallWizard.exe
    FirewallRules: [{3CCEEB24-B6FE-47D1-AE93-BF5BCAB2DCAF}] => (Allow) C:\Program Files (x86)\EPSON\TM-T88V Software\TM88VUTL\TM88VUTL.EXE
    FirewallRules: [{48044054-F1AB-4AC7-9977-9748FE3AA509}] => (Allow) C:\Program Files (x86)\EPSON\TM-T88V Software\TM88VUTL\TM88VUTL.EXE
    FirewallRules: [{EAC4CA9D-A85D-4F96-94B4-C1A8A52E6EE8}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
    FirewallRules: [{DC7CF320-6F63-419B-B8D8-01DEB1369D2E}] => (Allow) LPort=1433
    FirewallRules: [{BDFAF512-755F-4FC5-BB2B-2D123E294212}] => (Allow) %ProgramFiles%\Microsoft SQL Server\MSSQL11.TESTSERVER\MSSQL\Binn\sqlservr.exe
    FirewallRules: [TCP Query User{DF65D74C-9B1B-4B95-B3F1-A3DDF5244D01}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe
    FirewallRules: [UDP Query User{40DB3F85-FEF2-416D-B5D1-1359F5955083}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe
    FirewallRules: [TCP Query User{5DF3485A-9E16-4A8A-9C4A-F8232CE4055F}C:\program files (x86)\centeredge software\sign editor\advsigneditor.exe] => (Allow) C:\program files (x86)\centeredge software\sign editor\advsigneditor.exe
    FirewallRules: [UDP Query User{764FA249-EE37-4A10-82CD-6EB3E56E98C7}C:\program files (x86)\centeredge software\sign editor\advsigneditor.exe] => (Allow) C:\program files (x86)\centeredge software\sign editor\advsigneditor.exe
    FirewallRules: [{63E4A817-0E9D-4FB0-A4C0-DC9DDF30570C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{2DACAAE6-E296-4337-A34B-F40E260597B2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [TCP Query User{E85343FA-1DDE-49EC-B83E-924DEE851515}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe
    FirewallRules: [UDP Query User{922EEBDB-6C5C-4ABA-B1E8-396AF7752035}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe
    FirewallRules: [TCP Query User{698DE5B8-DB6C-48F6-BCAA-AB91E1B1CC6B}C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe] => (Allow) C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe
    FirewallRules: [UDP Query User{9BD5431F-34F5-410B-A7BA-76CAC9891128}C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe] => (Allow) C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe
    FirewallRules: [{EB846824-11FF-4693-A022-EEC2F3B9BE02}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
    FirewallRules: [{1BB4D8F9-27A7-4B93-BDE5-6D7D7138AED8}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
    FirewallRules: [TCP Query User{93EF9754-D42D-4F18-93F0-B18F31A62CAA}C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe] => (Block) C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe
    FirewallRules: [UDP Query User{E45E194D-AA1C-44F9-A76F-951B9BCF283B}C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe] => (Block) C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe
    FirewallRules: [{FCF8042F-D3F8-477F-BC9E-6AB246C014EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{30A92F2C-FFFD-435F-AE6B-8FE639EC5289}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{04024E81-D530-4D96-87EC-D682240D60DC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{646F7C85-0C33-4E73-8752-838B566BB2E3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{05918C4D-8299-4390-9787-EDA0DFEDABB2}] => (Allow) C:\Users\Battlefield\AppData\Local\Temp\7zS3FDA\HPDiagnosticCoreUI.exe
    FirewallRules: [{C3AA7D0D-43E5-46DC-8C8E-64020D07A6D8}] => (Allow) C:\Users\Battlefield\AppData\Local\Temp\7zS3FDA\HPDiagnosticCoreUI.exe
    FirewallRules: [{239B7E07-663B-4A3E-9D9A-2B036D6E24F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\{5FA67C2B-DAAB-4F7B-AE09-CA97FE73EA59}\setup\hpznui40.exe
    FirewallRules: [{590D6C04-06B1-4D89-82D2-F25917535253}] => (Allow) C:\Users\Battlefield\AppData\Local\Temp\7zS595D\HPDiagnosticCoreUI.exe
    FirewallRules: [{FAFE6BB6-202E-4663-BBE1-F571742FAD74}] => (Allow) C:\Users\Battlefield\AppData\Local\Temp\7zS595D\HPDiagnosticCoreUI.exe
    FirewallRules: [{2BA8E74F-BE06-40EC-A838-513DBD77B8F7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
    FirewallRules: [{EB4C07C2-034F-42D8-BAC8-056E145564F9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
    FirewallRules: [{A651629E-5B5C-4E40-80C2-61103C315996}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
    FirewallRules: [{A4C7FF94-4592-42F6-A222-A5DCFA175846}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
    FirewallRules: [{89DF1122-71BD-4B60-AC7B-55B8DC5943AF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
    FirewallRules: [{6F986317-324A-4EAC-8112-91D90B80F431}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
    FirewallRules: [{917EC9F0-6A2F-45E3-B442-483A9440A2BD}] => (Allow) F:\Programs\Steam\SteamApps\common\Precipice Of Darkness 3\Rainslick3.exe
    FirewallRules: [{26A2330E-79DC-462D-BC5C-AAFD8C9839C1}] => (Allow) F:\Programs\Steam\SteamApps\common\Precipice Of Darkness 3\Rainslick3.exe
    FirewallRules: [{BA029A0D-4175-47B8-8B6B-A55064E00FB4}] => (Allow) F:\Programs\Steam\SteamApps\common\Penny Arcade's On the Rain-Slick Precipice of Darkness 4\Rainslick4.exe
    FirewallRules: [{A68A6E58-5FC3-4C46-B76A-92867231F0B3}] => (Allow) F:\Programs\Steam\SteamApps\common\Penny Arcade's On the Rain-Slick Precipice of Darkness 4\Rainslick4.exe
    FirewallRules: [{F11F05D5-C2E2-44D0-B753-4C504B97CED3}] => (Allow) F:\Programs\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{E073D3AF-E5EB-4379-BE1D-8C2668EF7005}] => (Allow) F:\Programs\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{CA6EBAF8-E81C-43D4-944E-3CD04D0C7B61}] => (Allow) F:\Programs\Steam\SteamApps\common\Mount and Blade Warband - Demo\mb_warband.exe
    FirewallRules: [{864E01D4-1584-4589-BF85-A0F8DC2D7A2E}] => (Allow) F:\Programs\Steam\SteamApps\common\Mount and Blade Warband - Demo\mb_warband.exe
    FirewallRules: [TCP Query User{5830EE70-0BAA-4823-A568-EA9D73E7FF07}F:\programs\warcraft iii\war3.exe] => (Allow) F:\programs\warcraft iii\war3.exe
    FirewallRules: [UDP Query User{848005F3-166C-4CD9-BA3A-90D0931C8CF9}F:\programs\warcraft iii\war3.exe] => (Allow) F:\programs\warcraft iii\war3.exe
    FirewallRules: [{CC1E8F12-4B64-4CF7-AE69-B042950E8E73}] => (Allow) F:\Programs\Steam\SteamApps\common\Supreme Commander 2\bin\SupremeCommander2.exe
    FirewallRules: [{31679F20-D431-4DDA-BD7C-0D1A3FD32A4E}] => (Allow) F:\Programs\Steam\SteamApps\common\Supreme Commander 2\bin\SupremeCommander2.exe
    FirewallRules: [{F2E54F3A-44D1-4449-A3D5-4E8E0118234A}] => (Allow) F:\Programs\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
    FirewallRules: [{87D327DF-B421-4B78-8612-1852648821AE}] => (Allow) F:\Programs\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
    FirewallRules: [{BA9EB260-B9AA-4952-8DC2-B2DE04EA1C56}] => (Allow) E:\Programs\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
    FirewallRules: [{C1003B40-9F70-4FB7-9F4F-3AEC0F9B1F37}] => (Allow) E:\Programs\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
    FirewallRules: [{F2ED918E-E456-456B-9547-770E33297DFA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{7FAD2B0E-A087-4B7F-9553-97D9AE4FB2EF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    FirewallRules: [{8B4A489A-152A-423E-8F66-882F7515168B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    FirewallRules: [{28567A16-FEF8-4DE3-99A0-991630750C5B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    FirewallRules: [{8EA089D3-1FBC-4BA0-91A7-9CF2240E28F4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    FirewallRules: [TCP Query User{F44B5AF2-59E2-447D-A24E-CCAF848C69E2}C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.exe
    FirewallRules: [UDP Query User{58CE18CD-C19A-4BEA-98D2-A9B37D7B782F}C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.exe
    FirewallRules: [TCP Query User{BEA657B3-685C-49EF-AC31-603D18D17F74}C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.vshost.exe
    FirewallRules: [UDP Query User{A0C6906D-B276-4BF5-9F11-BCE86116822D}C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.vshost.exe
    FirewallRules: [{3D6BDBE0-67E1-4D70-ABF5-B2FC21A40B98}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    FirewallRules: [{9ECFAB96-7127-421D-9C3B-A5C7440CC951}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    FirewallRules: [{058215F5-6301-472B-B297-CB410FB706FD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    FirewallRules: [{AD544C0D-C6D1-4281-AF68-7623F0192DB9}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    FirewallRules: [TCP Query User{4200CE53-85D0-4116-BAC1-AAD65ACC42D5}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe
    FirewallRules: [UDP Query User{2F64B061-BC36-4F53-A50C-94BD4616343D}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe
    FirewallRules: [TCP Query User{3F04C0BF-9F18-47A9-9B90-9E147F2A01DF}C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.vshost.exe
    FirewallRules: [UDP Query User{74998ED9-331F-435B-96E2-D868191B0B48}C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.vshost.exe
    FirewallRules: [TCP Query User{B94ADE4C-E96E-41D6-8AE4-A507CD13E41A}C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.exe
    FirewallRules: [UDP Query User{6F3CFFE7-FF81-49BA-B113-EEC1A34DE0B5}C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.exe
    FirewallRules: [{7FC56627-B2A0-4E0F-BCA5-3D9510C1C5BC}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{1C25887E-A19D-4EA0-BEB2-5AC8BD0E32D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{E65BD376-AB5C-43E7-8C46-53190D82D3AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{8F7730CB-A536-4447-A428-1E168306BF83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{A79BB051-F5F8-4243-9262-7BA3F26207B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [TCP Query User{4B7814C1-A3D8-49EB-90B7-7D12701C4E69}C:\users\battlefield\downloads\miner\stratumproxy\mining_proxy.exe] => (Allow) C:\users\battlefield\downloads\miner\stratumproxy\mining_proxy.exe
    FirewallRules: [UDP Query User{396E216E-9F17-43AF-BA26-8F562F5A732A}C:\users\battlefield\downloads\miner\stratumproxy\mining_proxy.exe] => (Allow) C:\users\battlefield\downloads\miner\stratumproxy\mining_proxy.exe
    FirewallRules: [{87C5029F-177C-4019-A2A2-F01013DF8F52}] => (Allow) LPort=5900
    FirewallRules: [{3983DEBD-A017-40CC-ADF7-D02644D0B1C7}] => (Allow) %ProgramFiles% (x86)\Intuit\QuickBooks 2014\QBW32Pro.exe
    FirewallRules: [{A9885A47-FDCA-422F-9E34-72CA8B5A9910}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{08EB4453-87D7-44B8-BA0D-6F6D568B2EBF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{E3D25432-B7AA-4DBA-9383-49A760A9710B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{4007A2CA-D1B1-4F7D-A71D-F644CD9068A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{25D29940-8C89-4F82-8BD9-BCD924009CC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{E7168564-088E-4F97-B7AC-9B3F0E62D0A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [TCP Query User{8080FAC4-365C-4C9A-BF55-BA078B9F63CB}C:\program files (x86)\freesshd\freesshdservice.exe] => (Allow) C:\program files (x86)\freesshd\freesshdservice.exe
    FirewallRules: [UDP Query User{BD6D8A92-BF51-4342-AFCC-74503DB787DA}C:\program files (x86)\freesshd\freesshdservice.exe] => (Allow) C:\program files (x86)\freesshd\freesshdservice.exe
    FirewallRules: [{AB30EC54-9F6F-463E-8E04-AC31BA22A3CD}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{254734B1-E4D2-4164-890C-BF62F467CC3A}C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe] => (Block) C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe
    FirewallRules: [UDP Query User{6E33599C-8236-4771-9DBD-12125C0A7651}C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe] => (Block) C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe
    FirewallRules: [TCP Query User{804EE654-C43E-49D0-8173-E7BD8431CE70}C:\program files (x86)\adobe\adobe edge animate\edgeanimate.exe] => (Allow) C:\program files (x86)\adobe\adobe edge animate\edgeanimate.exe
    FirewallRules: [UDP Query User{7916659A-35B6-45E5-B824-0136E55A2AFD}C:\program files (x86)\adobe\adobe edge animate\edgeanimate.exe] => (Allow) C:\program files (x86)\adobe\adobe edge animate\edgeanimate.exe
    FirewallRules: [{371C8FEB-0FA7-43BE-B3D6-466E2B0827BC}] => (Allow) LPort=55358
    FirewallRules: [TCP Query User{78EDF231-693B-4D80-A091-48FE86B716AE}C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe] => (Allow) C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe
    FirewallRules: [UDP Query User{0144FAAE-AB3C-4795-927F-8B70F094D852}C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe] => (Allow) C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe
    FirewallRules: [{68D2AA3F-597E-4B96-95B4-8C9E7DBE7484}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
    FirewallRules: [TCP Query User{1472D7D8-0C8B-42BB-A31A-6E830AEED84E}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.vshost.exe
    FirewallRules: [UDP Query User{4F1DFB01-D271-467D-803C-4F6D9BA5183E}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.vshost.exe
    FirewallRules: [TCP Query User{B4B8660C-2ECE-4EFE-89D2-28CEEE7BF483}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.exe
    FirewallRules: [UDP Query User{AE54391D-707D-4CA6-82BF-E83D9ECC25AF}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.exe
    FirewallRules: [TCP Query User{2F18F209-B725-4C19-A8FD-B11BBD5CB61A}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe
    FirewallRules: [UDP Query User{E543AE50-D63E-4EC9-83E7-241E0FF02D1F}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe
    FirewallRules: [TCP Query User{A580A19F-08CF-4A7B-9B22-DA53C61D9A4D}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe
    FirewallRules: [UDP Query User{AB8EE24A-7D93-485D-86BA-C50DCBE1E7A4}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe
    FirewallRules: [{5B75FDC7-3F67-4E93-ABAB-5CF6733C4B03}] => (Allow) C:\Users\Battlefield\AppData\Local\Temp\7zS0DB2\HPDiagnosticCoreUI.exe
    FirewallRules: [{DF878058-CFD4-4D53-B026-CF1A840A41FB}] => (Allow) C:\Users\Battlefield\AppData\Local\Temp\7zS0DB2\HPDiagnosticCoreUI.exe
    FirewallRules: [TCP Query User{E51E9D5E-E73B-44EA-B218-3E14578993BE}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
    FirewallRules: [UDP Query User{F2A40058-9BF5-4CB5-93A9-632F2E52ECEC}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
    FirewallRules: [TCP Query User{B5C808A6-8D1E-40C9-BD08-2240314A9F29}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.vshost.exe
    FirewallRules: [UDP Query User{5305549D-93B9-4CF9-AD57-462F018FA668}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.vshost.exe
    FirewallRules: [TCP Query User{428D70DA-0344-4861-A32D-052D6A99FA77}C:\users\battlefield\documents\visual studio 2012\projects\bfh server\bin\debug\timer - server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\bfh server\bin\debug\timer - server.vshost.exe
    FirewallRules: [UDP Query User{ACFA8C24-7C3E-4060-A8BC-603B18241BA2}C:\users\battlefield\documents\visual studio 2012\projects\bfh server\bin\debug\timer - server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\bfh server\bin\debug\timer - server.vshost.exe
    FirewallRules: [TCP Query User{4F39674F-ABB2-4C2F-A785-9B6B9F14C881}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.exe
    FirewallRules: [UDP Query User{DD0C0FA5-5D74-4431-9CDD-CE5C9C4DE67C}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.exe
    FirewallRules: [TCP Query User{D0E9CC85-B58A-4331-9807-625D6F2DF57D}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\command_center.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\command_center.vshost.exe
    FirewallRules: [UDP Query User{C08F2D19-4614-4C0B-92B2-147E39D072D0}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\command_center.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\command_center.vshost.exe
    FirewallRules: [TCP Query User{B4221ADF-98C2-4706-B89E-B9D455C29ED8}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe
    FirewallRules: [UDP Query User{514ECBDA-412E-433C-B7C0-F31C84FE655B}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe
    FirewallRules: [TCP Query User{7A167FBE-5C9C-400A-B9EA-ED678B7439D2}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe
    FirewallRules: [UDP Query User{0F32E4EE-F3A5-42C4-AD2E-D8A7EDB4C755}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe
    FirewallRules: [TCP Query User{33F19B68-CEA3-4F6D-AB0E-B239E20BB9A1}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe
    FirewallRules: [UDP Query User{911FBC84-2506-4725-B246-22A54B3302F2}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe
    FirewallRules: [{5368BE97-08CC-4125-8085-EBABB570E841}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{19E57C86-11ED-4D15-ACA4-E5E9864E8C1A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [{4EB5E612-4618-4D70-87BD-FDC65ACCDE1B}] => (Allow) C:\Program Files\Xamarin Android Player\AndroidPlayer.exe
    FirewallRules: [{3D7A837C-DBDD-48F9-8712-F676803A4BB6}] => (Allow) C:\Program Files\Xamarin Android Player\minimal_adb\adb.exe
    FirewallRules: [{A9C2A7E2-75FE-4C61-8B15-6FCD44513AE3}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
    FirewallRules: [{3B848BF1-A2CB-49D8-BEDD-6E15C4BDB929}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{22EC3136-CADE-4416-9D77-F40268D55AD2}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{C229CA86-D1D2-4089-A45B-2E31E803BAF1}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{4F08CF52-B016-4A68-944C-1304C9C0BE35}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{CD4A55A3-AC69-4910-B11D-11764353D2A1}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
    FirewallRules: [{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
    FirewallRules: [{8A3BB187-468E-4D84-9792-02A814D0A23C}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
    FirewallRules: [{DF58609B-7294-4D7B-8E9A-A4EABA727F0B}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
    FirewallRules: [{7CC2D7C2-C7CF-4B16-9F7F-7AFEA3BCE698}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
    FirewallRules: [{E2E1F59B-0414-4A4B-97A7-45A43C47693A}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
    FirewallRules: [TCP Query User{FA667B9D-BE55-48C8-B9ED-CEE23511DDC6}C:\program files (x86)\centeredge advantage signage\advantagesignage.exe] => (Allow) C:\program files (x86)\centeredge advantage signage\advantagesignage.exe
    FirewallRules: [UDP Query User{8DC286C6-4509-43DC-9AE9-C82169289513}C:\program files (x86)\centeredge advantage signage\advantagesignage.exe] => (Allow) C:\program files (x86)\centeredge advantage signage\advantagesignage.exe
    FirewallRules: [{4177BDF0-ECCA-4907-A8BD-A10C2EEA176C}] => (Block) C:\program files (x86)\centeredge advantage signage\advantagesignage.exe
    FirewallRules: [{6D916273-91A3-40AC-AB12-546CC034ECBE}] => (Block) C:\program files (x86)\centeredge advantage signage\advantagesignage.exe
    FirewallRules: [{8F73B3FF-5F1A-4D51-8035-F585C615B25C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{B259F625-5EC8-4E14-904E-36694377B46A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
    FirewallRules: [{CFE9621D-48EE-41EC-8FBC-08F7DA7808C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
    FirewallRules: [{70C26C98-A80F-46E2-9422-7384A1398D9C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{AFC17EF1-1446-4480-9545-D3DF7FB74DF3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{1E234857-9D17-4086-A87E-1B578793803A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [{4C51BEAB-255C-4190-B45F-71E47FBD1DE0}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [{1E4BEA55-0178-49AA-8152-715E546C8E34}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{1E39B6E6-7A11-44CE-9DBD-64B61BADF296}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{799170B7-2AF3-499B-8B7D-BBA7DD066371}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{28F81BF1-85D1-4AB3-8D1C-53742FB315C5}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{D5AE6E36-109F-4A1A-904A-A34F00605100}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{C9BC396F-AD4B-4ECE-9E57-2766CCE1B613}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{748F62A0-59AB-47B7-B3ED-73432725B2E3}] => (Allow) LPort=12292
    FirewallRules: [TCP Query User{DF3F3956-E321-4116-826F-BEE13EBCCE1E}C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe
    FirewallRules: [UDP Query User{089E405C-C889-470A-9AE4-BF2384CB7B68}C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Restore Points =========================

