Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-10-2015 01 Ran by Christian (2015-10-22 18:53:22) Running from C:\Users\Christian\Downloads Windows 10 Pro (X64) (2015-08-06 14:23:57) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-290106647-2205701836-1428435950-500 - Administrator - Disabled) Christian (S-1-5-21-290106647-2205701836-1428435950-1000 - Administrator - Enabled) => C:\Users\Christian DefaultAccount (S-1-5-21-290106647-2205701836-1428435950-503 - Limited - Disabled) Guest (S-1-5-21-290106647-2205701836-1428435950-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-290106647-2205701836-1428435950-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated) Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC) bl (x32 Version: 1.0.0 - Your Company Name) Hidden CINEMA 4D 15.037 (HKLM\...\MAXON12664043) (Version: 15.037 - MAXON Computer GmbH) Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order) Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu) CPUCores (HKLM-x32\...\{158EEC2E-0351-4C63-A89D-42B0BFB169F4}) (Version: 1.3.1 - cpucores.com) CPUCores :: Maximize Your FPS (HKLM-x32\...\Steam App 384300) (Version: - Tim Sullivan) CPUID CPU-Z OC 1.74 (HKLM\...\CPUID CPU-Z OC_is1) (Version: 1.74 - CPUID, Inc.) Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse) DIRECTV Player (HKLM-x32\...\{04f0c8c0-e0c8-4292-8676-db9174655d7a}) (Version: 12.1 - DIRECTV) Effects Suite 64-bit (HKLM-x32\...\InstallShield_{B7765C3D-27EE-4AA8-BB54-D88285D128A0}) (Version: 10.0.2 - Red Giant Software) Effects Suite 64-bit (Version: 10.0.2 - Red Giant Software) Hidden Elite: Dangerous (HKLM-x32\...\Steam App 359320) (Version: - Frontier Developments) EVGA PrecisionX 16 (HKLM-x32\...\{D99289E6-A66A-4D27-A3E0-EC726A7BC82D}) (Version: 5.3.0 - EVGA Corporation) FreeFixer (HKLM-x32\...\FreeFixer1.13) (Version: 1.13 - Kephyr) globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) H-Series_ASIO64 (HKLM\...\{5ACDFB68-D994-48E0-A579-2AFA6B851710}) (Version: 2.0.0.3 - ZOOM) Imagenomic Noiseware 4.2 Professional Plug-in (build 4205) (HKLM\...\ImagenomicNoisewareProPlugin) (Version: - ) Imagenomic Noiseware 5.0 Plug-in (build 5006) (HKLM\...\ImagenomicNoisewarePlugin) (Version: - ) Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - ) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Knoll Light Factory Photo 64 bit (HKLM-x32\...\InstallShield_{69F849EF-4918-4333-81C1-8D8FC07E62B1}) (Version: 3.2 - Red Giant Software) Knoll Light Factory Photo 64 bit (Version: 3.2 - Red Giant Software) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{4D2F05BB-228E-4081-B94C-50AD015EE462}) (Version: 11.4.2 - Red Giant Software) Magic Bullet Suite 64-bit (Version: 11.4.2 - Red Giant Software) Hidden Microsoft Excel 2010 (HKLM\...\Office14.EXCEL) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation) Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) MyITLab (HKLM-x32\...\{137D00A1-3DA6-4134-87E0-1E36874D0B7E}) (Version: 1.53.9 - Pearson Education) NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation) NVIDIA GeForce Experience 2.7.2.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.2.59 - NVIDIA Corporation) NVIDIA Graphics Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.) OSC Third Party Libraries (Version: 1.1 - NVIDIA Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden Photomatix Pro version 5.0.4 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.4 - HDRsoft Ltd) PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd) Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc) Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.18 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27599 - Razer Inc.) RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek) Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek) Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Rebel Galaxy (HKLM-x32\...\Steam App 290300) (Version: - Double Damage Games) SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.7.2.59 - NVIDIA Corporation) Hidden Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) SMITE (HKLM-x32\...\Steam App 386360) (Version: - Hi-Rez Studios) Spotify (HKU\S-1-5-21-290106647-2205701836-1428435950-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB) SpyHunter (HKLM-x32\...\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}) (Version: 4.1.11 - Enigma Software Group USA, LLC) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.0.0 - Topaz Labs, LLC) Topaz Fusion Express 2 (64-bit) (HKLM-x32\...\Topaz Fusion Express 2 (64-bit)) (Version: 2.1.1 - Topaz Labs) Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.1 - Topaz Labs) Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version: - Creative Assembly) Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony) Vertus Fluid Mask 3 3.3.8 (HKLM-x32\...\VertusFluidMask3) (Version: 3.3.8 - ) War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment) Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 15-10-2015 10:02:52 Windows Update 16-10-2015 15:21:31 Installed InstallShieldHiRezCurrent 20-10-2015 13:17:16 Windows Update 21-10-2015 16:18:00 Removed InstallShieldHiRezCurrent 22-10-2015 16:19:12 After clean removal of malware 22-10-2015 17:20:42 2nd restore point almost clean ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2015-10-22 17:49 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {04436F38-EC67-43D7-9961-70382FD7ECE7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {077F7D0F-76E6-4A2D-BA84-909E11100C08} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {153153A6-9549-4581-B231-3B71E1B8D807} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {16EE837B-5762-4C83-8F78-B91CBE1C5699} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {1A900234-1F8D-490F-8BFA-DC6DC52BE198} - System32\Tasks\{B9B27CE2-A4F8-452C-94AA-F2F27C6F733B} => pcalua.exe -a "C:\Program Files (x86)\The Vanishing of Ethan Carter\_CommonRedist\vcredist\2010\vcredist_x64.exe" -d "C:\Program Files (x86)\The Vanishing of Ethan Carter\_CommonRedist\vcredist\2010" Task: {1E25D38C-6466-4410-84DE-224B9DE91EF4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {1E35EFB6-1454-41C4-A005-93B20AD56218} - System32\Tasks\{6BDE1FE9-8C7C-4ED8-A7A7-FCDB7C4D563D} => pcalua.exe -a "C:\Program Files (x86)\The Vanishing of Ethan Carter\Binaries\Launcher.exe" -d "C:\Program Files (x86)\The Vanishing of Ethan Carter\Binaries" Task: {1EB752F6-D77B-477C-AA37-8E0F33A0F343} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {2AF02526-4E57-4377-AA80-0CE56318C118} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {329B346E-FF18-4445-BC18-37D96352BCF9} - System32\Tasks\SPBIW_UpdateTask_Time_313835353730383333382d2d37505a2a6c55326c342341 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION Task: {3D429579-E80E-47B7-AEAE-46C980C962BD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-15] (Microsoft Corporation) Task: {4442DE56-E182-4CA8-9CB1-1D51D87E3749} - System32\Tasks\AdobeAAMUpdater-1.0-Christian-PC-Christian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated) Task: {4D925EE3-85E8-4032-8CD2-B7B77B742E8B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {5506C0E1-D47A-47E3-96B0-E74D088A0925} - System32\Tasks\{BC36E2AF-9E8B-4076-8B3B-F9629C7C2AB6} => Chrome.exe hxxp://ui.skype.com/ui/0/6.21.0.104/en/abandoninstall?page=tsProgressBar Task: {5C1427CC-31E3-4621-B231-56540B22D4F4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {66F1DFDA-DBD8-4A73-A55B-9A00505DC235} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-18] (Adobe Systems Incorporated) Task: {88142775-4462-4678-9C6C-3CF84E3934B5} - System32\Tasks\{DD4A1F24-540A-4F6D-9554-568E8B49EE28} => pcalua.exe -a "C:\Program Files (x86)\The Vanishing of Ethan Carter\_CommonRedist\vcredist\2010\vcredist_x86.exe" -d "C:\Program Files (x86)\The Vanishing of Ethan Carter\_CommonRedist\vcredist\2010" Task: {89EAEFD4-2E56-4C78-852F-EB02E6A89969} - System32\Tasks\{854149A5-AE62-4988-8749-07F627FA83CD} => Chrome.exe hxxp://ui.skype.com/ui/0/7.12.0.101/en/abandoninstall?page=tsBing Task: {8B4015CD-83C3-4250-B6A6-16FD6075680D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {8D4349BD-5AAF-4377-A34E-1F0D55BD7126} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {8F4C3A2F-D807-437E-BAA4-10DF9721ED47} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION Task: {9349B306-A97A-4C07-B315-41D4D0E90311} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {955E0E3B-F368-4573-84BF-6201FB2B9138} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {98BC52D2-94B7-4E46-A505-2B3AFCA6E9C4} - System32\Tasks\{8779DAE2-8437-4BF6-9BEB-E737B265C047} => pcalua.exe -a "C:\Users\Christian\Downloads\The SIMS 4-Deluxe Edition-SKIDROWCRACK\__Installer\vp6\vp6install.exe" -d "C:\Users\Christian\Downloads\The SIMS 4-Deluxe Edition-SKIDROWCRACK\__Installer\vp6" Task: {9EF90C48-452D-42D9-A370-CFDDD7446D97} - System32\Tasks\SMW_UpdateTask_Time_313835353730383333382d2d37505a2a6c55326c342341 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION Task: {A029429F-795C-48D0-859E-4E15A272D881} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {AEDE63B2-7749-4BCD-A70D-4017392009BF} - System32\Tasks\{D8EC9723-D5F9-4851-9D6A-C6DED2CCC121} => pcalua.exe -a C:\Users\Christian\Desktop\Driviers\RTLTOOL\WIN7\64\EXE\RtlStartInstall.exe -d C:\Users\Christian\Desktop\Driviers\RTLTOOL\WIN7\64\EXE Task: {CF47E574-E8E1-4823-91A3-4057763A44BE} - System32\Tasks\{6C54F855-978C-4F7C-BA23-F35DAC862DB3} => pcalua.exe -a E:\install.exe -d E:\ Task: {D020B0E6-A4CC-470D-8297-D2E57B106C43} - System32\Tasks\{52EB6F3D-7E57-4A01-AA36-20651C50B5B5} => pcalua.exe -a "C:\Users\Christian\Downloads\The Sims 4 Deluxe Edition\__Installer\vp6\vp6install.exe" -d "C:\Users\Christian\Downloads\The Sims 4 Deluxe Edition\__Installer\vp6" Task: {DA634DE1-A2BA-4BF4-9F0B-A47A6F330593} - System32\Tasks\{5AFDA6E5-30C1-403E-AE28-929A9F2F7DCA} => pcalua.exe -a C:\Users\Christian\AppData\Local\uninstall.exe Task: {E19332B7-B8F3-4EA8-96DD-BF88DCA1316F} - System32\Tasks\{D642F487-5B33-448F-B845-F80F65B467BF} => pcalua.exe -a C:\Users\Christian\AppData\Local\{28B91EE5-0C11-725D-6189-57B545E1AB2D}\uninstall.exe -c /Uninstall /s /noun (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-07-10 06:00 - 2015-07-10 06:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll 2015-08-06 11:50 - 2015-08-06 11:50 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-02-06 15:25 - 2015-10-02 21:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-08-19 12:34 - 2015-08-11 04:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-10-01 09:41 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-10-01 09:41 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-10-01 09:41 - 2015-09-17 00:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll 2015-10-01 09:40 - 2015-09-17 00:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-10-01 09:40 - 2015-09-17 00:42 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll 2015-10-01 09:41 - 2015-09-17 00:43 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll 2015-10-01 09:40 - 2015-09-17 00:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-10 05:59 - 2015-07-10 05:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll 2015-10-01 09:40 - 2015-09-17 01:04 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2015-10-01 09:41 - 2015-09-17 00:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-10-01 09:41 - 2015-09-17 00:49 - 00884736 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2015-10-01 09:40 - 2015-09-17 00:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-01 09:41 - 2015-09-17 00:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 