Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-06-2017 Ran by Hong Meiling (06-06-2017 06:15:29) Running from C:\Users\Hong Meiling\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2013-07-05 03:03:16) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4135327567-4282227739-3352556458-500 - Administrator - Disabled) Guest (S-1-5-21-4135327567-4282227739-3352556458-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4135327567-4282227739-3352556458-1401 - Limited - Enabled) Hong Meiling (S-1-5-21-4135327567-4282227739-3352556458-1000 - Administrator - Enabled) => C:\Users\Hong Meiling ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-4135327567-4282227739-3352556458-1000\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.) 7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.) Akamai NetSession Interface (HKU\S-1-5-21-4135327567-4282227739-3352556458-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Anki (HKLM-x32\...\Anki) (Version: - ) Ansel (Version: 382.33 - NVIDIA Corporation) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard) ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.) ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software) AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - ) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Castle Crashers (HKLM\...\Steam App 204360) (Version: - The Behemoth) CLICKBIOSII (HKLM-x32\...\{EBCB111F-4907-4B28-BD03-F5BD901106D2}_is1) (Version: 1.0.119 - MSI) CPUID CPU-Z 1.66 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CypherGuard Browser for x64 (HKLM-x32\...\InstallShield_{5208CEC4-308D-44C0-BFEA-FE9D32B043F5}) (Version: 3.2.1 - CypherTec Inc.) CypherGuard Browser for x64 (Version: 3.2.1 - CypherTec Inc.) Hidden CypherGuard for Movie x64 Edition (HKLM-x32\...\InstallShield_{B220B4C6-869C-4081-AC6D-1A65FFCF874F}) (Version: 3.2.1 - CypherTec Inc.) CypherGuard for Movie x64 Edition (Version: 3.2.1 - CypherTec Inc.) Hidden CypherGuard for PDF x64 Edition (HKLM-x32\...\InstallShield_{BB19952F-77FE-4877-A570-79C150EE6CE4}) (Version: 3.6.2 - CypherTec Inc.) CypherGuard for PDF x64 Edition (Version: 3.6.2 - CypherTec Inc.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Discord (HKU\S-1-5-21-4135327567-4282227739-3352556458-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) Don't Starve Together (HKLM\...\Steam App 322330) (Version: - Klei Entertainment) EasyViewer (HKLM-x32\...\InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.3.0.9 - MSI) EasyViewer (x32 Version: 1.3.0.9 - MSI) Hidden FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.) Go! Go! Nippon! ~My First Trip to Japan~ (HKLM\...\Steam App 251870) (Version: - OVERDRIVE) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{DE788AD4-F7CE-4995-ADF8-56174A7B613C}) (Version: 3.0.41.1571 - Intel) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation) IObit Malware Fighter 5 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 5.1 - IObit) iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.) Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version: - ) Learn Japanese To Survive! Katakana War (HKLM\...\Steam App 554600) (Version: - Sleepy Duck) Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.13291.0 - Linksys LLC) Lost Castle (HKLM\...\Steam App 434650) (Version: - Hunter Studio) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team) MPC-HC 1.7.8 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.8 - MPC-HC Team) NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation) NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation) NVIDIA Graphics Driver 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation) NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.) SafeZone Stable 3.55.2393.607 (x32 Version: 3.55.2393.607 - Avast Software) Hidden Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics) SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.) SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.018 - MSI) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) The Jackbox Party Pack (HKLM\...\Steam App 331670) (Version: - Jackbox Games, Inc.) The Jackbox Party Pack 2 (HKLM\...\Steam App 397460) (Version: - Jackbox Games, Inc.) The Jackbox Party Pack 3 (HKLM\...\Steam App 434170) (Version: - Jackbox Games, Inc.) TP-LINK TL-WDN4800 Driver (HKLM-x32\...\{70D605C7-C823-4750-BA72-BEB835713612}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Unity Web Player (HKU\S-1-5-21-4135327567-4282227739-3352556458-1000\...\UnityWebPlayer) (Version: 5.3.1f1 - Unity Technologies ApS) VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.5 - MSI) VideoGenie (HKLM-x32\...\{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1) (Version: 1.0.0.12 - MSI) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.7 - VMware, Inc) VMware Player (Version: 6.0.7 - VMware, Inc.) Hidden Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) Windows Driver Package - ASIX (AX88179) Net (12/03/2013 1.14.8.0) (HKLM\...