    23-06-2017 03:32:58 Windows Update
    26-06-2017 16:57:23 Removed Java 8 Update 45
    26-06-2017 16:58:38 Removed Java(TM) SE Development Kit 6 Update 39
    26-06-2017 17:00:12 Removed Java SE Development Kit 7 Update 55
    26-06-2017 17:01:39 Removed Java 8 Update 45
    26-06-2017 17:02:52 Removed Itibiti RTC
    27-06-2017 10:18:24 Windows Update
    27-06-2017 10:51:43 JRT Pre-Junkware Removal
    27-06-2017 12:40:18 Restore Point Created by FRST
    27-06-2017 14:45:37 Windows Update
    Check "winmgmt" service or repair WMI.


    ==================== Faulty Device Manager Devices =============

    Name: Officejet Pro 8600
    Description: Officejet Pro 8600
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/27/2017 05:11:50 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (06/27/2017 05:11:23 PM) (Source: MSSQL$TESTSERVER) (EventID: 9003) (User: )
    Description: The log scan number (31:245:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.

    Error: (06/27/2017 05:09:33 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: Event-ID 1

    Error: (06/27/2017 04:13:16 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18698, time stamp: 0x59189c94
    Faulting module name: EMET.DLL, version: 4.1.5228.513, time stamp: 0x535a1b50
    Exception code: 0xc00000fd
    Fault offset: 0x00072727
    Faulting process id: 0x1c8c
    Faulting application start time: 0x01d2ef8a2f16f8d7
    Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    Faulting module path: C:\Windows\AppPatch\EMET.DLL
    Report Id: 6f252a3f-5b7d-11e7-917f-14dae9460af3

    Error: (06/27/2017 02:55:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (06/27/2017 02:55:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (06/27/2017 02:49:38 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (06/27/2017 02:49:18 PM) (Source: MSSQL$TESTSERVER) (EventID: 9003) (User: )
    Description: The log scan number (31:245:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.

    Error: (06/27/2017 02:45:32 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: Event-ID 1

    Error: (06/27/2017 02:22:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


    System errors:
    =============
    Error: (06/27/2017 05:13:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
    {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
    and APPID
    {344ED43D-D086-4961-86A6-1106F4ACAD9B}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

    Error: (06/27/2017 05:12:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (06/27/2017 05:12:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

    Error: (06/27/2017 05:11:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Internet Connection Sharing (ICS) service depends on the Base Filtering Engine service which failed to start because of the following error:
    The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    Error: (06/27/2017 05:11:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (06/27/2017 05:11:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

    Error: (06/27/2017 05:11:23 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: The SQL Server (TESTSERVER) service terminated with service-specific error %%3414.

    Error: (06/27/2017 05:11:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error:
    The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    Error: (06/27/2017 05:11:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error:
    The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    Error: (06/27/2017 05:11:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The EPSON PCS Parallel Port Driver service failed to start due to the following error:
    The system cannot find the device specified.


    CodeIntegrity:
    ===================================
    Date: 2012-09-20 13:32:19.540
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2012-09-20 13:32:19.526
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: AMD Phenom(tm) II X6 1100T Processor
    Percentage of memory in use: 19%
    Total physical RAM: 16346.43 MB
    Available physical RAM: 13096.74 MB
    Total Virtual: 32691.04 MB
    Available Virtual: 29376.29 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:1862.92 GB) (Free:930.4 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 31A36B23)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

  5. #25
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,297

    Default

    Reading all those firewall rules from rougue killer about put my eyes out.
    And, what rogue killer found might have been removed by MBAM.

    Something you need to do now is to reset your browsers.

    Instructions on how to backup your Favourites/Bookmarks and other data can be found below.

    Proceed with the reset once done.


    *****************

    Start FRST (Please double-click on FRST/FRST64) with Administrator privileges

    Right click on the text below and select Copy.[beginning with Start:: and finishing with End::]

    Start::
    EndProcesses:
    CreateRestorePoint:
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-18\...A8F59079A8D5}\localserver32: <==== ATTENTION
    SearchScopes: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000 -> DefaultScope {15BFE470-906B-4A79-A375-221C945C87F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
    SearchScopes: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000 -> {15BFE470-906B-4A79-A375-221C945C87F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
    FF SelectedSearchEngine: Mozilla\Firefox\Profiles\yvro0wpn.default -> Yahoo powered search
    FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\yvro0wpn.default -> Yahoo powered search
    FF DefaultSearchEngine: Mozilla\Firefox\Profiles\yvro0wpn.default -> Yahoo powered search
    CHR DefaultSearchURL: Default -> hxxps://www.teoma.com/web?q={searchTerms}
    CHR DefaultSearchKeyword: Default -> hxxps://teoma.com
    CHR DefaultSuggestURL: Default -> hxxp://www.teoma.com/ss?type=prefix&li=ff&q={searchTerms}
    2017-06-27 13:30 - 2017-05-12 13:24 - 1732864 _____ (Microsoft Corporation) C:\Users\Battlefield\AppData\Local\Temp\dllnt_dump.dll
    Emptytemp:
    End::


    Press the Fix button.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    ***************

    I'd like to see an online scan now.

    • Download Emsisoft Emergency Kit and save it to your desktop.
    • Double-click icon then click Install
    • A Window should open highlighting Start Emergency Kit Scanner
    • Right click on the icon and select Run as administrator
    • Click 1. Update now!
    • Once the update is completed select Settings under Scan
    • Uncheck Join the Emsisoft Anti-Malware Network
    • Click Scan at the top
    • Click On scan completion
    • Click Quarantine detected objects, then click OK
    • Click Malware Scan
    • Once completed click View Report
    • Save the file to your Desktop using the default file name
    • Copy and paste the report in your reply

    ==========

    Please post these 2 logs when finished.

    How is the computer now?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  6. #26
    Junior Member
    Join Date
    Jun 2017
    Posts
    20

    Default Looking Better

    Things feel better. I don't see as much delay when starting up as before. Also doesn't seem to be slowing down the longer I stay online, so definitely better. Here is the FRST log file and addition. Running Emergency Kit now.

