Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by anhthe (08-09-2016 12:08:31)
Running from D:\Download\Programs
Windows 10 Home Single Language Version 1511 (X64) (2016-05-10 04:08:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1483297329-2720066829-2040343632-500 - Administrator - Disabled)
anhthe (S-1-5-21-1483297329-2720066829-2040343632-1001 - Administrator - Enabled) => C:\Users\anhth
DefaultAccount (S-1-5-21-1483297329-2720066829-2040343632-503 - Limited - Disabled)
Guest (S-1-5-21-1483297329-2720066829-2040343632-501 - Limited - Disabled)
yeuan (S-1-5-21-1483297329-2720066829-2040343632-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1483297329-2720066829-2040343632-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Adobe After Effects CC 2016 (HKLM-x32\...\{F9A9107D-413D-41B2-A2C2-3E88CB16C819}) (Version: 13.8.0 - Adobe Systems Incorporated)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assassin's Creed Syndicate, âåðñèÿ 2.0 (HKLM-x32\...\Assassin's Creed Syndicate_is1) (Version: 2.0 - Ubisoft)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.030 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.85 - ICEpower a/s)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.4.43.6254 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version:  - Cheat Engine)
Chi Dung & Fonts VNI_TCVN_UNICODE (HKLM-x32\...\Chi Dung & Fonts VNI_TCVN_UNICODE) (Version:  - )
Cốc Cốc (HKU\S-1-5-21-1483297329-2720066829-2040343632-1001\...\CocCocBrowser) (Version: 50.3.2661.120 - Đơn vị chủ quản Cốc Cốc)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Dark Souls III (HKLM-x32\...\Dark Souls III_is1) (Version:  - )
Dead Effect 2 (HKLM-x32\...\Dead Effect 2_is1) (Version:  - )
Duet Display (HKLM\...\{52444E6D-BBB3-4BC1-A4E3-3602B173BB42}) (Version: 1.4.4.0 - Kairos)
EOSMSG (HKLM-x32\...\{C68EB8C6-FFCC-42A8-B509-18B331E220F7}) (Version: 4.0.0 - www.eosmsg.com)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.3.9 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (x32 Version: 1.1.347 - Intel Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kairos Display (HKLM\...\{26FF0635-2319-4DA6-8B7D-D35E9CD40E85}) (Version: 1.00.2795 - Kairos)
K-Lite Codec Pack 12.1.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.1.0 - KLCP)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.6.8 - Hermann Schinagl)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MP3 Key Shifter (HKLM-x32\...\MP3KeyShifter) (Version:  - )
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.22 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Licensing Component (Version: 16.0.4229.1002 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paladins (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF402}) (Version: 0.32.1221.2 - Hi-Rez Studios)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Pro Evolution Soccer 2016 Update v1.04 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.9.8 - Red Giant, LLC)
Scoreboards (HKU\S-1-5-21-1483297329-2720066829-2040343632-1001\...\Scoreboards) (Version:  - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SMoKE Update 8.3 (HKLM-x32\...\SMoKE Update 8.3) (Version:  - )
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.16.10.201607130957 - Sony Mobile Communications Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
Touch 2.0 (HKLM-x32\...\Touch) (Version: 2.0 - vn_kul)
Trapcode Suite v13.1.0 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.1.0 - Red Giant, LLC)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - ASUS (AsusSGDrv) Mouse  (06/18/2015 8.0.0.16) (HKLM\...\545B999BD5E2E239335F95C2AF9BED5D511CEC95) (Version: 06/18/2015 8.0.0.16 - ASUS)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony)
Xperia Companion (x32 Version: 1.2.8.0 - Sony) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1483297329-2720066829-2040343632-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\anhth\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01F259D3-8E22-4839-9F6D-F6979E03307F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-anhthe2812@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {0EC013CE-0D97-4B0A-BAD5-6F68594E8E4A} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation)
Task: {0F730BB9-4FCC-4C95-BF80-58D08F2C6C22} - System32\Tasks\Moserslifoing Community => C:\Program Files (x86)\Verleried\moserslifoingCommunityRts.exe
Task: {1A0C08A4-3A5B-494E-8207-3EC7B6424934} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {2EC87BA6-6ACC-455F-8CA5-11A8E7CCE6D0} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-04-18] ()
Task: {361D5536-36C0-4F7E-962F-D899EB9F3650} - System32\Tasks\DuetUpdater => C:\Program Files\Kairos\Duet Display\DuetUpdater.exe [2016-07-23] (Kairos)
Task: {3E846263-74B2-4631-BB75-61F3FAF38291} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {448567DC-9F0E-450E-8D81-6BE15560874C} - System32\Tasks\{3C0BE3BD-A80A-439C-AA24-66D8BB71D524} => pcalua.exe -a "C:\Program Files (x86)\Java Launcher\unins000.exe"
Task: {49C0BE67-2550-4A48-931A-BF0362060D21} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {60BE882E-0D6D-43D2-9BD6-9D95D313E52C} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {69FCAE20-EB48-4E47-A44B-D60DF0439157} - System32\Tasks\CocCocUpdateTaskUserS-1-5-21-1483297329-2720066829-2040343632-1001UA => C:\Users\anhth\AppData\Local\CocCoc\Update\CocCocUpdate.exe [2016-05-04] (Coc Coc Co., Ltd.)