\1B4B5A7C69F7245159762A3E760F3C782264C800) (Version: 12/03/2013 1.14.8.0 - ASIX) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.126 - MSI) WinRAR 5.31 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) HKU\S-1-5-21-4135327567-4282227739-3352556458-1000\...\ChromeHTML: -> <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {08194A33-94F6-4028-8F4B-783AD4C38079} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation) Task: {091BB800-050F-4845-9452-89DD70BE2496} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-25] (Google Inc.) Task: {0CD8C81E-2583-4D61-A53E-BDDD39AF1DE8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation) Task: {14C68966-EA18-4344-9423-8877CFE0F0CF} - System32\Tasks\{593F9862-C0D4-4B9F-8D62-D138F0905366} => C:\Users\Hong Meiling\Desktop\Eroico_Re_v8.1\Eroico_Re.exe Task: {1F718E3A-56D2-4B76-B338-2775265F94D1} - System32\Tasks\{F7E638B4-A81B-4194-8DD6-8CAB32F1BBCE} => Chrome.exe hxxp://ui.skype.com/ui/0/7.22.85.109/en/abandoninstall?page=tsProgressBar Task: {28878175-D8A2-4CC9-A6A6-C93978D6E7F1} - System32\Tasks\{EE85C3E9-707D-4458-9CD5-2AFF87F38FC7} => pcalua.exe -a "C:\Phantasy Star Online Blue Burst\Uninstal.exe" Task: {293EF0F2-0B20-4BD6-A233-F5B70F3B92A8} - System32\Tasks\{E19D5C44-833C-486D-BD22-AC325C04DED5} => pcalua.exe -a "C:\Users\Hong Meiling\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DG7V7QMZ\JavaSetup8u60.exe" -d "C:\Users\Hong Meiling\Desktop" Task: {2E2827BB-4F69-412E-A67C-1A0D58B6569D} - System32\Tasks\{B7BD450B-46D8-4934-ADCE-C405A47D7A26} => C:\Users\Hong Meiling\Desktop\Eroico\Eroico_Re.exe Task: {36618204-6DC8-4922-AB47-ACE12CDB996E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation) Task: {3C1D52FA-D30A-4F4F-82A0-DB03D8FEBCD0} - System32\Tasks\{FF2BB244-42F3-4875-A4CD-AF307B94616B} => pcalua.exe -a "C:\Users\Hong Meiling\Downloads\Mabinogi\MabinogiSetup183R.exe" -d "C:\Users\Hong Meiling\Downloads\Mabinogi" Task: {40CFC33D-9FA5-4237-A601-1A521F063B49} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation) Task: {6911D8EF-A29F-42E7-BE90-D5478B89AD2E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-25] (Google Inc.) Task: {6E468E8D-AC6C-4E7A-88C0-9FCE8BAFD017} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {74614FC9-E386-471E-861C-4C0F83475ECE} - System32\Tasks\{3064F19D-29EC-40FC-B509-4A5889A3653D} => pcalua.exe -a "C:\Users\Hong Meiling\Desktop\New folder\intel_sct _7_mb_81\Setup.exe" -d "C:\Users\Hong Meiling\Desktop\New folder\intel_sct _7_mb_81" Task: {9457FAFC-EFE4-4E5A-9CBB-6A5BC043BF05} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation) Task: {97BDDAD5-D4CF-415E-B076-BC5FED228BB2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation) Task: {98CD42A9-B82F-4A17-A314-B90B2BD0F1D9} - System32\Tasks\SafeZone scheduled Autoupdate 1458847523 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-05-17] (Avast Software) Task: {9D34C966-CA79-442F-B19C-090D3438CD34} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated) Task: {9E4D7E90-E1DF-4BB5-BD0C-C1C3F099D38B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-17] (AVAST Software) Task: {9E9241F6-C645-4E28-BDD0-192046A82117} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation) Task: {9FE50E3B-3B14-409A-A5E0-DB8E88098E2C} - System32\Tasks\{0E100E9E-839A-4E63-8091-84CEEF100124} => Chrome.exe hxxp://ui.skype.com/ui/0/7.22.85.109/en/abandoninstall?page=tsProgressBar Task: {B168F828-4464-4136-8B82-85F7CD43D979} - System32\Tasks\PC Shutdow => C:\Windows\System32\shutdown.exe [2009-07-13] (Microsoft Corporation) Task: {B3ECFFB1-9C5F-4668-85C0-BD61C5C662F5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.) Task: {BD10AE51-02B9-4EBD-AD1B-97CA82F4A24E} - System32\Tasks\AVAST Software\Avast settings backup Task: {E3D401EB-C9B5-4CB9-B6BE-CD25631E3B89} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation) Task: {FC8B4EBA-14DA-473E-BD9B-D1312214D074} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Hong Meiling\Favorites\PSPVC PSP Video Converter.lnk -> hxxp://pspvc.nswardh.com Shortcut: C:\Users\Hong Meiling\Favorites\PSPVC on Twitter.lnk -> hxxp://twitter.com/sward ==================== Loaded Modules (Whitelisted) ============== 2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-01-13 14:56 - 2017-01-13 14:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe 2012-08-16 20:36 - 2012-08-16 20:36 - 00149032 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2012-08-16 20:36 - 2012-08-16 20:36 - 00058920 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2017-05-07 09:44 - 2017-05-03 13:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2013-09-13 19:55 - 2013-10-29 20:17 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2016-09-24 16:20 - 2016-09-24 16:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2017-05-17 22:39 - 2017-05-17 22:39 - 00162024 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll 2017-05-17 22:40 - 2017-05-17 22:40 - 00825960 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll 2017-05-17 22:40 - 2017-05-17 22:40 - 00275776 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2017-05-09 03:05 - 2017-05-09 03:05 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll 2017-05-09 