06:00 - 2015-07-10 08:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2015-08-06 11:50 - 2015-08-06 11:50 - 00577024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll 2015-08-06 11:50 - 2015-08-06 11:50 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node 2015-08-06 11:50 - 2015-08-06 11:50 - 00559616 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node 2015-08-06 11:50 - 2015-08-06 11:50 - 00643072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation.diagnostics\bin\NodeRT_Windows_Foundation_Diagnostics.node 2015-07-10 06:00 - 2015-07-10 08:14 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node 2015-08-06 11:50 - 2015-08-06 11:50 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node 2015-08-06 11:50 - 2015-08-06 11:50 - 00961536 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node 2015-08-06 11:50 - 2015-08-06 11:50 - 00204288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node 2015-08-06 11:50 - 2015-08-06 11:50 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node 2015-08-06 11:50 - 2015-08-06 11:50 - 00074240 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.networking\bin\NodeRT_Windows_Networking.node 2015-08-06 11:50 - 2015-08-06 11:50 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node 2015-08-06 11:50 - 2015-08-06 11:50 - 00124416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node 2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-04-12 00:01 - 2015-10-09 14:11 - 00709240 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll 2015-04-12 00:01 - 2015-10-09 14:11 - 00854136 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll 2015-09-22 10:44 - 2015-10-09 14:17 - 00652800 _____ () C:\Program Files (x86)\NVIDIA Corporation\OSC\OscCoPlayHelper.dll 2015-09-22 10:44 - 2015-10-09 14:17 - 04391936 _____ () C:\Program Files (x86)\NVIDIA Corporation\OSC\MessageBus.dll 2015-09-22 10:44 - 2015-06-25 10:03 - 00970240 _____ () C:\Program Files (x86)\NVIDIA Corporation\OSC\CefSharp.Core.dll 2015-09-22 10:44 - 2015-06-25 10:03 - 53344768 _____ () C:\Program Files (x86)\NVIDIA Corporation\OSC\libcef.dll 2015-09-22 10:44 - 2015-06-25 10:03 - 00613888 _____ () C:\Program Files (x86)\NVIDIA Corporation\OSC\CefSharp.BrowserSubprocess.Core.dll 2015-09-22 10:44 - 2015-06-25 10:03 - 01015296 _____ () C:\Program Files (x86)\NVIDIA Corporation\OSC\ffmpegsumo.dll 2015-09-22 10:44 - 2015-06-25 10:03 - 00208896 _____ () C:\Program Files (x86)\NVIDIA Corporation\OSC\libEGL.dll 2015-09-22 10:44 - 2015-06-25 10:03 - 01750016 _____ () C:\Program Files (x86)\NVIDIA Corporation\OSC\libGLESv2.dll 2015-09-22 10:44 - 2015-10-09 14:10 - 00390656 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\NvRemux64.dll 2015-04-12 00:01 - 2015-10-09 14:11 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-09-04 20:42 - 2015-09-04 20:42 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2015-08-06 09:38 - 2014-11-25 20:12 - 40622592 ____N () C:\Users\Christian\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll 2015-04-12 00:01 - 2015-10-09 14:11 - 00011896 _____ () c:\program files (x86)\nvidia corporation\nvstreamsrv\detoured.dll 2015-10-14 08:23 - 2015-10-08 19:53 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\libglesv2.dll 2015-10-14 08:23 - 2015-10-08 19:53 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\libegl.dll 2010-05-18 16:54 - 2010-05-18 16:54 - 00395776 _____ () C:\Program Files (x86)\Enigma Software Group\SpyHunter\ExecutionGuard.dll 2015-10-16 14:00 - 2015-10-15 13:20 - 16493256 _____ () C:\Users\Christian\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll 2014-05-19 17:04 - 2015-06-25 22:53 - 00393608 _____ () C:\Users\Christian\AppData\Roaming\Curse Client\Bin\opus.dll 2014-05-19 17:05 - 2015-06-25 22:53 - 00443272 _____ () C:\Users\Christian\AppData\Roaming\Curse Client\Bin\WebRTC_CSharpWrapper.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\079aa1fdbc9389b2afd29e6a61a3c096:Win32App AlternateDataStreams: C:\1196d99b6c29c959c74e:Win32App AlternateDataStreams: C:\3f52524a4959eceb37f64810ae2acaca:Win32App AlternateDataStreams: C:\6f25b99d904aa68857fb944ff27f66af:Win32App AlternateDataStreams: C:\8f9ae74e645b8b7be073086782b1ce10:Win32App AlternateDataStreams: C:\MagicBulletInstall:Win32App AlternateDataStreams: C:\Program Files\Adobe:Win32App AlternateDataStreams: C:\Program Files\Core Temp:Win32App AlternateDataStreams: C:\Program Files\Magic Bullet Looks Vegas:Win32App AlternateDataStreams: C:\Program Files\Microsoft Office:Win32App AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App AlternateDataStreams: C:\Program Files\Microsoft Xbox 360 Accessories:Win32App AlternateDataStreams: C:\Program Files\PowerISO:Win32App AlternateDataStreams: C:\Program Files (x86)\Adobe:Win32App AlternateDataStreams: C:\Program Files (x86)\Battle.net:Win32App AlternateDataStreams: C:\Program Files (x86)\Hearthstone:Win32App AlternateDataStreams: C:\Program Files (x86)\Heroes of the Storm:Win32App AlternateDataStreams: C:\Program Files (x86)\LooksBuilder:Win32App AlternateDataStreams: C:\Program Files (x86)\Razer:Win32App AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App AlternateDataStreams: C:\ProgramData\Reprise:yhuwxvwhfkxkcgmvjenbtlifh AlternateDataStreams: C:\Users\Christian\AppData\Roaming\Curse Client:Win32App ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-290106647-2205701836-1428435950-1000\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-290106647-2205701836-1428435950-1000\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-290106647-2205701836-1428435950-1000\...\myitlab.com -> myitlab.com IE trusted site: HKU\S-1-5-21-290106647-2205701836-1428435950-1000\...\pearsoncmg.com -> pearsoncmg.com IE trusted site: HKU\S-1-5-21-290106647-2205701836-1428435950-1000\...