Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018 Ran by Drew Owens (17-07-2018 17:54:37) Running from C:\Users\Drew Owens\Downloads Windows 8.1 (Update) (X64) (2015-06-14 03:00:34) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2116419765-1218913875-2256313103-500 - Administrator - Disabled) Drew Owens (S-1-5-21-2116419765-1218913875-2256313103-1001 - Administrator - Enabled) => C:\Users\Drew Owens Guest (S-1-5-21-2116419765-1218913875-2256313103-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated) Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated) Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.2.0 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.1.298 - Adobe Systems Incorporated) Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.1 - Adobe Systems Incorporated) Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.2.0.069 - Adobe Systems Incorporated) Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0.1 - Adobe Systems Incorporated) Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.2.0 - Adobe Systems Incorporated) Adobe SpeedGrade CC 2014 (HKLM-x32\...\{8EFF28F0-9DFD-4208-9E04-4D49A4812CF3}) (Version: 8.2.0 - Adobe Systems Incorporated) AdobeĀ® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated) AMD Catalyst Install Manager (HKLM\...\{ED5ECF2E-47B4-1A59-422B-50D90639214A}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology) ASUS GPU Tweak (HKLM-x32\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.) ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.) bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) FileZilla Client 3.13.0 (HKLM-x32\...\FileZilla Client) (Version: 3.13.0 - Tim Kosse) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden HighPoint RAID Management v2.1.4.12.1026 (HKU\S-1-5-21-2116419765-1218913875-2256313103-1001\...\HighPoint RAID Management) (Version: v2.1.4.12.1026 - HighPoint Technologies, Inc.) HydraVision (HKLM-x32\...\{84D18AB7-CBA1-1393-7D60-63504616FD1F}) (Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden Intel Processor Diagnostic Tool 64bit (HKLM\...\{F24BC99D-3FC1-4503-BEFA-5DDD16C6265A}) (Version: 2.20.0.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel) Intel(R) Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation) Intel(R) Rapid Storage Technology enterprise (HKLM-x32\...\{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}) (Version: 3.8.0.1106 - Intel Corporation) Marvell Storage Utility V4 (HKLM-x32\...\mvMSU) (Version: 4.1.0.2003 - Marvell) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.10228.20104 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2116419765-1218913875-2256313103-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{9AE22681-C27C-402A-A136-15854DFF693D}) (Version: 11.3.6020.0 - Microsoft Corporation) Microsoft SQL Server 2012 Setup (English) (HKLM\...\{BDF7F870-15E2-49A7-9123-65E8FF52ECAA}) (Version: 11.3.6020.0 - Microsoft Corporation) Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{22645997-D3F4-4056-A21A-88A018A90C1F}) (Version: 11.3.6020.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{076FF390-D283-4174-B602-B0B7B72BD024}) (Version: 11.3.6020.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.3.6020.0 - Microsoft Corporation) NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Driver 341.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.21 - NVIDIA Corporation) NVIDIA Graphics Driver 341.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.21 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation) NVIDIA WMI 2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.18.0 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7058 - Realtek Semiconductor Corp.) RingCentral for Windows (HKLM-x32\...\{2D1582B3-487E-4BFA-962B-158D3B181740}) (Version: 8.1.1.21232 - RingCentral) RingCentral Meetings (HKU\S-1-5-21-2116419765-1218913875-2256313103-1001\...\RingCentralMeetings) (Version: 4.2 - Zoom Video Communications, Inc. and RingCentral Inc.) Service Pack 3 for SQL Server 2012 (KB3072779) (64-bit) (HKLM\...\KB3072779) (Version: 11.3.6020.0 - Microsoft Corporation) SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.) SQL Server 2012 Common Files (HKLM\...\{1D411379-9CE0-4B13-A19B-72D3222DD620}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden SQL Server 2012 Common Files (HKLM\...\{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Services (HKLM\...\{18B2A97C-92C3-4AC7-BE72-F823E0BC895B}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Services (HKLM\...\{26773F6F-E7B5-4F58-9347-0347C998BA7D}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Services (HKLM\...\{84FBCA4A-D650-4B0D-8094-EC0671FA9B91}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Services (HKLM\...\{C22864D5-FB3F-4609-BF0C-ADBCC70742C4}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Shared (HKLM\...\{54FF8FAB-DE27-4187-82F1-EBAE6AEE869A}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Shared (HKLM\...