Task: {7E8CC912-A33D-4FAC-9CB1-2DEF48D845AD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {7FE92241-B384-4D1B-ABFE-E38BFB92158D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {8D5BBAA3-0C5E-4D11-ADBA-AFA68C33C3AF} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-16] (Intel Corporation)
Task: {967D9BC2-B7FF-4494-AF78-716714C4FB64} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {9899D853-8BEB-44EF-A627-7E7D9D127A15} - System32\Tasks\Garena+ Plugin Host Service => D:\Games\LienMinhHuyenThoai\GameData\ggdllhost.exe [2016-02-22] ()
Task: {A99A1F19-9484-4552-8E3B-44672C621EC1} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
Task: {B86DA750-5024-4A93-BE1D-041A13BF8463} - System32\Tasks\CocCocUpdateTaskUserS-1-5-21-1483297329-2720066829-2040343632-1001Core => C:\Users\anhth\AppData\Local\CocCoc\Update\CocCocUpdate.exe [2016-05-04] (Coc Coc Co., Ltd.)
Task: {B9D9BAD6-38E0-46E0-A489-1D568CA1A080} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {BBD17680-1DD9-4B49-AF06-216BED384D7C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {C80F41B6-D875-4D83-96B0-DFC57325C0DC} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-16] (Intel Corporation)
Task: {D579660D-759D-46E4-B46B-74AB02B3569A} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-06-30] (AsusTek)
Task: {D5AB3236-2DE2-42A6-81CD-E081AA9E3981} - System32\Tasks\Vovoentgrobosy Schedule => C:\Program Files (x86)\Totekreiduty\VvnSchedulesvr.exe
Task: {EEE15E4F-A13E-4FBA-8ACC-89FD6EAECF45} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\anhth\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-27] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CocCocUpdateTaskUserS-1-5-21-1483297329-2720066829-2040343632-1001Core.job => C:\Users\anhth\AppData\Local\CocCoc\Update\CocCocUpdate.exe
Task: C:\WINDOWS\Tasks\CocCocUpdateTaskUserS-1-5-21-1483297329-2720066829-2040343632-1001UA.job => C:\Users\anhth\AppData\Local\CocCoc\Update\CocCocUpdate.exe
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\anhth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.html

==================== Loaded Modules (Whitelisted) ==============

2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-10 11:18 - 2016-05-02 12:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-10 11:18 - 2016-05-02 12:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-10 11:18 - 2016-05-02 12:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-10 11:18 - 2016-05-02 12:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-10 11:18 - 2016-05-02 12:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-10 11:18 - 2016-05-02 12:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-10 11:18 - 2016-05-02 12:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-10 11:18 - 2016-05-02 12:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2015-10-30 14:18 - 2015-10-30 14:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-05-10 11:02 - 2016-05-20 09:08 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-13 12:46 - 2016-07-01 11:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-22 10:01 - 2016-02-22 18:24 - 00174632 _____ () D:\Games\LienMinhHuyenThoai\GameData\ggdllhost.exe
2016-05-04 09:19 - 2015-08-13 20:42 - 00415656 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-07-13 12:47 - 2016-07-01 10:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 12:46 - 2016-07-01 10:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 12:46 - 2016-07-01 11:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2004-10-01 01:15 - 2004-10-01 01:15 - 00192000 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2016-08-27 20:20 - 2016-08-27 20:20 - 01864384 _____ () C:\Users\anhth\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-06-14 13:37 - 2016-06-14 13:37 - 08909504 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-02-13 19:51 - 2016-02-13 19:51 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-15 20:41 - 2016-07-01 10:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-15 20:41 - 2016-07-01 10:49 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-07-13 12:46 - 2016-07-01 10:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 12:46 - 2016-07-01 10:22 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-13 12:46 - 2016-07-01 10:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-22 10:01 - 2016-08-29 14:47 - 09863632 _____ () D:\Games\LienMinhHuyenThoai\GameData\GarenaMessenger.exe