\pearsoned.com -> pearsoned.com IE trusted site: HKU\S-1-5-21-290106647-2205701836-1428435950-1000\...\researchnavigator.com -> researchnavigator.com IE trusted site: HKU\S-1-5-21-290106647-2205701836-1428435950-1000\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-290106647-2205701836-1428435950-1000\...\sony.com -> sony.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-290106647-2205701836-1428435950-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Christian\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\milky way.png DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{B975C8A7-6F28-4A5E-A01E-91B324CC70B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CPUCores\cpucore-launcher.exe FirewallRules: [{874EA7EE-7AE1-4AD5-AC93-630868EF891B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CPUCores\cpucore-launcher.exe FirewallRules: [{3458AED8-FCBB-41D1-AD92-3D327457D604}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C0AB044B-F9A4-4A34-B2D8-5583F38DC070}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{74C0458C-16E4-4960-8126-2F17C414CCCD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{5290B870-E7F1-4901-94ED-87E2EE8CD7FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{9C833A71-4C87-42F9-A2CD-AEF88027F127}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{33CA1EC8-7EA8-434A-A1A3-4779C389CA0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{786CD08A-1F46-4ADC-80DF-3AB804836A40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [UDP Query User{A2BC16A8-4FEB-4BE4-8CDF-C1C2F6C7F1BC}C:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe FirewallRules: [TCP Query User{4D61DACE-82B2-4CC0-A62B-1AAB7EB6796C}C:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe FirewallRules: [{64DB5219-E741-4265-8D34-2D08E4737683}] => (Allow) C:\Users\Christian\AppData\Local\MyComGames\MyComGames.exe FirewallRules: [{61D5D02E-DBEB-4099-AD2D-68350D28902D}] => (Allow) C:\Users\Christian\AppData\Local\MyComGames\MyComGames.exe FirewallRules: [UDP Query User{67C46F54-D8ED-4D73-BFDE-73811EC108B4}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe FirewallRules: [TCP Query User{361BCBFA-219F-4E4B-A269-C7992E486FD8}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe FirewallRules: [{E7A44A6F-4E05-4360-92AB-9370580D6C1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe FirewallRules: [{452FCAD5-B7C2-40C1-BD3C-0F26B60E24E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe FirewallRules: [UDP Query User{05F64CA8-9471-4A0E-BBA5-1D84BABF4758}C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe FirewallRules: [TCP Query User{56A07FDD-E807-42EE-8947-D8EB96101102}C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe FirewallRules: [UDP Query User{E05E1328-0465-461E-B435-AE1B5DE81636}C:\program files (x86)\r.g. mechanics\the stanley parable\stanley.exe] => (Block) C:\program files (x86)\r.g. mechanics\the stanley parable\stanley.exe FirewallRules: [TCP Query User{B5A03559-E567-42E6-AC62-787BA40D1E90}C:\program files (x86)\r.g. mechanics\the stanley parable\stanley.exe] => (Block) C:\program files (x86)\r.g. mechanics\the stanley parable\stanley.exe FirewallRules: [UDP Query User{EECFF145-6CB0-4912-B861-7C63D33526AC}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [TCP Query User{00077A1A-A760-473A-81BD-C8E3AE24A644}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [{88CC9026-CF06-42E6-A98F-519F5C62181B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{7399DFB7-812D-421B-84E8-877B6AE9CEFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [UDP Query User{0AA473EA-2A87-4BAC-81CF-8BE616B7CE81}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{9B3AE069-4EA1-4CF7-B3FC-8431857359FD}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{C60F7D36-9723-4D3B-831B-E8B441B2610F}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{A453905C-C2CF-4580-AD15-788C0E479081}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{C58C7492-1F9D-4E87-8E25-A229D38FC622}C:\grand theft auto v\gta5.exe] => (Allow) C:\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{493218A2-FD21-49A4-84BF-121FA5CAECDD}C:\grand theft auto v\gta5.exe] => (Allow) C:\grand theft auto v\gta5.exe FirewallRules: [{0A1E65B2-65F2-49C6-98E9-A6B7B4E28C60}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{0FA5F863-F8CE-48E0-B768-7D2B09FC5F4C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{B26F051C-8948-416D-B4CB-19E15DC1190E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{B6D0F7EF-D31E-4AF8-9DE4-C97FEA0E682F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{491413D8-6D4E-4DBB-A419-07AA2390EF95}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{D290CF91-A83C-4BD3-A85C-D2E809C04B1B}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{E41DF5C7-1B97-4264-AACE-4C5B9680A5ED}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{068CEB25-F2E3-42A1-990C-A570AD557D3B}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{EED4FC7E-C6AB-48EE-B835-FCF3666945F2}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{84107BEE-51F5-4C14-BAA3-2BFE032B87A9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{399E0C4E-98EF-4903-AE90-4468284E1C86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{C09D28D1-71D9-450B-AA85-639CCAE63FDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [UDP Query User{9C2543C4-89BE-42DD-ACB9-E7F5D32A5264}C:\users\christian\documents\unreal projects\reflections\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\christian\documents\unreal projects\reflections\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe FirewallRules: [TCP Query User{CCA9E3ED-30F0-4962-87E1-2C0342ED6D03}C:\users\christian\documents\unreal projects\reflections\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\christian\documents\unreal projects\reflections\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe FirewallRules: [UDP Query User{0876A886-3FDD-40DD-8A2E-BDBC582467B4}C:\users\christian\documents\unreal projects\particleeffects\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\christian\documents\unreal projects\particleeffects\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe FirewallRules: [TCP Query User{A7653867-1D19-45E1-A59C-260788C6B785}C:\users\christian\documents\unreal projects\particleeffects\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\christian\documents\unreal projects\particleeffects\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe FirewallRules: [UDP Query User{DDBD0E86-CC74-419A-9398-27EEF88E2A3C}C:\users\christian\documents\unreal projects\realisticrendering\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\christian\documents\unreal projects\realisticrendering\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe FirewallRules: [TCP Query User{8F5593FC-7928-46FD-9AAD-0588A88CE49C}C:\users\christian\documents\unreal projects\realisticrendering\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\christian\documents\unreal projects\realisticrendering\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe FirewallRules: [UDP Query User{9EA3362C-593D-4D5F-8B7E-35B49B472E9A}C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [TCP Query User{0671BB02-A9D3-478F-BF28-24A122FFCED1}C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [UDP Query User{5CD99262-AF96-429E-901A-B6FD9634C96D}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe FirewallRules: [TCP Query User{8A7ABE2C-15B1-4EDC-BB9E-674F3D64F199}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe FirewallRules: [UDP Query User{D829DB50-4E70-43B2-A998-A3340F3F04AE}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [TCP Query User{F4BA43C3-DFA2-4D54-A319-9AE63CE6576E}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [{5D00998F-705D-4301-90AB-82EB6D1BB4E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [{C3790E53-1612-4BAD-B48E-C446C5042652}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [{882C2281-DCD4-4CF4-81F6-73812B7B2C42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{85C3061B-0C83-473E-B04D-6223485F7A4A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{584BB454-BF10-4E9A-98D0-0C726C242344}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe FirewallRules: [{68293752-9FE6-4DE4-B955-C438AACF9820}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe FirewallRules: [UDP Query User{B282A799-D36A-4FA3-AC52-0AD910E54526}C:\games\dying light\dyinglightgame.exe] => (Allow) C:\games\dying light\dyinglightgame.exe FirewallRules: [TCP Query User{7501B4E7-BA5C-441B-8686-396749CCFE16}C:\games\dying light\dyinglightgame.exe] => (Allow) C:\games\dying light\dyinglightgame.exe FirewallRules: [UDP Query User{66F8FCFC-6D15-424C-9517-13E8F4CF6EEA}C:\program files (x86)\gigabyte\touchbios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\touchbios\gbtupd.exe FirewallRules: [TCP Query User{867F7A5C-4245-4589-B2ED-5C9591B470EE}C:\program files (x86)\gigabyte\touchbios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\touchbios\gbtupd.exe FirewallRules: [UDP Query User{E1129953-043C-4059-8547-D717B526A7B4}C:\program files (x86)\gigabyte\touchbios\updexe.exe] => (Block) C:\program files (x86)\gigabyte\touchbios\updexe.exe FirewallRules: [TCP Query User{DD33757C-3612-47A6-8A5D-C63C525D43E2}C:\program files (x86)\gigabyte\touchbios\updexe.exe] => (Block) C:\program files (x86)\gigabyte\touchbios\updexe.exe FirewallRules: [UDP Query User{94049942-A439-4A30-9F26-8976D0022EBE}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe FirewallRules: [TCP Query User{35FA9C3C-E9FA-4769-878E-F7767448FAD4}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe FirewallRules: [{448D1550-2D34-4E68-B34D-2FBB72D72BAC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{D520B88C-9068-4AA1-8307-0AD64B8180F6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [UDP Query User{E87CBAFC-4142-41BB-9857-89712F3C5F7B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{0EA1542E-3ED0-4DFD-A278-C8C3C2D72578}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{57EC9B1B-D9A6-44A5-B3CE-60C43DF42EA7}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe FirewallRules: [{6C9F2C2C-79F7-4BB6-AFDD-F747E277957D}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe FirewallRules: [{DA95E6AB-4AE7-490A-9D5F-5473287D1554}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{9B1A7F2F-7ACC-4899-A026-679DE16331EF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [UDP Query User{EAABC222-0402-43C8-BABE-0AE4F70E6131}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe FirewallRules: [TCP Query User{FC1B37CA-E769-449A-B3D7-ECD96284C137}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe FirewallRules: [{A756B32A-4886-472E-A1F2-DC42CDF7F5B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{C7D0CB68-D342-49ED-AE1D-F4346608E8FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{02A03530-234E-4507-B66B-C938730110C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{44A8B753-4458-47A1-919D-315286D2571E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{065D4BB8-B4F9-4943-B151-42508DA716C0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C26519BC-6AEE-46F1-B085-4BF828FBD067}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{ED0D68B2-947B-47FF-8E78-0EA59BAC2482}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{6FFA6841-A4DD-4DAA-AC5D-1923517A9655}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [UDP Query User{80BA49F2-BF3D-4242-B006-4ECFDDDA37B3}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe FirewallRules: [TCP Query User{8AA8D8F2-59FE-44EB-8BB3-34485C085F83}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe FirewallRules: [UDP Query User{463C3E10-3A61-4693-B203-FC27D6E37D2E}C:\program