Blog

Computer running slower than usual

12 0 15 May 2019

First of all, I think this is all because of the game cheat I downloaded, I literally had no anti virus installed when I ran it and when I realized it, it was too late.
I couldn’t find any signs of the virus via Task manager and just to be sure, I wanted your guys’ help on this matter.

I kept on getting low on memory pop up even though I used to run the same programs like I used to but now I can barely run chrome, I feel like my computer is infected with virus.
My malwarebytes isn’t even working because I always run out of memory.

+I would also want you guys to suggest me a good anti virus right now, I have Malwarebytes (Free) right now.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05.2019

Ran by mariss (administrator) on MELVIN-PC (Gigabyte Technology Co., Ltd. G31M-ES2C) (15-05-2019 19:47:22)

Running from C:UsersmarissDownloadsPrograms

Loaded Profiles: mariss (Available Profiles: mariss)

Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 8 (Default browser: Chrome)

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(ASUSTeK Computer Inc. -> TODO: <Company name>) [File not signed] C:Program Files (x86)ASUSGPU TweakIIGPUTweakII.exe

(Garena Online Pte Ltd -> Garena Online ) C:Program Files (x86)GarenaGarena2.0.1902.0110gxxsvc.exe

(Google LLC -> Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Malwarebytes Corporation -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32taskmgr.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNvTelemetryNvTelemetryContainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe

(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejucheck.exe

(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe

(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:Program FilesSoftEther VPN Clientvpnclient_x64.exe

(TeamViewer GmbH -> TeamViewer GmbH) C:Program Files (x86)TeamViewerTeamViewer_Service.exe

(Tencent Technology(Shenzhen) Company Limited -> Tencent) D:program filestxgameassistantappmarketQMEmulatorService.exe

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [AdobeAAMUpdater-1.0] => C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)

HKUS-1-5-21-858333344-3013912580-3231274367-1000…Run: [Steam] => C:Program Files (x86)Steamsteam.exe [3152160 2019-04-30] (Valve -> Valve Corporation)

HKUS-1-5-21-858333344-3013912580-3231274367-1000…Run: [vibranceGUI] => C:UsersmarissDownloadsvibranceGUIvibranceGUI.exe [797184 2017-06-09] (juvlarN) [File not signed]

HKUS-1-5-21-858333344-3013912580-3231274367-1000…Run: [IDMan] => C:Program Files (x86)Internet Download ManagerIDMan.exe [4064368 2019-05-06] (Tonec Inc. -> Tonec Inc.)

HKUS-1-5-21-858333344-3013912580-3231274367-1000…Run: [uTorrent] => C:UsersmarissAppDataRoaminguTorrentuTorrent.exe [1998008 2019-03-20] (BitTorrent Inc -> BitTorrent Inc.)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication74.0.3729.157Installerchrmstp.exe [2019-05-15] (Google LLC -> Google Inc.)

HKLMSoftwareWow6432NodeMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> “C:Program Files (x86)GoogleChromeApplication29.0.1547.66Installerchrmstp.exe” –configure-user-settings –verbose-logging –system-level –multi-install –chrome

Startup: C:UsersmarissAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupryuwcybv.exe [2019-05-15] () [File not signed]

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {148828A2-26A3-4D64-9D1E-D8DBEE6E937B} – System32TasksHardDiskSentinelHard Disk Sentinel_mariss => C:Program Files (x86)Hard Disk SentinelHDSentinel.exe

Task: {1974465C-5554-4E06-B538-4845A48BB6AF} – System32TasksAdobe Flash Player PPAPI Notifier => C:WindowsSysWOW64MacromedFlashFlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-15] (Adobe Inc. -> Adobe)

Task: {31BA5462-D267-4B40-978E-CED56349BF47} – System32Tasks{20B2097F-94BE-4A49-839B-48729C1F9B84} => C:Windowssystem32pcalua.exe -a C:UsersmarissDownloadsdotnetfx30SP1setup.exe -d C:UsersmarissDownloads

Task: {3F81C116-0AA7-4312-951F-036F6B35EEE5} – System32TasksAdobe Flash Player Updater => C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [335416 2019-05-15] (Adobe Inc. -> Adobe)

Task: {44ABF913-E9EB-41E7-999F-0419798F5E85} – System32TasksNvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmMon.exe [521152 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {5C86D4B3-93D6-4F85-830C-614B0D8CF9D2} – System32TasksNvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [745920 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {66FDA502-485E-4EFF-B60D-7CD857E4045D} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [1864640 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {7F7779E3-BE84-4DFA-9CF3-F4353796B54A} – System32TasksAvast SoftwareOverseer => C:Program FilesCommon FilesAVAST SoftwareOverseeroverseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)

Task: {8245428B-EB0C-44D6-9720-2EA3169ABF9D} – System32TasksNvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [745920 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {8F59E994-D292-4BEA-8FB9-58BF3672886C} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [144200 2015-11-17] (Google Inc -> Google Inc.)

Task: {A34A6901-D648-4C8A-8ACD-736D77D6B130} – System32TasksASUSASUS Product Register Service => C:Program Files (x86)ASUSAPRPaprp.exe [1551136 2016-01-14] (ASUSTeK Computer Inc. -> ) [File not signed]

Task: {A3604131-0549-4011-A26B-71D22AF42674} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [657856 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {A91CEBD7-A293-4029-98AD-60C551D5A027} – System32TasksGPU Tweak II => C:Program Files (x86)ASUSGPU TweakIIGPUTweakII.exe [12330792 2018-01-10] (ASUSTeK Computer Inc. -> TODO: <Company name>) [File not signed]

Task: {A9551920-3A2B-4C7E-91C8-576F7B6E4130} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {BB8C0119-F470-41C1-8903-96BDAD7F8A75} – System32TasksHPCustParticipation HP DeskJet 2130 series => C:Program FilesHPHP DeskJet 2130 seriesBinHPCustPartic.exe [6016008 2015-04-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)

Task: {E0905572-96B8-4176-A16A-9DAD2DD06107} – System32Tasksgxx speed launcher => C:Program Files (x86)GarenaGarenaGarena.exe [457600 2019-02-01] (Garena Online Pte Ltd -> Garena Online )

Task: {E152327D-E4BA-47F3-B3DB-E53C8D35E1E8} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [964544 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {E340EB9D-EA74-41A4-A3EA-818B40D87BC4} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [657856 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {EA3A92B6-03EB-44F6-841F-267762F97CA5} – System32TasksHPCustPartic.exe_{34092B56-4D6F-40C4-96CC-74679CD02423} => C:Program FilesHPHP DeskJet 2130 seriesBinHPCustPartic.exe [6016008 2015-04-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)

Task: {F1BDD180-2C27-465A-8880-878A8708AD02} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [144200 2015-11-17] (Google Inc -> Google Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:WindowsTasksgxx speed launcher.job => C:Program Files (x86)GarenaGarenaGarena.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Hosts: 127.0.0.1 platform.wondershare.com

TcpipParameters: [DhcpNameServer] 192.168.1.1

Tcpip..Interfaces{CF184DAE-2B8D-4535-9794-15044D989846}: [NameServer] 8.8.8.8,1.1.1.1

Tcpip..Interfaces{EE8D04E6-3A33-45D0-8F42-D6A7FA1983D0}: [DhcpNameServer] 192.168.1.1

HKLMSystem…ParametersPersistentRoutes: [0.0.0.0,0.0.0.0,192.168.1.1,-1]

 

Internet Explorer:

==================

HKUS-1-5-21-858333344-3013912580-3231274367-1000SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__180823

HKUS-1-5-21-858333344-3013912580-3231274367-1000SoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache = hxxp://www.msn.com/en-ph/?ocid=iehp

SearchScopes: HKUS-1-5-21-858333344-3013912580-3231274367-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10440__180823&q={searchTerms}

BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:Program Files (x86)Internet Download ManagerIDMIECC64.dll [2019-05-05] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [2010-01-22] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program FilesJavajre1.8.0_201binssv.dll [2019-03-31] (Oracle America, Inc. -> Oracle Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program FilesJavajre1.8.0_201binjp2ssv.dll [2019-03-31] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:Program Files (x86)Internet Download ManagerIDMIECC.dll [2019-05-05] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL [2010-01-22] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:Program Files (x86)Microsoft OfficeOffice14URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)

Filter: deflate – {8f6b0360-b80d-11d0-a9b3-006097942311} – C:Windowssystem32urlmon.dll [2015-12-11] (Microsoft Windows -> Microsoft Corporation)

Filter-x32: deflate – {8f6b0360-b80d-11d0-a9b3-006097942311} – C:WindowsSysWOW64urlmon.dll [2015-12-11] (Microsoft Windows -> Microsoft Corporation)

Filter: gzip – {8f6b0360-b80d-11d0-a9b3-006097942311} – C:Windowssystem32urlmon.dll [2015-12-11] (Microsoft Windows -> Microsoft Corporation)

Filter-x32: gzip – {8f6b0360-b80d-11d0-a9b3-006097942311} – C:WindowsSysWOW64urlmon.dll [2015-12-11] (Microsoft Windows -> Microsoft Corporation)

 

FireFox:

========

FF DefaultProfile: 5kv0k9b2.default

FF ProfilePath: C:UsersmarissAppDataRoamingMozillaFirefoxProfiles5kv0k9b2.default [2018-11-22]

FF Homepage: MozillaFirefoxProfiles5kv0k9b2.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__180823

FF NewTab: MozillaFirefoxProfiles5kv0k9b2.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__180823

FF Extension: (Yandex.Market Adviser) – C:UsersmarissAppDataRoamingMozillaFirefoxProfiles5kv0k9b2.defaultExtensionssovetnik-yandex@yandex.ru.xpi [2018-09-12] [UpdateUrl:hxxps://static.sovetnik.yandex.net/sovetnik/extension/firefox-webextension-yandex-update.json]

FF Extension: (Avast SafePrice) – C:UsersmarissAppDataRoamingMozillaFirefoxProfiles5kv0k9b2.defaultExtensionssp@avast.com.xpi [2018-11-25] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]

FF Extension: (Avast Online Security) – C:UsersmarissAppDataRoamingMozillaFirefoxProfiles5kv0k9b2.defaultExtensionswrc@avast.com.xpi [2018-11-25]

FF Extension: (Google Code Correction) – C:UsersmarissAppDataRoamingMozillaFirefoxProfiles5kv0k9b2.defaultfeatures{48715c05-9202-4ce2-9996-aa49cb586332}google-code-correction@mozilla.org.xpi [2018-09-12] [Legacy]

FF SearchPlugin: C:UsersmarissAppDataRoamingMozillaFirefoxProfiles5kv0k9b2.defaultsearchpluginssecuresearch.xml [2018-08-23]

FF Extension: (Советник Яндекс.Маркета) – C:Program Files (x86)Mozilla Firefoxdistributionextensionssovetnik-yandex@yandex.ru.xpi [2017-06-06] [UpdateUrl:hxxps://static.sovetnik.yandex.net/sovetnik/extension/firefox-webextension-yandex-update.json]

FF Extension: (Visual Bookmarks) – C:Program Files (x86)Mozilla Firefoxdistributionextensionsvb@yandex.ru.xpi [2017-06-06] [Legacy]

FF HKUS-1-5-21-858333344-3013912580-3231274367-1000…FirefoxExtensions: [mozilla_cc3@internetdownloadmanager.com] – C:Program Files (x86)Internet Download Manageridmmzcc3.xpi

FF Extension: (IDM Integration Module) – C:Program Files (x86)Internet Download Manageridmmzcc3.xpi [2019-05-02] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json]

FF HKUS-1-5-21-858333344-3013912580-3231274367-1000…SeaMonkeyExtensions: [mozilla_cc@internetdownloadmanager.com] – C:UsersmarissAppDataRoamingIDMidmmzcc5

FF Extension: (IDM CC) – C:UsersmarissAppDataRoamingIDMidmmzcc5 [2019-05-11] [Legacy] [not signed]

FF HKUS-1-5-21-858333344-3013912580-3231274367-1000…SeaMonkeyExtensions: [mozilla_cc2@internetdownloadmanager.com] – C:Program Files (x86)Internet Download Manageridmmzcc2.xpi

FF Extension: (IDM integration) – C:Program Files (x86)Internet Download Manageridmmzcc2.xpi [2017-12-20] [Legacy]

FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:Program FilesJavajre1.8.0_201bindtpluginnpDeployJava1.dll [2019-03-31] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:Program FilesJavajre1.8.0_201binplugin2npjp2.dll [2019-03-31] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~1MICROS~2Office14NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:Program FilesVideoLANVLCnpvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~2MICROS~1Office14NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:PROGRA~2MICROS~1Office14NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dv.dll [2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dvstreaming.dll [2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:Program Files (x86)GoogleUpdate1.3.34.11npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:Program Files (x86)GoogleUpdate1.3.34.11npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

 

Chrome: 

=======

CHR DefaultProfile: Default

CHR Profile: C:UsersmarissAppDataLocalGoogleChromeUser DataDefault [2019-05-15]

CHR Extension: (Adblock Plus – free ad blocker) – C:UsersmarissAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb [2019-05-02]

CHR Extension: (Avast Online Security) – C:UsersmarissAppDataLocalGoogleChromeUser DataDefaultExtensionsgomekmidlodglbbmalcneegieacbdmki [2019-04-30]

CHR Extension: (GiveAway.su – Get games for free!) – C:UsersmarissAppDataLocalGoogleChromeUser DataDefaultExtensionsmodkgipgommbdobanfinadelfafeiadk [2019-02-05]

CHR Extension: (Chrome Web Store Payments) – C:UsersmarissAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2018-11-22]

CHR Extension: (Chrome Media Router) – C:UsersmarissAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-05]

CHR HKLM…ChromeExtension: [ngpampappnmepgilojfohadhhmbhlaek] – C:Program Files (x86)Internet Download ManagerIDMGCExt.crx [2019-05-06]

CHR HKLM-x32…ChromeExtension: [eofcbnmajmjmplflapaojjnihcjkigck] – hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32…ChromeExtension: [gomekmidlodglbbmalcneegieacbdmki] – hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32…ChromeExtension: [ngpampappnmepgilojfohadhhmbhlaek] – C:Program Files (x86)Internet Download ManagerIDMGCExt.crx [2019-05-06]

 

==================== Services (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S2 asComSvc; C:Program Files (x86)ASUSAXSP4.00.01atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

S2 bckwfs; C:Program FilesBlue Coat K9 Web Protectionk9filter.exe [2619096 2016-08-19] (Blue Coat Systems, Inc. -> Blue Coat Systems, Inc.)