03:05 - 2017-05-09 03:05 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll 2016-11-11 19:17 - 2014-03-14 12:23 - 00847872 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe 2017-04-06 23:37 - 2017-04-06 23:37 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2017-05-09 17:52 - 2017-05-09 02:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll 2017-05-09 17:52 - 2017-05-09 02:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll 2017-05-17 22:40 - 2017-05-17 22:40 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-05-17 22:40 - 2017-05-17 22:40 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-05-17 22:40 - 2017-05-17 22:40 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-06-05 22:39 - 2017-06-05 22:39 - 06101296 _____ () C:\Program Files\AVAST Software\Avast\defs\17060500\algo.dll 2017-05-17 22:40 - 2017-05-17 22:40 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-05-17 22:40 - 2017-05-17 22:40 - 00230632 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2017-06-06 06:13 - 2017-06-06 06:13 - 06100784 _____ () C:\Program Files\AVAST Software\Avast\defs\17060600\algo.dll 2015-06-24 14:28 - 2015-06-24 14:28 - 01301720 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll 2017-05-07 09:44 - 2017-05-03 13:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-05-17 22:40 - 2017-05-17 22:40 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll 2017-05-17 22:40 - 2017-05-17 22:40 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-05-17 22:39 - 2017-05-17 22:39 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-01-11 15:43 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Hong Meiling\AppData\Local\Discord\app-0.0.297\ffmpeg.dll 2017-01-11 15:43 - 2017-01-11 15:43 - 01082880 _____ () \\?\C:\Users\Hong Meiling\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node 2017-01-11 15:43 - 2017-01-11 15:43 - 03750400 _____ () \\?\C:\Users\Hong Meiling\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll 2017-01-11 15:43 - 2017-01-11 15:43 - 00914432 _____ () \\?\C:\Users\Hong Meiling\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node 2016-11-11 19:17 - 2014-03-14 12:16 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll 2016-11-11 19:17 - 2014-03-14 12:25 - 00194560 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll 2017-01-16 04:40 - 2017-01-16 04:40 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2017-01-11 15:43 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Hong Meiling\AppData\Local\Discord\app-0.0.297\libglesv2.dll 2017-01-11 15:43 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Hong Meiling\AppData\Local\Discord\app-0.0.297\libegl.dll 2017-05-07 09:44 - 2017-05-03 13:20 - 65709176 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2017-06-06 06:13 - 2017-06-06 06:13 - 00148992 _____ () \\?\C:\Users\Hong Meiling\AppData\Local\Temp\5F2F.tmp.node 2017-01-11 15:43 - 2017-04-26 21:29 - 02658296 _____ () \\?\C:\Users\Hong Meiling\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node 2017-04-06 22:54 - 2016-10-08 00:13 - 50656768 _____ () C:\Users\Hong Meiling\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2017-06-05 22:51 - 2016-08-10 17:13 - 00188704 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll 2017-06-05 22:51 - 2016-08-10 17:13 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\webres.dll 2017-06-05 22:51 - 2016-08-10 17:13 - 00151840 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll 2017-06-05 22:51 - 2017-05-09 10:59 - 00631584 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll 2017-04-06 22:54 - 2016-10-08 00:13 - 01874944 _____ () C:\Users\Hong Meiling\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2017-04-06 22:54 - 2016-10-08 00:13 - 00075264 _____ () C:\Users\Hong Meiling\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2017-06-05 22:51 - 2016-12-12 16:52 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl 2017-06-05 22:51 - 2016-12-12 16:52 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl 2017-06-05 22:51 - 2016-12-12 16:52 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl 2015-05-25 02:56 - 2013-01-14 10:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-4135327567-4282227739-3352556458-1000\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-4135327567-4282227739-3352556458-1000\...\aeriagames.com -> hxxp://aeriagames.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 19:34 - 2016-08-20 19:54 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4135327567-4282227739-3352556458-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hong Meiling\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iSCTsysTray.lnk => C:\Windows\pss\iSCTsysTray.lnk.CommonStartup MSCONFIG\startupreg: Discord => C:\Users\Hong Meiling\AppData\Local\Discord\app-0.0.283\Discord.