    Fix result of Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01
    Ran by Battlefield (27-06-2017 19:25:58) Run:8
    Running from C:\Users\Battlefield\Desktop
    Loaded Profiles: Battlefield & QBDataServiceUser24 (Available Profiles: Battlefield & QBDataServiceUser21 & QBDataServiceUser24 & Jordan & CJ & MSSQL$TESTSERVER & ReportServer & MSSQLFDLauncher & MSSQLSERVER)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************

    EndProcesses:
    CreateRestorePoint:
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-18\...A8F59079A8D5}\localserver32: <==== ATTENTION
    SearchScopes: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000 -> DefaultScope {15BFE470-906B-4A79-A375-221C945C87F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
    SearchScopes: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000 -> {15BFE470-906B-4A79-A375-221C945C87F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
    FF SelectedSearchEngine: Mozilla\Firefox\Profiles\yvro0wpn.default -> Yahoo powered search
    FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\yvro0wpn.default -> Yahoo powered search
    FF DefaultSearchEngine: Mozilla\Firefox\Profiles\yvro0wpn.default -> Yahoo powered search
    CHR DefaultSearchURL: Default -> hxxps://www.teoma.com/web?q={searchTerms}
    CHR DefaultSearchKeyword: Default -> hxxps://teoma.com
    CHR DefaultSuggestURL: Default -> hxxp://www.teoma.com/ss?type=prefix&li=ff&q={searchTerms}
    2017-06-27 13:30 - 2017-05-12 13:24 - 1732864 _____ (Microsoft Corporation) C:\Users\Battlefield\AppData\Local\Temp\dllnt_dump.dll
    Emptytemp:

    *****************

    EndProcesses: => Error: No automatic fix found for this entry.
    Restore point was successfully created.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
    HKU\S-1-5-18\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 => key not found.
    HKU\S-1-5-18\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} => key removed successfully
    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15BFE470-906B-4A79-A375-221C945C87F2} => key not found.
    HKLM\Software\Classes\CLSID\{15BFE470-906B-4A79-A375-221C945C87F2} => key not found.
    FF SelectedSearchEngine: Mozilla\Firefox\Profiles\yvro0wpn.default -> Yahoo powered search => not found
    FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\yvro0wpn.default -> Yahoo powered search => not found
    FF DefaultSearchEngine: Mozilla\Firefox\Profiles\yvro0wpn.default -> Yahoo powered search => not found
    Chrome DefaultSearchURL => not found.
    Chrome DefaultSearchKeyword => not found.
    Chrome DefaultSuggestURL => not found.
    C:\Users\Battlefield\AppData\Local\Temp\dllnt_dump.dll => moved successfully

    =========== EmptyTemp: ==========

    BITS transfer queue => 12582912 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7328473 B
    Java, Flash, Steam htmlcache => 291 B
    Windows/system/drivers => 1923608 B
    Edge => 0 B
    Chrome => 13911051 B
    Firefox => 0 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Users => 0 B
    Default => 0 B
    Public => 0 B
    ProgramData => 0 B
    systemprofile => 0 B
    systemprofile32 => 0 B
    LocalService => 0 B
    NetworkService => 8226 B
    Battlefield => 15731932 B
    UpdatusUser => 0 B
    QBDataServiceUser21 => 0 B
    postgres => 0 B
    UpdatusUser => 0 B
    QBDataServiceUser24 => 0 B
    Jordan => 0 B
    CJ => 0 B
    MSSQL$TESTSERVER => 0 B
    ReportServer => 0 B
    MSSQLFDLauncher => 0 B
    MSSQLSERVER => 0 B

    RecycleBin => 0 B
    EmptyTemp: => 49.1 MB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 19:26:36 ====

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01
    Ran by Battlefield (27-06-2017 17:25:30)
    Running from C:\Users\Battlefield\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) (2011-10-21 18:49:17)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3544609310-1622349089-2069013866-500 - Administrator - Disabled)
    Battlefield (S-1-5-21-3544609310-1622349089-2069013866-1000 - Administrator - Enabled) => C:\Users\Battlefield
    CJ (S-1-5-21-3544609310-1622349089-2069013866-1019 - Limited - Enabled) => C:\Users\CJ
    Guest (S-1-5-21-3544609310-1622349089-2069013866-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3544609310-1622349089-2069013866-1003 - Limited - Enabled)
    Jordan (S-1-5-21-3544609310-1622349089-2069013866-1018 - Limited - Enabled) => C:\Users\Jordan
    photoshop (S-1-5-21-3544609310-1622349089-2069013866-1006 - Limited - Enabled)
    QBDataServiceUser21 (S-1-5-21-3544609310-1622349089-2069013866-1004 - Limited - Enabled) => C:\Users\QBDataServiceUser21
    QBDataServiceUser24 (S-1-5-21-3544609310-1622349089-2069013866-1017 - Limited - Enabled) => C:\Users\QBDataServiceUser24

