Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016 Ran by Ryan (2016-07-05 20:19:56) Running from C:\Users\Ryan\Desktop Windows 10 Home Version 1511 (X64) (2015-12-18 08:54:43) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4145517564-965246637-432244123-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4145517564-965246637-432244123-503 - Limited - Disabled) Guest (S-1-5-21-4145517564-965246637-432244123-501 - Limited - Disabled) Ryan (S-1-5-21-4145517564-965246637-432244123-1001 - Administrator - Enabled) => C:\Users\Ryan ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 15.06 beta (HKLM-x32\...\7-Zip) (Version: 15.06 - Igor Pavlov) 7-Zip 15.09 beta (x64) (HKLM\...\7-Zip) (Version: 15.09 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-4145517564-965246637-432244123-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS) ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.1 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.29 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS) Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk) Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk) Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk) Banished (HKLM\...\Steam App 242920) (Version: - Shining Rock Software LLC) BitTorrent (HKU\S-1-5-21-4145517564-965246637-432244123-1001\...\BitTorrent) (Version: 7.9.7.42331 - BitTorrent Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.) Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.) ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.) Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION) Epson Event Manager (HKLM-x32\...\{86B4A6B9-07FD-48EC-8730-1EC82E80C3D7}) (Version: 3.10.0030 - Seiko Epson Corporation) Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.51.00 - SEIKO EPSON CORPORATION) Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.30.00 - SEIKO EPSON Corp.) EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.) EPSON WF-2660 Series Printer Uninstall (HKLM\...\EPSON WF-2660 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM\...\{F983229B-587E-4322-BCB9-D7A49734E5CD}) (Version: 3.0.0.0 - SEIKO EPSON CORPORATION) FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation) Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4256 - Intel Corporation) Intel(R) Wireless Bluetooth(R)(patch version 17.1.1440.2) (HKLM\...\{302600C1-6BDF-4FD1-1409-148929CC1385}) (Version: 17.1.1409.0486 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}) (Version: 17.13.2 - Intel Corporation) iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.) Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad) LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 7.0.6.19846 - LeapFrog) LeapFrog Connect (x32 Version: 7.0.6.19846 - LeapFrog) Hidden LeapFrog Tag Junior Plugin (x32 Version: 7.0.6.19846 - LeapFrog) Hidden Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Maxx Audio Installer (x64) (Version: 1.6.4882.94 - Waves Audio Ltd.) Hidden Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation) Microsoft Flight Simulator SimConnect Client v10.0.62613.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62613.0 - Microsoft Corporation) Microsoft Flight Simulator X: Steam Edition (HKLM-x32\...\Steam App 314160) (Version: - Microsoft Game Studios) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6965.2058 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Navy Field 2 : Conqueror of the Ocean (HKLM-x32\...\Steam App 338540) (Version: - SDEnterNet) NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation) NVIDIA Graphics Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.23 - ASUS) Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21260 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version: - Sega) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.96.5684 - Electronic Arts) SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited) SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk) Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION) SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts) Spotify (HKU\S-1-5-21-4145517564-965246637-432244123-1001\...\Spotify) (Version: 1.0.32.96.g3c8a06e6 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.20.60.1020 - Electronic Arts Inc.) Total War Battles: KINGDOM (HKLM-x32\...