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{0C657E99-B9AD-4688-98FB-49992F79666A}E:\program files (x86)\skype\phone\skype.exe] => (Block) E:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{B564498D-6A9C-4175-B95A-836985D45DD7}E:\program files (x86)\skype\phone\skype.exe] => (Block) E:\program files (x86)\skype\phone\skype.exe FirewallRules: [{4CAD9822-DC96-4461-82F0-748D9298A788}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{AD6109AA-CB87-45B8-9280-FD809641D6B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{49943757-7B62-44D9-9DDC-AB313B4D96F7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{ED830692-43F8-4625-8846-C18577DDB23A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{32BD6230-0B8A-4785-B325-B9EC869031FF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{A65F17CD-F7E4-438E-83C2-C0C579E3306A}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [UDP Query User{88E9E946-A3CE-4138-BE81-E22D86F292F2}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [TCP Query User{923B6A16-9033-4B62-A4D7-E6ECBBC67868}C:\users\hong meiling\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\hong meiling\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{463F8FC8-51F3-4FED-9D0F-1A646B6A0A59}C:\users\hong meiling\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\hong meiling\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{DFCF77A0-ED35-45EC-B95A-4046FF5A7C7E}C:\users\hong meiling\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\hong meiling\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{C52D89BB-A231-475D-9884-43FEF0652C03}C:\users\hong meiling\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\hong meiling\appdata\local\akamai\netsession_win.exe FirewallRules: [{9623E80D-9FC1-4CFE-B219-A1079BEB4602}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E1E57DBD-6E86-4F6E-92E6-24BAEA8C8665}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{7120473C-3CA0-4AA3-BF67-DAE1AD2215CB}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{69565002-576B-4129-8224-ECAB43968716}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{C3AF218F-C928-4248-955D-9D7AFD0F98E4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{3080036E-2EEC-4D83-9F38-233AB3C86755}] => (Allow) LPort=2869 FirewallRules: [{D442926D-851D-4243-9CB7-6F91469D9E14}] => (Allow) LPort=1900 FirewallRules: [{9A49A4C2-58A0-4959-868B-A6AAEB3A802F}] => (Allow) LPort=11100 FirewallRules: [{8EE00505-443C-4145-8E91-BDACF2BDAD83}] => (Allow) LPort=11100 FirewallRules: [{0E28DCA3-EDB2-40E7-9AC7-7453924F3286}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{A6FA73B1-5348-43CF-ADC1-C122489D12F5}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{CF28ADA7-0F8E-4700-AE19-9962974CFF91}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe FirewallRules: [{0A0E29E6-AB5C-4BAA-8E94-9CD10B6EDF28}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe FirewallRules: [{241268E0-7892-42A4-8C8B-9A7A95A77AD0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{3BA9C3FB-7BA5-422B-BD3B-CA5C4508D3BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FE7D457C-5E6F-473A-A010-63F18ADBBF64}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{C1D1E9E8-972F-4939-84A9-DC6027F98DED}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{6BEB5A3B-E639-4A20-B0B3-FEF4473D0959}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe FirewallRules: [{FF08E5B8-A9C0-4F4F-9EF6-9F1355CCEE11}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe FirewallRules: [{64644230-D4CC-4859-966B-3347541CDFEC}] => (Allow) LPort=3306 FirewallRules: [{ED6C52A0-C0A3-4DD0-B7DE-FBA92DAD78EB}] => (Allow) LPort=8484 FirewallRules: [TCP Query User{60FF9450-A5D5-4145-A844-E330A4E3F4BD}C:\nexon\maplestory\maplestory.exe] => (Allow) C:\nexon\maplestory\maplestory.exe FirewallRules: [UDP Query User{5D114F0B-2109-4227-BABD-3ABA16383672}C:\nexon\maplestory\maplestory.exe] => (Allow) C:\nexon\maplestory\maplestory.exe FirewallRules: [TCP Query User{D67D1B15-A996-4A21-8D6A-038671B47867}C:\mapleellinia\maplestory\maplestory.exe] => (Allow) C:\mapleellinia\maplestory\maplestory.exe FirewallRules: [UDP Query User{EB466FDA-7EEE-4EA8-BD73-5B1D93F5C798}C:\mapleellinia\maplestory\maplestory.exe] => (Allow) C:\mapleellinia\maplestory\maplestory.exe FirewallRules: [{89E5C621-A514-4B27-BF91-ECBA716A10D4}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe FirewallRules: [{61806A71-4F94-46F1-AC7D-0F635A6842B1}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe FirewallRules: [TCP Query User{099A6622-7D8F-48DA-8F6F-1F010A270707}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [UDP Query User{FDEFF024-5609-4610-91B2-E5DE6DE9FF58}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [{C9222230-4D6D-4C6B-A76A-438C22381C44}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [{57A3A334-D29B-4742-8888-CCEE11D78364}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [{BB51EFD3-28AA-4E2F-9ADE-98C6A6ABA6B3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{480F4A06-64CC-4ADE-8B58-C4BA78E0BC1C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{E603C642-918F-4347-AC91-58A6C50BD0AC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{1FADE88A-7B65-496F-9F4B-75DFC3930731}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{C8B672CA-6D09-4A97-A72B-65DE3342FC38}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5FA0AE58-5E01-43DA-888A-830D97216A3B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{1FCA8EA9-989D-4C30-9875-9667932B5334}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{95532DBC-0871-4576-975C-DE774D48E6FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LISA\JOYFUL\Game.exe