S3 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [8403672 2019-03-03] (BattlEye Innovations e.K. -> )

S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [780928 2018-12-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

R2 GarenaPlatform; C:Program Files (x86)GarenaGarena2.0.1902.0110gxxsvc.exe [320512 2019-02-01] (Garena Online Pte Ltd -> Garena Online )

R2 MBAMService; C:Program FilesMalwarebytesAnti-Malwarembamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

S3 NvContainerLocalSystem; C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

S3 NvContainerNetworkService; C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

R2 QMEmulatorService; D:Program FilesTxGameAssistantAppMarketQMEmulatorService.exe [298232 2019-05-05] (Tencent Technology(Shenzhen) Company Limited -> Tencent)

R2 SEVPNCLIENT; C:Program FilesSoftEther VPN Clientvpnclient_x64.exe [5250712 2018-08-07] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)

R2 TeamViewer; C:Program Files (x86)TeamViewerTeamViewer_Service.exe [11644144 2018-07-23] (TeamViewer GmbH -> TeamViewer GmbH)

S3 VSStandardCollectorService150; D:Program Files (x86)Microsoft Visual StudioSharedCommonDiagnosticsHub.Collection.ServiceStandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)

S3 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

S2 WindscribeService; C:Program Files (x86)WindscribeWindscribeService.exe [490672 2018-06-28] (Windscribe Limited -> Windscribe Limited)

R2 NVDisplay.ContainerLocalSystem; “C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe” -s NVDisplay.ContainerLocalSystem -f “C:ProgramDataNVIDIANVDisplay.ContainerLocalSystem.log” -l 3 -d “C:Program FilesNVIDIA CorporationDisplay.NvContainerpluginsLocalSystem” -r -p 30000

R2 NvTelemetryContainer; “C:Program Files (x86)NVIDIA CorporationNvTelemetryNvTelemetryContainer.exe” -s NvTelemetryContainer -f “C:ProgramDataNVIDIANvTelemetryContainer.log” -l 3 -d “C:Program Files (x86)NVIDIA CorporationNvTelemetryplugins” -r

 

===================== Drivers (Whitelisted) ======================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 aow_drv; D:Program FilesTxGameAssistantUIaow_drv_x64.sys [857648 2019-04-29] (Tencent Technology(Shenzhen) Company Limited -> Tencent)

R1 AsIO; C:WindowsSysWow64driversAsIO.sys [15232 2017-04-14] (ASUSTeK Computer Inc. -> )

S3 atikmdag; C:WindowsSystem32DRIVERSatikmdag.sys [5020672 2009-07-14] (Microsoft Windows -> ATI Technologies Inc.)

R2 bckd; C:WindowsSystem32driversbckd.sys [125144 2016-08-19] (Blue Coat Systems, Inc. -> Blue Coat Systems, Inc.)

R1 ESProtectionDriver; C:Windowssystem32driversmbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)

R3 IOMap; C:Windowssystem32driversIOMap64.sys [24728 2017-05-02] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

R3 L1C; C:WindowsSystem32DRIVERSL1C62x64.sys [57344 2009-06-11] (Microsoft Windows -> Atheros Communications, Inc.)

R2 MBAMChameleon; C:WindowsSystem32DriversMbamChameleon.sys [199768 2019-05-15] (Malwarebytes Corporation -> Malwarebytes)

R3 MBAMFarflt; C:WindowsSystem32DRIVERSfarflt.sys [127136 2019-05-15] (Malwarebytes Corporation -> Malwarebytes)

R3 MBAMSwissArmy; C:WindowsSystem32Driversmbamswissarmy.sys [275232 2019-05-15] (Malwarebytes Corporation -> Malwarebytes)

R3 MBAMWebProtection; C:WindowsSystem32DRIVERSmwac.sys [107368 2019-05-15] (Malwarebytes Corporation -> Malwarebytes)

S3 Neo_VPN; C:WindowsSystem32DRIVERSNeo_0110.sys [38088 2018-08-07] (SoftEther Corporation -> SoftEther Corporation)

S3 netr28ux; C:WindowsSystem32DRIVERSnetr28ux.sys [2259248 2013-06-29] (Mediatek Inc. -> Ralink Technology Corp.)

S3 NvStreamKms; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamKms.sys [30144 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:WindowsSystem32driversnvvad64v.sys [50624 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

R3 nvvhci; C:WindowsSystem32DRIVERSnvvhci.sys [57792 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

S3 rt2870; C:WindowsSystem32DRIVERSrt2870.sys [3445592 2016-08-13] (MEDIATEK INC. -> MediaTek Inc.)

S3 RTCore64; C:Program Files (x86)MSI AfterburnerRTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )

R3 SEE; C:WindowsSystem32driverssee.sys [49864 2018-08-07] (SoftEther Corporation -> SoftEther Corporation)

R3 Serenum; C:WindowsSystem32DRIVERSnuvserenum.sys [23552 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)

R3 Serial; C:WindowsSystem32DRIVERSnuvserial.sys [86016 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)

S3 tap0901; C:WindowsSystem32DRIVERStap0901.sys [27136 2016-04-21] (The OpenVPN Project) [File not signed]

S3 tapwindscribe0901; C:WindowsSystem32DRIVERStapwindscribe0901.sys [45560 2018-06-19] (Windscribe Limited -> The OpenVPN Project)

S3 VBoxNetAdp; C:WindowsSystem32DRIVERSVBoxNetAdp6.sys [213080 2018-05-09] (Oracle Corporation -> Oracle Corporation)

R1 VBoxNetLwf; C:WindowsSystem32DRIVERSVBoxNetLwf.sys [222864 2018-05-09] (Oracle Corporation -> Oracle Corporation)

S3 GPUZ; ??C:UsersmarissAppDataLocalTempGPUZ.sys [X] <==== ATTENTION

R3 X6va066; ??C:WindowsSysWOW64DriversX6va066 [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2019-05-15 17:25 – 2019-05-15 17:31 – 000107368 _____ (Malwarebytes) C:Windowssystem32Driversmwac.sys

2019-05-15 17:25 – 2019-05-15 17:25 – 000199768 _____ (Malwarebytes) C:Windowssystem32DriversMbamChameleon.sys

2019-05-15 17:25 – 2019-05-15 17:25 – 000127136 _____ (Malwarebytes) C:Windowssystem32Driversfarflt.sys

2019-05-15 17:24 – 2019-05-15 17:24 – 000275232 _____ (Malwarebytes) C:Windowssystem32Driversmbamswissarmy.sys

2019-05-15 17:22 – 2019-05-15 17:22 – 000001875 _____ C:UsersPublicDesktopMalwarebytes.lnk

2019-05-15 17:22 – 2019-05-15 17:22 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes

2019-05-15 17:22 – 2019-05-15 17:22 – 000000000 ____D C:Program FilesMalwarebytes

2019-05-15 17:22 – 2019-01-08 16:32 – 000153328 _____ (Malwarebytes) C:Windowssystem32Driversmbae64.sys

2019-05-15 17:18 – 2019-05-15 17:19 – 063304984 _____ (Malwarebytes ) C:UsersmarissDownloadsmb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10597.exe

2019-05-15 11:48 – 2019-05-15 11:48 – 001700352 _____ (Microsoft Corporation) C:WindowsSysWOW64gdiplus.dll

2019-05-15 10:04 – 2019-05-15 10:04 – 000000595 _____ C:UsersPublicDesktopAlamat Launcher.lnk

2019-05-15 10:04 – 2019-05-15 10:04 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAlamat Classic

2019-05-15 08:42 – 2019-05-15 08:43 – 005625088 _____ (COMODO) C:UsersmarissDownloadscav_installer_10313_10.exe

2019-05-14 18:38 – 2019-05-14 18:39 – 001997929 _____ C:UsersmarissDownloadsDannyHAX SIMPLE.rar

2019-05-14 16:56 – 2019-05-14 16:57 – 013596082 _____ C:UsersmarissDownloadsRB001.REZ

2019-05-14 16:49 – 2019-05-14 16:49 – 000210869 _____ C:ProgramDataOneCoreCommonProxyStub.dll

2019-05-14 16:38 – 2019-05-14 18:40 – 000000000 ____D C:UsersmarissDesktopCF

2019-05-14 16:35 – 2019-05-14 16:37 – 006627061 _____ C:UsersmarissDownloadsJoshPublicSafeForHighRank.rar

2019-05-11 14:39 – 2019-05-11 14:41 – 000000000 ____D C:UsersmarissAppDataRoamingDMCache

2019-05-11 14:33 – 2019-05-11 14:40 – 000000000 ____D C:UsersmarissAppDataRoamingIDM

2019-05-11 14:33 – 2019-05-11 14:34 – 000000000 ____D C:Program Files (x86)Internet Download Manager

2019-05-11 14:33 – 2019-05-11 14:33 – 000001025 _____ C:UsersmarissDesktopInternet Download Manager.lnk

2019-05-11 14:33 – 2019-05-11 14:33 – 000000000 ____D C:UsersmarissAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Download Manager

2019-05-11 14:33 – 2019-05-11 14:33 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsInternet Download Manager

2019-05-11 14:33 – 2019-05-11 14:33 – 000000000 ____D C:ProgramDataIDM

2019-05-11 14:31 – 2019-05-11 14:32 – 007930848 _____ (Tonec Inc.) C:UsersmarissDownloadsidman633build1.exe

2019-05-10 18:01 – 2019-05-10 18:01 – 000000000 ____D C:UsersmarissDocumentsRanOnline

2019-05-10 16:21 – 2019-05-10 16:21 – 000000577 _____ C:UsersPublicDesktopPlay RoyaltyGaming.lnk

2019-05-10 16:21 – 2019-05-10 16:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRoyalty Gaming

2019-05-10 15:52 – 2019-05-10 16:05 – 1164932300 _____ () C:UsersmarissDownloadsRoyalty Gaming Installer.exe

2019-05-10 09:02 – 2019-05-10 09:02 – 000000000 ____D C:CFLog

2019-05-10 08:43 – 2019-05-10 09:01 – 000000000 ____D C:UsersmarissDocumentsCross Fire

2019-05-10 08:10 – 2019-05-10 08:10 – 000000000 ____D C:UsersmarissDesktopXTrap

2019-05-10 07:25 – 2019-05-10 08:07 – 664088764 _____ C:UsersmarissDownloadsCF_Manual_1333 – April 10, 2019.rar

2019-05-10 07:24 – 2019-05-10 07:25 – 007711758 _____ C:UsersmarissDownloadsXTrap March 26 -2019.rar

2019-05-10 07:23 – 2019-05-10 07:24 – 016158812 _____ C:UsersmarissDownloadsCF_Manual_1329 – March 19, 2019.rar

2019-05-10 07:23 – 2019-05-10 07:24 – 015995234 _____ C:UsersmarissDownloadsCF_Manual_1325 – February 18, 2019.rar

2019-05-10 07:21 – 2019-02-08 18:31 – 598772524 _____ C:UsersmarissDesktopCF_Manual_1323 – February 8, 2019.exe

2019-05-09 22:05 – 2019-05-09 22:49 – 588609274 _____ C:UsersmarissDownloadsCF_Manual_1323 – February 8, 2019.rar

2019-05-09 21:59 – 2019-05-09 22:01 – 016740790 _____ (LIVEPLEX, Co., Ltd.) C:UsersmarissDownloadsCF_Manual_1330.exe

2019-05-09 21:55 – 2019-05-09 21:59 – 016691574 _____ (LIVEPLEX, Co., Ltd.) C:UsersmarissDownloadsCF_Manual_1334.exe

2019-05-09 21:54 – 2019-05-09 21:57 – 015843835 _____ (LIVEPLEX, Co., Ltd.) C:UsersmarissDownloadsCF_Manual_1335.exe

2019-05-09 18:46 – 2019-05-09 18:46 – 000000000 ____D C:Program Files (x86)GameClub Launcher

2019-05-09 18:44 – 2019-05-09 18:36 – 000000316 _____ C:UsersmarissDesktopversion.ini

2019-05-09 17:35 – 2019-05-14 19:05 – 000000576 _____ C:UsersPublicDesktopCrossfire PH.lnk

2019-05-09 17:35 – 2019-05-14 19:05 – 000000576 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsCrossfire PH.lnk

2019-05-09 14:14 – 2019-05-09 17:09 – 238079866 _____ C:UsersmarissDownloadsCF_Setup_1315.zip

2019-05-08 17:05 – 2019-05-08 17:05 – 000290304 _____ () C:UsersmarissDownloadsRan Online Auto Heal.exe

2019-05-08 15:44 – 2019-05-08 15:45 – 000000000 ____D C:UsersmarissAppDataRoamingAndroidTbox

2019-05-08 15:17 – 2019-05-08 15:17 – 000000858 _____ C:UsersmarissDesktopTencent Gaming Buddy.lnk

2019-05-08 15:16 – 2019-05-08 15:43 – 000000000 ____D C:ProgramDataTencent

2019-05-08 15:16 – 2019-05-08 15:16 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsTencent Software

2019-05-08 15:15 – 2019-05-11 08:58 – 000000000 ____D C:UsersmarissAppDataRoamingTencent