\Steam App 300080) (Version: - Creative Assembly) Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version: - Creative Assembly) Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly) Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) (HKLM-x32\...\TagJuniorPlugin) (Version: - LeapFrog) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation) Windows Driver Package - ASUS (ATP) Mouse (10/30/2014 1.0.0.230) (HKLM\...\52EDDD14D2DC9D32A2EA2720C02CBB9E354F8DE2) (Version: 10/30/2014 1.0.0.230 - ASUS) Windows Driver Package - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS) Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog) Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4145517564-965246637-432244123-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> D:\AutoCAD\AutoCAD 2016\acad.exe /Automation => No File CustomCLSID: HKU\S-1-5-21-4145517564-965246637-432244123-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> D:\AutoCAD\AutoCAD 2016\acad.exe => No File CustomCLSID: HKU\S-1-5-21-4145517564-965246637-432244123-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> D:\AutoCAD\AutoCAD 2016\acad.exe /Automation => No File CustomCLSID: HKU\S-1-5-21-4145517564-965246637-432244123-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Ryan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4145517564-965246637-432244123-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\AutoCAD\AutoCAD 2016\en-US\acadficn.dll => No File ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {10000A93-1652-43EC-A226-E06FA1C6639C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {1161EA67-91EB-431B-A947-2A733AF4936C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-05] (Google Inc.) Task: {28964A49-39E1-4E3E-9B93-D98E679564E5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {2DB0FE7B-EC79-4278-94D7-BAFE8316DDB8} - System32\Tasks\EPSON WF-2660 Series Update {687E0129-DC55-4F67-96FF-99E5A30ADFD4} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE [2013-11-21] (SEIKO EPSON CORPORATION) Task: {30196D9E-C9F5-4146-83CD-E46BCFE781A9} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS) Task: {34ABDD7D-5EC9-4285-A962-66E3671FBF55} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.) Task: {35BFCFA3-07D4-4FE4-A05C-66761E4846A2} - System32\Tasks\EPSON WF-2660 Series Update {D4D95767-7953-4B04-BCE8-81B9CF713467} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE [2013-11-21] (SEIKO EPSON CORPORATION) Task: {3887709A-311D-4F8A-A892-7BB8E44079D3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24] (Realtek Semiconductor) Task: {393E9F84-73D2-418A-B491-7D2EBC879EE7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation) Task: {3BE5FA64-FC19-4590-89A1-2FFECBE73851} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {3DADDC5E-F47E-481C-87E1-5D3BA79756A0} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek) Task: {42464140-F501-4A02-B424-A9C37CD1F5C5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-06-16] (Microsoft Corporation) Task: {4820FF22-F6DC-496C-8320-0C2FA462E9EA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {4DC71EDA-894A-4A37-8537-AFC0438A5474} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation) Task: {4E833501-4953-4BE8-A1B0-03A7B36378FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {631C9715-3CC8-4B12-9677-C5C765F23D28} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {777DA30A-C3EF-40E8-BD4D-ABA78962E39C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-05] (Google Inc.) Task: {7960B9DD-D044-4382-941A-12A7CA98F09B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {7B506F3C-FBE6-469C-AA53-4E94382C28B9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation) Task: {99137D22-BD4E-4A4E-9A05-A33FF833CC0E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {9ABCAD98-1EC9-4FA6-9EEA-6E6FBD39355D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {AE0ECE24-0550-4622-A3E2-FD1BDB3E1112} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.) Task: {B4F8D832-A786-47D0-8E6F-8A7AD0CF0DA8} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-12-17] (ASUSTek Computer Inc.) Task: {D297AF88-5F42-45C1-A637-CFAB4BC514F9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {DF4C3B2D-7A87-4D0A-B532-271A38917914} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {E23E5304-B279-497B-963E-AFA62DDD3DC2} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2016-05-16] () Task: {E427CFF9-72FA-4B6A-9197-EA5AB4A38612} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {EB61370F-031E-44C1-AD3F-2843CA47F6CA} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24] (Realtek