Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-07-2017 Ran by Ifare_000 (25-07-2017 15:02:20) Running from C:\Users\Ifare_000\Downloads Windows 10 Home Version 1703 (X64) (2017-07-13 06:55:27) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2022683308-1078434095-671657706-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2022683308-1078434095-671657706-503 - Limited - Disabled) Guest (S-1-5-21-2022683308-1078434095-671657706-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2022683308-1078434095-671657706-1003 - Limited - Enabled) Ifare_000 (S-1-5-21-2022683308-1078434095-671657706-1001 - Administrator - Enabled) => C:\Users\Ifare_000 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "Mass Effect 3" (HKLM-x32\...\{46E776B9-37DE-4B71-8DF2-F4C75112CA27}_is1) (Version: - ) «Portal 2» 2.0.0.1 (HKLM-x32\...\Portal 2_is1) (Version: 2.0.0.1 - VALVE) µTorrent (HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.) Adobe After Effects CC 2017 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F2}) (Version: 14.1.0 - Adobe Systems Incorporated) Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_1_0) (Version: 14.1.0 - Adobe Systems Incorporated) Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_5) (Version: 1.0.5 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (32 Bit) (HKLM-x32\...\{2614BC86-757D-4293-9E25-E4E16F370A9E}) (Version: 16.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_0) (Version: 11.0.0 - Adobe Systems Incorporated) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) Assassin’s Creed Syndicate version 1.0.0 (HKLM-x32\...\Assassin’s Creed Syndicate_is1) (Version: 1.0.0 - Ubisoft) Assassins Creed Chronicles China (HKLM-x32\...\Assassins Creed Chronicles China_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Awesomium.NET Redistribution Module (HKLM-x32\...\{C34CAF35-6198-4EEB-970F-C61FC51D23BD}) (Version: 1.7.4.2 - ©2014 Awesomium Technologies LLC) Hidden Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1405.0701 - Micro-Star International Co., Ltd.) bestadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== ATTENTION Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender) BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Boot Configure (HKLM-x32\...\{AB72B3BB-A389-4F62-86EE-C08326B4BE60}) (Version: 20.014.05233 - Micro-Star International Co., Ltd.) BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1402.2601 - ) CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform) CyberLink PowerDirector 15 (HKLM-x32\...\{FA285575-B543-4E6E-A573-A4F534AC9965}) (Version: 15.0.2026.0 - CyberLink Corp.) CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5509.52 - CyberLink Corp.) CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dragon Gaming Center (HKLM-x32\...\{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1402.1001 - Application) Hidden Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1402.1001 - Application) Driver Booster 3.5 (HKLM-x32\...\Driver Booster_is1) (Version: 3.5 - IObit) ELAN Touchpad 15.13.5.2_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.5.2 - ELAN Microelectronic Corp.) f.lux (HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\Flux) (Version: - ) FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line) FL Studio 12.1.2 (HKLM\...\FL Studio 12.1.2_is1) (Version: - ) FL Studio ASIO (HKLM\...\FL Studio ASIO) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galeria de Fotos (HKLM-x32\...\{9EE1AE8B-4872-41CA-8C9A-C33D899523E0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GD Hardware Scan (HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Gramblr (HKLM\...\Gramblr) (Version: 2.9.50 - Gramblr Team) Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Homeworld Deserts of Kharak (HKLM-x32\...\Homeworld Deserts of Kharak_is1) (Version: - ) Homeworld Remastered Collection ver. 1.30 (HKLM-x32\...\{24416000-66ZX-22VB-37Y0-46KL5M686AC}_is1) (Version: 1.30 - Gearbox Software) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit) Istrolid (HKLM\...\Steam App 449140) (Version: - treeform) iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Life Is Strange (HKLM-x32\...\Life Is Strange_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) MAGIX MX Suite (HKLM\...\{43136332-880B-458A-966C-900C18752B66}) (Version: 1.13.0.121 - MAGIX AG) Hidden MAGIX MX Suite (HKLM-x32\...\MAGIX_{43136332-880B-458A-966C-900C18752B66}) (Version: 1.13.0.121 - MAGIX AG) Metro 2033 Redux (HKLM\...\Steam App 286690) (Version: - 4A Games) Metro 2033 Redux, âåðñèÿ 1.0.0.3 (HKLM-x32\...\Metro 2033 Redux_is1) (Version: 1.0.0.3 - ) Metro: Last Light Redux (HKLM\...