files\adobe\adobe premiere pro cs6\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cs6\adobe premiere pro.exe FirewallRules: [TCP Query User{27D9D89B-0A71-4DCA-9F28-A19EAE299A7B}C:\program files\adobe\adobe premiere pro cs6\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cs6\adobe premiere pro.exe FirewallRules: [UDP Query User{8A037D35-424C-4036-8832-B75D933C5912}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe FirewallRules: [TCP Query User{4329FB29-502F-4CA2-9FE8-614387D5C24F}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe FirewallRules: [UDP Query User{A033FFED-94F5-4D89-B44D-F91CC66D5E30}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe FirewallRules: [TCP Query User{6C0BA367-4BF3-4223-8473-0857BF63B056}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe FirewallRules: [UDP Query User{F6CDFD46-C37C-4E08-ACF1-5C83FEF22C96}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe FirewallRules: [TCP Query User{29D276C7-0CAC-40FF-9B5F-A799CBF37A4C}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe FirewallRules: [UDP Query User{57AC1B32-6550-4EF0-86EB-3738275C1F5B}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe FirewallRules: [TCP Query User{01F867A6-62E1-46F7-9480-E07DDF273E97}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe FirewallRules: [{1F2D0DFD-4A0D-4341-A4C2-7CB98FB9E1D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe FirewallRules: [{578DD598-B6E3-43AC-BD51-F40CA4A7B02E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe FirewallRules: [{6ACA07FB-CF9C-426E-8789-9D01B04C3E07}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe FirewallRules: [{187F1E70-1BBB-4A3B-A8CC-F2AB398AC681}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe FirewallRules: [UDP Query User{C7803DF6-D271-4B5F-856E-500BFC8EA845}C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe] => (Allow) C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe FirewallRules: [TCP Query User{0AFEB1B4-6D05-422C-B33C-41B5FDF7059E}C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe] => (Allow) C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe FirewallRules: [UDP Query User{CECEB84F-7EEF-422C-A444-18CFD23D5B6A}C:\program files (x86)\dragon age\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\dragon age\bin_ship\daorigins.exe FirewallRules: [TCP Query User{8F1F0B99-53A9-4C45-A95C-B3B766142569}C:\program files (x86)\dragon age\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\dragon age\bin_ship\daorigins.exe FirewallRules: [{E31EDCA0-9C14-4836-A40B-E88FA49F7DF8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe FirewallRules: [{6C4E1EE6-720B-4D75-A73F-6943D81A3EED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe FirewallRules: [UDP Query User{EF4832D1-0FDC-474D-935F-6FA05A36BC89}C:\program files (x86)\the vanishing of ethan carter\binaries\win32\astronautsgame-win32-shipping.exe] => (Allow) C:\program files (x86)\the vanishing of ethan carter\binaries\win32\astronautsgame-win32-shipping.exe FirewallRules: [TCP Query User{4D5E59DA-FDA3-45A1-A8A1-7D0835864C2E}C:\program files (x86)\the vanishing of ethan carter\binaries\win32\astronautsgame-win32-shipping.exe] => (Allow) C:\program files (x86)\the vanishing of ethan carter\binaries\win32\astronautsgame-win32-shipping.exe FirewallRules: [UDP Query User{4A512D39-7010-409F-9F45-74C844CCAF6B}C:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) C:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe FirewallRules: [TCP Query User{7DD63C04-1DF1-4E52-A7FD-C5FDB396C4B0}C:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) C:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe FirewallRules: [{C523D75E-A33C-4A4B-940B-EAE764B80B75}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe FirewallRules: [{EDC6B8F0-8D92-4173-9859-A3F3FEC7230C}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe FirewallRules: [{A5187478-A08E-4F02-A0EA-AB6EDC24608C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe FirewallRules: [{3E610218-DF95-45B4-BC41-DFD1B504041A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe FirewallRules: [{43BA5128-7663-4D8B-9BC0-53D1DDD38E21}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe FirewallRules: [{33387015-9D25-45B6-9960-92BFEEE254D5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe FirewallRules: [{B519E480-32F4-4A01-9E53-C706F446FDF4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe FirewallRules: [{189AC292-3621-49DD-B43C-28AEDD64AB54}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe FirewallRules: [UDP Query User{F8BC37B5-6990-44CF-8F48-FC24ECC64B32}C:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe] => (Allow) C:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe FirewallRules: [TCP Query User{69A00BCD-5F5A-482F-AE38-0DC201770AB0}C:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe] => (Allow) C:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe FirewallRules: [{26DB106F-0787-4071-8572-6C1FEEEA18E6}] => (Block) %ProgramFiles%\Smith Micro\Manga Studio 5E\Manga Studio\Manga Studio.exe FirewallRules: [{F89D78C7-F779-4232-974C-3CF3AC21A680}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe FirewallRules: [{423083E6-3F5F-41A5-887F-83815E326B45}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe FirewallRules: [{5694397F-342D-443C-B0CF-2EC58F9DC9BA}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{D5979E3A-34B0-423F-BF70-59EA69F93996}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{0E30132E-6C68-4ACB-8D8B-25D498967872}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{92610270-9C4F-47CA-B8CE-689CB83962B0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [UDP Query User{B4BAC932-FE3D-4623-89D7-4AF56BC2BE12}C:\program files (x86)\r.g. mechanics\arma iii\arma3.exe] => (Allow) C:\program files (x86)\r.g. mechanics\arma iii\arma3.exe