Semiconductor) Task: {ECBBBB7E-BEB4-4736-80E6-135EE98D8F47} - System32\Tasks\EPSON WF-2660 Series Update {4B3071C1-DE89-4A55-B9B3-C81F377FA3AE} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE [2013-11-21] (SEIKO EPSON CORPORATION) Task: {F0BAEC9C-6652-40E8-805F-FA927442D61A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {F5B9E446-5E3F-4071-B4A1-B592123F6956} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated) Task: {FD89F90D-B8C4-4B63-9884-030D1D6C6EBB} - System32\Tasks\EPSON WF-2660 Series Update {09E8CE61-0B4A-4C54-B8C2-9CA04909B29A} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE [2013-11-21] (SEIKO EPSON CORPORATION) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\EPSON WF-2660 Series Update {09E8CE61-0B4A-4C54-B8C2-9CA04909B29A}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE:/EXE:{09E8CE61-0B4A-4C54-B8C2-9CA04909B29A} /F:UpdateWORKGROUP\RYAN$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON WF-2660 Series Update {4B3071C1-DE89-4A55-B9B3-C81F377FA3AE}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE:/EXE:{4B3071C1-DE89-4A55-B9B3-C81F377FA3AE} /F:UpdateWORKGROUP\RYAN$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON WF-2660 Series Update {687E0129-DC55-4F67-96FF-99E5A30ADFD4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE:/EXE:{687E0129-DC55-4F67-96FF-99E5A30ADFD4} /F:UpdateWORKGROUP\RYAN$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON WF-2660 Series Update {D4D95767-7953-4B04-BCE8-81B9CF713467}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE:/EXE:{D4D95767-7953-4B04-BCE8-81B9CF713467} /F:UpdateWORKGROUP\RYAN$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hmjkmjkepdijhoojdojkdfohbdgmmhki\Google Keep - notes and lists.lnk -> C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hmjkmjkepdijhoojdojkdfohbdgmmhki\Google Keep - notes and lists.ico () -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 03:17 - 2015-10-30 03:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll 2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-18 04:45 - 2016-06-02 23:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-04-16 12:13 - 2016-05-02 01:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-04-16 12:13 - 2016-05-02 01:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-04-16 12:13 - 2016-05-02 01:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-04-16 12:13 - 2016-05-02 01:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-04-16 12:13 - 2016-05-02 01:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-04-16 12:13 - 2016-05-02 01:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-04-16 12:13 - 2016-05-02 01:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-04-16 12:13 - 2016-05-02 01:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-04-13 20:00 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-13 20:00 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-06-15 07:34 - 2016-06-15 07:34 - 00959168 _____ () C:\Users\Ryan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-06-16 09:26 - 2016-06-16 09:26 - 08919752 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2016-06-14 20:58 - 2016-05-27 23:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-04-19 05:41 - 2016-04-19 05:41 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-18 16:56 - 2015-12-07 00:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-11 16:56 - 2016-04-23 00:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-18 00:35 - 2015-07-30 18:13 - 00405432 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-06-14 20:59 - 2016-05-27 23:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-14 20:58 - 2016-05-27 23:55 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-06-14 20:59 - 2016-05-27 23:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-14 20:59 - 2016-05-27 23:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-06-14 20:59 - 2016-05-27 23:53 - 00529408 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll 2015-10-30 03:18 - 2015-10-30 05:07 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node 2015-10-30 03:18 - 2015-10-30 05:06 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node 2015-10-30 03:18 - 2015-10-30 05:07 - 00961024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node 2015-10-30 03:18 - 2015-10-30 05:06 - 00206336 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node 2015-10-30 03:18 - 