2019-05-08 15:14 – 2019-05-08 15:14 – 009669368 _____ (Tencent) C:UsersmarissDownloadsGameDownload_PUBG_MOBILE_hwbbcs_100103_1.0.8753.123.exe

2019-05-07 07:35 – 2017-05-02 13:47 – 000024728 _____ (ASUSTeK Computer Inc.) C:Windowssystem32DriversIOMap64.sys

2019-05-06 06:25 – 2018-12-20 15:05 – 000229296 _____ (Tonec Inc.) C:Windowssystem32Driversidmwfp.sys

2019-04-29 14:18 – 2019-04-29 14:18 – 000000000 ____D C:UsersmarissDocumentsThyClassic

2019-04-29 13:42 – 2019-04-29 13:45 – 1217321411 _____ () C:UsersmarissDownloadsEx7 Ran Installer.exe

2019-04-28 16:27 – 2019-05-15 09:48 – 000001261 _____ C:UsersmarissDesktopGrowtopia.lnk

2019-04-28 16:27 – 2019-04-28 16:27 – 000000000 ____D C:UsersmarissAppDataRoamingMicrosoftWindowsStart MenuProgramsGrowtopia

2019-04-28 16:04 – 2019-04-28 16:06 – 076349504 _____ C:UsersmarissDownloadsGrowtopiaInstaller.exe

2019-04-28 12:18 – 2019-04-28 12:18 – 000000059 _____ C:UsersmarissDesktopheyhey.txt

2019-04-20 15:52 – 2019-04-20 15:52 – 000000000 ____H C:Windowssystem32DriversMsft_User_WpdMtpDr_01_09_00.Wdf

2019-04-20 11:25 – 2019-04-20 11:47 – 000196608 _____ C:Windowssystem32Ikeext.etl

2019-04-18 15:42 – 2019-04-18 15:42 – 000001031 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsNotepad++.lnk

2019-04-18 15:42 – 2019-04-18 15:42 – 000000000 ____D C:UsersmarissAppDataRoamingNotepad++

2019-04-18 15:42 – 2019-04-18 15:42 – 000000000 ____D C:Program Files (x86)Notepad++

2019-04-18 15:41 – 2019-04-18 15:42 – 003570539 _____ (Don HO don.h@free.fr) C:UsersmarissDownloadsnpp.7.6.6.Installer.exe

2019-04-17 10:27 – 2019-04-17 10:27 – 000000000 ____D C:UsersmarissAppDataLocalArchon

2019-04-16 18:42 – 2019-04-16 18:42 – 000000000 ____D C:Program FilesPhoenix Labs

2019-04-16 18:39 – 2019-04-16 18:40 – 065589656 _____ (Phoenix Labs) C:UsersmarissDownloadsDauntless.exe

 

==================== One month (modified) ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2019-05-15 19:46 – 2018-08-23 07:58 – 000000000 ____D C:UsersmarissAppDataRoaminguTorrent

2019-05-15 19:28 – 2018-05-22 14:09 – 000000000 ____D C:FRST

2019-05-15 19:05 – 2019-03-20 17:42 – 000000000 ____D C:UsersmarissAppDataLocalBitTorrentHelper

2019-05-15 19:05 – 2018-11-21 06:43 – 000000000 ___SD C:UsersmarissAppDataLocalLowTemp

2019-05-15 19:04 – 2019-03-20 17:42 – 000000000 ____D C:UsersmarissAppDataLocalLowuTorrent

2019-05-15 19:02 – 2009-07-14 12:45 – 000026576 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2019-05-15 19:02 – 2009-07-14 12:45 – 000026576 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2019-05-15 18:05 – 2018-08-13 07:18 – 000000000 ____D C:Program Files (x86)TeamViewer

2019-05-15 18:05 – 2018-08-07 18:36 – 000000000 ____D C:Program FilesSoftEther VPN Client

2019-05-15 17:28 – 2018-06-01 19:24 – 000000000 ____D C:UsersmarissAppDataLocalCrashDumps

2019-05-15 17:22 – 2018-06-16 08:55 – 000000000 ____D C:ProgramDataMalwarebytes

2019-05-15 15:03 – 2018-07-28 10:59 – 000004478 _____ C:WindowsSystem32TasksAdobe Flash Player PPAPI Notifier

2019-05-15 15:03 – 2018-07-28 10:59 – 000004324 _____ C:WindowsSystem32TasksAdobe Flash Player Updater

2019-05-15 15:03 – 2018-07-28 10:58 – 000842296 _____ (Adobe) C:WindowsSysWOW64FlashPlayerApp.exe

2019-05-15 15:03 – 2018-07-28 10:58 – 000175160 _____ (Adobe) C:WindowsSysWOW64FlashPlayerCPLApp.cpl

2019-05-15 15:03 – 2018-07-28 10:58 – 000000000 ____D C:Windowssystem32Macromed

2019-05-15 15:02 – 2018-07-28 10:58 – 000000000 ____D C:WindowsSysWOW64Macromed

2019-05-15 13:09 – 2018-07-11 17:53 – 000000000 ____D C:ProgramDataboost_interprocess

2019-05-15 13:00 – 2019-03-31 10:22 – 000002982 _____ C:WindowsSystem32TasksGPU Tweak II

2019-05-15 12:56 – 2018-04-28 11:32 – 000000000 ____D C:Program Files (x86)Steam

2019-05-15 12:43 – 2019-02-13 15:43 – 000000458 _____ C:WindowsTasksgxx speed launcher.job

2019-05-15 12:43 – 2018-03-14 17:36 – 000000000 ____D C:ProgramDataNVIDIA

2019-05-15 12:43 – 2009-07-14 13:08 – 000000006 ____H C:WindowsTasksSA.DAT

2019-05-15 10:48 – 2018-03-11 19:35 – 000003332 _____ C:WindowsSystem32TasksGoogleUpdateTaskMachineUA

2019-05-15 10:48 – 2018-03-11 19:35 – 000003204 _____ C:WindowsSystem32TasksGoogleUpdateTaskMachineCore

2019-05-15 09:48 – 2019-02-01 21:05 – 000001968 _____ C:UsersmarissDesktopMosChat.lnk

2019-05-15 09:48 – 2018-12-28 15:51 – 000002119 _____ C:UsersmarissDesktopTLauncher.lnk

2019-05-15 09:48 – 2018-08-23 07:58 – 000001074 _____ C:UsersmarissDesktopµTorrent.lnk

2019-05-15 09:48 – 2018-05-20 17:33 – 000002359 _____ C:UsersmarissDesktopDiscord.lnk

2019-05-15 06:57 – 2018-03-11 19:36 – 000002224 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2019-05-15 06:57 – 2018-03-11 19:36 – 000002183 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2019-05-09 18:46 – 2018-07-31 16:52 – 000000173 _____ C:UsersmarissDesktopGameclub Philippines.url

2019-05-09 14:17 – 2018-05-30 11:47 – 000000000 ____D C:WindowsMinidump

2019-05-08 11:05 – 2019-02-26 17:22 – 000000000 ____D C:UsersmarissAppDataLocalWarframe

2019-04-30 21:01 – 2018-03-17 20:57 – 000000000 ____D C:UsersmarissAppDataRoaming.minecraft

2019-04-29 13:34 – 2018-04-29 18:23 – 000000000 ____D C:UsersmarissAppDataLocalGrowtopia

2019-04-28 12:20 – 2009-07-14 11:20 – 000000000 ____D C:Windowsinf

2019-04-28 10:44 – 2018-03-11 23:12 – 000000000 ____D C:UsersmarissAppDataLocalElevatedDiagnostics

2019-04-28 10:07 – 2018-03-11 17:18 – 000000000 ____D C:Usersmariss

2019-04-28 10:06 – 2018-12-09 11:22 – 000000000 ____D C:UsersmarissAppDataRoamingvibranceGUI

2019-04-28 10:06 – 2009-07-14 11:20 – 000000000 ____D C:Windowssystem32NDF

2019-04-28 10:06 – 2009-07-14 11:20 – 000000000 ____D C:Windowsregistration

2019-04-27 21:10 – 2019-02-16 13:03 – 000001343 _____ C:UsersmarissDesktopRoblox Player.lnk

2019-04-27 21:10 – 2018-12-01 10:26 – 000001150 _____ C:UsersmarissDesktopRoblox Studio.lnk

2019-04-27 21:09 – 2018-05-28 12:41 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRoblox

2019-04-26 11:32 – 2019-01-17 19:19 – 000000000 ____D C:UsersmarissDesktopCSGO Hacks

2019-04-25 21:38 – 2018-09-09 16:48 – 000000000 ____D C:UsersmarissAppDataRoamingvlc

2019-04-25 07:51 – 2018-10-21 10:46 – 000000000 ____D C:UsersmarissAppDataRoaming.tlauncher

2019-04-21 14:04 – 2009-07-14 13:13 – 000881332 _____ C:Windowssystem32PerfStringBackup.INI

2019-04-20 22:54 – 2019-03-24 13:19 – 000000000 ____D C:UsersmarissDocumentsGTA San Andreas User Files

2019-04-20 22:51 – 2019-03-25 12:09 – 000000000 ____D C:UsersmarissDesktopGTA Sanandreas

2019-04-20 11:33 – 2009-07-14 11:20 – 000000000 ____D C:Windowstracing

2019-04-18 21:50 – 2018-05-28 10:18 – 000000000 ____D C:Windowspss

2019-04-17 10:27 – 2018-12-02 08:42 – 000000000 ____D C:UsersmarissAppDataLocalUnrealEngine

 

==================== Files in the root of some directories =======

 

2019-05-14 16:49 – 2019-05-14 16:49 – 000210869 _____ () C:ProgramDataOneCoreCommonProxyStub.dll

2018-09-30 17:14 – 2019-01-30 18:07 – 000000132 _____ () C:UsersmarissAppDataRoamingAdobe PNG Format CC Prefs

2019-02-01 21:09 – 2019-02-01 21:09 – 000001125 _____ () C:UsersmarissAppDataRoamingD3D5D3C0-0F3D-40c1-9973-CEB7C072AE32.ini

2018-08-29 19:52 – 2018-08-29 19:52 – 000000128 ____H () C:UsersmarissAppDataRoamingecf00c38dc807e105d881c433a6b455dd2c606b6

2018-10-30 19:10 – 2018-10-30 19:10 – 038235304 _____ () C:UsersmarissAppDataRoaminggameboxsetup.exe

2018-05-07 16:50 – 2018-05-08 19:47 – 000000000 _____ () C:UsersmarissAppDataRoamingrbx_hook

2018-05-07 16:50 – 2018-05-08 19:26 – 004037120 _____ () C:UsersmarissAppDataRoamingSLX.vmp.dll

2018-05-07 16:50 – 2018-05-08 19:26 – 000000024 _____ () C:UsersmarissAppDataRoamingversion

2019-01-22 22:32 – 2019-01-22 22:32 – 000000340 _____ () C:UsersmarissAppDataRoamingvibranceGUI.log

2018-09-30 19:37 – 2018-10-08 20:39 – 000001456 _____ () C:UsersmarissAppDataLocalAdobe Save for Web 13.0 Prefs

2018-05-08 12:01 – 2018-12-11 15:20 – 000007597 _____ () C:UsersmarissAppDataLocalResmon.ResmonCfg

 

==================== SigCheck ===============================

 

(There is no automatic fix for files that do not pass verification.)

 

 

LastRegBack: 2019-05-13 00:56

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05.2019

Ran by mariss (15-05-2019 19:48:40)

Running from C:UsersmarissDownloadsPrograms

Windows 7 Ultimate Service Pack 1 (X64) (2018-03-11 09:18:50)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-858333344-3013912580-3231274367-500 – Administrator – Disabled)

Guest (S-1-5-21-858333344-3013912580-3231274367-501 – Limited – Disabled)

HomeGroupUser$ (S-1-5-21-858333344-3013912580-3231274367-1003 – Limited – Enabled)

mariss (S-1-5-21-858333344-3013912580-3231274367-1000 – Administrator – Enabled) => C:Usersmariss

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Malwarebytes (Enabled – Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Malwarebytes (Enabled – Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled – Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKUS-1-5-21-858333344-3013912580-3231274367-1000…uTorrent) (Version: 3.5.5.45146 – BitTorrent Inc.)

Adobe After Effects CS6 (HKLM-x32…{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 – Adobe Systems Incorporated)

Adobe Flash Player 32 PPAPI (HKLM-x32…Adobe Flash Player PPAPI) (Version: 32.0.0.192 – Adobe)

Alamat Classic (HKLM-x32…Alamat Classic) (Version:  – )

Application Verifier x64 External Package (HKLM…{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 – Microsoft) Hidden

ASUS GPU TweakII (HKLM-x32…{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.6.0.5 – ASUSTek COMPUTER INC.) Hidden

ASUS GPU TweakII (HKLM-x32…InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.6.0.5 – ASUSTek COMPUTER INC.)

ASUS Product Register Program (HKLM-x32…{54716EA9-F8B4-41E0-801B-9909164F2024}) (Version: 1.1.001 – ASUSTek Computer Inc.)

AutoHotkey 1.1.28.02 (HKLM…AutoHotkey) (Version: 1.1.28.02 – Lexikos)

Betternet for Windows 4.3.3 (HKLM-x32…{2E77104D-96E1-4A9C-86F2-C7CF8CA07999}) (Version: 4.3.3 – Betternet Technologies Inc.)

Blue Coat K9 Web Protection (HKLM…Blue Coat K9 Web Protection) (Version: 4.5.1001 – Blue Coat Systems, Inc.)