\Steam App 287390) (Version: - 4A Games) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{6f962b9e-bb55-4be9-aff3-c4749c546fb9}) (Version: 4.6.81 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8229.2086 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Publisher 2003 (HKLM-x32\...\{91190409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft Visual C# 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C# 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24516 (HKLM-x32\...\{b8e12890-118d-4721-8e54-05d978086712}) (Version: 14.0.24516.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24516 (HKLM-x32\...\{c325004c-5538-45b3-a7ad-94473a4dcd3b}) (Version: 14.0.24516.0 - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Movie Maker (HKLM-x32\...\{0A32B8F3-011F-4E2C-A87D-55791BA1470D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{159EA4A9-1F8A-4B12-95B7-47581F5B0F89}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{97E3AE69-8FB1-496A-8CA0-AE491902DCD7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{A888DBA2-C45E-4301-9C25-571FC73DCB69}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{C05F4139-CB6B-4272-A0BF-861FEB667F27}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DEA34BD6-47C4-4505-895D-139327473329}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{F7954B53-8522-450D-B262-B362B440FEC0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla) MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD) MSI Social Media Collection (HKLM-x32\...\{7ADEC426-BE95-48EF-84D4-086BD0F4D331}) (Version: 1.14.2251 - Micro-Star International Co., Ltd.) MusicBee 2.5 (HKLM-x32\...\MusicBee) (Version: 2.5 - Steven Mayall) My.com Game Center (HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\MyComGames) (Version: 3.201 - My.com B.V.) Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.2.1863 - Native Instruments) Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments) NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue) NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue) NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue) NewBlue Video Essentials VII for Windows (HKLM-x32\...\NewBlue Video Essentials VII for Windows) (Version: 3.0 - NewBlue) No Man's Sky (HKLM-x32\...\1446213994_is1) (Version: 2.8.0.10 - GOG.com) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team) NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation) NVIDIA Graphics Driver 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) oCam version 406.0 (HKLM-x32\...\oCam_is1) (Version: 406.0 - hxxp://ohsoft.net/) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenIV (HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\OpenIV) (Version: 2.9.906 - .black/OpenIV Team) OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation) PAYDAY 2 (HKLM-x32\...\PAYDAY 2_is1) (Version: - 505 Games) PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC) Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version: - Uber Entertainment) Planetary Annihilation: TITANS (HKLM\...\Steam App 386070) (Version: - Uber Entertainment) PlanetSide 2 (HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment) PlanetSide 2 (HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment) Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.8.12 - Vaclav Slavik) PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd) proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{6734576C-DC0C-4CFB-9C22-92DAAA73F6D5}) (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer E220x Drivers (HKLM\...\{579C5E7D-904F-447B-94F8-9413005C162C}) (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{DD21E907-9A2A-44B8-A12E-13691E166664}) (Version: 1.0.30.1003 - Qualcomm Atheros) Qualcomm Atheros Network Manager (HKLM\...\{4E08CC97-912D-458B-8705-9A14C325532F}) (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21296 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7891 - Realtek Semiconductor Corp.) Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.9.8 - Red Giant, LLC) RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games) SCM (HKLM\...\{6692DCAF-A445-4C6B-AF31-3DD85FC06FBA}) (Version: 13.014.01026 - Application) Serato DJ (HKLM-x32\...\{81E0D908-F57B-424B-B66A-6731765E4046}) (Version: 1.9.0.2353 - Serato) Hidden Serato DJ (HKLM-x32\...\{aab0492e-ad59-454a-8bbd-62a9524306b2}) (Version: 1.9.0.2353 - ) Serato DJ (HKLM-x32\...\Serato DJ) (Version: 1.9.0 - Serato DJ) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.4.5.44 - NVIDIA Corporation) Hidden Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.0 - IObit) Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited) Star Wars Battlefront II Ultimate Pack version 4.4 (HKLM-x32\...