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    8600_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    8600_Readme (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
    Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)
    Adobe After Effects CS5.5 Third Party Content (HKLM-x32\...\{606A0AC5-5F90-4379-81AE-11B44707E094}) (Version: 10.5 - Adobe Systems Incorporated)
    Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11.0.4 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
    Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.2.0 - Adobe Systems Incorporated)
    Adobe Audition CS6 (HKLM-x32\...\{30FD541D-3C9D-41C4-B240-A994EE4E0231}) (Version: 5.0 - Adobe Systems Incorporated)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.1.1.202 - Adobe Systems Incorporated)
    Adobe Creative Suite 5.5 Production Premium (HKLM-x32\...\{7F05F449-4DC4-4E02-A8D1-4A3ED7DD5FA3}) (Version: 5.5 - Adobe Systems Incorporated)
    Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
    Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated)
    Adobe Edge Animate (HKLM-x32\...\{6A725C8E-E4E1-474A-A2B1-C17CCC48EC01}) (Version: 1.0 - Adobe Systems Incorporated)
    Adobe Edge Inspect (HKLM-x32\...\{BF73C0A4-5E3D-4C6F-8164-C0CCA57E32C8}) (Version: 1.0.327 - Adobe Systems Incorporated)
    Adobe Fireworks CS5 (HKLM-x32\...\{164965E8-4BB0-4EEB-AFBA-75785A2A2A7F}) (Version: 11.0 - Adobe Systems Incorporated)
    Adobe Fireworks CS6 (HKLM-x32\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.1 - Adobe Systems Incorporated)
    Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.168 - Adobe Systems Incorporated)
    Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
    Adobe Flash Professional CC 2014 (HKLM-x32\...\{AA704223-E11C-11E3-8A38-C09A633B72AF}) (Version: 14.1 - Adobe Systems Incorporated)
    Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_1_0) (Version: 21.1.0 - Adobe Systems Incorporated)
    Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
    Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_1_0) (Version: 12.1.0 - Adobe Systems Incorporated)
    Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.1.0.422 - Adobe Systems Incorporated)
    Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
    Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
    Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
    Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
    Adobe Photoshop Lightroom 4.1 64-bit (HKLM\...\{F7ADB493-B913-4D61-9A63-DA736C20C3F2}) (Version: 4.1.2 - Adobe)
    Adobe Photoshop Lightroom 5.5 64-bit (HKLM\...\{19BBD0F3-7A31-480D-8A23-19AE28035E9C}) (Version: 5.5.0 - Adobe Systems Incorporated)
    Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.2.0 - Adobe Systems Incorporated)
    Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
    Adobe SpeedGrade CC 2014 (HKLM-x32\...\{8EFF28F0-9DFD-4208-9E04-4D49A4812CF3}) (Version: 8.2.0 - Adobe Systems Incorporated)
    Adobe SpeedGrade CS6 (HKLM-x32\...\{3D46121C-A0E6-4259-B7E0-5127C218A096}) (Version: 6.0.0 - Adobe Systems Incorporated)
    Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
    Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
    Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
    Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
    AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.01 - ASUSTeK Computer Inc.)
    Akamai NetSession Interface (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
    Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
    Application Insights Tools for Visual Studio 2015 Preview (x32 Version: 3.0 - Microsoft Corporation) Hidden
    Arduino (HKLM-x32\...\Arduino) (Version: 1.6.3 - Arduino LLC)
    Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
    Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.210.0 - Autodesk)
    Avery Teoma Search App (HKLM-x32\...\{4156522D-5447-006A-76A7-A758B70C2D01}) (Version: 12.45.1.1317 - APN, LLC)
    AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
    AzureTools.Notifications (x32 Version: 2.4.20714.1601 - Microsoft Corporation) Hidden
    Battlefield Houston - Client (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\1df8928e2c062db7) (Version: 2.1.2.2 - Jessica Pittman)
    Battlefield Houston - Server (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\97442b722a32a1d7) (Version: 2.2.0.11 - Jessica Pittman)
    Battlefield Scoring (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\a517dafcecd8ee49) (Version: 1.0.0.4 - Jessica Pittman)
    Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50926.80 - Microsoft Corporation) Hidden
    Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50926.80 - Microsoft Corporation) Hidden
    bl (x32 Version: 1.0.0 - Your Company Name) Hidden
    Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    BPDSoftware (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    BrightAuthor (HKLM-x32\...\{98418140-3FEC-4866-9A08-D5E55567F3C6}) (Version: 3.7.0.37 - BrightSign)
    BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools 14.0 (amd64) (Version: 14.0.22310 - Microsoft Corporation) Hidden
    Build Tools 14.0 (x86) (x32 Version: 14.0.22310 - Microsoft Corporation) Hidden
    Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools Language Resources 14.0 (amd64) (Version: 14.0.22310 - Microsoft Corporation) Hidden
    Build Tools Language Resources 14.0 (x86) (x32 Version: 14.0.22310 - Microsoft Corporation) Hidden
    CenterEdge Advantage 17.1.26.1816 (HKLM-x32\...\{74c1a795-cf8e-40a8-81fb-6fa5d585fdde}) (Version: 17.1.26.1816 - CenterEdge Software)
    CenterEdge Advantage 17.1.26.1816 (x32 Version: 17.1.1816 - CenterEdge Software) Hidden
    CenterEdge Advantage Reporting 10.1.1 (HKLM-x32\...\{14FA5573-9162-4435-AB94-D50EF52628CD}) (Version: 10.1.1 - CenterEdge Software)
    CenterEdge Advantage Sign Editor 14.4.15.331 (HKLM-x32\...\{DEFE5D78-C354-4F64-8A50-C4B2AAB6DD52}) (Version: 14.4.0331 - CenterEdge Software)
    CenterEdge Advantage Signage 14.4.15.331 (HKLM-x32\...\{6F52E11B-C13E-49B8-8974-0AA2F3F5808D}) (Version: 14.4.0331 - CenterEdge Software)
    Check Designer (HKLM-x32\...\{A5E65B95-F016-474D-BC0D-6AF64412BBDF}) (Version: 11.0.0.0 - Avanquest North America, Inc.)
    Chief Architect X2 (HKLM-x32\...\{35AF2D74-7048-876E-1869-68B6D635F446}) (Version: 12.1.2.29 - Chief Architect)
    Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11299.0 - Cisco Consumer Products LLC)
    Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
    Citrix Online Launcher (HKLM-x32\...\{C1D35D06-E60A-4834-9B52-F1F3E65D03C9}) (Version: 1.0.239 - Citrix)
    Command Center (Development) (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\bde0a3ab2c906615) (Version: 1.1.5.3 - Jessica Pittman)
    Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
    Cura 1.1.1 (HKLM-x32\...\cura-type-a_1.1.1) (Version: - )
    CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DevExpress Components 14.2 (HKLM-x32\...\DevExpress Components 14.2) (Version: 14.2.4 - Developer Express Inc.)
    DevExpress Components 15.1 (HKLM-x32\...\DevExpress Components 15.1) (Version: 15.1.3 - Developer Express Inc.)
    DevExpress Documentation (HKLM-x32\...\DevExpress Documentation) (Version: - Developer Express Inc.)
    DevExpress WPF Demos (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\4e41a8afeb5c478d) (Version: 14.2.3.0 - Developer Express Inc.)
    DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
    Digi XCTU (HKLM\...\XCTU_6.1) (Version: 6.1.0.3 - Digi International)
    DisplayLink Core Software (HKLM\...\{DAA61D41-4809-46C6-9AE4-13A61C54FA23}) (Version: 7.2.47873.0 - DisplayLink Corp.)
    DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
    Dog Tag (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\87a4474b070f97dc) (Version: 1.0.0.7 - Microsoft)
    Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
    Dotfuscator and Analytics Community Edition 5.16.0 (x32 Version: 5.16.0.2178 - PreEmptive Solutions) Hidden
    Dropbox (HKLM-x32\...\Dropbox) (Version: 29.4.20 - Dropbox, Inc.)
    Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
    DWG TrueView 2015 - English (Version: 20.0.210.0 - Autodesk) Hidden
    EAGLE 6.5.0 (HKLM-x32\...\EAGLE 6.5.0) (Version: 6.5.0 - CadSoft Computer GmbH)
    EAGLE 7.1.0 (HKLM-x32\...\EAGLE 7.1.0) (Version: 7.1.0 - CadSoft Computer GmbH)
    EMET 4.1 Update 1 (HKLM-x32\...\{6A09FEB2-691C-456B-B982-2F6D21B19602}) (Version: 4.1.1 - Microsoft Corporation)
    Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
    Entity Framework 6.1.2 Tools Beta 1 for Visual Studio 14 (HKLM-x32\...\{FF33B0AD-CEAF-4EDF-8D68-AD34E601B039}) (Version: 14.0.31029.0 - Microsoft Corporation)
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{AFA4B0BF-3289-495A-B949-BA91F39B1A44}) (Version: 11.1.21009.00 - Microsoft Corporation)
    EPSON Advanced Printer Driver 4 (HKLM-x32\...\{11FF6AF6-0141-4EF8-829A-989459A1E5D8}) (Version: 4.53.0001 - SEIKO EPSON CORPORATION)
    EPSON APD4 Point and Print Support (x32 Version: 4.53.0001 - SEIKO EPSON CORPORATION) Hidden
    EPSON Port Communication Service (HKLM\...\{6F915A77-A189-424F-AC46-6201E7E380CF}) (Version: 3.4.2 - SEIKO EPSON CORPORATION)
    EPSON TM-T88V Utility Ver.1.31 (HKLM-x32\...\{F7174313-A545-4557-AB1B-BB79B086875C}) (Version: 1.6.0.2 - SEIKO EPSON CORPORATION)
    ErrorList (x32 Version: 1.0 - Microsoft Corporation) Hidden
    ezLCD30x Firmware Loader (HKLM-x32\...\{E08220E2-D867-44C0-8298-0EDCAB8E698B}) (Version: 1.0 - EarthLCD)
    Flash Builder (HKLM-x32\...\{C583836B-A856-4BB4-8377-0DA9BCECBDEA}) (Version: 4.6.1 - Adobe Systems Incorporated)
    GDR 3128 for SQL Server 2012 (KB2793634) (64-bit) (HKLM\...\KB2793634) (Version: 11.1.3128.0 - Microsoft Corporation)
    GDR 3153 for SQL Server 2012 (KB2977326) (64-bit) (HKLM\...\KB2977326) (Version: 11.1.3153.0 - Microsoft Corporation)
    GDR 3156 for SQL Server 2012 (KB3045318) (64-bit) (HKLM\...\KB3045318) (Version: 11.1.3156.0 - Microsoft Corporation)
    GDR 5520 for SQL Server 2008 (KB2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
    GDR 5538 for SQL Server 2008 (KB3045305) (64-bit) (HKLM\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
    GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
    Git version 1.9.0-preview20140217 (HKLM-x32\...\Git_is1) (Version: 1.9.0-preview20140217 - The Git Development Community)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
    Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
    Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
    GoPro App (x32 Version: 0.1.443 - GoPro, Inc.) Hidden
    GoPro Studio 2.5.5 (HKLM-x32\...\{5d43231e-c765-405a-a122-81de16acd8b4}) (Version: 2.5.5.443 - GoPro, Inc.)
    GoToMeeting 7.2.4.3215 (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\GoToMeeting) (Version: 7.2.4.3215 - CitrixOnline)
    GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
    HI-TECH C Compiler for the PIC10/12/16 MCUs V9.82PL0 (HKLM-x32\...\PICC 9.82) (Version: 9.82 - HI-TECH Software)
    HI-TECH C51-lite V9.60PL0 (HKLM-x32\...\HC51 9.60PL0) (Version: 9.60 - HI-TECH Software)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
    HP Officejet Pro K8600 (HKLM\...\{5FA67C2B-DAAB-4F7B-AE09-CA97FE73EA59}) (Version: 13.0 - HP)
    HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
    HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
    HP webOS SDK (HKLM\...\{53A97E00-7252-4ED0-A1EB-9F9712FC0AC9}) (Version: 3.0.676 - HP)
    HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
    iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
    IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
    Intel Edison Device USB driver (HKLM\...\Intel Edison Device USB driver) (Version: 1.0.0 - Intel)
    iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
    JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    K8600 (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    KEEBOX 150N Wireless Utility (HKLM-x32\...\{5C6B323C-863C-4B17-B8F7-198B5E0C4B50}) (Version: - Nonbrand)
    KeePass Password Safe 2.24 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.24 - Dominik Reichl)
    Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
    Lightroom 4.1 (HKLM-x32\...\{3c5418ff-7dea-4a37-8c52-45c670677773}) (Version: 4.1 - Adobe Systems Incorporated)
    LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
    LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
    LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
    Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
    Math Kernel Libraries (64-bit) (Version: 1.0.31.0 - National Instruments) Hidden
    Math Kernel Libraries (64-bit) (Version: 13.0.13 - National Instruments) Hidden
    Math Kernel Libraries (x32 Version: 1.0.31.0 - National Instruments) Hidden
    Math Kernel Libraries (x32 Version: 13.0.13 - National Instruments) Hidden
    Medic Control (Development) (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\f47e6bed37df04f6) (Version: 0.3.4.15 - Jessica Pittman)
    Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    MicroCode Studio (MCSX) (HKLM-x32\...\MicroCode Studio (MCSX)_is1) (Version: 5.0.0.5 - Mecanique UK)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.3 Preview Multi-Targeting Pack (ENU) (HKLM-x32\...\{6FF89029-E442-4346-BB1E-C73AA6F6D080}) (Version: 4.5.53346 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.3 Preview Multi-Targeting Pack (HKLM-x32\...\{861F6EBB-5856-4DB9-B812-363CFB1D2F56}) (Version: 4.5.53346 - Microsoft Corporation)
    Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft .NET Micro Framework SDK 4.3 (RTM) (HKLM-x32\...\{39855987-4CD2-4CA0-B9EB-C67B342699EA}) (Version: 4.3.0.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages 2 (HKLM-x32\...\{cb29be6c-39c4-493e-9da7-d585d5353714}) (Version: 2.0.20715.0 - Microsoft Corporation)
    Microsoft Expression Design 4 (HKLM-x32\...\Design_8.0.31217.1) (Version: 8.0.31217.1 - Microsoft Corporation)
    Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
    Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.22310 - Microsoft Corporation)
    Microsoft Office 365 Small Business Premium - en-us (HKLM\...\O365SmallBusPremRetail - en-us) (Version: 15.0.4737.1003 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
    Microsoft POS for .NET 1.1 (HKLM-x32\...\{C05ED040-923C-4175-8B8D-A8693B93598B}) (Version: 1.1.0603.1 - Microsoft Corporation)
    Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{F43ADE73-2880-4A95-B995-4FE386ECF667}) (Version: 10.3.5538.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{4F640A82-635E-431A-856A-F43E5EAAC130}) (Version: 11.1.3156.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Policies (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8AC82589-7217-48FE-9051-AE6D3B211B14}) (Version: 11.1.3156.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BA39D494-DDE8-407A-AE5A-18A43DFF74EA}) (Version: 11.1.3156.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{A67C75DE-BED6-4F1B-97EB-30CD1D40FFED}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (11.1.21208.0) (HKLM-x32\...\{EE43D481-9E18-4426-BDBA-9AD73F2FEC41}) (Version: 11.1.21208.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (14.0.41025.0) (HKLM-x32\...\{455A16B4-CD22-4529-B429-DD454573E76A}) (Version: 14.0.41025.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools 2012 (HKLM-x32\...\{b21eb07f-a9ca-423a-896d-7cc3a4fc6481}) (Version: 11.1.21208.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (11.1.21208.0) (HKLM-x32\...\{98A5B388-5ED7-42C5-9DCF-D9E8CF9E51C8}) (Version: 11.1.21208.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{DAF4DDA4-3B5A-407D-B4DF-07922C5A0D22}) (Version: 12.0.2360.29 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{659D2DBE-CA2C-4C8F-AF2B-2C8DE262B278}) (Version: 12.0.2360.29 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Preview Redistributable (x64) - 14.0.22310 (HKLM-x32\...\{eb6c06e7-8ff6-4978-ab4c-561383593306}) (Version: 14.0.22310.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Preview Redistributable (x86) - 14.0.22310 (HKLM-x32\...\{2e4043b7-cd84-44db-b81a-8f6e5ffb7398}) (Version: 14.0.22310.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio 2012 Shell (Integrated) (HKLM-x32\...\{55b160d2-8221-45fd-ab30-4388c69c0f3b}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio 2012 Shell (Integrated) Language Pack - ENU (HKLM-x32\...\{e1d01f79-be4a-4e83-b707-a009c4f6e53f}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio 2012 Shell (Isolated) (HKLM-x32\...\{d2e0df0f-bf0a-4a89-9530-ebf93842c393}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio 2012 Shell (Isolated) Language Pack - ENU (HKLM-x32\...\{b8df2deb-8a9f-48c8-9608-1eb3861b5630}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio 2015 Preview Secondary Installer (HKLM-x32\...\{B6CB8401-B0A8-4795-8BED-F7B49D51ABCF}_SecondaryInstaller) (Version: 14.0.22310 - Microsoft Corporation)
    Microsoft Visual Studio Express 2012 for Web - ENU (HKLM-x32\...\{4bd1cdab-bf82-42c1-af37-e4918141913f}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
    Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{02a877fe-5dac-4ac0-b869-4b9da00f651c}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
    Microsoft Visual Studio Ultimate 2015 Preview (HKLM-x32\...\{e1f58f60-306c-4f5b-9788-5b9292910779}) (Version: 14.0.22310.1 - Microsoft Corporation)
    Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft Web Deploy 3.6 Beta3 (HKLM\...\{07F0FC77-282E-42E5-BAE6-B8C098F8453E}) (Version: 3.1238.1942 - Microsoft Corporation)
    Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
    Microsoft Web Platform Installer 4.0 (HKLM\...\{75E2C40C-4345-4DD0-B5B3-B8EB92EEECB5}) (Version: 4.0.1679 - Microsoft Corporation)
    Module Microsoft Report Viewer pour Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Mozilla Firefox 17.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 17.0.1 (x86 en-US)) (Version: 17.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0.1 - Mozilla)
    MPLAB Tools v8.90 (HKLM-x32\...\InstallShield_{4BFBFE90-75A0-4728-8625-9776B82C99B3}) (Version: 8.90 - Microchip Technology Inc.)
    MPLAB Tools v8.90 (x32 Version: 8.90 - Microchip Technology Inc.) Hidden
    MPM (HKLM-x32\...\{BAB0F8F5-282A-45F1-B31A-EB894827456B}) (Version: 1.00.0000 - Hewlett-Packard)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.22310 - Microsoft Corporation) Hidden
    National Instruments Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
    Netduino Drivers (Version: 4.3.0001 - Secret Labs LLC) Hidden
    Netduino SDK Core (x32 Version: 4.3.0000 - Secret Labs LLC) Hidden
    Netduino SDK v4.3.0 (February 2013) (HKLM-x32\...\{21fb40c4-d906-4605-9916-2cd3c48c9e82}) (Version: 4.3.0.1 - Secret Labs LLC)
    NetViewer 2.1.373.0 (HKLM-x32\...\NetViewer) (Version: 2.1.373.0 - )
    Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
    NI .NET Framework 4.0 (x32 Version: 4.01.49152 - National Instruments) Hidden
    NI ActiveX Container (64-bit) (Version: 13.0.4 - National Instruments) Hidden
    NI ActiveX Container (x32 Version: 13.0.4 - National Instruments) Hidden
    NI Authentication 13.5.0 (64-bit) (Version: 13.5.70 - National Instruments) Hidden
    NI Authentication 13.5.0 (x32 Version: 13.5.70 - National Instruments) Hidden
    NI Circuit Design Suite 13.0.1 Core (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Circuit Design Suite 13.0.1 Edu Licenses (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Circuit Design Suite 13.0.1 Education (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Circuit Design Suite Master Database (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Curl 13.5.0 (64-bit) (Version: 13.5.69 - National Instruments) Hidden
    NI Curl 13.5.0 (x32 Version: 13.5.69 - National Instruments) Hidden
    NI Error Reporting 2013 SP1 (x32 Version: 13.1.98 - National Instruments) Hidden
    NI Error Reporting Interface Installer 5.5 (x32 Version: 5.50.49152 - National Instruments) Hidden
    NI Error Reporting Interface Installer 5.5 for Windows 64-bit (Version: 5.50.49152 - National Instruments) Hidden
    NI EulaDepot (x32 Version: 3.21.132 - National Instruments) Hidden
    NI Example Finder 13.0 (x32 Version: 13.0.324 - National Instruments) Hidden
    NI GMP Windows 32-bit Installer 13.5.0 (x32 Version: 13.50.15 - National Instruments) Hidden
    NI GMP Windows 64-bit Installer 13.5.0 (Version: 13.50.15 - National Instruments) Hidden
    NI Help Assistant 2.0 (64bit) (Version: 2.0.3 - National Instruments) Hidden
    NI Help Assistant 2.0 (x32 Version: 2.0.3 - National Instruments) Hidden
    NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 12.0.219.0 - National Instruments) Hidden
    NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 13.0.336 - National Instruments) Hidden
    NI LabVIEW 2012 Run-Time Engine Web Server (x32 Version: 12.5.198.0 - National Instruments) Hidden
    NI LabVIEW 2012 SP1 Run-Time Engine Non-English Support. (x32 Version: 12.1.52.0 - National Instruments) Hidden
    NI LabVIEW 2013 Deployment Framework (x32 Version: 13.0.428 - National Instruments) Hidden
    NI LabVIEW 2013 Run-Time Engine Web Server (x32 Version: 13.5.26 - National Instruments) Hidden
    NI LabVIEW 2013 SP1 Run-Time Engine Non-English Support. (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine 2012 SP1 f7 (x32 Version: 12.1.65.0 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine 2013 SP1 (x32 Version: 13.1.101 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine Interop 2012 SP1 (x32 Version: 12.1.65.0 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine Interop 2013 (x32 Version: 13.1.101 - National Instruments) Hidden
    NI LabVIEW-Multisim Co-simulation Plug-in 13.0 for LabVIEW 2012 (x32 Version: 13.0.995 - National Instruments) Hidden