Camtasia 9 (HKLM…{33E08945-3D7B-40BB-B34F-1A3C8B9650DE}) (Version: 9.1.2.3011 – TechSmith Corporation) Hidden

Cheat Engine 6.7 (HKLM-x32…Cheat Engine 6.7_is1) (Version:  – Cheat Engine)

Cheat Engine 6.8.1 (HKLM-x32…Cheat Engine 6.8.1_is1) (Version:  – Cheat Engine)

CLEO 4.3 (HKLM-x32…{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 – Seemann, Deji, Alien)

ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32…{D256A5B9-68DA-4F6C-A447-A93E5639A46D}) (Version: 4.7.03083 – Microsoft Corporation) Hidden

CpuCoreParking (HKLM-x32…{82BA34F1-FA5C-4507-B7B5-0172E16C7CD0}) (Version: 2.1.1.0 – CpuCoreParking)

Crossfire PH version 1315 (HKLM-x32…{816BF8B4-A8BA-41EC-9ABB-6498E2AFF574}_is1) (Version: 1315 – Gameclub)

DiagnosticsHub_CollectionService (HKLM…{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 – Microsoft Corporation) Hidden

Discord (HKUS-1-5-21-858333344-3013912580-3231274367-1000…Discord) (Version: 0.0.301 – Discord Inc.)

DisplayDriverAnalyzer (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.65 – NVIDIA Corporation) Hidden

Entity Framework 6.2.0 Tools  for Visual Studio 2017 (HKLM-x32…{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 – Microsoft Corporation) Hidden

Epic Games Launcher (HKLM-x32…{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 – Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

FACEIT (HKUS-1-5-21-858333344-3013912580-3231274367-1000…FACEITApp) (Version: 1.20.0 – FACEIT Ltd.)

GameClub Launcher PH (Remove only) (HKLM-x32…{BBD9FAD7-F782-4548-B00F-E612322950F6}) (Version: 20111202 – GameClub)

Garena (remove only) (HKLM-x32…gxx) (Version: 2.0.1902.0110 – Garena)

Google Chrome (HKLM-x32…Google Chrome) (Version: 74.0.3729.157 – Google Inc.)

Google Update Helper (HKLM-x32…{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 – Google LLC) Hidden

Google Update Helper (HKLM-x32…{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 – Google Inc.) Hidden

Grand Theft Auto IV v.1.07.0 (HKLM-x32…Grand Theft Auto IV_is1) (Version:  – )

Growtopia (remove only) (HKUS-1-5-21-858333344-3013912580-3231274367-1000…Growtopia) (Version:  – )

HP DeskJet 2130 series Basic Device Software (HKLM…{54A80AED-ADB5-4D32-83F2-A9A5DF4ED2C1}) (Version: 35.0.61.54677 – Hewlett-Packard Co.)

HP DeskJet 2130 series Help (HKLM-x32…{1CDFD3C9-BDF8-4DDC-BDA2-EBC53F938B5F}) (Version: 35.0.0 – Hewlett Packard)

HP Photo Creations (HKLM-x32…HP Photo Creations) (Version: 1.0.0.7702 – HP)

HP Update (HKLM-x32…{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 – Hewlett-Packard)

icecap_collection_neutral (HKLM-x32…{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 – Microsoft Corporation) Hidden

icecap_collection_x64 (HKLM…{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 – Microsoft Corporation) Hidden

icecap_collectionresources (HKLM-x32…{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 – Microsoft Corporation) Hidden

icecap_collectionresourcesx64 (HKLM-x32…{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 – Microsoft Corporation) Hidden

IntelliTraceProfilerProxy (HKLM-x32…{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 – Microsoft Corporation) Hidden

Internet Download Manager (HKLM-x32…Internet Download Manager) (Version:  – Tonec Inc.)

iSpring Free Cam 8 (HKLM-x32…{13DB0ADA-D131-4CCF-B579-C67C897CAFEE}) (Version: 8.7.25435 – iSpring Solutions Inc.)

Java 8 Update 201 (64-bit) (HKLM…{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 – Oracle Corporation)

Kits Configuration Installer (HKLM-x32…{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 – Microsoft) Hidden

Launcher Prerequisites (x64) (HKLM-x32…{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Malwarebytes version 3.7.1.2839 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 – Malwarebytes)

Microsoft .NET Core SDK 2.1.401 (x64) (HKLM-x32…{e18db24f-856f-47ad-b4c5-c5e01505c943}) (Version: 2.1.401 – Microsoft Corporation)

Microsoft .NET Core SDK 2.1.502 (x64) (HKLM-x32…{6e700b89-6f3c-4dff-b957-44b77c8a4b0e}) (Version: 2.1.502 – Microsoft Corporation)

Microsoft .NET Framework 4.7.2 (HKLM…{92FB6C44-E685-45AD-9B20-CADF4CABA132} – 1033) (Version: 4.7.03062 – Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM-x32…Office14.PROPLUS) (Version: 14.0.4734.1000 – Microsoft Corporation)

Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM…{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 – Microsoft Corporation)

Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32…{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.21022 (HKLM…{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.21022 (HKLM-x32…{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.30319 (HKLM-x32…{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.60610 (HKLM-x32…{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) – 14.11.25325 (HKLM-x32…{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) – 14.16.27012 (HKLM-x32…{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) – 14.13.26020 (HKLM-x32…{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) – 14.16.27012 (HKLM-x32…{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 – Microsoft Corporation)

Microsoft Visual Studio Installer (HKLM…{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1089.1204 – Microsoft Corporation)

Moschat (HKUS-1-5-21-858333344-3013912580-3231274367-1000…moschat) (Version: 2.0.22 – YY Inc)

Mozilla Firefox 56.0 (x86 ru) (HKLM-x32…Mozilla Firefox 56.0 (x86 ru)) (Version: 56.0 – Mozilla)

Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 54.0 – Mozilla)

MSI Afterburner 4.5.0 (HKLM-x32…Afterburner) (Version: 4.5.0 – MSI Co., LTD)

MSI Development Tools (HKLM-x32…{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

MSI Kombustor v4 0.6.3.3 (64-bit) (HKLM-x32…{F3D3CC6B-9AD7-4F43-8C69-40D5902FDC5C}}_is1) (Version:  – MSI / Geeks3D)

Naruto Auto (HKLM-x32…{1388B774-A041-4F52-A1A6-C2A66B0BEE3F}_is1) (Version:  – BotGame Network)

Notepad++ (32-bit x86) (HKLM-x32…Notepad++) (Version: 7.6.6 – Notepad++ Team)

NVIDIA 3D Vision Controller Driver 390.41 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 – NVIDIA Corporation)

NVIDIA 3D Vision Driver 390.65 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.65 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.11.0.73 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 – NVIDIA Corporation)

NVIDIA Graphics Driver 390.65 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.65 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.36.6 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.17.0524 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 – NVIDIA Corporation)

Oracle VM VirtualBox 5.2.12 (HKLM…{128AD467-F107-4FED-A283-F355E74DE103}) (Version: 5.2.12 – Oracle Corporation)

Product Improvement Study for HP DeskJet 2130 series (HKLM…{EA4DB54A-FAE0-4FDA-A66D-AEB8F5FFBE83}) (Version: 35.0.61.54677 – Hewlett-Packard Co.)

Real Cars for GTA-SA v1.5.4 (HKLM-x32…Real Cars for GTA-SA v1.5.4) (Version:  – )

Roblox Player (HKLM-x32…roblox-player) (Version:  – Roblox Corporation)

RogueKiller version 12.12.21.0 (HKLM…8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.21.0 – Adlice Software)

Royalty Gaming (HKLM-x32…Royalty Gaming) (Version:  – )

SDK ARM Additions (HKLM-x32…{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

SDK ARM Redistributables (HKLM-x32…{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

SoftEther VPN Client (HKLM…softether_sevpnclient) (Version: 4.27.9668 – SoftEther VPN Project)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

TAP-Windows 9.21.2 (HKLM…TAP-Windows) (Version: 9.21.2 – )

TeamViewer 13 (HKLM-x32…TeamViewer) (Version: 13.2.5287 – TeamViewer)

Technitium MAC Address Changer v6.0 (HKLM-x32…TMACv6.0) (Version: 6.0 – Technitium)

Tencent Gaming Buddy (HKLM-x32…MobileGamePC) (Version: 1.0.0.1 – Tencent Technology Company)

TypeScript SDK (HKLM-x32…{3CBDDAE8-99AE-4168-BDA7-8352BF15BE73}) (Version: 3.1.2.0 – Microsoft Corporation) Hidden

Universal CRT Extension SDK (HKLM-x32…{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Universal CRT Headers Libraries and Sources (HKLM-x32…{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Universal CRT Redistributable (HKLM-x32…{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Universal CRT Tools x64 (HKLM…{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Universal CRT Tools x86 (HKLM-x32…{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Universal General MIDI DLS Extension SDK (HKLM-x32…{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Update for  (KB2504637) (HKLM-x32…{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 – Microsoft Corporation)

vcpp_crt.redist.clickonce (HKLM-x32…{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 – Microsoft Corporation) Hidden

VEGAS Pro 14.0 (64-bit) (HKLM…{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 – VEGAS)

Visual Studio Community 2017 (HKLM-x32…d0d73a43) (Version: 15.9.28307.222 – Microsoft Corporation)

VLC media player (HKLM…VLC media player) (Version: 3.0.4 – VideoLAN)

VMProtect Ultimate v 3.0 (HKLM…VMProtect Ultimate_is1) (Version: 3.0 – VMProtect Software)

VS Immersive Activate Helper (HKLM-x32…{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 – Microsoft Corporation) Hidden

VS JIT Debugger (HKLM…{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 – Microsoft Corporation) Hidden

VS Script Debugging Common (HKLM…{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 – Microsoft Corporation) Hidden

vs_BlendMsi (HKLM-x32…{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 – Microsoft Corporation) Hidden

vs_clickoncebootstrappermsi (HKLM-x32…{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 – Microsoft Corporation) Hidden

vs_clickoncebootstrappermsires (HKLM-x32…{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 – Microsoft Corporation) Hidden

vs_clickoncesigntoolmsi (HKLM-x32…{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 – Microsoft Corporation) Hidden

vs_communitymsi (HKLM-x32…{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 – Microsoft Corporation) Hidden

vs_communitymsires (HKLM-x32…{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 – Microsoft Corporation) Hidden

vs_devenvmsi (HKLM-x32…{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 – Microsoft Corporation) Hidden

vs_filehandler_amd64 (HKLM-x32…{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 – Microsoft Corporation) Hidden

vs_filehandler_x86 (HKLM-x32…{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 – Microsoft Corporation) Hidden

vs_FileTracker_Singleton (HKLM-x32…{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 – Microsoft Corporation) Hidden

vs_Graphics_Singletonx64 (HKLM…{B6BAC9A6-A70D-4E4D-B90A-7EE2B336E090}) (Version: 15.8.27729 – Microsoft Corporation) Hidden

vs_Graphics_Singletonx86 (HKLM-x32…{3161DA68-DD37-4798-82DB-B3A0BD6BA233}) (Version: 15.8.27729 – Microsoft Corporation) Hidden

vs_minshellinteropmsi (HKLM-x32…{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 – Microsoft Corporation) Hidden

vs_minshellmsi (HKLM-x32…{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 – Microsoft Corporation) Hidden

vs_minshellmsires (HKLM-x32…{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 – Microsoft Corporation) Hidden

vs_SQLClickOnceBootstrappermsi (HKLM-x32…{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 – Microsoft Corporation) Hidden

vs_tipsmsi (HKLM-x32…{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 – Microsoft Corporation) Hidden

Vulkan Run Time Libraries 1.0.65.0 (HKLM…VulkanRT1.0.65.0) (Version: 1.0.65.0 – LunarG, Inc.) Hidden

WinAppDeploy (HKLM-x32…{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Windows SDK AddOn (HKLM-x32…{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 – Microsoft Corporation)

Windows Software Development Kit – Windows 10.0.17763.132 (HKLM-x32…{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 – Microsoft Corporation)

Windscribe (HKLM-x32…{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.82 Build 17 – Windscribe Limited)

WinRAR 5.61 (64-bit) (HKLM…WinRAR archiver) (Version: 5.61.0 – win.rar GmbH)

WinRT Intellisense Desktop – en-us (HKLM-x32…{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense Desktop – Other Languages (HKLM-x32…{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense IoT – en-us (HKLM-x32…{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense IoT – Other Languages (HKLM-x32…{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense Mobile – en-us (HKLM-x32…{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense PPI – en-us (HKLM-x32…{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense PPI – Other Languages (HKLM-x32…{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense UAP – en-us (HKLM-x32…{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

WinRT Intellisense UAP – Other Languages (HKLM-x32…{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

Wise Memory Optimizer 3.6.2 (HKLM-x32…Wise Memory Optimizer_is1) (Version: 3.6.2 – WiseCleaner.com, Inc.)