FirewallRules: [TCP Query User{FA40D5D4-A39E-4449-9841-C1D1D6E16BC9}C:\program files (x86)\r.g. mechanics\arma iii\arma3.exe] => (Allow) C:\program files (x86)\r.g. mechanics\arma iii\arma3.exe FirewallRules: [UDP Query User{2959323D-64DB-4435-9773-EC055FCD71D2}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe FirewallRules: [TCP Query User{C9BC3992-AF33-4E23-AA49-6289E6829316}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe FirewallRules: [{5BF74AFF-9A07-4B83-A5FB-5399EFAEC323}] => (Allow) C:\Games\SimCity 2013 Offline\SimCity\SimCity.exe FirewallRules: [{552363AB-03D3-4203-9F53-A7CC60A3E2B8}] => (Allow) C:\Games\SimCity 2013 Offline\SimCity\SimCity.exe FirewallRules: [{4A85E0D6-C2A7-461D-952D-BDD774767033}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{9FEB9F96-2C52-4614-A87E-6E16DE0EFFDB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{E23D88AC-5D61-49B6-8567-4C4085B7B26B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1EEF139F-5BD4-46EB-8D41-A35FB888CAB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [UDP Query User{0E023036-EB51-4746-93E2-562CA82E2601}C:\users\christian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christian\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{13590E8F-6FA9-4E7D-9B2C-DCDFB200DA91}C:\users\christian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christian\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{6F09B02A-172C-44CC-BBA2-68207FABAEB7}C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe] => (Allow) C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe FirewallRules: [TCP Query User{5C29208C-B313-4761-B69E-CF839CF9F1C3}C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe] => (Allow) C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe FirewallRules: [UDP Query User{0B41CFE7-50A2-4831-B3F0-81C8436F6129}C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe] => (Allow) C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe FirewallRules: [TCP Query User{F6304FBF-461C-4F06-8D55-DF80D7D76B0B}C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe] => (Allow) C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe FirewallRules: [{8CE273A7-6B41-4D81-9528-0D448B8DACA1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{0C4D44E2-317C-42C9-8AE0-29835D686F89}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe FirewallRules: [TCP Query User{18CCF0D6-5188-4E76-99F9-B221E6CEB84C}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe FirewallRules: [UDP Query User{4AE2657C-E0CB-4F6A-A8A7-F16B590F7E5D}C:\users\christian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christian\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{1240E4E4-8D4B-4670-BD02-E41FF93F21B7}C:\users\christian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christian\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{047A91B3-214B-413B-9790-72A8F2984E20}C:\users\christian\downloads\dayz standalone v0.46 final\dayz standalone v0.46\dayz.exe] => (Allow) C:\users\christian\downloads\dayz standalone v0.46 final\dayz standalone v0.46\dayz.exe FirewallRules: [TCP Query User{6DF1B23F-5298-4190-B54C-2A97E78246D6}C:\users\christian\downloads\dayz standalone v0.46 final\dayz standalone v0.46\dayz.exe] => (Allow) C:\users\christian\downloads\dayz standalone v0.46 final\dayz standalone v0.46\dayz.exe FirewallRules: [{C8BAD885-4C24-4EE2-A787-285AA9261DE0}] => (Allow) C:\Users\Christian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{897C64B7-8916-4FC8-B0AE-2ED5160C8C64}] => (Allow) C:\Users\Christian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E64309EA-7ABF-4F7C-81FA-403F5B22EF99}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{97932AC8-3E93-4453-8A70-76DFFC7AA66D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{BFF8E133-6446-427C-9803-71D3574E7D30}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{A4ECBEC7-CD07-46EC-8C7B-2D1085B34E67}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [TCP Query User{39EA59AE-952A-48EC-8DFE-9D948A68FAD3}C:\users\christian\downloads\unreal-interior\unreal interior\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\christian\downloads\unreal-interior\unreal interior\engine\binaries\win64\ue4game.exe FirewallRules: [UDP Query User{A8C90FF4-F22E-4ADB-9CEB-3BB255331024}C:\users\christian\downloads\unreal-interior\unreal interior\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\christian\downloads\unreal-interior\unreal interior\engine\binaries\win64\ue4game.exe FirewallRules: [{FA8480DD-E634-4A9D-837F-A49E8A5D15B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe FirewallRules: [{7BCE9CEF-4F45-47FE-9E31-BF647E0CDC4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe FirewallRules: [{4D3F04A4-A818-4FE0-AF26-5AD38B674AD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe FirewallRules: [{093EF308-B96E-485B-9483-307E084A9D94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe FirewallRules: [{290C6C92-0668-4545-A77C-A68CA938EB8D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe FirewallRules: [{BC7644B7-C00B-4B1C-91D0-C8B0340245C7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe FirewallRules: [{1CD7714D-DBFB-4DBB-9C3A-615E3DD7FDDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe FirewallRules: [{48E55671-99C2-4160-A5B6-A5ADE98F0C44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe FirewallRules: [{38DE7A34-0910-4574-8F07-7E56D48DA56F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe FirewallRules: [{EB77302B-9A17-485F-87E7-F2E70557AA18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe FirewallRules: [{62DCA5AD-FB6E-4530-AC14-76BCA3942B69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe FirewallRules: [{CB307AAD-0370-4870-9995-0C7466B85E8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe FirewallRules: [TCP Query