2015-10-30 05:06 - 00558592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node 2015-10-30 03:18 - 2015-10-30 05:07 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node 2015-10-30 03:18 - 2015-10-30 05:06 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node 2015-10-30 03:18 - 2015-10-30 05:06 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node 2015-10-30 03:18 - 2015-10-30 05:06 - 00200192 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node 2015-02-27 04:42 - 2013-05-15 18:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe 2016-05-16 09:33 - 2016-05-15 20:37 - 249491248 ___SH () C:\ProgramData\mlbh\mlbh.exe 2016-04-16 12:13 - 2016-05-02 01:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-04-16 12:13 - 2016-05-02 01:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2014-11-05 16:44 - 2014-11-05 16:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-11-05 16:44 - 2014-11-05 16:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2016-04-19 05:41 - 2016-04-19 05:41 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 05:41 - 2016-04-19 05:41 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-04-16 12:13 - 2016-05-02 02:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-11-24 11:46 - 2014-11-24 11:46 - 00879104 _____ () D:\LeapFrog Connect\platforms\qwindows.dll 2014-09-03 15:03 - 2014-09-03 15:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-4145517564-965246637-432244123-1001\Software\Classes\.scr: AutoCADScriptFile => ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4145517564-965246637-432244123-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ryan\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{2f793d5a-aef9-4338-8f5b-7d8b3e1f5feb}.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "ADSKAppManager" HKU\S-1-5-21-4145517564-965246637-432244123-1001\...\StartupApproved\Run: => "Autodesk Sync" HKU\S-1-5-21-4145517564-965246637-432244123-1001\...\StartupApproved\Run: => "Steam" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{25D705B5-B5EC-4473-9BD7-92E1FAF194AB}C:\users\ryan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ryan\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{AA04731E-EFD6-4996-B465-32AFDFD4220F}C:\users\ryan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ryan\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{EBDC2BF6-45D5-48AA-85FD-5C45DD2D8064}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{A27EF31F-C05A-416E-97E6-BC72B3849C63}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{5E05501F-13B9-4C18-A617-AF1CC959A3D6}] => (Allow) D:\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{1540B258-3AE1-4D84-8720-95720991E2D4}] => (Allow) D:\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [UDP Query User{678B72C9-64D3-43C6-9591-16521F6933D0}D:\steam\steamapps\common\total war attila\attila.exe] => (Allow) D:\steam\steamapps\common\total war attila\attila.exe FirewallRules: [TCP Query User{F240E80D-0FE1-453F-B19E-A0DB459061B5}D:\steam\steamapps\common\total war attila\attila.exe] => (Allow) D:\steam\steamapps\common\total war attila\attila.exe FirewallRules: [{AB125A22-4D94-4215-AA8C-D43B0B41BB48}] => (Allow) D:\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe FirewallRules: [{2588EC44-FBBB-4652-81E3-9BFC47307CD5}] => (Allow) D:\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe FirewallRules: [{E3C5F066-0A1E-4CFE-8F6D-17A768BE08AC}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [{4AD31766-C14D-4D0A-BFD8-30D59CFC69C9}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [{2E29FC49-37E3-4880-A1F7-23779B6ED079}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [{479D33DA-1C27-446E-85E7-8F09828C84EB}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [{BA30A196-3BB5-41C3-9CB0-59ACAACF72AF}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{D6F2305A-870E-4758-94AF-CD3BEF7BA811}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{564A4039-5CE5-402F-8AD0-C0C53DDC38B7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{07FE999F-9CE2-487B-ABBF-0026FC86F5C6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{98781063-1DE1-43C0-8AAF-83796A03FEDD}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{2F0BC204-C278-43B3-A7EE-51C35C7761DD}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{1DBBE0B2-B2AF-4A2C-A2C4-0AEA8AB80576}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{26FA9203-5B64-4B62-B8F2-C4763F394D5C}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{4DA4B0AB-4BC9-47D2-A428-9FCAE2394437}] => (Allow) C:\Users\Ryan\Games\steamapps\common\Kerbal Space Program\KSP.exe FirewallRules: [{DEED3E6B-D25D-493E-8727-CD1A65D22983}] => (Allow) C:\Users\Ryan\Games\steamapps\common\Kerbal Space Program\KSP.exe FirewallRules: [{66FFFA2F-897E-4668-9B84-F6A22B6D815B}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{1F06F547-E988-495F-802C-BECABFFA6254}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{075F33F2-E5B1-40B7-ABE5-C94855FAF2BE}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe FirewallRules: [{4C42BD38-F5D6-467C-B543-5F042E73A199}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe FirewallRules: [{7BEA6908-FC07-4949-95DE-9A175FDE2BCB}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe FirewallRules: [{56BD4BFF-D159-4646-B12E-4FF70EC88DA8}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe FirewallRules: [{7436BB96-F6DB-47A0-82D5-9ABA4A0B52E5}] => (Allow) D:\Steam\steamapps\common\Navy Field 2 Conqueror of the Ocean\NF2_Launcher.exe FirewallRules: [{FB93EC93-71F4-4541-9D34-68C097762002}] => (Allow) D:\Steam\steamapps\common\Navy Field 2 Conqueror of the Ocean\NF2_Launcher.exe FirewallRules: [{87E1A49E-56E1-4460-863C-DED58CC8A603}] => (Allow) D:\Steam\steamapps\common\Total War Battles KINGDOM\TWB_Kingdom.exe FirewallRules: [{0CE89FA2-0346-4B36-B80F-B9C9F5875093}] => (Allow) D:\Steam\steamapps\common\Total War Battles KINGDOM\TWB_Kingdom.exe FirewallRules: [{B8EF9F1A-6362-4B07-A7F9-73408B47F25B}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{1584D2B8-7542-4CF4-BC66-4DFA4F683C94}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{F9146EF0-9E81-488F-A043-3A9ADC29997D}] => (Allow) C:\Users\Ryan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{DDA6905C-7804-4DCE-8BF5-44B8CEB4F7FA}] => (Allow) C:\Users\Ryan\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{4656EAE7-7821-434B-A017-E9ED78596A69}] => (Allow) C:\Users\Ryan\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [TCP Query User{93B11D1A-2077-4595-9D2B-5FD0D811CC1C}C:\users\ryan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ryan\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{58EEF3DB-8CAF-4F5A-95FA-5E1BFB64A3AE}C:\users\ryan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ryan\appdata\local\akamai\netsession_win.exe FirewallRules: [{CBE2F28F-A58B-4DC4-8AF1-EB86C36FF9BB}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe FirewallRules: [{62B1FF01-7B83-4D17-BCC2-3B9EFDB5433D}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe FirewallRules: [{D24A5C3E-977B-4F2E-B95C-2CFE37D32720}] => (Allow) F:\Common\EpsonNet Setup\ENEasyApp.exe FirewallRules: [{20EA9053-645D-42A9-9D5C-FB10F570E6C3}] => (Allow) F:\Common\EpsonNet Setup\ENEasyApp.exe FirewallRules: [{5A1C4CC2-C433-4DE3-B146-BA11070167A5}] => (Allow) D:\Steam\steamapps\common\FSX\fsx.exe FirewallRules: [{06009AFC-82AB-4888-83C6-F7D185FFCA75}] => (Allow) D:\Steam\steamapps\common\FSX\fsx.exe FirewallRules: [{E7B46F98-5742-4DDC-B81A-E9C2B25FB02C}] => (Allow) D:\Steam\steamapps\common\Total War Attila\launcher\launcher.exe FirewallRules: [{D687C27B-6601-45A5-86A8-9CEAF632B89D}] => (Allow) D:\Steam\steamapps\common\Total War Attila\launcher\launcher.exe FirewallRules: [{81D3813E-8356-46C3-9376-EB608083ED22}] => (Allow) LPort=5556 FirewallRules: [{87C785C6-9B95-4EB1-B4FE-59EB0DF5F803}] => (Allow) LPort=5558 FirewallRules: [{F6C76B26-2D58-4768-A08D-165753704406}] => (Allow) D:\Steam\steamapps\common\Age2HD\Launcher.exe FirewallRules: [{25810628-5275-4DF0-BCC7-03D5240E4604}] => (Allow) D:\Steam\steamapps\common\Age2HD\Launcher.exe FirewallRules: [TCP Query User{FE21B207-1045-4AE3-B0F9-94F5F4893A94}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{6F1239F6-E79B-45BD-A8C0-01F6B5C36A53}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{DEBF2145-F280-4C68-B483-CDCA47A116FF}C:\users\ryan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ryan\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{DAD01242-21A5-48D8-B5D2-78682E8EE10F}C:\users\ryan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ryan\appdata\local\akamai\netsession_win.exe FirewallRules: [{A5DCC62B-4A92-4E46-906C-F30D86623479}] => (Allow) D:\LeapFrog Connect\LeapfrogConnect.exe FirewallRules: [{DE7D0785-A240-44A8-8BC7-30F433ECDB6B}] => (Allow) D:\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{5DB3BFE5-5CC0-410A-80AA-80A694446746}] => (Allow) D:\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [TCP Query User{4127EFDD-E7E6-4D71-82D2-DA861CAE0301}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe FirewallRules: [UDP Query User{59A39E35-7703-4870-8BFC-6C7D97D0A66B}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe FirewallRules: [TCP Query User{4503EEA3-B4E0-4101-AC36-3D2AC05D5047}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe FirewallRules: [UDP Query User{800D8BEE-D5F0-4EF1-943D-E6DF05DAF19C}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe FirewallRules: [{67D198F0-EFB4-48B8-BA29-B6713FD326CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{4C24752C-CB7D-4746-A9BA-DF72B1BA3772}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{3BC9F113-6568-4C6C-9492-2B6E324DDED1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{D429532F-129E-4926-852A-0613EDBD8FCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{6181695B-7471-4E30-84E2-892AA9D5323E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{BD686DCB-E2AB-4A79-83BA-A88C447404C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{75743EFF-7038-44E8-B2DC-85CA221CD05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8027E660-9A28-4A01-8E33-0C02DFC694A7}] => (Allow) C:\Users\Ryan\Games\steamapps\common\Kerbal Space Program\KSP_x64.exe FirewallRules: [{3AE30FF0-8315-47B6-A9DF-EF1D4C62B09F}] => (Allow) C:\Users\Ryan\Games\steamapps\common\Kerbal Space Program\KSP_x64.exe FirewallRules: [{ECFADA06-D798-4CAE-8FA3-4A0203D3B143}] => (Allow) D:\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe FirewallRules: [{44710310-12F2-434B-B176-9B248424A6EF}] => (Allow) D:\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe FirewallRules: [TCP Query User{9A8D988D-7845-4F38-9978-46AA9E600BB8}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{42373A39-FF1A-45DB-8CBF-84D2AC0D18BA}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{18F2F040-30F7-4333-9184-C31673A19006}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C49DAC5F-4915-43B5-9620-4A854A1B41B0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{8F30F24D-7511-475F-88CB-434BE70B9946}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{E703D223-F934-4A78-AFBB-1928A538B1ED}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{06ECDC0D-050F-4E15-95F4-0688EDDFD68F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{03E5A264-8024-47F1-A9C2-2A3F413136EC}] => (Allow) D:\Music\iTunes.exe FirewallRules: [{892CCB87-FD03-44AC-B004-18638469DEEA}] => (Allow) D:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{06466D7D-DB44-4059-A846-CE7BEA206D92}] => (Allow) D:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [TCP Query User{81EB81DB-ED81-418A-B0C7-3623F49B6006}C:\users\ryan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ryan\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{87BFF8BD-ABAE-4795-8B6B-6DD246A8D4E8}C:\users\ryan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ryan\appdata\roaming\spotify\spotify.exe FirewallRules: [{2C45CEF4-D9A2-4794-9740-9A48A27D8C96}] => (Allow) D:\Steam\steamapps\common\Total War Attila\launcher\launcher.exe FirewallRules: [{09693160-FFE3-4D8F-A7AD-F961093D8A8E}] => (Allow) D:\Steam\steamapps\common\Total War Attila\launcher\launcher.exe FirewallRules: [{FD4136F3-C9E8-4A6F-801E-A9D9993C0830}] => (Allow) D:\Steam\steamapps\common\Banished\Application-steam-x64.exe FirewallRules: [{AC811C88-1E7E-4BB5-BBA5-F80C7C34B802}] => (Allow) D:\Steam\steamapps\common\Banished\Application-steam-x64.exe FirewallRules: [TCP Query User{ACAE66C3-110A-4B9E-A90C-5FB1F4DB796F}D:\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\steam\steamapps\common\total war rome ii\rome2.exe FirewallRules: [UDP Query User{F7E8AA4F-8733-4FD1-AA13-993A355A210F}D:\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\steam\steamapps\common\total war rome ii\rome2.exe FirewallRules: [{748A43BC-DDC8-476A-B308-D58C29B4C59F}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{A59BC1D0-0B5F-45B3-8DF1-DD971B5A943F}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{26B765F3-77FE-4F89-90FB-A99848DACDA4}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{2E7E1699-9AC0-4671-AE3E-9E152F5C4D46}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{C2738A5A-77C4-4235-BF07-EF431458774C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/05/2016 07:48:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RYAN) Description: Activation of app Microsoft.Getstarted_3.11.1.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/05/2016 07:31:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RYAN) Description: Activation of app Microsoft.Getstarted_3.11.1.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/05/2016 07:30:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RYAN) Description: Activation of app Microsoft.Getstarted_3.11.1.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/05/2016 07:29:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2071.1338, time stamp: 0x5726e00c Faulting module name: NvMdnsPlugin.dll_unloaded, version: 0.0.0.0, time stamp: 0x5726e510 Exception code: 0xc0000005 Fault offset: 0x00000000000d45a0 Faulting process id: 0xf0c Faulting application start time: 0xNvStreamNetworkService.exe0 Faulting application path: NvStreamNetworkService.exe1 Faulting module path: NvStreamNetworkService.exe2 Report Id: NvStreamNetworkService.exe3 Faulting package full name: NvStreamNetworkService.exe4 Faulting package-relative application ID: NvStreamNetworkService.exe5 Error: (07/05/2016 07:23:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RYAN) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/05/2016 07:21:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RYAN) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/05/2016 05:56:51 PM) (Source: MsiInstaller) (EventID: 11310) (User: RYAN) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Ryan\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/05/2016 05:56:39 PM) (Source: MsiInstaller) (EventID: 11310) (User: RYAN) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Ryan\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/05/2016 02:10:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1156 Error: (07/05/2016 02:10:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1156 System errors: ============= Error: (07/05/2016 08:12:51 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (07/05/2016 08:11:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (07/05/2016 08:09:30 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: 1084dpsUnavailable{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (07/05/2016 08:09:30 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: 1084dpsUnavailable{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (07/05/2016 08:09:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (07/05/2016 08:09:21 PM) (Source: DCOM) (EventID: 10005) (User: RYAN) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (07/05/2016 08:09:16 PM) (Source: DCOM) (EventID: 10005) (User: RYAN) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (07/05/2016 08:09:10 PM) (Source: DCOM) (EventID: 10005) (User: RYAN) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (07/05/2016 08:09:04 PM) (Source: DCOM) (EventID: 10005) (User: RYAN) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (07/05/2016 08:09:03 PM) (Source: DCOM) (EventID: 10005) (User: RYAN) Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} CodeIntegrity: =================================== Date: 2016-07-05 20:17:22.013 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-05 20:17:22.003 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-05 20:17:21.873 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-05 20:17:21.862 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-05 18:45:32.135 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-05 18:45:32.120 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-05 13:46:55.731 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-05 13:46:55.721 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-05 13:46:55.570 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-05 13:46:55.560 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz Percentage of memory in use: 16% Total physical RAM: 16273.04 MB Available physical RAM: 13540.08 MB Total Virtual: 18705.04 MB Available Virtual: 16028.47 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:118.25 GB) (Free:41.55 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (Data1) (Fixed) (Total:465.75 GB) (Free:71.03 GB) NTFS Drive e: (Data2) (Fixed) (Total:465.76 GB) (Free:465.6 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 215D8324) Partition: GPT. ======================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: AE6C2B34) Partition: GPT. ==================== End of Addition.txt ============================