FirewallRules: [{E8C62B09-F51D-4110-BDBE-71CB85685D07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LISA\JOYFUL\Game.exe FirewallRules: [TCP Query User{20FA29E3-184E-4BAC-B056-1488AAF3AB49}C:\users\hong meiling\desktop\new folder\fightcade\fightcade.exe] => (Allow) C:\users\hong meiling\desktop\new folder\fightcade\fightcade.exe FirewallRules: [UDP Query User{369C62ED-47C4-424B-9A97-FF01C14B1340}C:\users\hong meiling\desktop\new folder\fightcade\fightcade.exe] => (Allow) C:\users\hong meiling\desktop\new folder\fightcade\fightcade.exe FirewallRules: [{FA8B0629-EA68-4AFB-981B-0F33E81B878B}] => (Block) C:\users\hong meiling\desktop\new folder\fightcade\fightcade.exe FirewallRules: [{832CE0C4-9CB3-4BC6-8ADD-87BBA03D8FAA}] => (Block) C:\users\hong meiling\desktop\new folder\fightcade\fightcade.exe FirewallRules: [TCP Query User{9736DA1D-8A97-466F-B3A6-B74DD55A87B5}C:\users\hong meiling\desktop\new folder\fightcade\ggpofba.exe] => (Allow) C:\users\hong meiling\desktop\new folder\fightcade\ggpofba.exe FirewallRules: [UDP Query User{FE164C79-7561-4134-B407-1125111092AC}C:\users\hong meiling\desktop\new folder\fightcade\ggpofba.exe] => (Allow) C:\users\hong meiling\desktop\new folder\fightcade\ggpofba.exe FirewallRules: [{2DEF719E-9939-4C1A-A124-1E612BAAB244}] => (Block) C:\users\hong meiling\desktop\new folder\fightcade\ggpofba.exe FirewallRules: [{3ECDC8B9-D70D-4D6B-9479-3C05E3FEBCFD}] => (Block) C:\users\hong meiling\desktop\new folder\fightcade\ggpofba.exe FirewallRules: [TCP Query User{9CB7A672-6C9B-4AEE-99BA-7F654EF09612}C:\users\hong meiling\desktop\new folder\fightcade\ggpofba-ng.exe] => (Allow) C:\users\hong meiling\desktop\new folder\fightcade\ggpofba-ng.exe FirewallRules: [UDP Query User{BAA74C7B-28DB-4A44-99AD-049F674CB728}C:\users\hong meiling\desktop\new folder\fightcade\ggpofba-ng.exe] => (Allow) C:\users\hong meiling\desktop\new folder\fightcade\ggpofba-ng.exe FirewallRules: [{39798652-FCC9-44F5-8337-23C315A91210}] => (Block) C:\users\hong meiling\desktop\new folder\fightcade\ggpofba-ng.exe FirewallRules: [{694F8FCB-A04E-492A-881C-FA5BBDBD9C51}] => (Block) C:\users\hong meiling\desktop\new folder\fightcade\ggpofba-ng.exe FirewallRules: [TCP Query User{052E3891-0C3B-4BB0-A6A2-2BB6B7BB6254}C:\users\hong meiling\desktop\new folder\streetfightervbeta_1.04_madsheep\streetfightervbeta\fakeserver\core\apache2\bin\httpd_z.exe] => (Block) C:\users\hong meiling\desktop\new folder\streetfightervbeta_1.04_madsheep\streetfightervbeta\fakeserver\core\apache2\bin\httpd_z.exe FirewallRules: [UDP Query User{D41B0873-EDA7-4853-B320-F9B989284DE7}C:\users\hong meiling\desktop\new folder\streetfightervbeta_1.04_madsheep\streetfightervbeta\fakeserver\core\apache2\bin\httpd_z.exe] => (Block) C:\users\hong meiling\desktop\new folder\streetfightervbeta_1.04_madsheep\streetfightervbeta\fakeserver\core\apache2\bin\httpd_z.exe FirewallRules: [TCP Query User{6DAA7E17-154B-4FEF-AC84-E1D23DD231B9}D:\streetfightervbeta_1.04_madsheep\streetfightervbeta\fakeserver\core\apache2\bin\httpd_z.exe] => (Allow) D:\streetfightervbeta_1.04_madsheep\streetfightervbeta\fakeserver\core\apache2\bin\httpd_z.exe FirewallRules: [UDP Query User{9BA85E4B-030B-41E2-ADEA-7E03586FEECD}D:\streetfightervbeta_1.04_madsheep\streetfightervbeta\fakeserver\core\apache2\bin\httpd_z.exe] => (Allow) D:\streetfightervbeta_1.04_madsheep\streetfightervbeta\fakeserver\core\apache2\bin\httpd_z.exe FirewallRules: [{4461DE4A-87C3-4103-A0E3-698B7AF8AAC4}] => (Block) D:\streetfightervbeta_1.04_madsheep\streetfightervbeta\fakeserver\core\apache2\bin\httpd_z.exe FirewallRules: [{C83FE20A-8591-4E7A-97D7-EEFC81593DA2}] => (Block) D:\streetfightervbeta_1.04_madsheep\streetfightervbeta\fakeserver\core\apache2\bin\httpd_z.exe FirewallRules: [{6681C692-9F7A-4D33-A64D-EF6484A9BEAF}] => (Allow) C:\Nexon\Library\vindictus\appdata\en-US\NMService.exe FirewallRules: [{D2C1A458-9F12-4948-9F07-4C298064EB56}] => (Allow) C:\Nexon\Library\vindictus\appdata\en-US\NMService.exe FirewallRules: [TCP Query User{17F742C5-50B0-4420-B390-B0CAE64E5DE6}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe FirewallRules: [UDP Query User{B21277E5-6A83-404D-B8CD-B940310E3310}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe FirewallRules: [{30024A46-424C-41E7-AD4A-4DC430CF566C}] => (Allow) C:\Users\Hong Meiling\Downloads\bin\BlackDesert32.exe FirewallRules: [{83930970-9130-472E-B174-FF0AEC436D35}] => (Allow) C:\Users\Hong Meiling\Downloads\bin64\BlackDesert64.exe FirewallRules: [{D13E0E37-1F2F-4EB6-93D4-10C4F3127A20}] => (Allow) C:\Users\Hong Meiling\Downloads\BlackDesert_Launcher.exe FirewallRules: [{25570793-B8D9-4971-BD95-BDEBACAC6D4F}] => (Allow) C:\Users\Hong Meiling\Downloads\BlackDesert_Downloader.exe FirewallRules: [{B8E7D8E2-87C9-4545-8625-FD9B2BE06F6D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{BC5D01C8-EB8E-4B52-98FC-32E6429CFB2B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{66C06A53-A923-4F50-9E95-4E0A58DB48EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win32\launcher\launcher.exe FirewallRules: [{A528A167-6282-40F7-858D-6DE776F7F0B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win32\launcher\launcher.exe FirewallRules: [TCP Query User{9095692B-05B3-4864-AB65-FA93F0540FEF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{DC71112B-3C31-4CAB-81BC-DF9F34B88165}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{513A738D-C6EC-484E-BAAA-6ABCE9567BB3}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{BD1E88DB-FB2F-494F-96AA-70B5A34732AD}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{9E893ADD-AF18-4F0E-98B4-FA56DEAC3CCC}] => (Allow) C:\Users\Hong Meiling\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{04437272-E101-4803-A1AC-35ED70FC5ADD}] => (Allow) C:\Users\Hong Meiling\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{273CF443-50E8-4C66-B06C-0FADB7FCCF50}] => (Allow) C:\Users\Hong Meiling\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{592EEF05-7FE9-4656-BC8D-4340473B3D8A}] => (Allow) C:\Users\Hong Meiling\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{18024E15-BCAB-49DD-BC75-18BC6D69BD95}] => (Allow) C:\Users\Hong Meiling\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4B7FC2A7-5539-4638-A548-D9CE235747BD}] => (Allow) C:\Users\Hong Meiling\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E339348E-D2DC-468F-AEB1-919599C57203}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{DC8144AC-3915-4594-B115-6AE9B3079778}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [TCP Query User{7E01A0F2-49A8-4B5B-9B99-120A340C9BD6}C:\users\hong meiling\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hong meiling\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{63419334-0477-491D-906F-4EED78063629}C:\users\hong meiling\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hong meiling\appdata\roaming\spotify\spotify.exe FirewallRules: [{7A44A36C-2A96-4A97-ADB0-0BB93E468B5B}] => (Block) C:\users\hong meiling\appdata\roaming\spotify\spotify.exe FirewallRules: [{10012044-06FF-4092-845D-B55FAB9EDB5C}] => (Block) C:\users\hong meiling\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{D4EC1251-800A-47B9-B43F-8FD80E505D63}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{402F9316-16BD-4EF5-B27D-837C3D8D8E30}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{5EA10196-F20F-466E-B99B-5C9D85CF1847}] => (Block) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{CB159608-FDBE-46EE-9A59-1146253B1B5F}] => (Block) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [TCP Query User{0B45E41E-7DDA-4ACF-AA7E-D9E9E8019344}C:\program files (x86)\steam\steamapps\common\secretsofgrindea\secrets of grindea.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\secretsofgrindea\secrets of grindea.exe FirewallRules: [UDP Query User{796BD256-6677-4E30-8B5F-EAF7C231A345}C:\program files (x86)\steam\steamapps\common\secretsofgrindea\secrets of grindea.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\secretsofgrindea\secrets of grindea.exe FirewallRules: [{525DC061-F670-43D9-BC3C-2D8BED4C30AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 2\The Jackbox Party Pack 2.exe FirewallRules: [{9DA0794D-98BE-46A9-AFD6-B69EB0B4840E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 2\The Jackbox Party Pack 2.exe FirewallRules: [TCP Query User{F0338D95-8481-43D3-9508-054E7BFE4113}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe FirewallRules: [UDP Query User{7FF8DCFF-72E4-4541-85F6-A0E22628C414}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe FirewallRules: [TCP Query User{EB9004F2-781B-457D-824F-D44BAC1467C1}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe FirewallRules: [UDP Query User{FB39044C-1433-4BD0-90E8-A6C573FBE586}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe FirewallRules: [{A1B775CB-E696-4763-B30C-7683FAFA1FBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{396B7699-7BDC-43BE-AB64-80D5AE29298F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [TCP Query User{080512DE-8C1B-4408-B8E7-38BB050C7F31}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1\bf1.exe FirewallRules: [UDP Query User{10888E1E-41DA-4E94-B9C9-B6823D84F254}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1\bf1.exe FirewallRules: [TCP Query User{7C67586E-C8BF-421E-AE4A-61A542EB018D}C:\users\hong meiling\desktop\gba\vbalink.exe] => (Allow) C:\users\hong meiling\desktop\gba\vbalink.exe FirewallRules: [UDP Query User{B6EFA509-9AC7-4D3D-B553-9F51D2241F4B}C:\users\hong meiling\desktop\gba\vbalink.exe] => (Allow) C:\users\hong meiling\desktop\gba\vbalink.exe FirewallRules: [TCP Query User{02C0755F-2BA3-4C91-BC8F-30C24704CA88}C:\users\hong meiling\desktop\visualboyadvance-m-wx.exe] => (Allow) C:\users\hong meiling\desktop\visualboyadvance-m-wx.exe FirewallRules: [UDP Query User{2BC1ECE7-22C4-45DB-AF79-ABE95B02EE84}C:\users\hong meiling\desktop\visualboyadvance-m-wx.exe] => (Allow) C:\users\hong