User{F354C8DD-E4C7-466B-A023-D1575F724621}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe FirewallRules: [UDP Query User{6616E6E5-5573-49E3-A81A-8A9F54BEDBF9}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe FirewallRules: [TCP Query User{A0EB0704-6EC1-4C97-B67F-33FAEA73F8AC}C:\users\christian\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\christian\appdata\local\directv player\ndspcshowserver.exe FirewallRules: [UDP Query User{543D9252-B405-4DA2-B5F1-E5AE36FDE868}C:\users\christian\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\christian\appdata\local\directv player\ndspcshowserver.exe FirewallRules: [{14BFFC08-CED0-4EFA-A99C-7331FCD09EA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RebelGalaxy\SteamLauncher.exe FirewallRules: [{E37AA315-E8A7-4BB1-9CA7-70F916162F16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RebelGalaxy\SteamLauncher.exe FirewallRules: [{C067161D-99DA-4222-841C-477BE4BC4088}] => (Allow) C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe FirewallRules: [{9AD3EBA9-CC74-425D-A614-C72D02139905}] => (Allow) C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe FirewallRules: [{45C865AF-8506-43D6-8EA2-AAB292F1765F}] => (Allow) C:\Users\Christian\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{7052B3AD-22D9-4FCA-AE67-94AA5FD737B3}] => (Allow) C:\WINDOWS\system32\rundll32.exe FirewallRules: [{9E7BF9F4-FD53-44CD-A24C-6DCB4AC95183}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶睜湩灯晴汩整屲楷潮瑰楦瑬牥攮數 FirewallRules: [{F82F2CCF-54BD-4718-84C9-FB50FFFF6FA7}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶睜湩灯晴汩整屲敲瑳楷潮瑰楦瑬牥攮數 FirewallRules: [{ED4D275E-7C76-493A-9665-72C4E32F0A8C}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶睜湩灯晴汩整屲楷潮瑰楦瑬牥⹟硥e FirewallRules: [{31A56A74-8463-45E2-A8FA-5E0E69407AE1}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶睜湩灯晴汩整屲敲瑳楷潮瑰楦瑬牥⹟硥e FirewallRules: [{1851FC63-0094-4353-937A-F1ACF8666E3B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: ASUS 802.11n Wireless LAN Card Description: ASUS 802.11n Wireless LAN Card Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Pegatron corporation Service: netr28x Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (10/22/2015 05:21:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (10/22/2015 05:11:18 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8 Error: (10/22/2015 05:11:16 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Error: (10/22/2015 05:11:16 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8 Error: (10/22/2015 05:11:16 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: LsaC:\Windows\System32\Secur32.dll8 Error: (10/22/2015 05:11:16 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: ESENTC:\WINDOWS\system32\esentprf.dll8 Error: (10/22/2015 05:11:16 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (10/22/2015 05:08:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHRISTIAN-PC) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/22/2015 04:19:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (10/22/2015 12:43:21 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8 System errors: ============= Error: (10/22/2015 05:11:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Intel(R) Management and Security Application Local Management Service service failed to start due to the following error: %%1053 Error: (10/22/2015 05:11:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Management and Security Application Local Management Service service to connect. Error: (10/22/2015 05:09:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Net.Tcp Service Handler service failed to start due to the following error: %%2 Error: (10/22/2015 05:09:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Network Support Service Updater service failed to start due to the following error: %%2 Error: (10/22/2015 05:09:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Network HTTP Support Service service failed to start due to the following error: %%2 Error: (10/22/2015 05:09:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error: %%1058 Error: (10/22/2015 05:08:26 PM) (Source: DCOM) (EventID: 10010) (User: CHRISTIAN-PC) Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca Error: (10/22/2015 05:08:25 PM) (Source: DCOM) (EventID: 10010) (User: CHRISTIAN-PC) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (10/22/2015 05:08:24 PM) (Source: DCOM) (EventID: 10010) (User: CHRISTIAN-PC) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (10/22/2015 05:08:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2015-10-22 12:31:53.134 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-10-22 09:34:27.274 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-22 09:33:34.145 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-22 09:33:14.354 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-22 09:33:14.325 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-22 09:33:14.295 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-22 09:33:14.262 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-22 09:33:14.245 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-22 09:33:14.230 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-21 16:13:07.077 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz Percentage of memory in use: 26% Total physical RAM: 16301.11 MB Available physical RAM: 11902.07 MB Total Virtual: 32685.11 MB Available Virtual: 27351.54 MB ==================== Drives ================================ Drive c: (Primary Drive) (Fixed) (Total:465.22 GB) (Free:123.61 GB) NTFS Drive k: (Second Drive) (Fixed) (Total:465.76 GB) (Free:307.26 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9904B076) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A33C5430) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================