2015-11-26 00:34 - 2016-03-29 12:31 - 00521216 _____ () D:\Setup\User\Unikey\UniKeyNT.exe
2016-06-05 10:49 - 2015-08-18 17:44 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
2016-05-10 11:18 - 2016-05-02 12:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-10 11:18 - 2016-05-02 12:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-08-13 15:08 - 2016-08-13 15:08 - 00016384 _____ () C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_1.1.18.0_x64__rcb0qdgx4z9ca\wAPPer for Gmail.exe
2016-08-13 15:08 - 2016-08-13 15:08 - 04901376 _____ () C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_1.1.18.0_x64__rcb0qdgx4z9ca\wAPPer for Gmail.dll
2016-07-02 21:26 - 2016-07-02 21:26 - 04108184 _____ () C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1606.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2010-07-15 11:44 - 2010-07-15 11:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2015-07-22 00:18 - 2015-07-22 00:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-06-14 13:38 - 2016-06-14 13:38 - 08909504 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-05-22 10:01 - 2016-07-01 19:01 - 03423584 _____ () D:\Games\LienMinhHuyenThoai\GameData\ggspawn.dll
2016-05-10 11:18 - 2016-05-02 13:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-27 20:20 - 2016-08-27 20:20 - 01383616 _____ () C:\Users\anhth\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-27 20:20 - 2016-08-27 20:20 - 00118976 _____ () C:\Users\anhth\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-05-22 10:01 - 2015-01-20 19:20 - 00111192 _____ () D:\Games\LienMinhHuyenThoai\GameData\CommonLib.dll
2016-05-22 10:01 - 2015-01-20 19:20 - 00040024 _____ () D:\Games\LienMinhHuyenThoai\GameData\DibModule.dll
2016-05-22 10:01 - 2016-08-29 14:48 - 00047568 _____ () D:\Games\LienMinhHuyenThoai\GameData\VersionModule.dll
2016-05-22 10:01 - 2015-01-20 19:20 - 00057944 _____ () D:\Games\LienMinhHuyenThoai\GameData\FileLoader.dll
2016-05-22 10:01 - 2015-01-20 19:20 - 00093784 _____ () D:\Games\LienMinhHuyenThoai\GameData\PluginKernel.dll
2016-05-22 10:01 - 2015-01-20 19:20 - 00493656 _____ () D:\Games\LienMinhHuyenThoai\GameData\CxImage.dll
2016-05-22 10:01 - 2015-01-20 19:20 - 00031832 _____ () D:\Games\LienMinhHuyenThoai\GameData\PluginModule.dll
2016-05-22 10:05 - 2015-01-20 19:20 - 00177240 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\fs\YYFileSystem.dll
2016-05-22 10:05 - 2016-06-24 19:05 - 00379744 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\Http.dll
2016-05-22 10:05 - 2015-01-20 19:20 - 00191064 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\MP3Module.dll
2016-05-22 10:01 - 2012-02-22 15:52 - 00162304 _____ () D:\Games\LienMinhHuyenThoai\GameData\lame_enc.DLL
2016-05-22 10:05 - 2015-01-20 19:20 - 00226392 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\TaskManagerLib.dll
2016-05-22 10:05 - 2015-11-24 20:26 - 00159168 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\UILayout.dll
2016-05-22 10:05 - 2015-05-27 11:47 - 00965056 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\XLL.dll
2016-05-22 10:05 - 2015-01-20 19:20 - 00061528 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\XmlUIModule.dll
2016-05-22 10:01 - 2012-02-22 15:52 - 00573100 _____ () D:\Games\LienMinhHuyenThoai\GameData\sqlite3.dll
2016-05-22 10:05 - 2016-02-22 18:25 - 00237608 _____ () D:\Games\LienMinhHuyenThoai\GameData\Plugins\StatsPlugin.dll