meiling\desktop\visualboyadvance-m-wx.exe FirewallRules: [TCP Query User{EB0ABF2E-5DF8-4F92-8908-A2E27FA128CA}C:\users\hong meiling\desktop\test\visualboyadvance-m-wx.exe] => (Allow) C:\users\hong meiling\desktop\test\visualboyadvance-m-wx.exe FirewallRules: [UDP Query User{90CE7857-202F-4B84-A277-9A1783DD2823}C:\users\hong meiling\desktop\test\visualboyadvance-m-wx.exe] => (Allow) C:\users\hong meiling\desktop\test\visualboyadvance-m-wx.exe FirewallRules: [{3D07453A-E328-4EB3-848F-0C876E0D23B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LISA\JOYFUL\Game.exe FirewallRules: [{4EE91DD6-870C-44C7-BEF4-47A7BEFB01C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LISA\JOYFUL\Game.exe FirewallRules: [{0E2DB7EC-5636-4030-8D82-979C14BE0C68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\HammerEditor.exe FirewallRules: [{571BBD41-8644-46D3-8D9F-3415F7C745E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\HammerEditor.exe FirewallRules: [{52F94B8C-C714-43C2-B17A-6489100869DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe FirewallRules: [{4229DBA2-0556-481A-8D55-394D3D1F7349}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe FirewallRules: [TCP Query User{12AD8CEB-6FD3-4706-9457-A5471713E429}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe FirewallRules: [UDP Query User{06637C2A-8AC0-4765-B3CB-FDE48C465E16}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe FirewallRules: [{9F73D474-56A9-499E-8AA5-BA30B0A209B9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{EEF02C12-9ADE-4AE7-BD23-1DFFDB5939BC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{8EF04D74-E8F7-49DB-A284-E0FDA641CE31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe FirewallRules: [{8DE3ADBC-0CEB-437A-A144-566BA9BB9FDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe FirewallRules: [{45E1CEA8-2B2C-4D46-BA95-CB2735A4BFED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack\TJPP.exe FirewallRules: [{AC406820-F251-44FF-95C7-1ADACD236BFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack\TJPP.exe FirewallRules: [{96CAAA81-E5B2-4EFE-8C55-9C7C8289BACD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lost Castle\Lost_Castle.exe FirewallRules: [{7B8A432F-FC6C-44F1-923C-EC8F40479B0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lost Castle\Lost_Castle.exe FirewallRules: [{D4B26A6C-8043-4103-A058-4F33E0011323}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe FirewallRules: [{5D8A3520-AF0A-48B7-868F-0CECC16DB1EB}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe FirewallRules: [{222672EE-5D3E-49C1-A02E-D28316FEA1D0}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe FirewallRules: [{02E1195C-DB6D-4E95-B66D-52F0603F129B}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe FirewallRules: [TCP Query User{BAC86AB8-03BF-46B2-B0A8-A112542C88FE}C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe FirewallRules: [UDP Query User{DA4C31CA-8873-4EAB-BD8C-F02BC01FFB3A}C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe FirewallRules: [{168D07D0-D3A1-470A-BBA9-CE7D1DA6DA07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Learn Japanese To Survive! Katakana War\nw.exe FirewallRules: [{A6F8FFB2-F65F-4E99-9FA2-A38C848ACB6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Learn Japanese To Survive! Katakana War\nw.exe FirewallRules: [{65AC2640-DE72-47C9-996A-54C6ACC6D1BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{5FAEC729-3E4A-49D9-9FF3-35E75CABE981}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{96A190FC-7723-41F7-B802-0AE962FBB9F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{7120A8A2-EE62-4735-8E14-144923ABCD78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{05D1911F-6815-4D28-8E18-61CB00252BCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D1BBF221-30C5-43EE-81B1-6A628948D6AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoGoNippon\GoGoNippon\BGI.exe FirewallRules: [{32AC95D1-407C-47D7-BEAE-63D8F53F178D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoGoNippon\GoGoNippon\BGI.exe FirewallRules: [{5B465344-3BFD-4290-8185-B197E0A9AB90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoGoNippon\GoGoNippon2015\ggn2015.exe FirewallRules: [{26F4C375-89A2-41FB-A809-D04DD32DCBA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoGoNippon\GoGoNippon2015\ggn2015.exe FirewallRules: [{0BF3DFA8-0478-4B9C-AEF8-45E1C20CD8E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{2C6C800A-B082-4228-A6C5-EDDA778AA96D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe FirewallRules: [{0EDD69FA-4B60-47FF-8DDA-71799FAF3FE1}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{0A6B871D-DB03-4746-83AB-A87DF2F57D45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{A6F45107-AA1A-4795-860A-40B61B7F5316}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{5C59A533-79EB-4992-8BDE-FD80C2C6000A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_dedicated_server_nullrenderer.exe FirewallRules: [{18F9600D-95BB-45B7-A376-156C41FA1509}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_dedicated_server_nullrenderer.exe FirewallRules: [{86CFF148-8573-45DE-B847-8C28A0EF19EC}] => (Allow) LPort=1070 