    NI LabVIEW-Multisim Co-simulation Plug-in 13.0 for LabVIEW 2013 (x32 Version: 13.0.995 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 .NET Library (64-bit) (Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 .NET Library (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Analysis Library (64-bit) (Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Analysis Library (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Low-Level Driver (Original) (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Low-Level Driver (Updated) (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Network Streams Library (64-bit) (Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Network Streams Library (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Network Variable Library (64-bit) (Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Network Variable Library (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 TDMS Library (64-bit) (Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 TDMS Library (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI Run-Time Engine 2013 SP1 (Updated) (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI Shared Run-Time Engine 2013 SP1 (64-bit) (Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI Shared Run-Time Engine 2013 SP1 (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI Launcher (x32 Version: 3.21.136 - National Instruments) Hidden
    NI License Manager (x32 Version: 3.7.54 - National Instruments) Hidden
    NI Logos 5.5 (64-bit) (Version: 5.5.293 - National Instruments) Hidden
    NI Logos 5.5 (x32 Version: 5.5.293 - National Instruments) Hidden
    NI Logos XT Support (x32 Version: 5.5.294 - National Instruments) Hidden
    NI Logos64 XT Support (Version: 5.5.294 - National Instruments) Hidden
    NI Math Kernel Libraries (x32 Version: 1.0.861.0 - National Instruments) Hidden
    NI MAX Remote Configuration 64-bit Installer 5.6 (Version: 5.60.49152 - National Instruments) Hidden
    NI MAX Remote Configuration Installer 5.6 (x32 Version: 5.60.49152 - National Instruments) Hidden
    NI MDF Support (x32 Version: 3.21.132 - National Instruments) Hidden
    NI mDNS Responder 2.2 for Windows 64-bit (Version: 2.20.49152 - National Instruments) Hidden
    NI mDNS Responder 2.2.0 (x32 Version: 2.20.49152 - National Instruments) Hidden
    NI Measurement Studio ComponentWorks 3D Graph (x32 Version: 8.6.10603 - National Instruments) Hidden
    NI MetaSuite Installer (x32 Version: 3.20.363 - National Instruments) Hidden
    NI Multisim API Toolkit for LabVIEW 2012 (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Multisim API Toolkit for LabVIEW 2013 (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Multisim LabVIEW Interoperability Support 13.0.1 (x32 Version: 13.0.995 - National Instruments) Hidden
    NI Security Update (KB 67L8LCQW) (64-bit) (Version: 1.0.29.0 - National Instruments) Hidden
    NI Security Update (KB 67L8LCQW) (x32 Version: 1.0.29.0 - National Instruments) Hidden
    NI Service Locator 13.5 (x32 Version: 13.5.70 - National Instruments) Hidden
    NI SSL LabVIEW RTE 2012 SP1 Support (x32 Version: 12.5.8.0 - National Instruments) Hidden
    NI SSL LabVIEW RTE 2013 SP1 Support (x32 Version: 13.5.26 - National Instruments) Hidden
    NI SSL Support (64-bit) (Version: 13.5.69 - National Instruments) Hidden
    NI SSL Support (x32 Version: 13.5.69 - National Instruments) Hidden
    NI System API Windows 32-bit 5.6.0 (x32 Version: 5.60.84 - National Instruments) Hidden
    NI System API Windows 64-bit 5.6.0 (Version: 5.60.84 - National Instruments) Hidden
    NI System State Publisher (64-bit) (Version: 13.1.97 - National Instruments) Hidden
    NI System State Publisher (x32 Version: 13.1.97 - National Instruments) Hidden
    NI System Web Server 13.5 (x32 Version: 13.5.69 - National Instruments) Hidden
    NI System Web Server Base 13.5.0 (64-bit) (Version: 13.5.69 - National Instruments) Hidden
    NI System Web Server Base 13.5.0 (x32 Version: 13.5.69 - National Instruments) Hidden
    NI TDM Streaming 2.5 (64-bit) (Version: 2.5.46 - National Instruments) Hidden
    NI TDM Streaming 2.5 (x32 Version: 2.5.46 - National Instruments) Hidden
    NI Trace Engine (64-bit) (Version: 13.5.69 - National Instruments) Hidden
    NI Trace Engine (x32 Version: 13.5.69 - National Instruments) Hidden
    NI Uninstaller (x32 Version: 3.21.132 - National Instruments) Hidden
    NI Update Service 2.3 (64-bit) (Version: 2.30.53 - National Instruments) Hidden
    NI Update Service 2.3 (x32 Version: 2.30.65 - National Instruments) Hidden
    NI USI 2.1.0 (x32 Version: 2.1.05374 - National Instruments) Hidden
    NI USI 2.1.0 64-Bit (Version: 2.1.05374 - National Instruments) Hidden
    NI VC2005MSMs x64 (Version: 8.05.0 - National Instruments) Hidden
    NI VC2005MSMs x86 (x32 Version: 8.05.0 - National Instruments) Hidden
    NI VC2008MSMs x64 (Version: 9.0.401 - National Instruments) Hidden
    NI VC2008MSMs x86 (x32 Version: 9.0.401 - National Instruments) Hidden
    NI VC2010SP1MSMs x64 (Version: 10.0.100 - National Instruments) Hidden
    NI VC2010SP1MSMs x86 (x32 Version: 10.0.100 - National Instruments) Hidden
    NI Visual C++ 2008 Redistributable Package (x32 Version: 9.00.49152 - National Instruments) Hidden
    NI Visual C++ 2010 Redistributable Package (x32 Version: 10.02.49152 - National Instruments) Hidden
    NI Web Application Server 13.5 (64-bit) (Version: 13.5.70 - National Instruments) Hidden
    NI Web Application Server 13.5 (x32 Version: 13.5.70 - National Instruments) Hidden
    NI-Mesa (Version: 13.0.3 - National Instruments) Hidden
    NI-Mesa (x32 Version: 13.0.3 - National Instruments) Hidden
    NI-RPC 4.4.0f0 (x32 Version: 4.40.49152 - National Instruments) Hidden
    NI-RPC 4.4.0f0 for 64 Bit Windows (Version: 4.40.49152 - National Instruments) Hidden
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
    NVIDIA 3D Vision Controller Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA GeForce Experience 1.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8 - NVIDIA Corporation)
    NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
    NVIDIA Virtual Audio 1.2.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.12 - NVIDIA Corporation)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
    Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
    OpenSCAD (remove only) (HKLM-x32\...\OpenSCAD) (Version: - )
    Pad2Pad 1.9.89 (HKLM-x32\...\Pad2Pad_is1) (Version: - Pad2Pad.com)
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    ph (x32 Version: 1.0.0 - Your Company Name) Hidden
    PICBASIC PRO(tm) Compiler 3.0.7.0 (HKLM-x32\...\PBP3_is1) (Version: 3.0.7.0 - microEngineering Labs, Inc.)
    PICkit 2 v2.60 (HKLM-x32\...\{9602161A-1B1D-4EDB-9AFD-AF71B184920D}) (Version: 2.60.00 - Microchip)
    PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
    ProductContext (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
    Python 3.3.2 (64-bit) (HKLM\...\{9FA9A2A6-19E4-381A-8AF3-F8CF12F0DCF0}) (Version: 3.3.2150 - Python Software Foundation)
    Python Tools for Visual Studio 2012 (HKLM-x32\...\{1B1B4164-E8DC-448B-926A-857E8A3E125B}) (Version: 2.0.10620.00 - Microsoft Corporation)
    Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
    Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
    Qt Creator (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\Qt Creator) (Version: 3.3.0 - Qt Project)
    Qt Enterprise (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\Qt Enterprise) (Version: 1.0.1 - Digia Plc)
    QuickBooks (x32 Version: 24.0.4016.2403 - Intuit Inc.) Hidden
    QuickBooks Desktop File Doctor (HKLM-x32\...\{5716778B-DC86-475F-9977-1E7153F7B588}) (Version: 3.7.0 - Inuit)
    QuickBooks File Doctor (HKLM-x32\...\{45780E89-7B52-4E92-A9DC-1172EF556708}) (Version: 3.6 - Intuit)
    QuickBooks Pro 2014 (HKLM-x32\...\{4A21D17E-2FE8-42CD-88B7-ACF8E8860834}) (Version: 24.0.4016.2403 - Intuit Inc.)
    QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
    QuickBooks SDK 5.0 (HKLM-x32\...\{9BE10B36-614C-4519-A7CB-0FCF2720863F}) (Version: 5.0.00203.0 - Intuit)
    QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
    Radlink Lite Launcher (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\11cff10e06d5938f) (Version: 1.0.0.0 - Radlink)
    RingCentral Meetings (HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\RingCentralMeetings) (Version: 3.5 - Zoom Video Communications, Inc. and RingCentral Inc.)
    RingCentral Softphone (HKLM-x32\...\{52F10407-8CF3-4EEB-8D4A-9AA02AE861FC}) (Version: 6.04.001.50 - RingCentral, Inc)
    RingCentral Voicemail Player (HKLM-x32\...\{FB705754-66FB-4419-9EA9-EB020DEA8D50}) (Version: 1.4.31 - RingCentral Inc.)
    Roslyn Language Services - x86 (x32 Version: 14.0.22310 - Microsoft Corporation) Hidden
    SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
    Service Pack 1 for SQL Server 2012 (KB2674319) (64-bit) (HKLM\...\KB2674319) (Version: 11.1.3000.0 - Microsoft Corporation)
    Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
    SharePoint Client Components (Version: 15.0.4641.1002 - Microsoft Corporation) Hidden
    SharePoint Client Components (Version: 16.0.3104.1200 - Microsoft Corporation) Hidden
    SHIELD Streaming (Version: 1.6.75 - NVIDIA Corporation) Hidden
    SignagePlayer (HKLM-x32\...\SignagePlayer.86EE3EEE54D7DB049D16E358CDC443F088917621.1) (Version: 3.0.1110 - Signage)
    SignagePlayer (x32 Version: 3.0.1110 - Signage) Hidden
    SignageStudio (HKLM-x32\...\SignageStudio.86EE3EEE54D7DB049D16E358CDC443F088917621.1) (Version: 4.0.79 - Signage)
    SignageStudio (x32 Version: 4.0.79 - Signage) Hidden
    SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
    SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
    SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
    SketchUp 8 (HKLM-x32\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
    Skype™ 6.7 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.7.102 - Skype Technologies S.A.)
    SmartRF Packet Sniffer (HKLM-x32\...\Texas Instruments Packet Sniffer) (Version: 2.18.1 - Texas Instruments)
    Smartwaiver Kiosk (HKLM-x32\...\{3618D6B9-2C9A-463B-A2BE-5BFFCDF151AE}) (Version: 1.0.43029 - Smartwaiver)
    SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
    SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    SQL Server 2012 BI Development Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Client Tools (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Common Files (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Database Engine Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Database Engine Shared (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
    SQL Server 2012 Full text search (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Management Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Reporting Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
    SQL Server 2012 Reporting Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 SQL Data Quality Common (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
    Sql Server Customer Experience Improvement Program (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    Stamps.com (HKLM-x32\...\Stamps.com) (Version: - Stamps.com, Inc.)
    Stamps.com (x32 Version: 12.1.1.2876 - Stamps.com, Inc.) Hidden
    Stamps.com ProLabel Printer Driver (HKLM-x32\...\Stamps.com ProLabel Printer Driver) (Version: - Stamps.com, Inc.)
    Stamps.com ProLabel Printer Driver (x32 Version: 1.0.0.2 - Stamps.com) Hidden
    Stamps.com support for Intuit QuickBooks 2004-2011 (HKLM-x32\...\Stamps.com support for Intuit QuickBooks 2004-2011) (Version: - Stamps.com, Inc.)
    Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    STMicroelectronics DfuSe v3.0.2 (HKLM-x32\...\InstallShield_{7D99CBC9-46E9-4070-BF20-25136AE7052E}) (Version: 3.0.2 - STMicroelectronics)
    STMicroelectronics DfuSe v3.0.2 (x32 Version: 3.0.2 - STMicroelectronics) Hidden
    Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Team Explorer for Microsoft Visual Studio 2015 Preview (x32 Version: 14.0.22310 - Microsoft Corporation) Hidden
    TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.44109 - TeamViewer)
    Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
    Toolkit Documentation (x32 Version: 8.100.26866 - Microsoft) Hidden
    TortoiseGit 1.8.9.0 (64 bit) (HKLM\...\{D270F72A-913D-421E-AD56-5477132B1EC6}) (Version: 1.8.9.0 - TortoiseGit)
    Total Annihilation v3.9.01 Beta Patch (HKLM-x32\...\{28CEB942-CB26-4936-91A8-D9F3FC44EF80}) (Version: 3.9.01 - TAUniverse)
    TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
    TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
    TypeScript Power Tool (x32 Version: 1.3.0.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 14 (x32 Version: 1.3.0.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
    UltraEdit (HKLM-x32\...\InstallShield_{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}) (Version: 21.30.1010 - IDM Computer Solutions, Inc.)
    UltraEdit (x32 Version: 21.30.1010 - IDM Computer Solutions, Inc.) Hidden
    Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VCSetup (HKLM-x32\...\{4023F084-ADD3-4080-89FB-253373871BD6}) (Version: 1.0.0.0 - VCSetup)
    Vegas Pro 11.0 (64-bit) (HKLM\...\{CF411A4F-5ED9-11E1-B971-F04DA23A5C58}) (Version: 11.0.595 - Sony)
    Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
    VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
    VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
    Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
    Visual Studio 2012 Update 3 (KB2707250) (HKLM-x32\...\{29828f33-4679-462a-8c98-1c3507678922}) (Version: 11.0.60610 - Microsoft Corporation)
    Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
    VisualGDB (HKLM-x32\...\{5DAD3404-D23E-4AED-B4CE-3268B085F010}) (Version: 4.3.10.235 - Sysprogs)
    VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    VsHub (x32 Version: 1.0.0.0 - Microsoft Corporation) Hidden
    WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF Data Services 5.6.2 Runtime (x32 Version: 5.6.61937.2 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2014 (x32 Version: 5.6.61937.2 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
    WD Quick View (HKLM-x32\...\{324C58C7-A292-4523-A943-91DE1EB6A1FE}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
    WD SmartWare (HKLM\...\{F6ABA2F3-9759-48CD-B25B-A07A811E92E4}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
    WD SmartWare Installer (HKLM-x32\...\{72fda14f-5a07-49d5-b7f7-202377e9b522}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
    WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.2 - WebM Project)
    WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
    Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation)
    Windows Azure Authoring Tools - October 2012 Release (HKLM\...\{8748EE66-A92C-472A-805A-A86C41D22848}) (Version: 1.8.31004.1351 - Microsoft Corporation)
    Windows Azure Emulator - October 2012 Release (HKLM\...\Windows Azure Emulator - October 2012 Release) (Version: 1.8.31004.1351 - Microsoft Corporation)
    Windows Azure Libraries for .NET – October 2012 (HKLM\...\{72934D7D-3379-497D-8FA4-1E28D21AFA20}) (Version: 1.8 - Microsoft Corporation)
    Windows Azure Tools for Microsoft Visual Studio 2012 - October 2012 (HKLM-x32\...\{899c21e3-a373-47ea-bf3f-59eeae908cdb}) (Version: 1.8.51019.1603 - Microsoft Corporation)
    Windows Driver Package - BeagleBone CDM Driver Package - Bus/D2XX Driver (03/18/2011 2.08.14) (HKLM\...\E115CC79390C233F94F72330FE3603A63E5204E2) (Version: 03/18/2011 2.08.14 - BeagleBone)
    Windows Driver Package - BeagleBone CDM Driver Package - VCP Driver (03/18/2011 2.08.14) (HKLM\...\A627DA08A5F362713EB4C440F904A2D1B8CD7E74) (Version: 03/18/2011 2.08.14 - BeagleBone)
    Windows Driver Package - Linux Developer Community (usbser) Ports (11/15/2007 5.1.2600.0) (HKLM\...\78AF41F3450C5037A588E124A3CFD63F195CB249) (Version: 11/15/2007 5.1.2600.0 - Linux Developer Community)
    Windows Driver Package - Linux Developer Community Net (06/21/2006 6.0.6000.16384) (HKLM\...\F8DB389D3D629D89F82795C4EB490AE50D7FB01E) (Version: 06/21/2006 6.0.6000.16384 - Linux Developer Community)
    Windows Driver Package - Stamps.com Printer (01/02/2013 7.0.1.9) (HKLM\...\D6C304AF42E45E95BBBD32FE0040738D3D2C15CF) (Version: 01/02/2013 7.0.1.9 - Stamps.com)
    Windows Driver Package - STMicroelectronics (STTub30) USB (11/09/2009 3.0.1.0) (HKLM\...\53CE3E570993AB2791A87B0143B353B816401784) (Version: 11/09/2009 3.0.1.0 - STMicroelectronics)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)
    WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
    Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
    Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.41015.0 - Microsoft Corporation) Hidden
    Xamarin Android Player (HKLM-x32\...\{5f63cdbe-6d50-4fdf-8efb-add7866fe390}) (Version: 0.0.24 - Xamarin)
    Xamarin Android Player (Version: 0.0.24 - Xamarin) Hidden
    X-CTU (HKLM-x32\...\{BC535415-7F95-45BE-8860-7B69E43BD13E}) (Version: 5.2.86 - Digi)
    Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison)
    Xming-fonts 7.5.0.70 (HKLM-x32\...\Xming-fonts_is1) (Version: 7.5.0.70 - Colin Harrison)
    Zebra CardStudio (HKLM-x32\...\{D4AF1D5F-9CB1-4735-BD98-E1DBE853F82D}) (Version: 1.25.4100.00 - Zebra Technologies Corporation)
    Zebra ZXP S3 and S1 Card Printers (HKLM-x32\...\{1132009E-7E6B-43D3-8F24-5554F5E9483B}) (Version: 05.30.00.00 - Zebra Technologies Corporation)
    Zebra ZXP S3 and S1 Card Printers (x32 Version: 05.30.00.00 - Zebra) Hidden
    Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\dwgviewr.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Battlefield\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1960\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
    CustomCLSID: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll ()
    CustomCLSID: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {034F7867-71C0-4823-BE22-DA0202E4CC7F} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e1ae7d3f57d0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {0D00C31B-F8B3-41AB-9F0A-EF7BED98B23B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-14] (Adobe Systems Incorporated)
    Task: {1DAC4F16-6157-41B3-9DD4-2F9E085E9AAA} - System32\Tasks\AdobeAAMUpdater-1.0-Battlefield-PC-Jordan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
    Task: {2F8521DB-C1B8-4498-AA4F-358688DF68CF} - System32\Tasks\hpUrlLauncher.exe_{F00FFB5D-FD89-48A2-A7E4-B9113D6053A0} => C:\Program Files\HP\HP Officejet Pro 8600\Bin\utils\hpUrlLauncher.exe [2012-10-17] (Hewlett-Packard Co.)
    Task: {3940C9F8-E811-406C-A255-D6B9079A7A58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {4645320B-A77E-4ED1-8669-EF1B0A5B1BCF} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
    Task: {4EF28CCE-4250-4AAE-A1F7-3B5D52518FFA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {5E682862-FA1B-462B-999B-D6E206CAB558} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e1ae7d024ecb => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {626B862E-DE49-407F-BB09-27902105A199} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
    Task: {697CD93D-B2DE-445F-88BE-956C66EC9023} - System32\Tasks\AdobeAAMUpdater-1.0-Battlefield-PC-CJ => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
    Task: {74154FEB-930E-41F2-82FA-551306202112} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
    Task: {75ADB88E-002C-4734-A144-52C28D118AD0} - System32\Tasks\G2MUploadTask-S-1-5-21-3544609310-1622349089-2069013866-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\3215\g2mupload.exe [2015-08-14] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {89B59F6E-2D5F-4B42-9885-A493E9DA1C7C} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
    Task: {8D9A022D-3FEA-49CD-9528-225C92BFB5A2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-03] (Adobe Systems Incorporated)
    Task: {938D9F26-F22A-4150-B21B-18FC7000C39B} - System32\Tasks\AdobeAAMUpdater-1.0-Battlefield-PC-Battlefield => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
    Task: {982E12A9-69AC-4070-B1E9-71274408C30B} - System32\Tasks\G2MUpdateTask-S-1-5-21-3544609310-1622349089-2069013866-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\3215\g2mupdate.exe [2015-08-14] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {A1E28B8B-F5FA-446E-8B97-1DA9C022CEAB} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
    Task: {A2284A70-45A9-4609-AFD3-F087C7D3ED2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {AC49B223-7D5B-4C5D-9B58-97151745FD29} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [2013-05-28] (National Instruments)
    Task: {AE13DE98-72A8-4B30-BD3D-34E29D1A37A2} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2012-10-08] ()
    Task: {B3C6C769-ED46-46FF-AC2F-9705D360A29B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
    Task: {C6207098-8482-427E-90D0-2CBCB0589A17} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-06-09] (Microsoft Corporation)
    Task: {D52D7FE0-0FC7-43A9-8CA8-9EB7C46D44C7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
    Task: {EB19B095-71A6-4E2E-AD1B-0A6DEAA2C1A5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-27] (Dropbox, Inc.)
    Task: {F1E5514E-65D0-42BB-AB25-52435BE9129A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Battlefield-PC-Battlefield Battlefield-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-06-02] (Microsoft Corporation)
    Task: {FC7224EB-156A-4ADB-A313-7FBA5597A518} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-27] (Dropbox, Inc.)
    Task: {FFF8733F-DACF-468F-983F-C7DBCF42BD4E} - System32\Tasks\RunAsStdUser Task => C:\Users\Battlefield\AppData\Local\KangoBoxSA\bin\1.0.2.0\KangoBoxSA.exe