\{80C123AF-9375-4166-B05B-820FF5EF8B52}_is1) (Version: 4.4 - XAP4O) Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 11.0.0.3 - Bioware/EA) Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SUPER CHARGER (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.024 - MSI) System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC) System Requirements Lab Detection (HKLM-x32\...\{D0DA7F5E-605C-4E6A-A787-88331F8546A1}) (Version: 6.1.5.0 - Husdawg, LLC) The Way of Life Free Edition (HKLM\...\Steam App 310370) (Version: - Fabio Ferrara) Trapcode Suite v13.1.1 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.1.1 - Red Giant, LLC) TunnelBear (HKLM-x32\...\{cccb8171-b60b-4da8-8a0a-00e21ff41860}) (Version: 3.0.36.9 - TunnelBear) TunnelBear (HKLM-x32\...\{DDEA404F-1524-4CA1-B740-A3A0AD6DAFB0}) (Version: 3.0.36.9 - TunnelBear) Hidden UE4 Prerequisites (x86) (HKLM-x32\...\{70620222-35DB-4402-A9DC-2D482224DEDC}) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x86) (HKLM-x32\...\{f096ac2b-6d7e-4dce-9e3f-4f30aa5ecb1e}) (Version: 1.0.10.0 - Epic Games, Inc.) Unity Web Player (HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft) Valiant Hearts. The Great War (HKLM-x32\...\Valiant Hearts. The Great War_is1) (Version: 1.0.14 - Decepticon) Valiant Hearts: The Great War (HKLM-x32\...\VmFsaWFudEhlYXJ0c1RoZUdyZWF0V2Fy_is1) (Version: 1 - ) VirtualDJ 8 (HKLM-x32\...\{9FB0C789-72AB-4AE2-B04C-34ED8B94AC4B}) (Version: 8.2.3523.0 - Atomix Productions) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) Warface (HKLM\...\Steam App 291480) (Version: - Crytek) Warface My.Com (HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\Warface My.Com) (Version: 1.34 - My.com B.V.) WinDirStat 1.1.2 (HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\WinDirStat) (Version: - ) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinGuard Pro 2014 (HKLM-x32\...\{5DE0D22D-E196-4617-8190-2AF2C15ABEC2}) (Version: 8.9 - WinGuardPro Ltd) WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) フォト ギャラリー (HKLM-x32\...\{D6D69EE4-00F6-4DCE-B7AF-E90042BDE39B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden بريد Windows Live (HKLM-x32\...\{CDFECFAC-D979-48BA-BBF3-7B2F74A2252A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden معرض الصور (HKLM-x32\...\{CF15F988-98D4-479F-9750-85A495BF8233}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden 사진 갤러리 (HKLM-x32\...\{72CA45B4-0A70-45F5-B447-F6FC0795918D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden 影像中心 (HKLM-x32\...\{D3F0882C-4948-4BAA-9720-47CC4D9AEF54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden 照片库 (HKLM-x32\...\{E9BAA7A4-4397-4DE7-8C01-5A39B24F17F2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2022683308-1078434095-671657706-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll => No File ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers01: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ContextMenuHandlers01: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit) ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-03-07] () ContextMenuHandlers01: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit) ContextMenuHandlers01: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd) ContextMenuHandlers01: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\system32\IObitSmartDefragExtension.dll [2015-01-10] (IObit) ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-16] (Alexander Roshal) ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File ContextMenuHandlers02: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit) ContextMenuHandlers04: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit) ContextMenuHandlers04: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit) ContextMenuHandlers04: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd) ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation) ContextMenuHandlers05: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-01] (Intel Corporation) ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation) ContextMenuHandlers06: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ContextMenuHandlers06: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit) ContextMenuHandlers06: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd) ContextMenuHandlers06: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\system32\IObitSmartDefragExtension.dll [2015-01-10] (IObit) ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-16] (Alexander Roshal) ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00F96C83-B14E-41E6-B402-7A35EF81FD68} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ifarez.ala@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {016D991B-C28A-4E75-8948-45109C4049C6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-01] () Task: {12D3AD4F-3BDD-4404-8A49-50D2A3ED0198} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {194BAC5F-6A35-4218-BBB6-ABE82E25FF00} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-07-18] (Microsoft Corporation) Task: {1BAA167D-A88B-4BCD-9B83-9C4F039B3546} - \{047A7D47-790C-7A09-0E11-790F7E04117F} -> No File <==== ATTENTION Task: {21AD96A3-0C1F-44E1-A0D4-2559A12BAF0C} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe Task: {2266D2F0-49E6-466A-B526-0B988055EA2E} - System32\Tasks\AGProxyCheck => C:\Program [Argument = Files (x86)\AnonymizerGadget\AGService.exe /recove] Task: {239A0C75-2C3C-4BED-99A4-92933BAA9ADD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {25A24FDD-D211-4C11-A372-948AB3AA7C26} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {2F14EF8E-2873-4FDB-8B75-8A4CACEB0AB4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3F516082-02F7-409E-B338-80CDC7375788} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-11] (Adobe Systems Incorporated) Task: {53954FF7-522C-48FB-B9DA-F05ACD8988C4} - System32\Tasks\Wake from sleep => C:\Users\Ifare_000\Downloads\gramblr.exe [2016-08-03] () Task: {57E463FA-89A7-4AE3-AC2D-F07DBC9AF44D} - System32\Tasks\Steam_x64-S-2-106-91 => "C:\Users\Ifare_000\AppData\Roaming\OpenOffice\CODEXi\Steam" [Argument = overbtc1234.] <==== ATTENTION Task: {59286D52-5118-49D5-81E2-5111BA070275} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {5B41AE62-550A-4A63-AEB9-61F607FAD06F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {605EE6D2-6203-42DF-99E2-2084A62913F1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-02] (Microsoft Corporation) Task: {65656D44-B0F2-421C-AF08-BE6A850E583E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {67588A2F-D243-4AE7-98DA-03AADCFA3996} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {75A9F441-AC25-465B-B5A9-9C3E20BEA79E} - System32\Tasks\sleep => C:\Users\Ifare_000\Downloads\gramblr.exe [2016-08-03] () Task: {7BE96DBE-3B49-4292-A6BF-0AE35723CBB6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {836D72E7-BF7C-43D1-960E-0701F8DA1365} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {89CA27ED-61B6-4B07-B2EE-F1317B4FE839} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe Task: {90A003E9-199C-4CA4-ACF3-F4B984C10BAE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {9EB284C3-7BD2-4682-AAC6-C8E9DE35C062} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {A1B7AF5E-A16F-4ED7-9E12-A15713CF40E1} - \WPD\SqmUpload_S-1-5-21-2022683308-1078434095-671657706-1001 -> No File <==== ATTENTION Task: {A274F7FC-9B83-4C4E-BB2B-06DBA17EDEAD} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-06-21] (Bitdefender) Task: {B1523BC2-1BFB-4C75-80EF-F1ADDAE278DB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-02] (Microsoft Corporation) Task: {B47C1039-69A1-4F9E-BC7A-0D6E2CE8088F} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe Task: {B9A2899B-F79D-418F-A416-37E27981D0BD} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2022683308-1078434095-671657706-1001 -> No File <==== ATTENTION Task: {C29B074D-920F-4F70-A3C7-8E537250F5CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd) Task: {C39BE2C2-60C1-429A-B76A-5B484B8E638F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-01] () Task: {D5682A94-C2EE-48A5-812C-3C05664EA0C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {D627AE9C-9A10-406C-9F11-06F0FAEA3F3A} - \Wse_taplika -> No File <==== ATTENTION Task: {DC118293-4E56-47CB-A2E3-599C84FD0541} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>) Task: {EB41A15B-FD17-499D-BB17-B54E47630A92} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Ifare_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\Ifare_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com ==================== Loaded Modules (Whitelisted) ============== 2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-08-31 22:10 - 2016-03-13 16:35 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2015-04-21 21:53 - 2016-03-13 16:35 - 00107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe 2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2017-07-01 20:48 - 2017-07-01 20:48 - 08932040 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2017-03-18 16:58 - 2017-03-18 16:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 16:59 - 2017-03-18 22:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-06-08 13:10 - 2017-06-08 13:10 - 02567680 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.2.1451.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll 2017-06-08 13:10 - 2017-06-08 13:10 - 00132608 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.2.1451.