FirewallRules: [{A8F69F03-D3BA-4F70-8C47-7019DBBFD11C}] => (Allow) LPort=5000 FirewallRules: [{90123473-F418-4EFC-9282-71B42E76FD10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe FirewallRules: [{E1F9FD4D-DA61-44D1-81FF-93F7E4A06A99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe FirewallRules: [{96025849-9D04-4A3B-BCF6-FEC1815C277D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{3621DE14-4963-4675-BE94-150EA2ED834B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{2E8362C5-E022-4892-9A59-41435E9E6440}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{094D5009-9ACD-4871-BBB6-43431307AE46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{0C3BEEE0-19BB-40D8-9805-528A66C6578E}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe FirewallRules: [{0E4C904F-3F10-40DB-9C7D-D2B02B23A976}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe FirewallRules: [{FC73B077-5534-4E5B-B430-623B76676D47}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe FirewallRules: [{26DD17D0-28EC-486E-8705-FC7F88D3DE04}] => (Allow) LPort=1073 FirewallRules: [{D2B56824-6B6E-4B45-BF40-A27D06740DD5}] => (Allow) LPort=5000 ==================== Restore Points ========================= 28-05-2017 19:58:30 Installed DirectX ==================== Faulty Device Manager Devices ============= Name: VMware Virtual Ethernet Adapter for VMnet8 Description: VMware Virtual Ethernet Adapter for VMnet8 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: VMware, Inc. Service: VMnetAdapter Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Malwarebytes Anti-Exploit Description: Malwarebytes Anti-Exploit Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ESProtectionDriver Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: TP-LINK 450Mbps Wireless N Adapter Description: TP-LINK 450Mbps Wireless N Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TP-LINK Service: athr Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30) Description: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Qualcomm Atheros Service: Ke2200 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/06/2017 06:12:46 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/05/2017 10:38:16 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/05/2017 10:12:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/02/2017 05:45:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/02/2017 06:58:50 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/01/2017 05:35:10 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/31/2017 09:49:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/31/2017 05:42:55 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/31/2017 07:07:52 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/30/2017 05:51:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (06/06/2017 06:12:45 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: ESProtectionDriver VBoxNetAdp Error: (06/05/2017 10:46:17 PM) (Source: atapi) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Ide\IdePort0. Error: (06/05/2017 10:38:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: VBoxNetAdp Error: (06/05/2017 10:12:57 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2. Error: (06/05/2017 10:12:56 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2. Error: (06/05/2017 10:12:56 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2. Error: (06/05/2017 10:12:56 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2. Error: (06/05/2017 10:12:56 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2. Error: (06/05/2017 10:12:56 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2. Error: (06/05/2017 10:12:56 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2. CodeIntegrity: =================================== Date: 2015-06-07 04:15:22.987 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-06-07 04:15:22.894 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-06-07 04:15:22.801 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-06-07 03:56:30.739 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-06-07 03:56:30.647 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-06-07 03:56:30.554 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-06-07 03:56:30.448 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-06-07 03:56:30.356 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-06-07 03:56:30.263 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-24 08:33:27.968 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz Percentage of memory in use: 40% Total physical RAM: 8136.64 MB Available physical RAM: 4806.54 MB Total Virtual: 16271.46 MB Available Virtual: 12690.31 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:215.54 GB) NTFS Drive f: (GSP1RMCHPXFREO_EN_DVD) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF Drive g: (NEW VOLUME) (Removable) (Total:14.89 GB) (Free:14.89 GB) FAT32 Drive y: (Data) (Fixed) (Total:0.1 GB) (Free:0 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 00EF9215) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================