Wondershare Filmora(Build 8.7.3) (HKLM…Wondershare Filmora_is1) (Version:  – Wondershare Software)

Wondershare Helper Compact 2.6.0 (HKLM-x32…{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 – Wondershare)

XSplit Gamecaster (HKLM-x32…{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 – SplitmediaLabs)

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

ShellServiceObjects: Sync Center Shell Service Object (Internal) -> {F20487CC-FC04-4B1E-863F-D9801796130B} => %SystemRoot%System32SyncCenter.dll

ShellExecuteHooks: Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [6723984 2010-01-22] (Microsoft Corporation -> Microsoft Corporation)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL [4222864 2010-01-22] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:Program Files (x86)Internet Download ManagerIDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:Program Files (x86)Notepad++NppShell_06.dll [2019-01-28] (Notepad++ -> )

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2018-10-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2018-10-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers4: [Convert] -> {9f95ca1a-e80e-4c0f-acd1-4c9b7900b982} => C:Program Files (x86)Microsoft DirectX SDK (June 2010)Utilitiesbinx64TxView.dll [2010-06-02] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:Windowssystem32nvshext.dll [2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2018-10-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2018-10-01] (win.rar GmbH -> Alexander Roshal)

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

WMI:subscription__FilterToConsumerBinding->CommandLineEventConsumer.Name=”BVTConsumer””,Filter=”__EventFilter.Name=”BVTFilter”::

WMI:subscription__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99]

WMI:subscriptionCommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\tools\kernrate]

 

==================== Loaded Modules (Whitelisted) ==============

 

2017-11-27 18:10 – 2017-11-27 18:10 – 000172451 _____ () [File not signed] C:Program Files (x86)ASUSGPU TweakIIExeio.dll

2017-12-16 23:23 – 2017-12-16 23:23 – 001877965 _____ () [File not signed] C:Program Files (x86)ASUSGPU TweakIIVender.dll

2018-01-10 09:54 – 2018-01-10 09:54 – 012330792 ____N (ASUSTeK Computer Inc. -> TODO: <Company name>) [File not signed] C:Program Files (x86)ASUSGPU TweakIIGPUTweakII.exe

2017-05-02 17:17 – 2017-05-02 17:17 – 000213516 _____ (ASUSTek Computer Inc.,) [File not signed] C:Program Files (x86)ASUSGPU TweakIIEIO.DLL

2010-11-21 11:23 – 2010-11-21 11:23 – 000720896 _____ (Microsoft Corporation) C:Windowssystem32ODBC32.dll

2009-07-14 08:28 – 2009-07-14 09:31 – 000229376 _____ (Microsoft Corporation) C:Windowssystem32odbcint.dll

2010-11-21 11:23 – 2010-11-21 11:23 – 000485888 _____ (Microsoft Corporation) C:Windowssyswow64COMDLG32.dll

2010-11-21 11:23 – 2010-11-21 11:23 – 001154048 _____ (Microsoft Corporation) C:Windowssyswow64CRYPT32.dll

2010-11-21 11:24 – 2010-11-21 11:24 – 000155136 _____ (Microsoft Corporation) C:Windowssyswow64imagehlp.dll

2010-11-21 11:24 – 2010-11-21 11:24 – 000119808 _____ (Microsoft Corporation) C:Windowssyswow64IMM32.dll

2010-11-21 11:23 – 2010-11-21 11:23 – 000034304 _____ (Microsoft Corporation) C:Windowssyswow64MSASN1.dll

2010-11-21 11:24 – 2010-11-21 11:24 – 001414144 _____ (Microsoft Corporation) C:Windowssyswow64ole32.dll

2010-11-21 11:24 – 2010-11-21 11:24 – 000571904 _____ (Microsoft Corporation) C:Windowssyswow64OLEAUT32.dll

2010-11-21 11:24 – 2010-11-21 11:24 – 000663040 _____ (Microsoft Corporation) C:Windowssyswow64RPCRT4.dll

2010-11-21 11:24 – 2010-11-21 11:24 – 000224256 _____ (Microsoft Corporation) C:WindowsSysWOW64schannel.dll

2010-11-21 11:23 – 2010-11-21 11:23 – 001667584 _____ (Microsoft Corporation) C:Windowssyswow64SETUPAPI.dll

2010-11-21 11:23 – 2010-11-21 11:23 – 000350208 _____ (Microsoft Corporation) C:Windowssyswow64SHLWAPI.dll

2010-11-21 11:24 – 2010-11-21 11:24 – 000096768 _____ (Microsoft Corporation) C:Windowssyswow64SspiCli.dll

2010-11-21 11:24 – 2010-11-21 11:24 – 000172032 _____ (Microsoft Corporation) C:Windowssyswow64WINTRUST.dll

2010-11-21 11:24 – 2010-11-21 11:24 – 000269824 _____ (Microsoft Corporation) C:Windowssyswow64WLDAP32.dll

2010-11-21 11:23 – 2010-11-21 11:23 – 000206848 _____ (Microsoft Corporation) C:Windowssyswow64WS2_32.dll

2018-12-01 22:51 – 2018-01-04 08:01 – 000877256 ____N (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPI64.dll

2018-12-01 22:52 – 2018-01-04 08:01 – 000344424 ____N (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:Program FilesNVIDIA CorporationDisplay.NvContainerpluginsLocalSystemNvStereo_nvstapisvr64.dll

2010-11-02 11:00 – 2010-11-02 11:00 – 000160213 _____ (NVIDIA Corporation) [File not signed] C:Program Files (x86)ASUSGPU TweakIInvgpio.dll

2017-03-30 10:49 – 2017-03-30 10:49 – 001649152 ____N (TODO: <ASUS>) [File not signed] C:Program Files (x86)ASUSGPU TweakIIVGA_TaskScheduler.dll

2017-05-19 16:09 – 2017-05-19 16:09 – 001851904 _____ (TODO: <Company name>) [File not signed] C:Program Files (x86)ASUSGPU TweakIIFeedbackChart.ocx

2017-12-26 17:18 – 2017-12-26 17:18 – 001917952 ____N (TODO: <Company name>) [File not signed] C:Program Files (x86)ASUSGPU TweakIITweakInterface.dll

2018-08-07 18:36 – 2018-08-07 18:36 – 005207040 ____N (University of Tsukuba) [File not signed] C:Program FilesSoftEther VPN ClientVpnGatePlugin_x64.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:ProgramData:iSpring Solutions [128]

AlternateDataStreams: C:UsersAll Users:iSpring Solutions [128]

AlternateDataStreams: C:Usersmariss:Heroes & Generals [38]

AlternateDataStreams: C:ProgramDataApplication Data:iSpring Solutions [128]

AlternateDataStreams: C:UsersmarissApplication Data:iSpring Solutions [128]

AlternateDataStreams: C:UsersmarissAppDataRoaming:iSpring Solutions [128]

AlternateDataStreams: C:UsersPublicShared Files:VersionCache [470]

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

 

==================== Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKUS-1-5-21-858333344-3013912580-3231274367-1000…localhost -> localhost

IE trusted site: HKUS-1-5-21-858333344-3013912580-3231274367-1000…webcompanion.com -> hxxp://webcompanion.com

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2019-01-30 20:54 – 2019-01-30 20:54 – 000000046 _____ C:Windowssystem32driversetchosts

 

127.0.0.1 platform.wondershare.com

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path: C:Program Files (x86)Common FilesOracleJavajavapath;C:ProgramDataOracleJavajavapath;C:Windowssystem32;C:Windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:Program FilesRogueKiller;C:Program Filesdotnet;C:Program Files (x86)NVIDIA CorporationPhysXCommon

HKUS-1-5-21-858333344-3013912580-3231274367-1000Control PanelDesktop\Wallpaper -> C:UsersmarissAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper.jpg

DNS Servers: 8.8.8.8 – 1.1.1.1

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

If an entry is included in the fixlist, it will be removed.

 

MSCONFIGstartupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftEther VPN Client Manager Startup.lnk => C:WindowspssSoftEther VPN Client Manager Startup.lnk.CommonStartup

MSCONFIGstartupfolder: C:^Users^mariss^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts – HP DeskJet 2130 series.lnk => C:WindowspssMonitor Ink Alerts – HP DeskJet 2130 series.lnk.Startup

MSCONFIGstartupreg: AvastUI.exe => “C:Program FilesAVAST SoftwareAvastAvLaunch.exe” /gui

MSCONFIGstartupreg: BCSSync => “C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe” /DelayServices

MSCONFIGstartupreg: HP Software Update => C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe

MSCONFIGstartupreg: OfficeSyncProcess => “C:Program Files (x86)Microsoft OfficeOffice14MSOSYNC.EXE”

MSCONFIGstartupreg: SMΔRT-Protection => C:Program Files (x86)SmadavSMΔRTP.exe rts

MSCONFIGstartupreg: SoftEther VPN Client UI Helper => “C:Program FilesSoftEther VPN Clientvpnclient_x64.exe” /uihelp

MSCONFIGstartupreg: SunJavaUpdateSched => “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”

MSCONFIGstartupreg: uTorrent => “C:UsersmarissAppDataRoaminguTorrentuTorrent.exe”  /MINIMIZED

MSCONFIGstartupreg: Web Companion => C:Program Files (x86)LavasoftWeb CompanionApplicationWebCompanion.exe –minimize 

MSCONFIGstartupreg: Windscribe => “C:Program Files (x86)WindscribeWindscribe.exe” -os_restart

MSCONFIGstartupreg: Wondershare Helper Compact.exe => C:Program FilesCommon FilesWondershareWondershare Helper CompactWSHelper.exe

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{9E3760CC-F0FF-4199-8476-3203F2DD92D1}] => (Allow) C:Program FilesHPHP DeskJet 2130 seriesBinUSBSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)

FirewallRules: [{9A92241B-320B-4D97-A959-833C2420EBEB}] => (Allow) C:Program FilesHPHP DeskJet 2130 seriesBinHPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)

FirewallRules: [{B220DBFC-DC79-4D29-AF47-0EEC175D7761}] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{3A726B77-00F9-4084-B8FA-A8D2C756FF64}] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{C25B1715-93BB-4C24-9513-CE6C71AA8292}] => (Allow) C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe No File

FirewallRules: [{0BF3EFCF-071F-4760-8FDB-A0828CBD378D}] => (Allow) C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe No File

FirewallRules: [TCP Query User{DB196F82-DBE7-4D98-A0F8-8E63FB8E55FE}D:counter-strike 1.6hl.exe] => (Allow) D:counter-strike 1.6hl.exe No File

FirewallRules: [UDP Query User{E2BD46D4-56A9-4B96-BE2A-12EF3487A2FC}D:counter-strike 1.6hl.exe] => (Allow) D:counter-strike 1.6hl.exe No File

FirewallRules: [TCP Query User{80475074-7246-44E6-B3F4-87D74CEB9ED7}C:usersmarissappdatalocaltemp7zipsfx.007hl2.exe] => (Block) C:usersmarissappdatalocaltemp7zipsfx.007hl2.exe No File

FirewallRules: [UDP Query User{2CCF440F-206C-4CB6-B319-5967C12ABB6D}C:usersmarissappdatalocaltemp7zipsfx.007hl2.exe] => (Block) C:usersmarissappdatalocaltemp7zipsfx.007hl2.exe No File

FirewallRules: [TCP Query User{7EEAD1DF-371F-4793-AA03-CA28E677EB5C}C:usersmarissappdatalocaltemp7zipsfx.009hl2.exe] => (Block) C:usersmarissappdatalocaltemp7zipsfx.009hl2.exe No File

FirewallRules: [UDP Query User{B301103E-0770-4287-8873-5FAC6819AA95}C:usersmarissappdatalocaltemp7zipsfx.009hl2.exe] => (Block) C:usersmarissappdatalocaltemp7zipsfx.009hl2.exe No File

FirewallRules: [TCP Query User{1982E6E5-94A5-4F3D-9B4E-A9C1ADD74FFF}C:usersmarissappdatalocaltemp7zipsfx.00ahl2.exe] => (Block) C:usersmarissappdatalocaltemp7zipsfx.00ahl2.exe No File

FirewallRules: [UDP Query User{BD306A83-1413-4C50-9887-3CB7F66D0CA3}C:usersmarissappdatalocaltemp7zipsfx.00ahl2.exe] => (Block) C:usersmarissappdatalocaltemp7zipsfx.00ahl2.exe No File

FirewallRules: [TCP Query User{B8C32F8B-21AD-4986-AC2E-016D6D1217E3}C:usersmarissappdatalocaltemp7zipsfx.00dhl2.exe] => (Block) C:usersmarissappdatalocaltemp7zipsfx.00dhl2.exe No File

FirewallRules: [UDP Query User{DE31E58F-BF2D-48CC-83CC-51D20C843532}C:usersmarissappdatalocaltemp7zipsfx.00dhl2.exe] => (Block) C:usersmarissappdatalocaltemp7zipsfx.00dhl2.exe No File

FirewallRules: [TCP Query User{0872287D-CBD6-4BB7-B4A6-BCF985860AF3}C:rosros.exe] => (Allow) C:rosros.exe No File

FirewallRules: [UDP Query User{D13D301B-B1FA-47B3-8839-CD49ADAFC832}C:rosros.exe] => (Allow) C:rosros.exe No File

FirewallRules: [TCP Query User{0F78E02C-68BB-43FB-8C9A-2B5CC12D367B}C:rosccminiccmini.exe] => (Allow) C:rosccminiccmini.exe No File

FirewallRules: [UDP Query User{E361D463-6AE1-49E2-8EE6-324C330D4ED0}C:rosccminiccmini.exe] => (Allow) C:rosccminiccmini.exe No File

FirewallRules: [{8DAAD7BA-DAA6-4C3A-9F2F-ED01B156806D}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{684201D4-C29B-4747-AEF4-178CBFE59380}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{0A445F43-2213-49B0-A38C-6428200715DE}] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe No File

FirewallRules: [{DA201736-1E6F-4436-A5ED-C804AFC05BA2}] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe No File

FirewallRules: [{26C171FD-33BB-4FCC-A87C-547B46D83BAA}] => (Allow) C:Program Files (x86)SteamsteamappscommonTransformiceTransformice.exe () [File not signed]

FirewallRules: [{BE301A21-C3A8-4CA0-B460-F59E102A4286}] => (Allow) C:Program Files (x86)SteamsteamappscommonTransformiceTransformice.exe () [File not signed]

FirewallRules: [{56FB4997-64E6-4880-97AC-208A189D79E2}] => (Allow) C:Program Files (x86)SteamsteamappscommonCounter-Strike Global Offensivecsgo.exe No File

FirewallRules: [{747F3A83-2CD1-4C47-9978-A8E301837E8B}] => (Allow) C:Program Files (x86)SteamsteamappscommonCounter-Strike Global Offensivecsgo.exe No File

FirewallRules: [TCP Query User{F8A58785-0795-4B9B-9E1E-94FB96D1EFB1}C:program files (x86)javajre1.8.0_162binjavaw.exe] => (Allow) C:program files (x86)javajre1.8.0_162binjavaw.exe No File