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll 2014-01-22 13:44 - 2014-01-22 13:44 - 00075912 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.dll 2017-07-01 20:37 - 2017-06-22 23:21 - 02692440 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\swiftshader\libglesv2.dll 2017-07-01 20:37 - 2017-06-22 23:21 - 00137048 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\swiftshader\libegl.dll 2017-07-21 17:00 - 2017-07-21 17:00 - 11426384 _____ () C:\Program Files\Gramblr\gramblr.exe 2016-12-18 17:24 - 2016-06-21 20:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl 2016-12-18 17:24 - 2016-06-21 20:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2016-12-18 17:24 - 2016-06-21 20:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl 2015-06-04 20:40 - 2015-06-03 17:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-09-26 13:55 - 2016-09-26 13:55 - 40523480 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll 2014-08-21 16:40 - 2013-08-08 14:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\sony.com -> sony.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\100sexlinks.com -> 100sexlinks.com There are 4790 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 09:25 - 2016-09-26 20:49 - 00001022 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2022683308-1078434095-671657706-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ifare_000\Pictures\Untitled-1.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk" HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "ETDCtrl" HKLM\...\StartupApproved\Run: => "Radio Manager" HKLM\...\StartupApproved\Run: => "SCM" HKLM\...\StartupApproved\Run: => "MBCfg64" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "InstallerLauncher" HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema" HKLM\...\StartupApproved\Run32: => "UpdReg" HKLM\...\StartupApproved\Run32: => "RemoteControl10" HKLM\...\StartupApproved\Run32: => "SUPER CHARGER" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKLM\...\StartupApproved\Run32: => "WGP" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema 2" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\StartupApproved\Run: => "Advanced SystemCare 8" HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\StartupApproved\Run: => "PeerBlock" HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\StartupApproved\Run: => "msnmsgr" HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DD0A6C24D88D69FDF76F23CFA5415D2E" HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\StartupApproved\Run: => "gflauncher" HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\StartupApproved\Run: => "MyComGames" HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\StartupApproved\Run: => "f.lux" HKU\S-1-5-21-2022683308-1078434095-671657706-1001\...\StartupApproved\Run: => "TunnelBear" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{F5C723F0-232A-48FB-BDD3-4B882B52A8E8}] => (Allow) D:\SteamLibrary\steamapps\common\Metro 2033 Redux\metro.exe FirewallRules: [{09265002-B605-4772-9CEB-4EC3999A015F}] => (Allow) D:\SteamLibrary\steamapps\common\Metro 2033 Redux\metro.exe FirewallRules: [{E7C4BCAD-E296-4826-9AF5-73412E447BCB}] => (Allow) D:\SteamLibrary\steamapps\common\Metro Last Light Redux\metro.exe FirewallRules: [{905A6EF1-7E41-4EF8-959E-EE4F54DD4D89}] => (Allow) D:\SteamLibrary\steamapps\common\Metro Last Light Redux\metro.exe FirewallRules: [UDP Query User{05F780D4-FA87-41F1-A2C7-CBA2197639CD}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{440D476D-3A99-494C-B28B-B729352807FB}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{EBE39D27-6EB3-451C-BBAA-9C03479BC6ED}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{9839F24C-2350-4DD6-8FC8-99388D5DCBE3}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{CC81EFC4-67FE-4A61-952B-E1F97B5AC555}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{176F41CB-ACB5-4F98-9CE1-66C92E7D4FB0}] => (Block) LPort=445 FirewallRules: [{DA6DF774-7EC6-463A-BB60-9A47AFD1B512}] => (Block) LPort=445 FirewallRules: [UDP Query User{15C9CE0A-9AE3-44A5-9BAE-B45F9BB7ADE9}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{D46F7BD0-9469-4895-AA99-63C33A6A8CFD}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{84AB1449-B1D1-414C-8965-E04AF6940723}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x64\server.exe FirewallRules: [{6EB1B588-08E0-4216-A65F-8B3BC8225F7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x64\server.exe FirewallRules: [{4EDEBAF8-430E-4AD3-A882-780CE319B092}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x64\host\CoherentUI_Host.exe FirewallRules: [{F7C6F784-8233-4CB3-9A67-04D1FF2193D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x64\host\CoherentUI_Host.exe FirewallRules: [{5BC4C3E1-981A-41FB-A801-2B7BF82E49A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x64\crashupload.exe FirewallRules: [{8B535B3B-9656-4019-8EB2-9584A67B2E94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x64\crashupload.exe FirewallRules: [{288FF1BA-1D28-4400-B30F-073E35CD8717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x86\host\CoherentUI_Host.exe FirewallRules: [{81588B92-58B8-4F3C-A0DD-76381473B743}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x86\host\CoherentUI_Host.exe FirewallRules: [{AA41C107-7EB6-48B7-B466-656FF31D0BD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x86\crashupload.exe FirewallRules: [{AD39F581-025D-4B37-B7C0-8729C798D7D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x86\crashupload.exe FirewallRules: [{76B36957-96E1-4DEF-93D1-7BE0A4837FBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x86\PA.exe FirewallRules: [{31341061-86D6-4CE9-AE1B-095488AD8830}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x86\PA.exe FirewallRules: [{A33006F9-28C3-49DB-BF8B-33F599D00EEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x64\PA.exe FirewallRules: [{5C19E0BB-834D-4B4A-A112-DB04E3506A1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation Titans\bin_x64\PA.exe FirewallRules: [UDP Query User{1CA8165E-E4B4-461F-8C8F-EA2FCCB354B9}C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe FirewallRules: [TCP Query User{F62B1371-701F-443C-AAA4-590B3CDD3DD0}C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe FirewallRules: [UDP Query User{55AEE71C-33FF-468C-A445-4C42AE5C4E27}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe FirewallRules: [TCP Query User{E284F5E3-0E67-46D7-8457-B94242B107FB}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe FirewallRules: [{811EDF0E-BD1D-4423-97D6-06BF6C7894F4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6C1F9408-D14A-4AB9-937B-97FF6A5C7BFD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{ED1DA679-46AB-4695-BA5A-A70C1218A825}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{09054DB1-230E-4D0E-8456-49D292030FA1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [UDP Query User{C06DFC55-19B4-4F62-BA5B-53FA4EC0993B}C:\users\ifare_000\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\ifare_000\appdata\local\mycomgames\mycomgames.exe FirewallRules: [TCP Query User{5D94CC10-AF9D-4B58-8A31-05647C56A1B9}C:\users\ifare_000\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\ifare_000\appdata\local\mycomgames\mycomgames.exe FirewallRules: [{6CF4B15B-C617-4C5B-B662-4ABF6FA09D36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe FirewallRules: [{97CFF999-CD95-4A49-B43C-5231B966262F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe FirewallRules: [{DB709832-B744-469B-B646-C911BC8E2260}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\gflauncher.exe FirewallRules: [{90CE3160-DF28-4325-94EA-A9B2AB2FD809}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\gflauncher.exe FirewallRules: [{9767590B-75F2-4B72-B3A7-23149D126282}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{8E7B0755-70B3-4B8D-811A-F9A3E33427CD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{7B01DE33-F007-4ED2-A4C6-BC4304CC2E10}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{02830B0E-6C4E-417A-A1AF-7039B78F285A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{92496A34-BB9A-46A5-ACFF-F86528962DCB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{6EB779E0-49A4-4042-9F20-9C24AF2F64E7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{D44475AB-A73E-4C10-A751-DEAB8F7C2F8F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{A38B3F26-AFAE-41CC-A6EB-B0107E7ECB0C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{B6E2D3BD-BE12-4E7E-8DED-940C6A9C27E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\server.exe FirewallRules: [{227A8743-7CED-4F64-95E6-E213E33A56C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\server.exe FirewallRules: [{4356E72A-4BC6-47DB-86CA-2EA8234F1CE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe FirewallRules: [{3B123FAA-8DA7-45DC-AFB0-739682AB9172}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe FirewallRules: [{AA2C0ECF-F3C3-4DBE-8E51-0E7640E9C5B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\crashupload.exe FirewallRules: [{CB808253-0729-40F9-AA69-0FC837827030}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\crashupload.exe FirewallRules: [{27DD1722-2400-49C4-A5E7-3A7D87D5D35D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe FirewallRules: [{A45D70ED-22A6-4EA8-96C2-55CAC8BFED53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe FirewallRules: [{AE95AB89-28A6-4BC2-820F-984A710A87AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x86\crashupload.exe FirewallRules: [{232A2159-4EBC-46F7-B9DC-4FD809A51937}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x86\crashupload.exe FirewallRules: [{3BF2AA26-B5AB-4B10-AD79-89831B2336A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x86\PA.exe FirewallRules: [{80BFBBB8-B467-49CF-BCC1-4969EE37C126}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x86\PA.exe FirewallRules: [{65F06038-AAAA-42C8-96DB-CDD0D5546289}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\PA.exe FirewallRules: [{5D6EF0D6-F648-483C-8940-7E9BC500CDF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetary Annihilation\bin_x64\PA.exe FirewallRules: [{1B3144C9-D784-4F91-9841-26CE1F17A988}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A18C110B-A0BF-4B18-9A02-B8479B07E787}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E257276E-DFEE-45D3-B8CE-1334793801B7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{2A775C74-48E7-4F5F-A082-7D86C1F96DCE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{6A774564-B065-496A-8977-1EE6C064F3D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{B3CBC32C-5FF8-4D19-921F-81F58A5AB35C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{71257E8A-E24E-4AEF-A5E4-20F006231CC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{26A18657-3B5E-4682-992A-E289E11DB2FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{A2498D5E-FF9E-44C0-9A3E-EA31B72BE545}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8DA85294-57BB-43DC-80D0-6C632EE4C0BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A4C80CA4-917C-4B73-9A79-9C1D6A203AA3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{9BB5B851-54C4-4065-A301-C971F31708E6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{B4D85F40-7ADF-4DC5-B7EB-15DC709240AA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{D582A462-990D-4809-9DD1-D2A994A2D9D2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{204BDBAC-1338-451C-A584-2CF151764939}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{FCB1F599-13A9-42DC-A1E8-02FFDEA2BF18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{D6B91BD8-BA46-420B-88EC-AD45ED604F48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{290E8FF3-3923-4929-8E34-6CFC64D6534A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{1B2CB3E2-9D31-4332-9AC5-808CACF2C269}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [UDP Query User{7A7ABEEF-4A51-4B62-878A-CF0FF087B100}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [{DE56F1D3-0373-4D61-85C9-B6FC37AD7166}] => (Allow) C:\Users\Ifare_000\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0AEF59AB-CD7B-4CA0-91AE-CD58238CEBEE}] => (Allow) C:\Users\Ifare_000\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D8CEB257-C3E7-49CE-B495-41AEE2167415}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{6D017A8D-4D41-4DF0-B43C-1A43C595D2B6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{CB6575C9-C282-443D-819B-8A34D99A96FF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{863AA96C-E00C-4810-9845-1BB55060AFDE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D1602AE9-72A7-4459-B733-BECF4A836019}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{EB672608-7477-451B-A09C-FE3FA702E1AE}] => (Allow) LPort=2869 FirewallRules: [{CCB2C5E3-E900-489A-ABCD-FCC2651CB216}] => (Allow) LPort=1900 FirewallRules: [{E6F42F43-02D0-4830-AACE-CCB58BD807A0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{CAB57850-34CF-45C0-A80F-0DB946BF4E14}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7F8A2162-A3B7-43FF-828C-15FD087AA899}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{35B8793D-1B47-42BB-AC30-0F2741CD6892}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{98EE9EA9-1FB2-43CE-A10B-B76AFDECF498}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{CCBA7C83-C111-4738-8EA1-6BBDC0B45899}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A5AC5421-B019-48CD-A191-D40DFB5F89FB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{CFE62185-365C-4026-B74C-80BA7E05A521}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{EFD184ED-772A-438B-9173-69611C9471F4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{3CEEA922-B2D5-449B-B8BD-48CC4FF28C94}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{BC3AC2B4-6E9D-4D98-8493-9BB8FDFF5FF8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{5F48F72E-9987-46FD-BE83-ACBC418E2142}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Way of Life\TheWayOfLifeDemoWindows.exe FirewallRules: [{AEA8174A-7FF0-4852-852F-F21634A22851}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Way of Life\TheWayOfLifeDemoWindows.exe FirewallRules: [{EC9A7F3A-EB8E-4707-BDDE-36FAF932607C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Istrolid\istrolid.exe FirewallRules: [{8899272D-67F9-42DB-997E-597482D52F74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Istrolid\istrolid.exe FirewallRules: [{D5873032-27E2-483E-A3F1-6EB21CF3B5C5}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶啜汮癩牥敩晳浹潭屮湕楬敶楲獥祦浭湯攮數 FirewallRules: [{33651C9F-1B92-406C-90D8-A96D1305B6F3}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶啜汮癩牥敩晳浹潭屮湕楬敶楲獥祦浭湯⹟硥e FirewallRules: [TCP Query User{450E8BE5-1285-4719-9EEC-FC4ED15FA24E}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe FirewallRules: [UDP Query User{12C10C1A-B1DC-499A-9525-7BCC96C0FE82}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe FirewallRules: [{9968C39A-AB5D-4277-ADEA-582B8F4AAF71}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{A32DF16C-E1F8-4C78-B525-54E032B98D14}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{A442D6E6-E3B2-41FA-B0D2-124C23EDE7DC}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{573C5A0A-FBF7-4CB2-8297-04E23E75BF8F}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe ==================== Restore Points ========================= 16-07-2017 07:45:26 Scheduled Checkpoint 24-07-2017 09:16:21 Scheduled Checkpoint 25-07-2017 14:40:47 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= Name: TunnelBear Adapter V9 Description: TunnelBear Adapter V9 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TunnelBear Provider V9 Service: tap-tb-0901 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/25/2017 02:53:56 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: An error has occurred (Can't create NSS process. [0]). Error: (07/25/2017 02:53:56 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: An error has occurred (Failed to create process. [2]). Error: (07/25/2017 02:35:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1188 Error: (07/25/2017 02:35:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1188 Error: (07/25/2017 02:35:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/25/2017 02:25:55 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1203 Error: (07/25/2017 02:25:55 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1203 Error: (07/25/2017 02:25:55 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/25/2017 02:23:26 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 483422 Error: (07/25/2017 02:23:26 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 483422 System errors: ============= Error: (07/25/2017 02:59:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Connectivity Manager for Gramblr service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 500 milliseconds: Restart the service. Error: (07/25/2017 02:59:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Connectivity Manager for Gramblr service terminated with the following error: Incorrect function. Error: (07/25/2017 02:59:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the file specified. Error: (07/25/2017 02:57:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout. Error: (07/25/2017 02:54:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/25/2017 02:54:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/25/2017 02:53:39 PM) (Source: NETLOGON) (EventID: 3095) (User: ) Description: This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration. Error: (07/25/2017 02:53:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The CldFlt service failed to start due to the following error: The request is not supported. Error: (07/25/2017 02:52:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Apple Mobile Device Service service failed to start due to the following error: The system cannot find the path specified. Error: (07/25/2017 02:51:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The IObit Uninstaller Service service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2017-07-25 15:02:20.153 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-25 15:02:20.150 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-25 15:02:20.097 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-25 15:02:20.095 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-25 15:02:03.112 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-25 15:02:03.110 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-25 15:02:03.062 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-25 15:02:03.060 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-25 15:02:01.480 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-25 15:02:01.478 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4200H CPU @ 2.80GHz Percentage of memory in use: 38% Total physical RAM: 8109.44 MB Available physical RAM: 5007.06 MB Total Virtual: 13741.44 MB Available Virtual: 10363.77 MB ==================== Drives ================================ Drive c: (OS_Install) (Fixed) (Total:423.37 GB) (Free:174.94 GB) NTFS Drive d: (Data) (Fixed) (Total:258.56 GB) (Free:157.63 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: CC2AE69A) Partition: GPT. ==================== End of Addition.txt ============================