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3544609310-1622349089-2069013866-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\3215\g2mupdate.exe
    Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3544609310-1622349089-2069013866-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\3215\g2mupload.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    Shortcut: C:\Users\Battlefield\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chief Architect\Chief Architect X2\Chief Architect Website.lnk -> hxxp://chiefarchitect.com
    Shortcut: C:\Users\Battlefield\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chief Architect\Chief Architect X2\IRC Checklist.lnk -> hxxp://chiefarchitect.com/useraccess/ircchecklis

    ==================== Loaded Modules (Whitelisted) ==============

    2014-05-28 16:23 - 2014-05-28 16:23 - 00098512 _____ () C:\Program Files (x86)\EMET 4.1\EMET_CE64.DLL
    2011-03-20 17:33 - 2015-07-22 20:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2011-12-22 13:04 - 2009-11-05 09:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
    2011-10-25 14:36 - 2010-09-26 10:04 - 00012056 _____ () C:\Windows\system32\spool\PRTPROCS\x64\CAPPP2K.DLL
    2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-03-21 04:07 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2017-05-19 12:09 - 2017-05-19 12:09 - 00139776 _____ () C:\Program Files (x86)\Windows NT\Accessories\WinUtilityHelper\wuhelper.exe
    2014-06-09 23:00 - 2014-06-09 23:00 - 00772456 _____ () C:\Program Files\TortoiseGit\bin\libgit2_tgit.dll
    2014-06-09 23:00 - 2014-06-09 23:00 - 00087400 _____ () C:\Program Files\TortoiseGit\bin\zlib1_tgit.dll
    2017-05-15 02:38 - 2017-05-15 02:38 - 34957896 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    2016-07-24 09:18 - 2016-07-24 09:18 - 00299520 _____ () C:\Program Files (x86)\CenterEdge Software\Basic.dll
    2011-10-20 14:14 - 2011-10-20 14:14 - 00073728 _____ () C:\Program Files (x86)\KEEBOX\150N Wireless Utility\ANPDApi.dll
    2011-10-20 14:13 - 2010-07-05 17:41 - 00299008 _____ () C:\Program Files (x86)\KEEBOX\150N Wireless Utility\WlanApp.dll
    2017-06-18 14:30 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2017-06-18 14:30 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2016-08-10 11:14 - 2016-08-10 11:14 - 40523480 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
    2014-05-28 16:23 - 2014-05-28 16:23 - 00089808 _____ () C:\Program Files (x86)\EMET 4.1\EMET_CE.DLL
    2017-06-18 14:30 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2017-05-30 01:39 - 2017-05-30 01:39 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
    2017-05-30 01:39 - 2017-05-30 01:39 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
    2017-05-30 01:38 - 2017-05-30 01:38 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
    2017-05-30 01:39 - 2017-05-30 01:39 - 00125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
    2017-06-04 07:47 - 2017-06-04 07:47 - 00110688 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
    2017-05-30 01:39 - 2017-05-30 01:39 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
    2014-09-26 04:43 - 2014-11-21 05:31 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1"

    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\...\houstondogtags.com -> hxxp://www.houstondogtags.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:34 - 2017-06-27 12:41 - 00000035 _____ C:\Windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3544609310-1622349089-2069013866-1000\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 8.8.8.8 - 8.8.4.4
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    MpsSvc => Firewall Service is not running.
    bfe => Firewall Service is not running.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: asComSvc => 2
    MSCONFIG\Services: AsSysCtrlService => 2
    MSCONFIG\Services: atashost => 2
    MSCONFIG\Services: AudioEndpointBuilder => 2
    MSCONFIG\Services: AudioSrv => 2
    MSCONFIG\Services: BFE => 2
    MSCONFIG\Services: BITS => 3
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: CarboniteService => 2
    MSCONFIG\Services: CryptSvc => 3
    MSCONFIG\Services: dbupdate => 2
    MSCONFIG\Services: dbupdatem => 3
    MSCONFIG\Services: DbxSvc => 2
    MSCONFIG\Services: DisplayLinkService => 2
    MSCONFIG\Services: DpHost => 2
    MSCONFIG\Services: EPSON_Device_Control_Log_Service => 2
    MSCONFIG\Services: EPSON_Port_Communication_Service => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: hasplms => 2
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: NILM License Manager => 3
    MSCONFIG\Services: nlsX86cc => 2
    MSCONFIG\Services: Nonbrand_WUS-N_WPS => 2
    MSCONFIG\Services: NovacomD => 2
    MSCONFIG\Services: Palm_TCP_Relay => 2
    MSCONFIG\Services: Steam Client Service => 3
    MSCONFIG\Services: SwitchBoard => 3
    MSCONFIG\Services: TeamViewer8 => 2
    MSCONFIG\startupfolder: C:^Users^Battlefield^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
    MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: ASUS AiChargerPlus Execute => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
    MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
    MSCONFIG\startupreg: GoPro Studio Importer => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
    MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
    MSCONFIG\startupreg: NI Update Service => "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask
    MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
    MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: Steam => "E:\Games\Steam\steam.exe" -silent
    MSCONFIG\startupreg: VsHub.exe => "C:\Program Files (x86)\Common Files\Microsoft Shared\VsHub\1.0.0.0\vshub.exe" Execute --delay 120 --console false
    MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
    MSCONFIG\startupreg: WZCSLDR2 => C:\Program Files (x86)\KEEBOX\150N Wireless Utility\WZCSLDR2.exe
    MSCONFIG\startupreg: zep32AsyncUI => C:\Windows\system32\zep32AsyncUIClient.exe