\{6603C2CE-3C54-4F1D-92F9-8390CD4CCCA8}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.3.6020.0 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM\...\{BED1EA3D-592D-4305-9D1F-20F03726EFC1}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden VC_CRT_x64 (HKLM\...\{54F2237F-018C-483B-8884-9FC0D88840C3}) (Version: 1.02.0000 - Intel Corporation) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) WinRAR 5.40 beta 1 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.1 - win.rar GmbH) WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. ) XactRemodel 3 (HKLM-x32\...\{00271000-8116-4423-99E0-4A5D07E678E8}) (Version: 27.103.2013.417 - Xactware) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2116419765-1218913875-2256313103-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File CustomCLSID: HKU\S-1-5-21-2116419765-1218913875-2256313103-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] () ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] () ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-05-16] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-05-16] (Alexander Roshal) ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-04-29] (WinZip Computing, S.L.) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov) ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-04-29] (WinZip Computing, S.L.) ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2014-11-25] () ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-07-04] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-11-25] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] () ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-05-16] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-05-16] (Alexander Roshal) ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-04-29] (WinZip Computing, S.L.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {13AA8B5A-784C-4316-A979-CBEEBF57ACC1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation) Task: {1F27D3E8-AE10-40EA-949B-E725E906B25A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-14] (Microsoft Corporation) Task: {2444BE95-AC35-43D0-91D9-B6DA3D862EC2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-14] (Microsoft Corporation) Task: {27DB692B-B6BE-44F8-A459-BE61C726BAC9} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.) Task: {41A2B548-3318-4BA9-A87A-CDC28E9AD219} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {4EE02956-45BE-4C55-B95E-079D457470F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-14] (Google Inc.) Task: {5CA00C3B-5A4C-4FBB-8A34-8A9FE89C68C2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-07-14] (Microsoft Corporation) Task: {60611B4D-1CBE-4B1C-8A2C-E1F30B4F6A8E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {7327911D-07BC-4E6D-BF4B-84270B7F4294} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-07-14] (Microsoft Corporation) Task: {7B948C3E-DA7F-4769-9FFC-4CF7C506E43A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-14] (Google Inc.) Task: {80A798A4-A39B-4090-B3FF-BD2FCEA2BD91} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {82BC6F91-20EC-4C76-B419-228B0C0D790F} - System32\Tasks\AdobeGCInvoker-1.0-Drew-Drew Owens => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated) Task: {F37D7E10-97F1-4F82-AF08-EC779C09352F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated) Task: {F9709285-449A-4552-9E3F-D3E8A1FC1A06} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation) Task: {FB624E11-8E38-4253-9755-E6A9F74609B1} - System32\Tasks\AdobeAAMUpdater-1.0-Drew-Drew Owens => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-06-13 22:12 - 2014-11-25 18:15 - 002693448 _____ () C:\Windows\system32\nvwmi64.exe 2015-06-13 22:11 - 2014-11-25 16:39 - 000115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-01-17 13:24 - 2012-01-17 13:24 - 000055296 _____ () C:\Windows\SysWOW64\ASGT.exe 2018-02-10 02:12 - 2018-02-10 02:12 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll 2011-11-24 21:39 - 2011-11-24 21:39 - 001202216 _____ () C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe 2018-02-27 21:08 - 2018-02-27 21:08 - 034523072 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe 2018-06-26 16:36 - 2018-06-22 14:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll 2018-06-26 16:36 - 2018-06-22 14:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll 2011-11-21 21:48 - 2011-11-21 21:48 - 000073782 _____ () C:\Program Files (x86)\Marvell\storage\Apache2\bin\zlib1.dll 2012-09-10 13:37 - 2012-09-10 13:37 - 000192512 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll 2012-09-27 13:08 - 2012-09-27 13:08 - 000049152 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll 2018-02-14 06:03 - 2018-02-14 06:03 - 067115984 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2018-01-30 09:38 - 2018-01-30 09:38 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node 2018-01-30 09:39 - 2018-01-30 09:39 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2018-01-30 09:38 - 2018-01-30 09:38 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node 2018-01-30 09:38 - 2018-01-30 09:38 