FirewallRules: [UDP Query User{8ECE4216-436F-408C-97EB-0381C6E80423}C:program files (x86)javajre1.8.0_162binjavaw.exe] => (Allow) C:program files (x86)javajre1.8.0_162binjavaw.exe No File

FirewallRules: [{19C0385C-20E2-455E-8896-AFF272FECA13}] => (Allow) C:UsersmarissAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{94BB3560-2400-4187-B7C4-05795B528ACE}] => (Allow) C:UsersmarissAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{5F2B7B35-D005-4629-BFB9-13C5205452F1}] => (Allow) C:Program Files (x86)BlueStacksHD-Player.exe No File

FirewallRules: [TCP Query User{6BFB7C4B-2F26-41F1-AD33-E5FCA2500D59}C:program filesstrogino cs portalcounter-strike sourcebintoolssteamcmd.exe] => (Allow) C:program filesstrogino cs portalcounter-strike sourcebintoolssteamcmd.exe No File

FirewallRules: [UDP Query User{E9755C6B-41B5-4139-B60F-292848EFC694}C:program filesstrogino cs portalcounter-strike sourcebintoolssteamcmd.exe] => (Allow) C:program filesstrogino cs portalcounter-strike sourcebintoolssteamcmd.exe No File

FirewallRules: [TCP Query User{782DC83B-438C-4741-A876-6B9BAA5D8B0C}C:program filesstrogino cs portalcounter-strike sourcehl2.exe] => (Allow) C:program filesstrogino cs portalcounter-strike sourcehl2.exe No File

FirewallRules: [UDP Query User{4B48498C-AA58-464E-B225-B9D911BAA1E5}C:program filesstrogino cs portalcounter-strike sourcehl2.exe] => (Allow) C:program filesstrogino cs portalcounter-strike sourcehl2.exe No File

FirewallRules: [TCP Query User{8B5B85FF-F040-40EE-BB06-B45A24785895}C:usersmarissdownloadscompressedsamp037_svr_r2-1-1_win32samp-server.exe] => (Allow) C:usersmarissdownloadscompressedsamp037_svr_r2-1-1_win32samp-server.exe No File

FirewallRules: [UDP Query User{54E6624F-3C9B-41FA-A766-DD7B9C89EFAB}C:usersmarissdownloadscompressedsamp037_svr_r2-1-1_win32samp-server.exe] => (Allow) C:usersmarissdownloadscompressedsamp037_svr_r2-1-1_win32samp-server.exe No File

FirewallRules: [TCP Query User{F7AF7FE0-D983-4F8D-B0F7-8683F5691645}C:usersmarissdownloadscompressedreborn_dudessamp-server.exe] => (Allow) C:usersmarissdownloadscompressedreborn_dudessamp-server.exe No File

FirewallRules: [UDP Query User{2BB59613-F600-4CD1-875B-C4ADB7BDD186}C:usersmarissdownloadscompressedreborn_dudessamp-server.exe] => (Allow) C:usersmarissdownloadscompressedreborn_dudessamp-server.exe No File

FirewallRules: [TCP Query User{C7AA4660-D358-4991-8F2D-2E60EBF96F9A}C:program files (x86)hard disk sentinelhdsentinel.exe] => (Allow) C:program files (x86)hard disk sentinelhdsentinel.exe No File

FirewallRules: [UDP Query User{7E967D3A-2DFB-4FCB-9463-585E07BAD3FA}C:program files (x86)hard disk sentinelhdsentinel.exe] => (Allow) C:program files (x86)hard disk sentinelhdsentinel.exe No File

FirewallRules: [TCP Query User{590F3325-3F51-457A-B962-25C305A7E14F}C:usersmarissdownloadscompressedrpfr by pyarmeena and silvermspremium gamingsamp-server.exe] => (Allow) C:usersmarissdownloadscompressedrpfr by pyarmeena and silvermspremium gamingsamp-server.exe No File

FirewallRules: [UDP Query User{D1D44385-946B-48E2-889F-BFFC9DB8C78F}C:usersmarissdownloadscompressedrpfr by pyarmeena and silvermspremium gamingsamp-server.exe] => (Allow) C:usersmarissdownloadscompressedrpfr by pyarmeena and silvermspremium gamingsamp-server.exe No File

FirewallRules: [TCP Query User{6E164671-11F6-4967-AD20-D0C19B389B68}C:program files (x86)smadavsmδrtp.exe] => (Block) C:program files (x86)smadavsmδrtp.exe No File

FirewallRules: [UDP Query User{FCAE8CE3-E7A7-433E-A041-6EA0EF2C779C}C:program files (x86)smadavsmδrtp.exe] => (Block) C:program files (x86)smadavsmδrtp.exe No File

FirewallRules: [{94DAFE04-85BF-4897-A886-E16DB3733251}] => (Allow) LPort=8080

FirewallRules: [{C0FE5F3F-DE85-4ED5-BE5E-666415486D9E}] => (Allow) LPort=8318

FirewallRules: [TCP Query User{8FFD1E8D-5BD2-4EB4-AC6B-6A54163BB78D}C:program files (x86)bookworm adventures deluxebookwormadventures.exe] => (Block) C:program files (x86)bookworm adventures deluxebookwormadventures.exe (PopCap Games -> PopCap Games, Inc.) [File not signed]

FirewallRules: [UDP Query User{052B56AF-8BF6-4149-B1AD-A30C58768A1C}C:program files (x86)bookworm adventures deluxebookwormadventures.exe] => (Block) C:program files (x86)bookworm adventures deluxebookwormadventures.exe (PopCap Games -> PopCap Games, Inc.) [File not signed]

FirewallRules: [{569836ED-2310-4FF3-8755-18B63E35CF60}] => (Allow) C:Program Files (x86)SteamsteamappscommonBrawlhallaBrawlhalla.exe () [File not signed]

FirewallRules: [{D1A4A23E-0C61-4C29-A8E6-F34FB567ECAC}] => (Allow) C:Program Files (x86)SteamsteamappscommonBrawlhallaBrawlhalla.exe () [File not signed]

FirewallRules: [{92C974C4-687A-43F3-9AC2-F6365A8922A2}] => (Allow) C:Program Files (x86)SteamsteamappscommonTeam Fortress 2hl2.exe (Valve -> )

FirewallRules: [{D940DE58-3692-4DE3-AC27-F72CBD0B55E0}] => (Allow) C:Program Files (x86)SteamsteamappscommonTeam Fortress 2hl2.exe (Valve -> )

FirewallRules: [{8AA398BC-6042-4B94-BDAE-42C5C5E1318B}] => (Allow) C:Program Files (x86)GarenaGarena2.0.1806.2114gxxsvc.exe No File

FirewallRules: [{14C286CA-19B7-4B4C-94C6-32C3ED7A30E1}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{DC6D5B2F-14FC-4CF7-8655-10C2773D80E5}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{CF53E6A1-9F0F-41EC-90D7-E312FEFB8BF9}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{A7A2B48E-4F76-455C-935E-6B50724247F5}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{8D4917AF-3738-4E83-AD50-4A0F862FFE76}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{6DB379DD-D630-46CF-BB91-300ACDD46C16}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{3FFC70D1-D6E1-4B65-88E1-64C03B723F21}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{4B14B943-45BC-42B6-9AED-6BF947D93547}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [TCP Query User{998654BE-9C60-4CA3-B059-B3FBBD2285CC}C:program files (x86)windscribewsappcontrol.exe] => (Block) C:program files (x86)windscribewsappcontrol.exe (Windscribe Limited -> Windscribe Limited)

FirewallRules: [UDP Query User{B6294A21-B24E-4840-8111-D4EF278B2F05}C:program files (x86)windscribewsappcontrol.exe] => (Block) C:program files (x86)windscribewsappcontrol.exe (Windscribe Limited -> Windscribe Limited)

FirewallRules: [{DD45ACEF-AC53-4CA0-BD02-FD574FEE22BA}] => (Allow) D:SteamLibrarysteamappscommonRules Of Survivalros.exe (NetEase(Hangzhou) Network Co. Ltd. -> )

FirewallRules: [{4E31FFB1-2D10-421A-97D4-96EA64233962}] => (Allow) D:SteamLibrarysteamappscommonRules Of Survivalros.exe (NetEase(Hangzhou) Network Co. Ltd. -> )

FirewallRules: [{91B84FF6-74ED-4F24-BF07-054DF131A186}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{09C302E8-1DDE-4A98-AD7D-75C14EF02750}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{0934490B-F5B5-4AC4-88F5-8C252180AA23}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{1FA55F4C-ABC9-4D5D-8D5C-3CCBB351C9F7}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{71B3AA56-E4ED-433B-8426-9CD74905BD95}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{DB94BEB0-CD7F-472F-A394-5694C15CD481}] => (Allow) C:Program Files (x86)SteamsteamappscommonBorderlands 2BinariesWin32Launcher.exe (Gearbox Software) [File not signed]

FirewallRules: [{0E1D867F-EFB5-4236-963A-4691AEC0A1D3}] => (Allow) C:Program Files (x86)SteamsteamappscommonBorderlands 2BinariesWin32Launcher.exe (Gearbox Software) [File not signed]

FirewallRules: [{887FCA3F-FB49-4A72-9E3E-EDBC27CB99FF}] => (Allow) C:Program Files (x86)SteamsteamappscommonPaladinsBinariesWin64PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{D4A39453-C75B-4F5B-88D7-05295D410957}] => (Allow) C:Program Files (x86)SteamsteamappscommonPaladinsBinariesWin64PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{328F40CF-ED78-4070-AB93-0B8059D7E5FD}] => (Allow) C:Program Files (x86)SteamsteamappscommonBorderlands 2BinariesWin32Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]

FirewallRules: [{E1FF3028-8DFC-4987-8CC6-B983C8A06929}] => (Allow) C:Program Files (x86)SteamsteamappscommonBorderlands 2BinariesWin32Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]

FirewallRules: [{45274BC5-006C-4691-A25C-620D36C4AE37}] => (Allow) D:SteamLibrarysteamappscommonCounter-Strike Global Offensivecsgo.exe (Valve -> )

FirewallRules: [{2F1482F9-8345-4EA6-AD45-34A46DB7FFDF}] => (Allow) D:SteamLibrarysteamappscommonCounter-Strike Global Offensivecsgo.exe (Valve -> )

FirewallRules: [{2C766FF3-68D6-4A12-A64D-B4745A3203E7}] => (Allow) C:Program Files (x86)GarenaGarena2.0.1812.2810gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )

FirewallRules: [{D1EBB331-3C97-4DA6-8062-0A560CED08F9}] => (Allow) D:SteamLibrarysteamappscommonWarframeWarframe.exe No File

FirewallRules: [{49B290C5-D22C-43CB-BA6C-E0159AC7B04D}] => (Allow) D:SteamLibrarysteamappscommonWarframeWarframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)

FirewallRules: [{6D8FE0A1-1AAE-4B4D-A482-989888B63D1C}] => (Allow) D:SteamLibrarysteamappscommonWarframeWarframe.exe No File

FirewallRules: [{440E0649-0362-4594-830A-1C4354F608FD}] => (Allow) D:SteamLibrarysteamappscommonWarframeWarframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)

FirewallRules: [{0165E12F-229B-4924-A122-871A522983E7}] => (Allow) D:SteamLibrarysteamappscommonWarframeToolsLauncher.exe (Digital Extremes Ltd. -> Digital Extremes)

FirewallRules: [{B78C2A49-EECE-4349-9078-6F3D9C623676}] => (Allow) D:SteamLibrarysteamappscommonWarframeToolsRemoteCrashSender.exe (Digital Extremes Ltd. -> )

FirewallRules: [{1F3F3B4B-07D3-4093-8F1E-468D95558F48}] => (Allow) D:SteamLibrarysteamappscommonWarframeWarframe.exe No File

FirewallRules: [{209C45F8-8726-4626-B2B9-030240872CC2}] => (Allow) D:SteamLibrarysteamappscommonWarframeWarframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)

FirewallRules: [{792DE33C-2644-4ADA-B9C0-B2E086BEAF4A}] => (Allow) D:SteamLibrarysteamappscommonWarframeWarframe.exe No File

FirewallRules: [{1A386A7A-3A5F-441D-8874-A31434F0C497}] => (Allow) D:SteamLibrarysteamappscommonWarframeWarframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)

FirewallRules: [{72DCAADE-659F-4577-B4EE-39443048776F}] => (Allow) D:SteamLibrarysteamappscommonWarframeToolsLauncher.exe (Digital Extremes Ltd. -> Digital Extremes)

FirewallRules: [{09FC6699-0D46-402C-BB8E-A94FD0D51CDC}] => (Allow) D:SteamLibrarysteamappscommonWarframeToolsRemoteCrashSender.exe (Digital Extremes Ltd. -> )

FirewallRules: [{271C380F-6C9B-4E84-9933-0C56AD3D5A8B}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{B0135CE9-9E4A-4085-8B30-39FC41CA7A29}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{21D61488-6582-4AFC-9BB3-F4C420C719E9}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{1B758DE3-34C7-47E9-8C54-0FDD8B6400F8}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{8563E07F-F8AE-4F43-84E3-A24002431058}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{528C58C6-0E04-49B4-9C54-555073D45246}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{C4794EE2-BB49-4935-8F20-10B24ECAD486}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{2EDE2CF8-CD5C-4440-9D0D-88D65C6FC50E}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{47ADF110-7034-47EB-9FE2-BC258470E8B1}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2cfg.exe (Valve -> )

FirewallRules: [{48292BD1-E275-416A-9051-FD4A56C69D38}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2cfg.exe (Valve -> )

FirewallRules: [{0403E9FE-3574-4EC6-A049-370F253A29E7}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{9571DAB9-40BA-434A-9640-946BE7512537}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{CDDA0473-3E07-47C9-A36A-44BF7B0F5225}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{E90D44BC-1FB4-47E8-BE22-27D9508D36DD}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{B4740211-BFC8-436A-992F-341C01ADEF32}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{71217D6C-010E-470F-B266-EC6FFF07420B}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{408B323E-F98C-4E5B-9AC2-CE8909912643}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{391DF2B7-6864-4FAF-B110-1374C642EFE4}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{E08209F6-AF7D-489B-BAAC-3A2396009769}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{C61A7365-683B-4E40-A611-3EF2E04DD94C}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{0224461B-7272-4D03-ACF7-B85512879DF5}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{B9B0CE1A-D6AF-4376-BCA1-863603E3DE1F}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{25255337-2B62-4A88-BEF3-AE66D48B4BC9}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{892392C5-0D20-47C7-A603-6DDC5EF89908}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{960D00D2-4463-4CEA-BA4F-92FB2064C95D}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{FD970647-C7D5-4D01-A310-5DAF395EF3B4}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{9FE1A4B7-DD52-4FAD-9B8C-FFEA947F5EFC}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{0B2EF92A-4B83-45AC-833E-09FDEEB379B5}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{FCECDCB5-FFA8-4BDD-999B-E8AF5C7F5B07}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{6F8A2E27-0DD6-4F38-BFA6-7B9B06976B0E}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{164D9E5C-F5AA-4211-B88B-DA356CC2BABD}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{421F1E11-AE03-4A2C-82F9-9B2F53AF16E9}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{8FDB0B82-8C74-42E8-A81E-F72A2B588187}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{A63308B1-97DB-4B2F-9796-B8F2C6F6613B}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{5A748C58-CACA-48D2-BDE3-67EF5713986D}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{54D4FF36-9A5F-4613-B611-AC284AED50F9}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{6530E065-086F-4072-9E4E-E8EEE94587FE}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{B81DA5A9-2199-4172-A2C2-D4C43C3BBE0F}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{0100358E-37B2-4586-B19A-E4120ACDEADF}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{DAD6953E-F276-4A4E-BFAE-F0265CA35BAF}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{7AF5C5FE-0C83-4E04-9166-BCE4BB660961}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{C4060056-161D-429D-BDF1-F02BEC1FB036}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{E788ABDD-EEBC-4D7F-8C23-A9BF4BDDB040}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{1A30181B-AA89-418C-B111-219F8BAEE390}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{47DB6BC6-DFE7-44D7-BA81-F2AD0C1C460C}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{603593B0-39D6-42DE-A4F8-A5065418913B}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{BA127AD7-1D67-4E66-8828-78EF63C759E0}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{FA7B3DA2-FDBF-4414-8134-6521AEC93D20}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{DA8D5976-A6B0-43E9-BC43-FBDCE5CC73F6}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{07FA8E8F-E46F-4EE4-B638-D20FD2E4DE19}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{75F29B01-40CB-4DB1-980E-057D93A28AE0}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{6F012DD1-F1B1-44FD-B021-89FB50F7A043}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{11B3249C-86BE-4935-873C-D9083F03C8E4}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{809FAE20-5EE6-4E11-88D3-4EE96E8B4D71}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{E92581DA-A018-4068-A5A1-B8E45D54DAA6}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{5783CF98-0429-4BB3-86CD-F1186032F566}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{BC240495-670D-4071-9927-DAB41009D67B}] => (Allow) C:Program Files (x86)GarenaGarena2.0.1902.0110gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )

FirewallRules: [{BF81BFD6-148F-414C-9702-EB3CFEA6B030}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{BAB2866F-611E-46CA-B6BC-3AF72773AC62}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{8CF9347F-3078-4826-BB84-A9C4C488A79F}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{6430A441-7FBA-49B2-8EF6-6F4C03423B2B}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [TCP Query User{1F8D6A8E-B813-4849-B3DF-2C37A9B14A56}C:program filesjavajre1.8.0_201binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_201binjavaw.exe

FirewallRules: [UDP Query User{AB19A8EA-1CA3-4F59-A018-2DF917D7E8B5}C:program filesjavajre1.8.0_201binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_201binjavaw.exe

FirewallRules: [{BDE4FD20-028C-4D53-9EF1-70A5A2DA17DF}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{CB74F775-BE4C-42A0-B258-DC63264F836B}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{07D475BB-CE28-4E21-8853-4262E74784F2}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{C902DD83-60D5-4C0B-B512-6901E4E73CA2}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{141159CE-8851-493C-B56A-A7FCE269CC9A}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{2BC8EA20-CCBF-4958-83DD-509FF27D1D99}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{EC984B7E-844E-43D1-AA18-BDC434284CED}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{B164D977-5071-46D1-9FD6-43ADEEFCEEA6}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{B143A63E-2674-4BAB-800E-2CA2E6C48E3B}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{6257B320-63CA-4565-A6C4-30609B881A4F}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{932AF3EC-9079-4A88-872D-B6D087AC0F2E}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{C8604CB1-7C40-4164-B717-E020DB0AC99C}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{29100024-9978-496E-AB81-49A7E7381369}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{E59FAD24-9C21-4802-BA03-7152FBAF5D79}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{7D9D7896-142B-43D3-B588-08EF0DB3A86E}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{BBE9E2FA-9D6A-4E47-ACE9-1143381462BA}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{5138F224-93A1-4F48-8DA7-0BB4989AF757}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{2475CAA9-7C81-42BF-94CE-5F3695025135}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{E9B764D3-623E-4D5D-A8FA-FB5DD28DC7A7}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{129C8420-298C-40B0-869C-BC48F1504326}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{D587C6CB-703A-4091-8EA0-0AD348A3046C}] => (Allow) d:program filestxgameassistantappmarketAppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{EB4AFC3C-A2B8-4C52-AE14-653652A0351F}] => (Allow) d:program filestxgameassistantappmarketTInst.exe (Tencent Technology(Shenzhen) Company Limited -> )

FirewallRules: [{9704EB13-E59C-4101-BA66-A4ACFED9BDFA}] => (Allow) d:program filestxgameassistantappmarketbugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)

FirewallRules: [{43BE35C7-26BD-4F59-AFCE-F6FB44481D3B}] => (Allow) d:program filestxgameassistantappmarketQQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )

FirewallRules: [{AD16FA13-D30D-41CE-9698-DA206A1BC7E6}] => (Allow) d:program filestxgameassistantappmarketGameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{3EB00937-E53A-4DAB-82A6-965ED52967A2}] => (Allow) d:program filestxgameassistantappmarketGF186TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{ECA304A2-55D7-4AA1-A1A5-11F14CE6D9CE}] => (Allow) C:UsersmarissAppDataRoamingTencentTxGameAssistantGameDownloadTenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{0A216E15-8309-4A96-8597-D819870D44BA}] => (Allow) C:UsersmarissAppDataRoamingTencentTxGameAssistantGameDownloadTenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{5591EA19-D171-4335-AA5B-7C3CD19406BB}] => (Allow) C:UsersmarissAppDataRoamingTencentTxGameAssistantGameDownloadTenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{FE24CC12-CE56-4BA2-A662-B96192D95E3D}] => (Allow) C:UsersmarissAppDataRoamingTencentTxGameAssistantGameDownloadTenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{6C5342DC-DF18-42AA-BA8C-9213ABC7DBBC}] => (Allow) d:program filestxgameassistantuiAndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{CDE61FCB-5E5D-4753-9E4D-9F5849DE7E10}] => (Allow) d:program filestxgameassistantuiadb.exe () [File not signed]

FirewallRules: [{891F985E-C25D-474C-A223-BD3DA14EBCDA}] => (Allow) d:program filestxgameassistantuiTInst.exe (Tencent Technology(Shenzhen) Company Limited -> )

FirewallRules: [{1DE109FF-0337-4226-AF39-A835B871F46F}] => (Allow) d:program filestxgameassistantuibugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{171AAD4A-CABF-466F-8304-4FF679257621}] => (Allow) d:program filestxgameassistantuiTxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{DA84BEA6-7094-4F45-8966-C3C14C8766FE}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{B39EDBC1-600C-46CA-8362-4B68F91BDE16}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{4759D112-11B1-491C-AF75-183F3D101E36}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{3CC8E3D4-9B62-4D31-AE85-CC2DF4EBF49F}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{2C368B14-973C-4D78-B49B-431FF749494E}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{F27BF35B-0500-4ECD-8F9B-2B3E9DCF7AFC}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{604FD223-DBCD-4AC5-B489-7A2893D4D292}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{738E428E-A2EC-4FA2-B54A-C5F0BF0789BD}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{875E7119-4386-44FA-B834-A589D652BD38}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{5A90377D-E457-468C-A3C2-597CC2A2E9F9}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{7202A603-D4FB-4453-89E5-7CDC8CFAA33D}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{8FA44091-0E49-4E8D-A3F8-7B1CD530D29F}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{E544F374-34CF-483C-B3AC-AD4F62B0DF36}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{EB149AD9-875C-48D1-A1A9-0EEC2D07A050}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{EF883E56-5553-4C79-B618-9603B4B1DAAA}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{11374299-4CCE-47CA-8818-19F562D41E4F}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [TCP Query User{B66BCDEC-34B2-47A7-B72C-E6C785DC1543}C:program files (x86)internet exploreriexplore.exe] => (Block) C:program files (x86)internet exploreriexplore.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [UDP Query User{0A731832-A813-4134-BF3E-9E216A5982FD}C:program files (x86)internet exploreriexplore.exe] => (Block) C:program files (x86)internet exploreriexplore.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{B140074E-B488-4DCF-A833-7A66893EF1EC}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google Inc.)

FirewallRules: [{0360268E-62E4-4C52-917C-C24B33E6F8B8}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{80539C1F-8387-4E5C-ACF5-C02B670E695A}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{46B6E1BC-8598-41F2-8596-1C20F9F323AB}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{BC520D06-1C48-48CC-B7FA-A0A18418EAB8}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{C2BB16E7-B09B-4474-8B34-9D7DB16D9188}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{166EC714-B439-469E-9512-8866F2E2E44E}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{2DDE853A-ED04-43A2-90CC-09D52F9C34EA}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{02CDCE53-8E80-4AC5-B806-7A399DFEFC0B}] => (Allow) D:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

 

==================== Restore Points =========================

 

Check “winmgmt” service or repair WMI.

 

 

==================== Faulty Device Manager Devices =============

 

Could not list Devices. Check “winmgmt” service or repair WMI.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (05/15/2019 07:50:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )

.

 

Error: (05/15/2019 07:50:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )

.

 

Error: (05/15/2019 07:50:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )

.

 

Error: (05/15/2019 07:50:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )

.

 

Error: (05/15/2019 05:28:36 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbam.exe, version: 3.1.0.1807, time stamp: 0x5cc0b6f1

Faulting module name: Qt5Qml.dll, version: 5.11.1.0, time stamp: 0x5cba03dc

Exception code: 0xc0000005

Fault offset: 0x0019da89

Faulting process id: 0x1278

Faulting application start time: 0x01d50b001b57e869

Faulting application path: C:Program FilesMalwarebytesAnti-Malwarembam.exe

Faulting module path: C:Program FilesMalwarebytesAnti-MalwareQt5Qml.dll

Report Id: d0351ef9-76f3-11e9-bc03-00241db2f5a7

 

Error: (05/15/2019 12:44:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Event filter with query “SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99″ could not be reactivated in namespace “//./root/CIMV2” because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

Error: (05/15/2019 11:56:28 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Launcher.EXE_IncUpdate, version: 2010.8.16.280, time stamp: 0x2a425e19

Faulting module name: Launcher.EXE, version: 2010.8.16.280, time stamp: 0x2a425e19

Exception code: 0xc0000005

Fault offset: 0x001eb001

Faulting process id: 0x81c

Faulting application start time: 0x01d50ad229d64b16

Faulting application path: D:ran classLauncher.EXE

Faulting module path: D:ran classLauncher.EXE

Report Id: 6a5c4f0e-76c5-11e9-bfc7-00241db2f5a7

 

Error: (05/15/2019 11:51:03 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Launcher.EXE_IncUpdate, version: 2010.8.16.280, time stamp: 0x2a425e19

Faulting module name: Launcher.EXE, version: 2010.8.16.280, time stamp: 0x2a425e19

Exception code: 0xc0000005

Fault offset: 0x001eb001

Faulting process id: 0x1290

Faulting application start time: 0x01d50ad16ab122b7

Faulting application path: D:ran classLauncher.EXE

Faulting module path: D:ran classLauncher.EXE

Report Id: a865376c-76c4-11e9-bfc7-00241db2f5a7

 

 

System errors:

=============

Error: (05/15/2019 07:50:39 PM) (Source: DCOM) (EventID: 10000) (User: )

Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:

“1455”

Happened while starting this command:

C:Windowssystem32wbemwmiprvse.exe -secured -Embedding

 

Error: (05/15/2019 07:31:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Blue Coat K9 Web Protection service to connect.

 

Error: (05/15/2019 07:31:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Blue Coat K9 Web Protection service terminated unexpectedly.  It has done this 3 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

 

Error: (05/15/2019 07:31:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Blue Coat K9 Web Protection service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

 

Error: (05/15/2019 07:31:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Blue Coat K9 Web Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

 

Error: (05/15/2019 07:24:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Driver Foundation – User-mode Driver Framework service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.

 

Error: (05/15/2019 07:24:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The WLAN AutoConfig service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.

 

Error: (05/15/2019 07:24:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.

 

 

==================== Memory info =========================== 

 

BIOS: Award Software International, Inc. FC 07/02/2009

Motherboard: Gigabyte Technology Co., Ltd. G31M-ES2C

Processor: Intel® Core™2 Duo CPU E7400 @ 2.80GHz

Percentage of memory in use: 90%

Total physical RAM: 4094.49 MB

Available physical RAM: 399.93 MB

Total Virtual: 9712.09 MB

Available Virtual: 4.44 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:146.48 GB) (Free:6.61 GB) NTFS

Drive d: () (Fixed) (Total:151.51 GB) (Free:31.31 GB) NTFS

 

\?Volume{33b07ec0-250c-11e8-ad00-806e6f6e6963} (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 2F172F16)

Partition 1: (Active) – (Size=100 MB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=146.5 GB) – (Type=07 NTFS)

Partition 3: (Not Active) – (Size=151.5 GB) – (Type=07 NTFS)

 

==================== End of Addition.txt ============================

Reality Gaming Group launches crypto collectibles weapons trading platform

17 0 15 May 2019

Players of mobile AR combat game Reality Clash can now trade weapons with each other and earn RCC (Reality Clash Gold coins), which can be exchanged for fiat currency

Move sees Reality Gaming Group enter the billion dollar ‘crypto collectibles’ market

FOR IMMEDIATE RELEASE: Reality Gaming Group has launched a trading platform (https://realityclash.store) that enables players of mobile AR combat game Reality Clash to buy and sell limited-edition weapons and earn RCC (Reality Clash Gold coins), which can be cashed in for fiat currency on crypto exchanges.

All tradeable weapons are ERC 721 tokenised on the Blockchain with a proof of purchase (smart contract), a technology that is ushering in a new ‘crypto collectibles’ era for virtual items and downloadable content (DLC) in video games.

Crypto collectibles, pioneered by the likes of CryptoKitties, are a fundamentally new type of digital good. Unlike traditional in-game DLC, which is ultimately owned and controlled by a game’s publisher, blockchain-enabled crypto collectibles can be traded directly between players, independent of the game itself.

The forces of supply and demand create inherent value in crypto collectibles – as the value of a limited-edition Reality Clash (www.realityclash.com) weapon increases, players are free to decide whether to cash in on their investment and keep any profit, use the item within a game or take it to their grave.

Importantly, demand for Reality Clash weapons has already been established, with players having bought more than 5,500 items, spending over 1 million RCC coins on weapons since the game’s Armoury Store went live last year.

In addition, Reality Gaming Group’s trading platform and crypto collectibles can work with other compatible blockchain-enabled games – in the future players will be able to port their items across or even loan and gift them to a friend, all of which presents significant new opportunities for in-game economies.

New Reality Clash guns will be launching every month, plus users can create their own weapons – once user-generated weapons are approved by Reality Clash players can sell them in the marketplace and earn themselves money.

It is estimated that digital collectable card games (not blockchain-enabled) alone generated revenues of $1.5 billion in 2018, according to SuperData1.

However, the so-called ‘blockchain premium’ attached to crypto collectibles has seen that addressable market estimated at $950 billion2.

Reality Clash is an innovative AR first person combat game for mobile devices set in an underground world of cryptocurrency and hackers. Players are able to connect to friends in real-time using geo map technology, join private teams and enter competitive tournaments.

Reality Clash has been highlighted by Blockchaingamer.biz as one of the 10 most anticipated blockchain games of 2019 and has recently launched in the UK, Europe and Asia on Apple and Google app stores.

“Crypto collectibles are going to change the face of in-game economies, so we’re thrilled to open the Reality Clash trading platform and Marketplace for business,” said Reality Gaming Group Co-Founder Morten Rongaard. “Blockchain technology puts players in full control of their hard-earned digital assets, allowing them to decide when and where to use or trade them. It also opens up a wealth of new revenue opportunities for developers and publishers, enabling them to create immersive game experiences with a fully transparent digital asset marketplace.”

For more information, visit www.realityclash.store

Notes To Editors

1 https://www.superdataresearch.com/market-data/digital-card-games/

2 https://www.tonysheng.com/crypto-collectibles-trillion

About Reality Gaming Group

The Reality Gaming Group is the developer and publisher of mobile AR combat game Reality Clash, which is released in early 2019 and utilises exciting blockchain technology. It is also the creator of a ground-breaking AR geo-location platform for mobile, which can be deployed across a huge range of content types. The Reality Gaming Group development team has more than 20 years’ experience across Mobile, PC, Console, AR and VR games platforms. For more information, visit: http://realitygaminggroup.com

Press Contacts

Stuart O’Brien – Mimram Media

[email protected]

 

Tony Pearce – Reality Gaming Group

[email protected]

Saints Row: The Third on Switch is a disappointment – Polygon

16 0 14 May 2019

Saints Row: The Third was an unexpected gem in 2011, a comparably progressive and slapstick riff on the Grand Theft Auto formula. Last week, Koch Media released a port for the Nintendo Switch. The result is a disappointment, but that’s not entirely the port’s fault.

The folks at Digital Foundry have done a fantastic job comparing this version to its nearly eight-year-old siblings. The results are a mixed-bag. The team found that the Switch port approaches parity with the original PS3 and Xbox versions of the game, particularly in 720p resolution in handheld mode. It doesn’t fare nearly as well in docked mode, as the 1080p resolution decreases the game’s already poor frame rate.

But worse than the frame rate is the game’s high amount of input lag. I’ve played the final build of the game, and the controls are unbearable. They’re slow, imprecise, and maddening when lining up a headshot — especially on the small handheld screen. Hopefully the controls will be improved by future updates — one is scheduled for later this week.

Digital Foundry doesn’t dig too deep into the game itself, even though the content itself can be just as frustrating as the controls and performance.

In hindsight, Saints Row The Third marks a transition from the crass and provocative early entries of the series to the more open-minded and inclusive later entry and expansions. But played today, it struggles to carry so much baggage from its era.

The first menu invites players to try “Whored Mode.” The “Sex Appeal” slider on the create-a-character menu inflates the female character’s breasts and the male character’s penis. There’s a dildo bat.

None of these details are particularly offensive as much as they’re dull and unfunny. Replaying this game feels like taking a time machine to a Spencer’s Gifts.

The port is not strong enough to recommend to potential newcomers who only own a Switch. And the original entry has been outdone in practically every way by Saints Row IV, making that entry a better starting point for folks with other consoles or a PC..

Apple, Microsoft, and Google are all releasing fixes for ZombieLoad, a scary security flaw in Intel chips that researchers just discovered – Business Insider

17 0 14 May 2019

the walking dead zombiesGene Page/AMC

  • Researchers that found the last huge Intel security hole have found a new one.
  • This time, however, Intel and the rest of the industry were ready with patches.
  • The hole impacts just about every PC and server that uses any kind of Intel processor.
  • It lets hackers potentially see your web history, your passwords and the your disk encryption keys.
  • Visit Business Insider’s homepage for more stories.

The same researchers that found the Intel Spectre and Meltdown flaws which sent Intel and the whole tech industry reeling has found another problem with Intel chips. And they say this vulnerability, named ZombieLoad, impacts PCs and servers of all flavors if they run Intel chips.

The good news is that the researchers have already reported it to Intel and other vendors, and security patches are being issued now.

Intel has already patched several of its current processors, and it released microcode that will patch others, it tells Business Insider. Among the Intel chips that are vulnerable are the Xeon, Broadwell, Sandy Bridge, Skylake, Haswell chips, Kaby Lake, Coffee Lake, Whiskey Lake, Cascade Lake, Atom and Knights processors, the company reported. 

Intel has given this vulnerability a security rating of “medium.” PC makers Apple and Microsoft have also issued patches. As have browser makers Google and Mozilla.

While all of this sounds like a yawn — just another hole that vendors are patching — it is creating hubbub because it is another example of an entirely new type of security hole that impacts modern processors. It follows the discovery of the so-called Meltdown, Spectre, and Foreshadow holes in processors, which came to light last year.

And there are a lot of vulnerable Intel processors out there in the world that need to be patched. However, chips that have already been patched from the Spectre hole are less vulnerable to ZombieLoad, Intel says.

ZombieLoad is eye-popping because it allows hackers to see things like browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys. In other words, it may give hackers the literal keys to the secrets locked away through encryption on your computer.  And it can be used on PCs and servers, even those in the cloud, although the big cloud vendors like Microsoft and Google have been given warnings to patch before the researcher went public with this hole.

An Intel spokesperson explains that the company is already well aware of this new security hole, which has the technical name of Microarchitectural Data Sampling (MDS):

“Microarchitectural Data Sampling (MDS) is already addressed at the hardware level in many of our recent 8th and 9th Generation Intel Core processors, as well as the 2nd Generation Intel Xeon Scalable Processor Family. For other affected products, mitigation is available through microcode updates, coupled with corresponding updates to operating system and hypervisor software that are available starting today.

We’ve provided more information on our website and continue to encourage everyone to keep their systems up to date, as its one of the best ways to stay protected. We’d like to extend our thanks to the researchers who worked with us and our industry partners for their contributions to the coordinated disclosure of these issues.”

Zombieload was discovered and reported by security researchers Michael Schwarz, Moritz Lipp, Daniel Gruss (of the Graz University of Technology) and Jo Van Bulck (of the computer science research group at KU Leuven university.)

These guys are becoming so famous in the security worlds that with this new hole, they’ve become a Twitter internet meme.

Intel security researcher memTwitter/@DanielKartafla

Get the latest Intel stock price here.

Microsoft Patches Wormable Flaw in Windows XP, 7 and Windows 2003 – Krebs on Security

18 0 14 May 2019

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.

The May 2017 global malware epidemic WannaCry affected some 200,000 Windows systems in 150 countries. Source: Wikipedia.

The vulnerability (CVE-2019-0708) resides in the “remote desktop services” component built into supported versions of Windows, including Windows 7, Windows Server 2008 R2, and Windows Server 2008. It also is present in computers powered by Windows XP and Windows 2003, operating systems for which Microsoft long ago stopped shipping security updates.

Microsoft said the company has not yet observed any evidence of attacks against the dangerous security flaw, but that it is trying to head off a serious and imminent threat.

“While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware,” wrote Simon Pope, director of incident response for the Microsoft Security Response Center.

“This vulnerability is pre-authentication and requires no user interaction,” Pope said. “In other words, the vulnerability is ‘wormable,’ meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. It is important that affected systems are patched as quickly as possible to prevent such a scenario from happening.”

The WannaCry ransomware threat spread quickly across the world in May 2017 using a vulnerability that was particularly prevalent among systems running Windows XP and older versions of Windows. Microsoft had already released a patch for the flaw, but many older and vulnerable OSes were never updated. Europol estimated at the time that WannaCry spread to some 200,000 computers across 150 countries.

CVE-2019-0708 does not affect Microsoft’s latest operating systems — Windows 10, Windows 8.1, Windows 8, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, or Windows Server 2012.

More information on how to download and deploy the update for CVE-2019-0708 is here.

All told, Microsoft today released 16 updates targeting at least 79 security holes in Windows and related software — nearly a quarter of them earning Microsoft’s most dire “critical” rating. Critical bugs are those that can be exploited by malware or ne’er-do-wells to break into vulnerable systems remotely, without any help from users.

One of those critical updates fixes a zero-day vulnerability — (CVE-2019-0863) in the Windows Error Reporting Service — that’s already been seen in targeted attacks, according to Chris Goettl, director of product management for security vendor Ivanti.

Other Microsoft products receiving patches today including Office and Office365, Sharepoint, .NET Framework and SQL server. Once again — for the fourth time this year — Microsoft is patching yet another critical flaw in the Windows component responsible for assigning Internet addresses to host computers (a.k.a. “Windows DHCP client”).

“Any unauthenticated attacker who can send packets to a DHCP server can exploit this vulnerability,” to deliver a malicious payload, notes Jimmy Graham at Qualys.

Staying up-to-date on Windows patches is good. Updating only after you’ve backed up your important data and files is even better. A good backup means you’re not pulling your hair out if the odd buggy patch causes problems booting the system. So do yourself a favor and backup your files before installing any patches.

Note that Windows 10 likes to install patches all in one go and reboot your computer on its own schedule. Microsoft doesn’t make it easy for Windows 10 users to change this setting, but it is possible. For all other Windows OS users, if you’d rather be alerted to new updates when they’re available so you can choose when to install them, there’s a setting for that in Windows Update.

As per usual, Adobe has released security fixes for Flash Player and Acrobat/Reader. The Flash Player update fixes a single, critical bug in the program. Adobe’s Acrobat/Reader update plugs at least 84 security holes.

Microsoft Update should install the Flash fix by default, along with the rest of this month’s patch bundle. Fortunately, the most popular Web browser by a long shot — Google Chrome — auto-updates Flash but also is now making users explicitly enable Flash every time they want to use it. By the summer of 2019 Google will make Chrome users go into their settings to enable it every time they want to run it.

Firefox also forces users with the Flash add-on installed to click in order to play Flash content; instructions for disabling or removing Flash from Firefox are here. Adobe will stop supporting Flash at the end of 2020.

As always, if you experience any problems installing any of these patches this month, please feel free to leave a comment about it below; there’s a good chance other readers have experienced the same and may even chime in here with some helpful tips.



Tags: , , , , , , , ,

You can skip to the end and leave a comment. Pinging is currently not allowed.

Sekiro mod adds the one thing that makes all games better: 2B from Nier – Polygon

16 0 14 May 2019

Sekiro: Shadows Die Twice is one of the best games of 2019, and it has been made even better by a surprisingly busy, and silly, mod community.

Mods have helped players tweak the difficulty, improve the graphics, and play as Shrek. But I am particularly fond of one of the newest mods, which merges maybe the best game of this year with arguably the best game of any year.

Yes friends, it is time to talk about Nier: Automata! One of our favorite games of 2017 and favorite concerts of 2018 now makes a play for favorite mod of 2019.

The new Sekiro mod adds co-protagonist YoRHa No. 2 Type B, or 2B for short. While she isn’t accompanied by companion 9S or a bullet-spewing drone, this version of 2B is still an expert in sword combat. She wields the familiar katanas. A note to potential modders: the mod is entirely visual, so you’ll still get dear Sekiro’s voice echoing from this murderous robot.

The mod is by Forsakensilver, and can be downloaded on NexusMods.

Hello world!

60 1 29 Apr 2019

Welcome to WordPress. This is your first post. Edit or delete it, then start writing!