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [TCP Query User{21DE7197-2A96-440B-8409-3278672B3654}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe
    FirewallRules: [UDP Query User{80557B49-3216-460F-ACA1-F84986A301EC}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe
    FirewallRules: [TCP Query User{73DD5642-9E22-45DE-9D6F-CE6123C26EAF}C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe] => (Allow) C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe
    FirewallRules: [UDP Query User{A85C3AA6-18FA-4EA2-8481-CFBE7F13FF52}C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe] => (Allow) C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe
    FirewallRules: [TCP Query User{29D2D530-85F1-499D-B75C-931B2281BCDD}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe
    FirewallRules: [UDP Query User{DEC8ADEE-2243-4006-8C39-A25184F69A30}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe
    FirewallRules: [TCP Query User{C07B1519-468D-46A6-9BA8-31719F37208C}C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe] => (Allow) C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe
    FirewallRules: [UDP Query User{35193AD7-8C6A-475F-8A21-4851FECEF9B7}C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe] => (Allow) C:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe
    FirewallRules: [TCP Query User{0CEF4E58-D8AB-4E9F-8BA0-C75837BE9F1F}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe
    FirewallRules: [UDP Query User{3DC2606A-321E-4D22-9D94-310ACA201C7D}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe
    FirewallRules: [{D90A8D18-AA4A-44C5-9128-7CA3CDED4CB6}] => (Allow) C:\Program Files (x86)\EPSON\EPSON Advanced Printer Driver 4\Tools\PrinterNetworkSetting\APDNetSetting.exe
    FirewallRules: [{DCE18B44-6F90-4796-9531-52A82619938F}] => (Allow) C:\Program Files (x86)\EPSON\EPSON Advanced Printer Driver 4\Tools\PrinterNetworkSetting\APDNetSetting.exe
    FirewallRules: [TCP Query User{E67AB731-0552-4643-8FC0-99ECE7804B89}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe
    FirewallRules: [UDP Query User{3CF3B027-5552-44B8-9D9C-49E2AF345A39}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe
    FirewallRules: [{8441DB24-EEB5-490E-862C-66ADA4AF4A49}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Edge Inspect\EdgeInspect.exe
    FirewallRules: [{6F8C3444-C1F4-4F38-A8A1-337C784337A0}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
    FirewallRules: [{7F9B4F10-148D-46BC-AF2A-0E2F20F80839}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
    FirewallRules: [{E0F42E96-2008-4AF8-AD52-966B4F8C46FB}] => (Allow) LPort=7935
    FirewallRules: [{840EDBFF-7BC8-4E54-B95C-D92FA4AEA50B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
    FirewallRules: [TCP Query User{10FD08C7-63C0-4044-80B4-51933AE708E6}C:\program files (x86)\transmission-qt\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission-qt\transmission-qt.exe
    FirewallRules: [UDP Query User{03ADF8D9-B839-45B4-A13D-D80ACC1CC3FC}C:\program files (x86)\transmission-qt\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission-qt\transmission-qt.exe
    FirewallRules: [TCP Query User{60E241D3-416C-4D86-9E98-5A96E23BF2AB}C:\program files (x86)\digi\xctu\x-ctu.exe] => (Allow) C:\program files (x86)\digi\xctu\x-ctu.exe
    FirewallRules: [UDP Query User{74A531AE-3881-438D-A19F-65ACAF3C7FE8}C:\program files (x86)\digi\xctu\x-ctu.exe] => (Allow) C:\program files (x86)\digi\xctu\x-ctu.exe
    FirewallRules: [TCP Query User{3DF1874E-12AC-4588-AF54-222A40DAC867}C:\hulapos\connector\altaconnector.exe] => (Allow) C:\hulapos\connector\altaconnector.exe
    FirewallRules: [UDP Query User{7DE2AEB1-6DC0-4AD8-99D5-BA3AF04791D6}C:\hulapos\connector\altaconnector.exe] => (Allow) C:\hulapos\connector\altaconnector.exe
    FirewallRules: [TCP Query User{00FE2257-6023-492C-A009-02AD9F279C8A}C:\hulapos\desktop\altadesktop.exe] => (Allow) C:\hulapos\desktop\altadesktop.exe
    FirewallRules: [UDP Query User{64B2B9E8-2081-45CD-BCE6-507EF3C5D54A}C:\hulapos\desktop\altadesktop.exe] => (Allow) C:\hulapos\desktop\altadesktop.exe
    FirewallRules: [TCP Query User{816D102D-5644-46D2-8E5F-29969B36FD0F}C:\program files\kreateck\kreaposc\xmlserver.exe] => (Allow) C:\program files\kreateck\kreaposc\xmlserver.exe
    FirewallRules: [UDP Query User{7D8DDC6F-CE8F-4847-B397-3EF48EF77BD4}C:\program files\kreateck\kreaposc\xmlserver.exe] => (Allow) C:\program files\kreateck\kreaposc\xmlserver.exe
    FirewallRules: [TCP Query User{6E832EC2-8DA1-45FC-A74C-8E5B6E4D219A}C:\program files\kreateck\kreaposc\kreasrv.exe] => (Allow) C:\program files\kreateck\kreaposc\kreasrv.exe
    FirewallRules: [UDP Query User{A24DBA6D-DC66-4CB9-AEDB-70758672B95E}C:\program files\kreateck\kreaposc\kreasrv.exe] => (Allow) C:\program files\kreateck\kreaposc\kreasrv.exe
    FirewallRules: [{5A811A09-70FB-4A78-AC62-483B536C67ED}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudInstallWizard.exe
    FirewallRules: [{3CCEEB24-B6FE-47D1-AE93-BF5BCAB2DCAF}] => (Allow) C:\Program Files (x86)\EPSON\TM-T88V Software\TM88VUTL\TM88VUTL.EXE
    FirewallRules: [{48044054-F1AB-4AC7-9977-9748FE3AA509}] => (Allow) C:\Program Files (x86)\EPSON\TM-T88V Software\TM88VUTL\TM88VUTL.EXE
    FirewallRules: [{EAC4CA9D-A85D-4F96-94B4-C1A8A52E6EE8}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
    FirewallRules: [{DC7CF320-6F63-419B-B8D8-01DEB1369D2E}] => (Allow) LPort=1433
    FirewallRules: [{BDFAF512-755F-4FC5-BB2B-2D123E294212}] => (Allow) %ProgramFiles%\Microsoft SQL Server\MSSQL11.TESTSERVER\MSSQL\Binn\sqlservr.exe
    FirewallRules: [TCP Query User{DF65D74C-9B1B-4B95-B3F1-A3DDF5244D01}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe
    FirewallRules: [UDP Query User{40DB3F85-FEF2-416D-B5D1-1359F5955083}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_ef950f00335eb66c\timer - server.exe
    FirewallRules: [TCP Query User{5DF3485A-9E16-4A8A-9C4A-F8232CE4055F}C:\program files (x86)\centeredge software\sign editor\advsigneditor.exe] => (Allow) C:\program files (x86)\centeredge software\sign editor\advsigneditor.exe
    FirewallRules: [UDP Query User{764FA249-EE37-4A10-82CD-6EB3E56E98C7}C:\program files (x86)\centeredge software\sign editor\advsigneditor.exe] => (Allow) C:\program files (x86)\centeredge software\sign editor\advsigneditor.exe
    FirewallRules: [{63E4A817-0E9D-4FB0-A4C0-DC9DDF30570C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{2DACAAE6-E296-4337-A34B-F40E260597B2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [TCP Query User{E85343FA-1DDE-49EC-B83E-924DEE851515}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe
    FirewallRules: [UDP Query User{922EEBDB-6C5C-4ABA-B1E8-396AF7752035}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_d6fce8aea6f600df_0002.0000_dcd474c9db6913ac\timer - server.exe
    FirewallRules: [TCP Query User{698DE5B8-DB6C-48F6-BCAA-AB91E1B1CC6B}C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe] => (Allow) C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe
    FirewallRules: [UDP Query User{9BD5431F-34F5-410B-A7BA-76CAC9891128}C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe] => (Allow) C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe
    FirewallRules: [{EB846824-11FF-4693-A022-EEC2F3B9BE02}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
    FirewallRules: [{1BB4D8F9-27A7-4B93-BDE5-6D7D7138AED8}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
    FirewallRules: [TCP Query User{93EF9754-D42D-4F18-93F0-B18F31A62CAA}C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe] => (Block) C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe
    FirewallRules: [UDP Query User{E45E194D-AA1C-44F9-A76F-951B9BCF283B}C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe] => (Block) C:\program files (x86)\ringcentral\ringcentral softphone\rcui.exe
    FirewallRules: [{FCF8042F-D3F8-477F-BC9E-6AB246C014EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{30A92F2C-FFFD-435F-AE6B-8FE639EC5289}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{04024E81-D530-4D96-87EC-D682240D60DC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{646F7C85-0C33-4E73-8752-838B566BB2E3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{05918C4D-8299-4390-9787-EDA0DFEDABB2}] => (Allow) C:\Users\Battlefield\AppData\Local\Temp\7zS3FDA\HPDiagnosticCoreUI.exe
    FirewallRules: [{C3AA7D0D-43E5-46DC-8C8E-64020D07A6D8}] => (Allow) C:\Users\Battlefield\AppData\Local\Temp\7zS3FDA\HPDiagnosticCoreUI.exe
    FirewallRules: [{239B7E07-663B-4A3E-9D9A-2B036D6E24F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\{5FA67C2B-DAAB-4F7B-AE09-CA97FE73EA59}\setup\hpznui40.exe
    FirewallRules: [{590D6C04-06B1-4D89-82D2-F25917535253}] => (Allow) C:\Users\Battlefield\AppData\Local\Temp\7zS595D\HPDiagnosticCoreUI.exe
    FirewallRules: [{FAFE6BB6-202E-4663-BBE1-F571742FAD74}] => (Allow) C:\Users\Battlefield\AppData\Local\Temp\7zS595D\HPDiagnosticCoreUI.exe
    FirewallRules: [{2BA8E74F-BE06-40EC-A838-513DBD77B8F7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
    FirewallRules: [{EB4C07C2-034F-42D8-BAC8-056E145564F9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
    FirewallRules: [{A651629E-5B5C-4E40-80C2-61103C315996}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
    FirewallRules: [{A4C7FF94-4592-42F6-A222-A5DCFA175846}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
    FirewallRules: [{89DF1122-71BD-4B60-AC7B-55B8DC5943AF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
    FirewallRules: [{6F986317-324A-4EAC-8112-91D90B80F431}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
    FirewallRules: [{917EC9F0-6A2F-45E3-B442-483A9440A2BD}] => (Allow) F:\Programs\Steam\SteamApps\common\Precipice Of Darkness 3\Rainslick3.exe
    FirewallRules: [{26A2330E-79DC-462D-BC5C-AAFD8C9839C1}] => (Allow) F:\Programs\Steam\SteamApps\common\Precipice Of Darkness 3\Rainslick3.exe
    FirewallRules: [{BA029A0D-4175-47B8-8B6B-A55064E00FB4}] => (Allow) F:\Programs\Steam\SteamApps\common\Penny Arcade's On the Rain-Slick Precipice of Darkness 4\Rainslick4.exe
    FirewallRules: [{A68A6E58-5FC3-4C46-B76A-92867231F0B3}] => (Allow) F:\Programs\Steam\SteamApps\common\Penny Arcade's On the Rain-Slick Precipice of Darkness 4\Rainslick4.exe
    FirewallRules: [{F11F05D5-C2E2-44D0-B753-4C504B97CED3}] => (Allow) F:\Programs\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{E073D3AF-E5EB-4379-BE1D-8C2668EF7005}] => (Allow) F:\Programs\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{CA6EBAF8-E81C-43D4-944E-3CD04D0C7B61}] => (Allow) F:\Programs\Steam\SteamApps\common\Mount and Blade Warband - Demo\mb_warband.exe
    FirewallRules: [{864E01D4-1584-4589-BF85-A0F8DC2D7A2E}] => (Allow) F:\Programs\Steam\SteamApps\common\Mount and Blade Warband - Demo\mb_warband.exe
    FirewallRules: [TCP Query User{5830EE70-0BAA-4823-A568-EA9D73E7FF07}F:\programs\warcraft iii\war3.exe] => (Allow) F:\programs\warcraft iii\war3.exe
    FirewallRules: [UDP Query User{848005F3-166C-4CD9-BA3A-90D0931C8CF9}F:\programs\warcraft iii\war3.exe] => (Allow) F:\programs\warcraft iii\war3.exe
    FirewallRules: [{CC1E8F12-4B64-4CF7-AE69-B042950E8E73}] => (Allow) F:\Programs\Steam\SteamApps\common\Supreme Commander 2\bin\SupremeCommander2.exe
    FirewallRules: [{31679F20-D431-4DDA-BD7C-0D1A3FD32A4E}] => (Allow) F:\Programs\Steam\SteamApps\common\Supreme Commander 2\bin\SupremeCommander2.exe
    FirewallRules: [{F2E54F3A-44D1-4449-A3D5-4E8E0118234A}] => (Allow) F:\Programs\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
    FirewallRules: [{87D327DF-B421-4B78-8612-1852648821AE}] => (Allow) F:\Programs\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
    FirewallRules: [{BA9EB260-B9AA-4952-8DC2-B2DE04EA1C56}] => (Allow) E:\Programs\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
    FirewallRules: [{C1003B40-9F70-4FB7-9F4F-3AEC0F9B1F37}] => (Allow) E:\Programs\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
    FirewallRules: [{F2ED918E-E456-456B-9547-770E33297DFA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{7FAD2B0E-A087-4B7F-9553-97D9AE4FB2EF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    FirewallRules: [{8B4A489A-152A-423E-8F66-882F7515168B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    FirewallRules: [{28567A16-FEF8-4DE3-99A0-991630750C5B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    FirewallRules: [{8EA089D3-1FBC-4BA0-91A7-9CF2240E28F4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    FirewallRules: [TCP Query User{F44B5AF2-59E2-447D-A24E-CCAF848C69E2}C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.exe
    FirewallRules: [UDP Query User{58CE18CD-C19A-4BEA-98D2-A9B37D7B782F}C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.exe
    FirewallRules: [TCP Query User{BEA657B3-685C-49EF-AC31-603D18D17F74}C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.vshost.exe
    FirewallRules: [UDP Query User{A0C6906D-B276-4BF5-9F11-BCE86116822D}C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\bfh timer\events timer\events timer\bfh server\bin\debug\timer - server.vshost.exe
    FirewallRules: [{3D6BDBE0-67E1-4D70-ABF5-B2FC21A40B98}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    FirewallRules: [{9ECFAB96-7127-421D-9C3B-A5C7440CC951}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    FirewallRules: [{058215F5-6301-472B-B297-CB410FB706FD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    FirewallRules: [{AD544C0D-C6D1-4281-AF68-7623F0192DB9}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    FirewallRules: [TCP Query User{4200CE53-85D0-4116-BAC1-AAD65ACC42D5}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe
    FirewallRules: [UDP Query User{2F64B061-BC36-4F53-A50C-94BD4616343D}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\time..tion_c7fb621a750c2678_0002.0002_515e619a63ad1780\timer - server.exe
    FirewallRules: [TCP Query User{3F04C0BF-9F18-47A9-9B90-9E147F2A01DF}C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.vshost.exe
    FirewallRules: [UDP Query User{74998ED9-331F-435B-96E2-D868191B0B48}C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.vshost.exe
    FirewallRules: [TCP Query User{B94ADE4C-E96E-41D6-8AE4-A507CD13E41A}C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.exe
    FirewallRules: [UDP Query User{6F3CFFE7-FF81-49BA-B113-EEC1A34DE0B5}C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\lasertag server\lasertag server\bin\debug\lasertag server.exe
    FirewallRules: [{7FC56627-B2A0-4E0F-BCA5-3D9510C1C5BC}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{1C25887E-A19D-4EA0-BEB2-5AC8BD0E32D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{E65BD376-AB5C-43E7-8C46-53190D82D3AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{8F7730CB-A536-4447-A428-1E168306BF83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{A79BB051-F5F8-4243-9262-7BA3F26207B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [TCP Query User{4B7814C1-A3D8-49EB-90B7-7D12701C4E69}C:\users\battlefield\downloads\miner\stratumproxy\mining_proxy.exe] => (Allow) C:\users\battlefield\downloads\miner\stratumproxy\mining_proxy.exe
    FirewallRules: [UDP Query User{396E216E-9F17-43AF-BA26-8F562F5A732A}C:\users\battlefield\downloads\miner\stratumproxy\mining_proxy.exe] => (Allow) C:\users\battlefield\downloads\miner\stratumproxy\mining_proxy.exe
    FirewallRules: [{87C5029F-177C-4019-A2A2-F01013DF8F52}] => (Allow) LPort=5900
    FirewallRules: [{3983DEBD-A017-40CC-ADF7-D02644D0B1C7}] => (Allow) %ProgramFiles% (x86)\Intuit\QuickBooks 2014\QBW32Pro.exe
    FirewallRules: [{A9885A47-FDCA-422F-9E34-72CA8B5A9910}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{08EB4453-87D7-44B8-BA0D-6F6D568B2EBF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{E3D25432-B7AA-4DBA-9383-49A760A9710B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{4007A2CA-D1B1-4F7D-A71D-F644CD9068A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{25D29940-8C89-4F82-8BD9-BCD924009CC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{E7168564-088E-4F97-B7AC-9B3F0E62D0A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [TCP Query User{8080FAC4-365C-4C9A-BF55-BA078B9F63CB}C:\program files (x86)\freesshd\freesshdservice.exe] => (Allow) C:\program files (x86)\freesshd\freesshdservice.exe
    FirewallRules: [UDP Query User{BD6D8A92-BF51-4342-AFCC-74503DB787DA}C:\program files (x86)\freesshd\freesshdservice.exe] => (Allow) C:\program files (x86)\freesshd\freesshdservice.exe
    FirewallRules: [{AB30EC54-9F6F-463E-8E04-AC31BA22A3CD}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{254734B1-E4D2-4164-890C-BF62F467CC3A}C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe] => (Block) C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe
    FirewallRules: [UDP Query User{6E33599C-8236-4771-9DBD-12125C0A7651}C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe] => (Block) C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe
    FirewallRules: [TCP Query User{804EE654-C43E-49D0-8173-E7BD8431CE70}C:\program files (x86)\adobe\adobe edge animate\edgeanimate.exe] => (Allow) C:\program files (x86)\adobe\adobe edge animate\edgeanimate.exe
    FirewallRules: [UDP Query User{7916659A-35B6-45E5-B824-0136E55A2AFD}C:\program files (x86)\adobe\adobe edge animate\edgeanimate.exe] => (Allow) C:\program files (x86)\adobe\adobe edge animate\edgeanimate.exe
    FirewallRules: [{371C8FEB-0FA7-43BE-B3D6-466E2B0827BC}] => (Allow) LPort=55358
    FirewallRules: [TCP Query User{78EDF231-693B-4D80-A091-48FE86B716AE}C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe] => (Allow) C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe
    FirewallRules: [UDP Query User{0144FAAE-AB3C-4795-927F-8B70F094D852}C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe] => (Allow) C:\users\battlefield\desktop\arduino-1.5.2\java\bin\javaw.exe
    FirewallRules: [{68D2AA3F-597E-4B96-95B4-8C9E7DBE7484}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
    FirewallRules: [TCP Query User{1472D7D8-0C8B-42BB-A31A-6E830AEED84E}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.vshost.exe
    FirewallRules: [UDP Query User{4F1DFB01-D271-467D-803C-4F6D9BA5183E}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.vshost.exe
    FirewallRules: [TCP Query User{B4B8660C-2ECE-4EFE-89D2-28CEEE7BF483}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.exe
    FirewallRules: [UDP Query User{AE54391D-707D-4CA6-82BF-E83D9ECC25AF}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\lasertag server.exe
    FirewallRules: [TCP Query User{2F18F209-B725-4C19-A8FD-B11BBD5CB61A}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe
    FirewallRules: [UDP Query User{E543AE50-D63E-4EC9-83E7-241E0FF02D1F}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\lase..tion_0000000000000000_0001.0000_f2f724bc82ad3fcd\lasertag server.exe
    FirewallRules: [TCP Query User{A580A19F-08CF-4A7B-9B22-DA53C61D9A4D}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe
    FirewallRules: [UDP Query User{AB8EE24A-7D93-485D-86BA-C50DCBE1E7A4}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\medi..tion_0000000000000000_0000.0003_7af09580b6978e7a\medic_control(development).exe
    FirewallRules: [{5B75FDC7-3F67-4E93-ABAB-5CF6733C4B03}] => (Allow) C:\Users\Battlefield\AppData\Local\Temp\7zS0DB2\HPDiagnosticCoreUI.exe
    FirewallRules: [{DF878058-CFD4-4D53-B026-CF1A840A41FB}] => (Allow) C:\Users\Battlefield\AppData\Local\Temp\7zS0DB2\HPDiagnosticCoreUI.exe
    FirewallRules: [TCP Query User{E51E9D5E-E73B-44EA-B218-3E14578993BE}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
    FirewallRules: [UDP Query User{F2A40058-9BF5-4CB5-93A9-632F2E52ECEC}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
    FirewallRules: [TCP Query User{B5C808A6-8D1E-40C9-BD08-2240314A9F29}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.vshost.exe
    FirewallRules: [UDP Query User{5305549D-93B9-4CF9-AD57-462F018FA668}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.vshost.exe
    FirewallRules: [TCP Query User{428D70DA-0344-4861-A32D-052D6A99FA77}C:\users\battlefield\documents\visual studio 2012\projects\bfh server\bin\debug\timer - server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\bfh server\bin\debug\timer - server.vshost.exe
    FirewallRules: [UDP Query User{ACFA8C24-7C3E-4060-A8BC-603B18241BA2}C:\users\battlefield\documents\visual studio 2012\projects\bfh server\bin\debug\timer - server.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2012\projects\bfh server\bin\debug\timer - server.vshost.exe
    FirewallRules: [TCP Query User{4F39674F-ABB2-4C2F-A785-9B6B9F14C881}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.exe
    FirewallRules: [UDP Query User{DD0C0FA5-5D74-4431-9CDD-CE5C9C4DE67C}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\medic_control.exe
    FirewallRules: [TCP Query User{D0E9CC85-B58A-4331-9807-625D6F2DF57D}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\command_center.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\command_center.vshost.exe
    FirewallRules: [UDP Query User{C08F2D19-4614-4C0B-92B2-147E39D072D0}C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\command_center.vshost.exe] => (Allow) C:\users\battlefield\documents\visual studio 2013\projects\medic_control\lasertag server\bin\debug\command_center.vshost.exe
    FirewallRules: [TCP Query User{B4221ADF-98C2-4706-B89E-B9D455C29ED8}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe
    FirewallRules: [UDP Query User{514ECBDA-412E-433C-B7C0-F31C84FE655B}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0000_ec1aa7bb0a422cd7\command_center.exe
    FirewallRules: [TCP Query User{7A167FBE-5C9C-400A-B9EA-ED678B7439D2}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe
    FirewallRules: [UDP Query User{0F32E4EE-F3A5-42C4-AD2E-D8A7EDB4C755}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_4b1981025e9ebcd7\command_center.exe
    FirewallRules: [TCP Query User{33F19B68-CEA3-4F6D-AB0E-B239E20BB9A1}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe
    FirewallRules: [UDP Query User{911FBC84-2506-4725-B246-22A54B3302F2}C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe] => (Allow) C:\users\battlefield\appdata\local\apps\2.0\p6h2q32j.eyw\0v96dpdh.g0n\comm..tion_0000000000000000_0001.0001_022f12b54903ee57\command_center.exe
    FirewallRules: [{5368BE97-08CC-4125-8085-EBABB570E841}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{19E57C86-11ED-4D15-ACA4-E5E9864E8C1A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [{4EB5E612-4618-4D70-87BD-FDC65ACCDE1B}] => (Allow) C:\Program Files\Xamarin Android Player\AndroidPlayer.exe
    FirewallRules: [{3D7A837C-DBDD-48F9-8712-F676803A4BB6}] => (Allow) C:\Program Files\Xamarin Android Player\minimal_adb\adb.exe
    FirewallRules: [{A9C2A7E2-75FE-4C61-8B15-6FCD44513AE3}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
    FirewallRules: [{3B848BF1-A2CB-49D8-BEDD-6E15C4BDB929}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{22EC3136-CADE-4416-9D77-F40268D55AD2}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{C229CA86-D1D2-4089-A45B-2E31E803BAF1}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{4F08CF52-B016-4A68-944C-1304C9C0BE35}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{CD4A55A3-AC69-4910-B11D-11764353D2A1}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
    FirewallRules: [{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
    FirewallRules: [{8A3BB187-468E-4D84-9792-02A814D0A23C}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
    FirewallRules: [{DF58609B-7294-4D7B-8E9A-A4EABA727F0B}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
    FirewallRules: [{7CC2D7C2-C7CF-4B16-9F7F-7AFEA3BCE698}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
    FirewallRules: [{E2E1F59B-0414-4A4B-97A7-45A43C47693A}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
    FirewallRules: [TCP Query User{FA667B9D-BE55-48C8-B9ED-CEE23511DDC6}C:\program files (x86)\centeredge advantage signage\advantagesignage.exe] => (Allow) C:\program files (x86)\centeredge advantage signage\advantagesignage.exe
    FirewallRules: [UDP Query User{8DC286C6-4509-43DC-9AE9-C82169289513}C:\program files (x86)\centeredge advantage signage\advantagesignage.exe] => (Allow) C:\program files (x86)\centeredge advantage signage\advantagesignage.exe
    FirewallRules: [{4177BDF0-ECCA-4907-A8BD-A10C2EEA176C}] => (Block) C:\program files (x86)\centeredge advantage signage\advantagesignage.exe
    FirewallRules: [{6D916273-91A3-40AC-AB12-546CC034ECBE}] => (Block) C:\program files (x86)\centeredge advantage signage\advantagesignage.exe
    FirewallRules: [{8F73B3FF-5F1A-4D51-8035-F585C615B25C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{B259F625-5EC8-4E14-904E-36694377B46A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
    FirewallRules: [{CFE9621D-48EE-41EC-8FBC-08F7DA7808C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
    FirewallRules: [{70C26C98-A80F-46E2-9422-7384A1398D9C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{AFC17EF1-1446-4480-9545-D3DF7FB74DF3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{1E234857-9D17-4086-A87E-1B578793803A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [{4C51BEAB-255C-4190-B45F-71E47FBD1DE0}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [{1E4BEA55-0178-49AA-8152-715E546C8E34}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{1E39B6E6-7A11-44CE-9DBD-64B61BADF296}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{799170B7-2AF3-499B-8B7D-BBA7DD066371}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{28F81BF1-85D1-4AB3-8D1C-53742FB315C5}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{D5AE6E36-109F-4A1A-904A-A34F00605100}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{C9BC396F-AD4B-4ECE-9E57-2766CCE1B613}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
    FirewallRules: [{748F62A0-59AB-47B7-B3ED-73432725B2E3}] => (Allow) LPort=12292
    FirewallRules: [TCP Query User{DF3F3956-E321-4116-826F-BEE13EBCCE1E}C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe
    FirewallRules: [UDP Query User{089E405C-C889-470A-9AE4-BF2384CB7B68}C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe] => (Block) C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Restore Points =========================