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node 2018-02-14 06:26 - 2018-02-14 06:26 - 000099800 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2018-01-30 09:38 - 2018-01-30 09:38 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node 2018-07-16 08:47 - 2018-07-16 08:47 - 000016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\336021e00e6a648b694427082077ed9b\PSIClient.ni.dll 2012-02-15 12:26 - 2012-02-15 12:26 - 000198656 _____ () C:\Program Files (x86)\Xactware\XactRemodel27\CORE\XWKey32.DLL 2012-02-15 12:26 - 2012-02-15 12:26 - 000004608 _____ () C:\Program Files (x86)\Xactware\XactRemodel27\CORE\Core.Imports.dll 2012-02-15 12:25 - 2012-02-15 12:25 - 003518464 _____ () C:\Program Files (x86)\Xactware\XactRemodel27\CORE\itextsharp.dll 2012-02-15 12:27 - 2012-02-15 12:27 - 002735104 _____ () C:\Program Files (x86)\Xactware\XactRemodel27\CORE\Telerik.Windows.Controls.Navigation.dll 2012-02-15 12:27 - 2012-02-15 12:27 - 002457600 _____ () C:\Program Files (x86)\Xactware\XactRemodel27\CORE\Telerik.Windows.Controls.GridView.dll 2012-02-15 12:27 - 2012-02-15 12:27 - 000443904 _____ () C:\Program Files (x86)\Xactware\XactRemodel27\CORE\Telerik.Windows.Data.dll 2012-02-15 12:27 - 2012-02-15 12:27 - 001784320 _____ () C:\Program Files (x86)\Xactware\XactRemodel27\CORE\Telerik.Windows.Controls.Input.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 08:25 - 2013-08-22 08:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2116419765-1218913875-2256313103-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{95F485CD-E599-4F9A-B8D7-2CC722E92402}C:\program files (x86)\marvell\storage\apache2\bin\httpd.exe] => (Allow) C:\program files (x86)\marvell\storage\apache2\bin\httpd.exe FirewallRules: [UDP Query User{0B3883C1-4C41-4F70-A3FD-31EF820EFAE6}C:\program files (x86)\marvell\storage\apache2\bin\httpd.exe] => (Allow) C:\program files (x86)\marvell\storage\apache2\bin\httpd.exe FirewallRules: [{B3CAEFEE-3E8D-412A-864F-516556E6FE42}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [TCP Query User{D17210B0-721A-457F-983A-686D3895C12A}C:\program files (x86)\ringcentral for windows\softphone.exe] => (Allow) C:\program files (x86)\ringcentral for windows\softphone.exe FirewallRules: [UDP Query User{563908D8-8E85-4C24-A1D8-580AAE3D0095}C:\program files (x86)\ringcentral for windows\softphone.exe] => (Allow) C:\program files (x86)\ringcentral for windows\softphone.exe FirewallRules: [{4F3937FB-8C00-4F15-9AD2-2E546E74CD1E}] => (Allow) C:\Users\Drew\RingCentralMeetings.exe FirewallRules: [{CD30BB73-BDFA-4580-BE74-DCB2E5AEEEC9}] => (Allow) C:\Users\Drew\airhost.exe FirewallRules: [{13640734-CB67-4144-B54E-B9FFE77E1455}] => (Allow) C:\Users\Drew\RingCentralMeetings.exe FirewallRules: [{BA911F27-D35D-48CE-B9AA-65CA39164D41}] => (Allow) C:\Users\Drew\airhost.exe FirewallRules: [TCP Query User{E031A6B1-7CBD-4C9A-BBD1-A26713A5C0A7}C:\program files (x86)\ringcentral for windows\softphone.exe] => (Allow) C:\program files (x86)\ringcentral for windows\softphone.exe FirewallRules: [UDP Query User{2320A350-797F-402D-9731-4EF57A72D99F}C:\program files (x86)\ringcentral for windows\softphone.exe] => (Allow) C:\program files (x86)\ringcentral for windows\softphone.exe FirewallRules: [{C6C1695F-239E-4AD2-8A94-EB03D0B979DE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{A96DA2D5-B791-4C02-99BC-3B55998CE82E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{94075EDF-76FC-400B-B532-3A635F5EF4C3}] => (Allow) C:\Users\Drew Owens\AppData\Roaming\RingCentralMeetings\bin\RingCentralMeetings.exe FirewallRules: [{3C33F42F-3CC0-4A16-AFD5-EB20B4F8100A}] => (Allow) C:\Users\Drew Owens\AppData\Roaming\RingCentralMeetings\bin\airhost.exe FirewallRules: [{11A5160C-C6BA-4417-AD2C-F2AC2804D22F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{242AA226-0EF7-486B-8C77-FC5EACA3B873}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{7184AEC4-E4FA-4928-AB79-D7EC76CD6AFD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{2B3EFE85-7F44-4052-B3E3-94623261E9CC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 27-06-2018 06:28:30 Windows Modules Installer 05-07-2018 07:34:22 Scheduled Checkpoint 11-07-2018 14:57:00 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/17/2018 05:49:45 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY) Description: There was an error with the Windows Location Provider database Error: (07/17/2018 11:33:36 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (07/17/2018 11:10:02 AM) (Source: Apache Service) (EventID: 3299) (User: ) Description: The Apache service named reported the following error: >>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.1.22 for ServerName . Error: (07/16/2018 01:16:29 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (07/15/2018 06:02:37 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (07/15/2018 09:35:38 AM) (Source: Apache Service) (EventID: 3299) (User: ) Description: The Apache service named reported the following error: >>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.1.22 for ServerName . Error: (07/15/2018 07:03:52 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (07/14/2018 09:30:49 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (07/17/2018 11:09:36 AM) (Source: Ntfs) (EventID: 137) (User: ) Description: The default transaction resource manager on volume E: encountered a non-retryable error and could not start. The data contains the error code. Error: (07/17/2018 09:42:52 AM) (Source: DCOM) (EventID: 10010) (User: Drew) Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout. Error: (07/17/2018 09:42:22 AM) (Source: DCOM) (EventID: 10010) (User: Drew) Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout. Error: (07/16/2018 01:18:14 PM) (Source: DCOM) (EventID: 10010) (User: Drew) Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout. Error: (07/16/2018 01:17:44 PM) (Source: DCOM) (EventID: 10010) (User: Drew) Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout. Error: (07/16/2018 08:43:23 AM) (Source: DCOM) (EventID: 10010) (User: Drew) Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout. Error: (07/16/2018 08:42:53 AM) (Source: DCOM) (EventID: 10010) (User: Drew) Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout. Error: (07/15/2018 09:35:08 AM) (Source: Ntfs) (EventID: 137) (User: ) Description: The default transaction resource manager on volume E: encountered a non-retryable error and could not start. The data contains the error code. Windows Defender: =================================== Date: 2018-07-07 10:54:56.954 Description: Windows Defender scan has been stopped before completion. Scan ID: {4A6D80A1-A97B-4EFC-B9EE-D8C034A44DCB} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-07-05 07:11:26.680 Description: Windows Defender scan has been stopped before completion. Scan ID: {DA60F0F2-F080-4DD2-B47F-1FD0BE5F52AA} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-07-04 07:51:41.837 Description: Windows Defender scan has been stopped before completion. Scan ID: {1D3BAF1D-4536-4F02-BBE1-EFC5F2BBB699} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-06-24 06:20:36.682 Description: Windows Defender scan has been stopped before completion. Scan ID: {965AA1DA-D6EC-4606-90A6-EAF791F1B8CA} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-06-24 06:16:19.820 Description: Windows Defender scan has been stopped before completion. Scan ID: {B3DB7214-E605-46F2-87D4-CC3E3A2115C5} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-06-26 16:45:38.511 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.271.55.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15000.2 Error code: 0x8050a003 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. Date: 2018-06-26 16:45:38.511 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.271.55.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15000.2 Error code: 0x8050a003 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. Date: 2018-06-26 16:45:14.539 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.269.1925.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14901.4 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2018-06-26 16:45:14.539 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.269.1925.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14901.4 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2018-06-26 16:45:14.539 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.269.1925.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14901.4 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. CodeIntegrity: =================================== Date: 2018-07-16 08:42:27.917 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-07-07 10:55:00.839 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-07-02 12:30:00.667 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-06-27 04:55:02.324 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-06-19 20:36:22.637 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-06-17 10:44:07.545 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-06-13 10:54:25.329 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4930K CPU @ 3.40GHz Percentage of memory in use: 6% Total physical RAM: 65475 MB Available physical RAM: 61223.5 MB Total Virtual: 75203 MB Available Virtual: 69687.52 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:223.23 GB) (Free:38.42 GB) NTFS Drive e: () (Fixed) (Total:74.52 GB) (Free:27.85 GB) NTFS Drive f: (PENDRIVE) (Removable) (Total:7.49 GB) (Free:6.7 GB) FAT32 Drive r: (Raid) (Fixed) (Total:1862.87 GB) (Free:1619.16 GB) NTFS \\?\Volume{2afa4275-1241-11e5-824f-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1862.9 GB) (Disk ID: F60BEC03) Partition 1: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 7704B4C1) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=223.2 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: A78EA78E) Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 7.5 GB) (Disk ID: 04DD5721) Partition 1: (Active) - (Size=7.5 GB) - (Type=0C) ==================== End of Addition.txt ============================