2016-05-22 10:05 - 2016-08-12 11:47 - 02207696 _____ () D:\Games\LienMinhHuyenThoai\GameData\Plugins\ggplugin.dll
2016-05-22 10:01 - 2015-01-20 19:20 - 00199256 _____ () D:\Games\LienMinhHuyenThoai\GameData\ImageModule.dll
2016-05-22 10:01 - 2015-01-20 19:20 - 00161880 _____ () D:\Games\LienMinhHuyenThoai\GameData\libmpg123.dll
2016-05-22 10:01 - 2016-08-29 14:48 - 04892664 _____ () D:\Games\LienMinhHuyenThoai\GameData\ggdownloader.dll
2016-05-22 10:05 - 2015-01-20 19:20 - 00072280 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\delay_load\AudioMixerLib.dll
2016-05-22 10:05 - 2015-01-20 19:20 - 00023128 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\delay_load\ClientTcp.dll
2016-05-22 10:05 - 2015-01-20 19:20 - 01551960 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\delay_load\FileSender.dll
2016-05-22 10:01 - 2013-02-01 12:42 - 00153088 _____ () D:\Games\LienMinhHuyenThoai\GameData\libzmq.dll
2016-05-22 10:05 - 2015-01-20 19:20 - 00962648 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\delay_load\GaFileTransfer.dll
2016-05-22 10:05 - 2015-01-20 19:20 - 00251480 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\delay_load\MediaEngine.dll
2016-05-22 10:01 - 2015-01-20 19:20 - 00032856 _____ () D:\Games\LienMinhHuyenThoai\GameData\ServerMemAlloc.dll
2016-05-22 10:05 - 2015-01-20 19:20 - 00523352 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\delay_load\RSALib.dll
2016-05-22 10:05 - 2015-01-20 19:20 - 00074840 _____ () D:\Games\LienMinhHuyenThoai\GameData\lib\delay_load\UdtLib.dll
2016-06-30 21:33 - 2016-06-20 22:38 - 01740016 _____ () C:\Users\anhth\AppData\Local\CocCoc\Browser\Application\50.3.2661.120\libglesv2.dll
2016-06-30 21:33 - 2016-06-20 22:38 - 00087280 _____ () C:\Users\anhth\AppData\Local\CocCoc\Browser\Application\50.3.2661.120\libegl.dll
2016-06-30 21:33 - 2016-06-20 22:39 - 03803376 _____ () C:\Users\anhth\AppData\Local\CocCoc\Browser\Application\50.3.2661.120\torrent.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 18:04 - 2016-08-30 22:13 - 00001188 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com
127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1483297329-2720066829-2040343632-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\anhth\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 188.120.239.115 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Duet Display"
HKU\S-1-5-21-1483297329-2720066829-2040343632-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1483297329-2720066829-2040343632-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1483297329-2720066829-2040343632-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-1483297329-2720066829-2040343632-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{735E4CFD-B850-468C-8A8C-C6201EE857B1}D:\games\need for speed the run\need for speed the run.exe] => (Allow) D:\games\need for speed the run\need for speed the run.exe
FirewallRules: [TCP Query User{1A40195A-2FF2-4E30-9F9C-EBC0367C08B6}D:\games\need for speed the run\need for speed the run.exe] => (Allow) D:\games\need for speed the run\need for speed the run.exe
FirewallRules: [{E21DBCC0-052A-4F74-A64E-F07DE8EEFC76}] => (Allow) C:\Users\anhth\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0A369062-B2AF-4FC3-9400-32D4D65D4982}] => (Allow) C:\Users\anhth\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{63EDA5AF-AEC5-4138-9F31-E410C18883E0}] => (Allow) C:\Users\anhth\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FE06C294-3FA6-4694-85CF-9DCFBCF12236}] => (Allow) C:\Users\anhth\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E1A870EC-6BDC-4ED1-B19E-B3DBE795EDE6}] => (Allow) C:\Users\anhth\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2B6EE191-362C-48FA-9606-1E739768C27C}] => (Allow) C:\Users\anhth\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{AB7B66ED-0DF1-4211-BDD8-14A7C5542E59}E:\lienminhhuyenthoai\gamedata\garenamessenger.exe] => (Allow) E:\lienminhhuyenthoai\gamedata\garenamessenger.exe
FirewallRules: [TCP Query User{A515E1E1-0588-4737-8B33-9967C21063D4}E:\lienminhhuyenthoai\gamedata\garenamessenger.exe] => (Allow) E:\lienminhhuyenthoai\gamedata\garenamessenger.exe
FirewallRules: [{5C3D2A03-14A0-4A3B-93A4-697F07AA7378}] => (Allow) LPort=6988
FirewallRules: [{0951C7B6-D772-44EF-A2BF-D54AF9AE0A95}] => (Allow) LPort=6988
FirewallRules: [{49989296-608E-49FC-90FB-EA4D551CB5EC}] => (Allow) E:\LienMinhHuyenThoai\GameData\Apps\lolVN\Game\League of Legends.exe
FirewallRules: [{F0785655-0388-41C2-85A2-351F5DA782C5}] => (Allow) E:\LienMinhHuyenThoai\GameData\Apps\lolVN\Game\League of Legends.exe
FirewallRules: [{693E5799-4B41-4357-ADF7-CB3848C17CB6}] => (Allow) E:\LienMinhHuyenThoai\GameData\Apps\lolVN\Air\LolClient.exe
FirewallRules: [{4568CE5E-6DD7-4F29-BFF6-10CF7B9A0514}] => (Allow) E:\LienMinhHuyenThoai\GameData\Apps\lolVN\Air\LolClient.exe
FirewallRules: [{733F19CF-FCE6-4B57-A981-5764CC47F855}] => (Allow) LPort=8370
FirewallRules: [{CD3B86CE-2AB8-4BA5-ADB4-DADEDA06E4CF}] => (Allow) LPort=8370
FirewallRules: [{9A0590B5-DF00-4A39-A5DF-398BC2CB3131}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{402BBE80-961B-42BA-9529-B8272EA6F49D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3BD0FABF-D9B7-4A85-B766-648BF1F49BDF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{87FCC88A-AF7E-4FB5-BE78-4B9ED25383AD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D40280C3-C0B0-4632-AF86-40C5BB64894B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{77584C5F-6D09-42B1-A18E-B7F8D541F86E}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{2B8D4104-D023-47A5-B0D4-7B87C9FECD5E}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{750C9C8B-62E4-4777-9CCE-28D4F0C94DD3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe
FirewallRules: [{10D38B1D-CAC9-44DC-B81D-A70C2AABA6C3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{3C31D052-0E12-49D0-B57C-8E25B81E0BAD}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{CB9D2698-5205-44C8-A92C-B0FB604BA505}] => (Allow) LPort=1688
FirewallRules: [{783DF145-FD4C-47F5-B871-A62A17C05557}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{48E195CB-3C17-4FAB-80A0-0B76953BD636}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B78079D0-3ADF-4F01-8229-55FA14A2FB6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DA735D8E-27EC-435F-90BA-6A8C0FFF42A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4CD265D3-83BF-4DD6-9FD4-352BBBA347D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D59FEF6B-1556-4CE9-B449-BE5DBEE41660}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{70EB8C1E-525F-4605-A4DA-DB08E3557A46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E64D1D07-EEAD-4741-874F-677AB319164F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{924A00C5-1E72-4B10-BA50-77D28BA88491}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4609ECDC-F0E9-47B0-AA99-6FD3EE8D52E4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{FEB3A591-FAFB-4D99-B9F6-834E37AD4A13}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{ECE4FBE4-38E7-467E-89D1-892711FE52DF}] => (Allow) LPort=6909
FirewallRules: [{B99D21FA-95FA-4A60-9857-FC4764C30CE9}] => (Allow) LPort=6909
FirewallRules: [{EEA954A6-FD48-4467-8EBA-8AE0F697F32A}] => (Allow) D:\Games\LienMinhHuyenThoai\GameData\Apps\lolVN\Air\LolClient.exe
FirewallRules: [{D862BCBC-C535-4925-8BE5-D8B1E814F4B6}] => (Allow) D:\Games\LienMinhHuyenThoai\GameData\Apps\lolVN\Air\LolClient.exe
FirewallRules: [{605A68BC-98C4-4558-9E4D-98E97662EA12}] => (Allow) D:\Games\LienMinhHuyenThoai\GameData\Apps\lolVN\Game\League of Legends.exe
FirewallRules: [{842EF152-F848-4D9E-AA62-E64CA24CE8A2}] => (Allow) D:\Games\LienMinhHuyenThoai\GameData\Apps\lolVN\Game\League of Legends.exe
FirewallRules: [{D5ED6AD2-ABBD-415E-80C6-194837F9841A}] => (Allow) C:\GarenaDownload\Games\lollcuvn\LoLLCUVNInstaller.exe
FirewallRules: [{16C9E12C-9B6C-4328-ABBA-DA42E96368FC}] => (Allow) C:\GarenaDownload\Games\lollcuvn\LoLLCUVNInstaller.exe
FirewallRules: [TCP Query User{C385238C-0AF1-4D31-A98D-8D5B97CDA0C9}D:\games\pro evolution soccer 2016\pes2016.exe] => (Allow) D:\games\pro evolution soccer 2016\pes2016.exe
FirewallRules: [UDP Query User{DEC05A77-C5DF-41B8-BBC1-1C856C4C175F}D:\games\pro evolution soccer 2016\pes2016.exe] => (Allow) D:\games\pro evolution soccer 2016\pes2016.exe
FirewallRules: [TCP Query User{7896C2BF-12D6-4B0E-BB81-B56C04B902E3}D:\games\lienminhhuyenthoai\gamedata\bbtalk\bbtalk.exe] => (Allow) D:\games\lienminhhuyenthoai\gamedata\bbtalk\bbtalk.exe
FirewallRules: [UDP Query User{627F0702-2C78-45A1-ACA3-1C34BFB9DFA3}D:\games\lienminhhuyenthoai\gamedata\bbtalk\bbtalk.exe] => (Allow) D:\games\lienminhhuyenthoai\gamedata\bbtalk\bbtalk.exe
FirewallRules: [TCP Query User{BC5238AE-6231-47E7-A43C-0919777AF853}D:\games\lienminhhuyenthoai\gamedata\garenamessenger.exe] => (Allow) D:\games\lienminhhuyenthoai\gamedata\garenamessenger.exe
FirewallRules: [UDP Query User{361A71AB-B85B-468D-97DD-0E94051098D5}D:\games\lienminhhuyenthoai\gamedata\garenamessenger.exe] => (Allow) D:\games\lienminhhuyenthoai\gamedata\garenamessenger.exe
FirewallRules: [{6E3F364A-1A45-4B2D-8F01-EE1C45C2F256}] => (Allow) C:\Users\anhth\AppData\Local\CocCoc\Browser\Application\browser.exe
FirewallRules: [{8531A207-7049-4480-8B0B-DEA486449F0A}] => (Allow) C:\Users\anhth\AppData\Local\CocCoc\Browser\Application\browser.exe
FirewallRules: [{31C87576-71B1-40BF-A9D8-0C991B53BACF}] => (Allow) C:\Users\anhth\AppData\Local\CocCoc\Browser\Application\browser.exe
FirewallRules: [{DE3DE4B8-E357-4E9D-BC1E-2E25F5397378}] => (Allow) C:\Users\anhth\AppData\Local\CocCoc\Browser\Application\browser.exe
FirewallRules: [{28CC1EB6-991D-4325-9C2C-A2754EC2574C}] => (Allow) C:\Users\anhth\AppData\Local\CocCoc\Browser\Application\browser.exe
FirewallRules: [TCP Query User{F5E16FCA-F12C-4EC3-80D1-C6A55F9A009F}D:\games\lienminhhuyenthoai\gamedata\updatemanager.exe] => (Allow) D:\games\lienminhhuyenthoai\gamedata\updatemanager.exe
FirewallRules: [UDP Query User{1B961C41-3226-4F87-866F-B3BE0BAD7237}D:\games\lienminhhuyenthoai\gamedata\updatemanager.exe] => (Allow) D:\games\lienminhhuyenthoai\gamedata\updatemanager.exe
FirewallRules: [{94926B81-E070-461A-A52B-31809C1926DA}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{AC76E430-9AD0-413B-8A2C-D9D7819823F6}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{6115E20A-35D3-4460-A8F9-334E08381682}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [TCP Query User{391FAFE2-0E04-4469-B6E0-09205C4BB42B}D:\games\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) D:\games\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{996BCB5B-D875-4D32-9ED3-7F8304421242}D:\games\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) D:\games\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe
FirewallRules: [{4830EE12-1268-4923-8144-BB36F9A24672}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{838D3825-7619-4C11-AEBB-29BC754F3188}] => (Allow) C:\Users\anhth\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{2F4D4FF4-2C18-49E1-A076-CD51819AA2E8}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{67EA21CC-C60E-4829-BA7B-D60FEBC9E058}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{54C3B580-A062-4E00-BAA3-3FAF16E0197B}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{8021A4B0-0A02-4CD7-93DA-6DE44A403817}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{865208A2-605E-43F3-ABA0-14A6B629A3AD}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{834BC8EB-B00F-453C-AEE5-BABC40937123}D:\games\pes16\pes2016.exe] => (Allow) D:\games\pes16\pes2016.exe
FirewallRules: [UDP Query User{86504F61-6262-4BA1-8B08-31647B956833}D:\games\pes16\pes2016.exe] => (Allow) D:\games\pes16\pes2016.exe
FirewallRules: [TCP Query User{6ACFA413-26E5-4288-8113-12B654900A83}D:\games\11111\pes2016.exe] => (Allow) D:\games\11111\pes2016.exe
FirewallRules: [UDP Query User{AEC2DC06-7D08-43E0-BD74-88CA49686C43}D:\games\11111\pes2016.exe] => (Allow) D:\games\11111\pes2016.exe
FirewallRules: [{6BB8B45C-E10B-49DC-8618-8C6B62771BD1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DAD1EFB9-E57F-425A-BED8-E03E5063A92E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9F739BDE-F9DF-4AD5-9AE6-8123D4BD3E12}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{67FD3C2E-E492-4695-8492-05AD1E6C84B7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{70B80501-27FD-4838-B69D-267DE0776A04}E:\photoshop cs6\adobe after effects cc 2016\support files\afterfx.exe] => (Allow) E:\photoshop cs6\adobe after effects cc 2016\support files\afterfx.exe
FirewallRules: [UDP Query User{1268FACA-6625-4991-B855-F9E48437578C}E:\photoshop cs6\adobe after effects cc 2016\support files\afterfx.exe] => (Allow) E:\photoshop cs6\adobe after effects cc 2016\support files\afterfx.exe
FirewallRules: [{576D2B3F-688A-405C-8E7B-D2E3D9EED481}] => (Allow) C:\Users\anhth\AppData\Local\Temp\25313\inst_buychannel_37.exe
FirewallRules: [{6AD54DDD-1656-4A67-A4FB-1D48A4BDEABD}] => (Allow) C:\Users\anhth\AppData\Local\Temp\25313\inst_buychannel_37.exe
FirewallRules: [{5AA89FD4-E825-4317-AC31-3C6412A3C4EF}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
FirewallRules: [{F58C0355-ECC7-4474-BD11-77D552698933}] => (Allow) C:\Program Files (x86)\LuDaShi\ComputerZTray.exe
FirewallRules: [{43B0F69A-19B1-4D94-BFA1-C7075DC6BE14}] => (Allow) C:\Program Files (x86)\LuDaShi\ComputerZTray.exe
FirewallRules: [{E39ADA3D-8506-4A85-BFAF-16EB7535A236}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\DrvUpdate.exe
FirewallRules: [{9B7CA159-2838-48F9-83BE-12D60EF3FBC5}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{B736940E-EB9E-4B2A-BBC9-470F5B1A05C6}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{159573B5-DA2A-478C-80DE-DA0DD1AB3BEC}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe
FirewallRules: [{0FC8A8F1-C9AD-4601-8A95-56BB4CA2C51B}] => (Allow) LPort=6947
FirewallRules: [{DBF2719D-66F8-4064-9243-62D3C25FBC81}] => (Allow) LPort=6947
FirewallRules: [TCP Query User{0A0840EB-D465-48D1-8EA3-93AFCF94000B}D:\games\payday 2\payday2_win32_release.exe] => (Allow) D:\games\payday 2\payday2_win32_release.exe
FirewallRules: [UDP Query User{0B0A2064-C1CD-48A8-89F5-49D86BAD93E2}D:\games\payday 2\payday2_win32_release.exe] => (Allow) D:\games\payday 2\payday2_win32_release.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/07/2016 01:54:35 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "E:\Photoshop CS6\Adobe After Effects CC 2016\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\python\Python.win64.framework\Lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/07/2016 01:54:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "E:\Photoshop CS6\Adobe After Effects CC 2016\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\python\Python.win32.framework\Lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/07/2016 09:24:11 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "E:\Photoshop CS6\Adobe After Effects CC 2016\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\python\Python.win64.framework\Lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/07/2016 09:24:08 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "E:\Photoshop CS6\Adobe After Effects CC 2016\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\python\Python.win32.framework\Lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/07/2016 09:21:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LolClient.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: c30

Start Time: 01d208ae18e3e3ea

Termination Time: 2

Application Path: D:\Games\LienMinhHuyenThoai\GameData\Apps\lolVN\Air\LolClient.exe

Report Id: bbe2fb23-74a1-11e6-9c13-185e0f7a7e51

Faulting package full name: 

Faulting package-relative application ID:

Error: (08/31/2016 08:41:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "E:\Photoshop CS6\Adobe After Effects CC 2016\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\python\Python.win64.framework\Lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/31/2016 08:41:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "E:\Photoshop CS6\Adobe After Effects CC 2016\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\python\Python.win32.framework\Lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/31/2016 08:41:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "E:\Photoshop CS6\Adobe After Effects CC 2016\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\python\Python.win64.framework\Lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/31/2016 08:41:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "E:\Photoshop CS6\Adobe After Effects CC 2016\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\python\Python.win32.framework\Lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/31/2016 10:49:09 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "E:\Photoshop CS6\Adobe After Effects CC 2016\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\python\Python.win64.framework\Lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (09/07/2016 11:46:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RED7H5V)
Description: The server NLInternal.SharedRecoActivation did not register with DCOM within the required timeout.

Error: (09/07/2016 11:46:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_104057482 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (09/07/2016 11:46:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_104057482 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (09/07/2016 11:46:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_104057482 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (09/07/2016 11:46:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_104057482 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (09/07/2016 06:27:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RED7H5V)
Description: The server NLInternal.SharedRecoActivation did not register with DCOM within the required timeout.

Error: (09/07/2016 06:27:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_10114d8e5 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (09/07/2016 06:27:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_10114d8e5 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (09/07/2016 06:27:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_10114d8e5 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (09/07/2016 06:27:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_10114d8e5 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.


CodeIntegrity:
===================================
  Date: 2016-09-07 22:05:14.193
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-07 22:05:14.183
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-07 13:53:41.947
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-07 09:23:22.800
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-06 10:32:10.151
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-05 22:29:16.709
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-05 22:29:16.688
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-05 22:16:13.557
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-05 22:16:13.547
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-31 20:41:22.787
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 58%
Total physical RAM: 8090.52 MB
Available physical RAM: 3382.91 MB
Total Virtual: 9370.52 MB
Available Virtual: 3996.93 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:79.46 GB) (Free:16.25 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:138.58 GB) NTFS
Drive e: () (Fixed) (Total:39.12 GB) (Free:25.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2BFB4DC8)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: FBA0B50F)

Partition: GPT.

==================== End of Addition.txt ============================