    23-06-2017 03:32:58 Windows Update
    26-06-2017 16:57:23 Removed Java 8 Update 45
    26-06-2017 16:58:38 Removed Java(TM) SE Development Kit 6 Update 39
    26-06-2017 17:00:12 Removed Java SE Development Kit 7 Update 55
    26-06-2017 17:01:39 Removed Java 8 Update 45
    26-06-2017 17:02:52 Removed Itibiti RTC
    27-06-2017 10:18:24 Windows Update
    27-06-2017 10:51:43 JRT Pre-Junkware Removal
    27-06-2017 12:40:18 Restore Point Created by FRST
    27-06-2017 14:45:37 Windows Update
    Check "winmgmt" service or repair WMI.


    ==================== Faulty Device Manager Devices =============

    Name: Officejet Pro 8600
    Description: Officejet Pro 8600
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/27/2017 05:11:50 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (06/27/2017 05:11:23 PM) (Source: MSSQL$TESTSERVER) (EventID: 9003) (User: )
    Description: The log scan number (31:245:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.

    Error: (06/27/2017 05:09:33 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: Event-ID 1

    Error: (06/27/2017 04:13:16 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18698, time stamp: 0x59189c94
    Faulting module name: EMET.DLL, version: 4.1.5228.513, time stamp: 0x535a1b50
    Exception code: 0xc00000fd
    Fault offset: 0x00072727
    Faulting process id: 0x1c8c
    Faulting application start time: 0x01d2ef8a2f16f8d7
    Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    Faulting module path: C:\Windows\AppPatch\EMET.DLL
    Report Id: 6f252a3f-5b7d-11e7-917f-14dae9460af3

    Error: (06/27/2017 02:55:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (06/27/2017 02:55:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (06/27/2017 02:49:38 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (06/27/2017 02:49:18 PM) (Source: MSSQL$TESTSERVER) (EventID: 9003) (User: )
    Description: The log scan number (31:245:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.

    Error: (06/27/2017 02:45:32 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: Event-ID 1

    Error: (06/27/2017 02:22:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


    System errors:
    =============
    Error: (06/27/2017 05:13:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
    {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
    and APPID
    {344ED43D-D086-4961-86A6-1106F4ACAD9B}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

    Error: (06/27/2017 05:12:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (06/27/2017 05:12:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

    Error: (06/27/2017 05:11:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Internet Connection Sharing (ICS) service depends on the Base Filtering Engine service which failed to start because of the following error:
    The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    Error: (06/27/2017 05:11:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (06/27/2017 05:11:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

    Error: (06/27/2017 05:11:23 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: The SQL Server (TESTSERVER) service terminated with service-specific error %%3414.

    Error: (06/27/2017 05:11:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error:
    The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    Error: (06/27/2017 05:11:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error:
    The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    Error: (06/27/2017 05:11:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The EPSON PCS Parallel Port Driver service failed to start due to the following error:
    The system cannot find the device specified.


    CodeIntegrity:
    ===================================
    Date: 2012-09-20 13:32:19.540
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2012-09-20 13:32:19.526
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: AMD Phenom(tm) II X6 1100T Processor
    Percentage of memory in use: 19%
    Total physical RAM: 16346.43 MB
    Available physical RAM: 13096.74 MB
    Total Virtual: 32691.04 MB
    Available Virtual: 29376.29 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:1862.92 GB) (Free:930.4 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 31A36B23)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

  7. #27
    Junior Member
    Join Date
    Jun 2017
    Posts
    20

    Default Emisoft Log File

    Emsisoft Emergency Kit - Version 2017.4
    Last update: 6/27/2017 8:22:45 PM
    User account: Battlefield-PC\Battlefield
    Computer name: BATTLEFIELD-PC
    OS version: Windows 7x64 Service Pack 1

    Scan settings:

    Scan type: Malware Scan
    Objects: Rootkits, Memory, Traces, Files

    Detect PUPs: Off
    Scan archives: Off
    ADS Scan: On
    File extension filter: Off
    Direct disk access: Off

    Scan start: 6/27/2017 8:24:02 PM
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus\ detected: Rogue.Win32.FakeAV (A) [221553]
    Key: HKEY_USERS\S-1-5-21-3544609310-1622349089-2069013866-1018\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{02478D38-C3F9-4EFB-9B51-7695ECA05670} detected: Application.AdInstall (A) [281232]
    Key: HKEY_USERS\S-1-5-21-3544609310-1622349089-2069013866-1019\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{02478D38-C3F9-4EFB-9B51-7695ECA05670} detected: Application.AdInstall (A) [281232]
    C:\Users\Battlefield\AppData\Roaming\Primitives\scdbg.exe detected: Adware.GenericKD.5287880 (B) [krnl.xmd]
    C:\Users\Battlefield\AppData\Roaming\Primitives\SetupBrowS.exe detected: Trojan.GenericKD.5210734 (B) [krnl.xmd]

    Scanned 102190
    Found 5

    Scan end: 6/27/2017 8:32:05 PM
    Scan time: 0:08:03

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus\ Rogue.Win32.FakeAV (A)
    C:\Users\Battlefield\AppData\Roaming\Primitives\SetupBrowS.exe Trojan.GenericKD.5210734 (B)
    C:\Users\Battlefield\AppData\Roaming\Primitives\scdbg.exe Adware.GenericKD.5287880 (B)

    Quarantined 3

  8. #28
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,297

    Default

    We've come a long way, and I think we've eradicated the infection.
    This, has been one of the hardest infected computers I think I've had in a very long time. (Please stay clean)

    I want to mention the need to reset browsers if you haven't already.

    If you feel we're finished, and all seems well and back to normal, let's remove tools and quarantine folders.

    DelFix

    • Please download DelFix or from Here and save the file to your Desktop.
    • Double-click DelFix.exe to run the programme.
    • Place a checkmark next to the following items:
    • Activate UAC
    • Remove disinfection tools
    • Click the Run button.
    • -- This will remove the specialized tools we used to disinfect your system.
      Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete
      ).

    *******************


    • AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
    • CryptoPrevent places policy restrictions on loading points for ransomware (eg. CryptoWall), helping prevent the execution of malware.
    • Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
    • Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
    • NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
    • Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
    • Secunia PSI will scan your computer for vulnerable softwarethat is outdated, and automatically find the latest update for you.
    • SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
    • Unchecky automatically removes checkmarks for bunlded software in programme installers; helping you avoid adware and PUPs.


    Want to help others? Join the ClassRoom and learn how.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  9. #29
    Junior Member
    Join Date
    Jun 2017
    Posts
    20

    Default THanks!

    Thanks so much! I did reset the browsers. I will definitely lock this thing down. Daughter downloaded some kind of tutorial for Photoshop and it went down hill quickly after that.

  10. #30
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,297

    Default

    Quote Originally Posted by computer View Post
    Thanks so much! I did reset the browsers. I will definitely lock this thing down. Daughter downloaded some kind of tutorial for Photoshop and it went down hill quickly after that.
    Not really her fault. Malicious script can be injected into safe web sites (some sites are not well maintained, it was bogus to begin with, if thats how the infection started). Thats why having layered security is a must.
    But let's do make sure she doesn't go back to that site.

    And your a good Dad to help her

    Safe Surfing.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •