Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016 Ran by Acer (2016-07-04 07:48:19) Running from C:\Users\Acer\Downloads Windows 10 Pro Version 1511 (X64) (2016-01-03 15:54:14) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Acer (S-1-5-21-4106620623-631192622-675998710-1001 - Administrator - Enabled) => C:\Users\Acer Administrator (S-1-5-21-4106620623-631192622-675998710-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4106620623-631192622-675998710-503 - Limited - Disabled) Guest (S-1-5-21-4106620623-631192622-675998710-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Ad-Aware Antivirus (HKLM\...\{92565CD9-F8E0-4330-BEEC-A6041F79A880}_AdAwareUpdater) (Version: 11.11.898.9090 - Lavasoft) AdAwareInstaller (Version: 11.11.898.9090 - Lavasoft) Hidden AdAwareUpdater (Version: 11.11.898.9090 - Lavasoft) Hidden Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated) Amazon 1Button App (x32 Version: 2.3.4 - Amazon) Hidden <==== ATTENTION Amazon Assistant (HKLM-x32\...\Amazon Assistant) (Version: 2.3.4 - Amazon) <==== ATTENTION ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden AntimalwareEngine (Version: 3.0.129.0 - Lavasoft) Hidden Belgium e-ID middleware 4.1.10 (build 1698) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71698}) (Version: 4.1.1698 - Belgian Government) CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform) Elevated Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Kodi (HKU\S-1-5-21-4106620623-631192622-675998710-1001\...\Kodi) (Version: - XBMC-Foundation) Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 47.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 nl)) (Version: 47.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team) OpenOffice 4.1.2 (HKLM-x32\...\{41E7B095-1618-49CF-972F-72B5D5235423}) (Version: 4.12.9782 - Apache Software Foundation) Pandora Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - Pandora.TV) <==== ATTENTION Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6318 - Realtek Semiconductor Corp.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.581 - Nullsoft, Inc) Winamp Detector Plug-in (HKU\S-1-5-21-4106620623-631192622-675998710-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4106620623-631192622-675998710-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Acer\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {03314125-0759-4BE7-ACF6-63AE1A8B9609} - System32\Tasks\KuaiZip_Update => C:\Program Files\¿ìѹ\X86\Update.exe [2016-07-03] (Shanghai Guangle Network Technology Ltd ) <==== ATTENTION Task: {0B5E10C8-1A09-461A-83B4-58A40AC00E1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {331748DF-94F2-49B8-A646-49312A02FDA0} - System32\Tasks\DistromaticUpdater-periodic => C:\Program Files (x86)\Amazon Browser Settings\updater.exe [2016-04-28] (Distromatic) <==== ATTENTION Task: {3AD800D6-E087-43E2-9752-FA6D1A7884B5} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe Task: {3F296766-AC21-434F-86F0-A30D5FA3B86A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] () Task: {4A05DB33-E07C-4B9D-9875-AA7D523BE95F} - System32\Tasks\{3FEDD1F0-07B9-4CC1-B465-CB80BD34922B} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.103/nl/abandoninstall?source=lightinstaller&page=tsMain Task: {64FEF800-98F3-4E04-A32F-36E1EAC64E54} - System32\Tasks\DistromaticUpdater-logon => C:\Program Files (x86)\Amazon Browser Settings\updater.exe [2016-04-28] (Distromatic) <==== ATTENTION Task: {6F4CE143-3FCB-4D15-81B1-E6322730B2C4} - System32\Tasks\DistromaticSearchProtect-logon => C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe [2016-04-28] (Distromatic) <==== ATTENTION Task: {7974E821-FEC4-4B07-9C8E-24C2446AC58B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation) Task: {96D7D397-6253-41A0-A9F2-25BEF3AB183A} - System32\Tasks\{0F7A5DF5-0134-4A0B-8EA5-816A9FB1BD00} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.103/nl/abandoninstall?source=lightinstaller&page=tsMain Task: {990BBC98-5593-4ECA-A5F0-4788EB0AB558} - \AutoPico Daily Restart -> No File <==== ATTENTION Task: {CBFF64A8-4CDE-4F9D-9944-705DEB30CD12} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd) Task: {E505411B-0984-451C-A267-D67F08E9AC5A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated) Task: {F445F47A-F87C-401F-A3BC-8FB18B6AB926} - System32\Tasks\Shanot Cloud => C:\Program Files (x86)\Qerlegherzerk\shnCldphv.exe Task: {FF368EBE-B865-4304-872D-21594AA61B1B} - System32\Tasks\DistromaticSearchProtect-hourly => C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe [2016-04-28] (Distromatic) <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) WMI_ActiveScriptEventConsumer_ASEC: <===== ATTENTION Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> hxxp://yeabests.cc (No File) Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> hxxp://yeabests.cc (No File) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-06-10 12:31 - 2016-06-10 12:31 - 00730496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareService.exe 2016-06-10 12:36 - 2016-06-10 12:36 - 00030464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\boost_system-vc140-mt-1_61.dll 2016-06-10 12:36 - 2016-06-10 12:36 - 00068872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\boost_date_time-vc140-mt-1_61.dll 2016-06-10 12:36 - 2016-06-10 12:36 - 00146184 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\boost_filesystem-vc140-mt-1_61.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 11652856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareServiceKernel.dll 2016-06-10 12:36 - 2016-06-10 12:36 - 03420880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\RCF.dll 2016-06-10 12:36 - 2016-06-10 12:36 - 01005824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\boost_regex-vc140-mt-1_61.dll 2016-06-10 12:36 - 2016-06-10 12:36 - 00124672 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\boost_thread-vc140-mt-1_61.dll 2016-06-10 12:36 - 2016-06-10 12:36 - 00040192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\boost_chrono-vc140-mt-1_61.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 00976624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareActivation.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 00575744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareApplicationUpdater.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 00842480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareGamingMode.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 00113896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareReset.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 00135904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareTime.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01050880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareDefinitionsUpdater.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 00906512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareDefinitionsUpdaterScheduler.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01110256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareIgnoreList.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 00268016 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareQuarantine.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01638656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareAntiMalwareEngine.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 00227584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareAntiRootkitEngine.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01191160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareScannerHistory.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01387752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareScanner.dll 2016-06-10 12:36 - 2016-06-10 12:36 - 00039680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\boost_timer-vc140-mt-1_61.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01031416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareScannerScheduler.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01198848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareRealTimeProtection.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 02679544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareIncompatibles.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01529576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareAntiSpam.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01464048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareAntiPhishing.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 03473144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareParentalControl.dll 2016-06-10 12:36 - 2016-06-10 12:36 - 03136248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareWebProtection.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01332984 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareEmailProtection.dll 2016-06-10 12:36 - 2016-06-10 12:36 - 00073480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\boost_iostreams-vc140-mt-1_61.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01918208 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareNetworkProtection.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01037544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwarePromo.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 00469736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareFeedback.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 03164416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareThreatWorkAlliance.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01319656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwarePinCode.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01039592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareNotice.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01605360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareAvcEngine.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 01175824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareRealTimeProtectionHistory.dll 2016-06-10 12:35 - 2016-06-10 12:35 - 00539376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareStatistics.dll 2016-07-03 02:13 - 2015-12-16 10:58 - 00219392 _____ () C:\Program Files (x86)\Wifisrv\WifiService.exe 2016-04-13 07:17 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-13 07:17 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-20 20:13 - 2016-05-20 20:13 - 00959168 _____ () C:\Users\Acer\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-07-03 02:15 - 2016-07-03 02:15 - 00338368 _____ () C:\Program Files\¿ìѹ\X64\KZipShell.dll 2016-04-19 07:02 - 2016-04-19 07:02 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-01-04 02:29 - 2016-01-04 02:29 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-11 11:49 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-06-15 15:39 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-15 15:39 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-15 15:40 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-15 15:40 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-01-03 16:13 - 2016-01-03 16:13 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-06-10 12:36 - 2016-06-10 12:36 - 09584864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareTray.exe 2016-06-10 12:36 - 2016-06-10 12:36 - 00539392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\boost_locale-vc140-mt-1_61.dll 2016-06-10 12:36 - 2016-06-10 12:36 - 02485992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\HtmlFramework.dll 2016-06-10 12:36 - 2016-06-10 12:36 - 00871672 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareTrayDefaultSkin.dll 2016-02-12 23:13 - 2016-02-12 23:13 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2016-07-03 02:15 - 2016-07-03 02:15 - 00219072 _____ () c:\program files\¿ìñ¹\x86\kuaizipupdatechecker.dll 2016-07-03 02:14 - 2016-05-17 08:37 - 00127792 _____ () c:\program files (x86)\usbboxlite\pnphost.dll 2016-07-03 02:14 - 2016-03-28 08:06 - 00085296 _____ () c:\program files (x86)\usbboxlite\PnpSubmit\PnpSubmit.dll 2016-07-03 02:14 - 2016-03-28 08:06 - 00165680 _____ () c:\program files (x86)\usbboxlite\substat.dll 2016-07-03 02:14 - 2016-03-28 08:06 - 00086832 _____ () c:\program files (x86)\usbboxlite\PnpUpdater\PnpUpdate.dll 2016-07-03 02:14 - 2016-03-28 08:06 - 00262448 _____ () c:\program files (x86)\usbboxlite\CheckUpdate.dll 2016-07-03 02:14 - 2016-05-17 08:37 - 00096048 _____ () c:\program files (x86)\usbboxlite\adplug.dll 2016-07-03 02:14 - 2016-03-28 07:47 - 00163072 _____ () c:\program files (x86)\usbboxlite\wchsubstat.dll 2016-07-03 02:14 - 2016-05-20 10:25 - 00239408 _____ () c:\program files (x86)\usbboxlite\USBTip.dll 2016-07-03 02:14 - 2016-03-28 08:06 - 00090928 _____ () c:\program files (x86)\usbboxlite\PnpLoader.dll 2016-07-03 02:14 - 2016-03-28 08:06 - 00068912 _____ () c:\program files (x86)\usbboxlite\AdLoader.dll 2016-07-03 02:14 - 2016-03-28 08:06 - 00183600 _____ () c:\program files (x86)\usbboxlite\appconfig.dll 2016-07-03 02:13 - 2015-12-02 04:24 - 00165104 _____ () C:\Program Files (x86)\Wifisrv\wchsubstat.dll 2016-07-03 02:13 - 2015-12-02 04:24 - 00231424 _____ () C:\Program Files (x86)\Wifisrv\tipsdll.dll 2016-07-03 02:13 - 2015-12-02 04:24 - 00175104 _____ () C:\Program Files (x86)\Wifisrv\appconfig.dll 2016-07-03 02:13 - 2015-12-02 04:24 - 00254824 _____ () C:\Program Files (x86)\Wifisrv\DTLUpdater\CheckUpdate.dll 2016-04-19 07:02 - 2016-04-19 07:02 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 07:02 - 2016-04-19 07:02 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-04-19 07:02 - 2016-04-19 07:02 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll 2016-04-19 07:02 - 2016-04-19 07:02 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll 2016-04-19 07:02 - 2016-04-19 07:02 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll 2016-05-20 20:13 - 2016-05-20 20:13 - 00679624 _____ () C:\Users\Acer\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-4106620623-631192622-675998710-1001\...\amazon.com -> hxxps://amazon.com ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 13:04 - 2016-07-02 21:52 - 00001006 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4106620623-631192622-675998710-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{AE204F2B-FA8A-48F6-96E9-B94591AC2CA8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EAD4A834-9D4B-4027-8112-D5EE2BA4CE08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9B326DE2-2761-4DEA-B939-0819312C0685}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6C90BDC8-7E3B-470D-A0CD-BC06CDF5B390}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{6F1C7B5B-2A5B-4607-8DE6-DF51572F3DC3}C:\users\acer\documents\sat\dcce2_150\dcc_e2.exe] => (Allow) C:\users\acer\documents\sat\dcce2_150\dcc_e2.exe FirewallRules: [UDP Query User{40EE05DB-E6C6-4702-9F88-3118CCB65B32}C:\users\acer\documents\sat\dcce2_150\dcc_e2.exe] => (Allow) C:\users\acer\documents\sat\dcce2_150\dcc_e2.exe FirewallRules: [TCP Query User{AB5C58F3-7E31-4DF2-9E4C-4D4D8A467AE2}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [UDP Query User{1F673AC1-8AA3-460F-B868-9F243C6411EA}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [TCP Query User{FD92AACF-8106-4812-BEC8-B4E6594DFF47}C:\users\acer\downloads\dcce2_150\dcc_e2.exe] => (Allow) C:\users\acer\downloads\dcce2_150\dcc_e2.exe FirewallRules: [UDP Query User{559D0FEC-A7F9-4136-964B-91F2C895BE20}C:\users\acer\downloads\dcce2_150\dcc_e2.exe] => (Allow) C:\users\acer\downloads\dcce2_150\dcc_e2.exe FirewallRules: [TCP Query User{E445BB1A-6604-427F-8256-32B5B4426062}C:\users\acer\documents\sat\dreamset248x64\dreamset.exe] => (Allow) C:\users\acer\documents\sat\dreamset248x64\dreamset.exe FirewallRules: [UDP Query User{F8460D64-634C-403E-B2BB-2F679ED3CED6}C:\users\acer\documents\sat\dreamset248x64\dreamset.exe] => (Allow) C:\users\acer\documents\sat\dreamset248x64\dreamset.exe FirewallRules: [TCP Query User{16810D97-DB0D-4D07-A8CD-BDFF330F5B6D}C:\users\acer\appdata\roaming\kodi\addons\plugin.video.kmediatorrent-2.3.7\resources\bin\windows_x86\torrent2http.exe] => (Allow) C:\users\acer\appdata\roaming\kodi\addons\plugin.video.kmediatorrent-2.3.7\resources\bin\windows_x86\torrent2http.exe FirewallRules: [UDP Query User{1B83CC10-A425-46AE-91EE-7A6585A29C84}C:\users\acer\appdata\roaming\kodi\addons\plugin.video.kmediatorrent-2.3.7\resources\bin\windows_x86\torrent2http.exe] => (Allow) C:\users\acer\appdata\roaming\kodi\addons\plugin.video.kmediatorrent-2.3.7\resources\bin\windows_x86\torrent2http.exe FirewallRules: [{590A4FD0-0674-4B84-9DB4-5338C01A653D}] => (Allow) C:\Program Files (x86)\Wifisrv\helptool.exe FirewallRules: [{5EB266A3-934D-4190-8FE1-CFB78F5A5861}] => (Allow) C:\Program Files (x86)\Wifisrv\YunExplorer.exe FirewallRules: [{FAA0FFC3-33C3-4EA1-ACF8-7A567DBD9612}] => (Allow) C:\Program Files (x86)\Wifisrv\WifiService.exe FirewallRules: [{FF0456CB-427E-46AE-AECE-03E4CD82464D}] => (Allow) C:\Program Files (x86)\Wifisrv\160WiFi.exe FirewallRules: [{5F2E8FEC-908D-4FAE-B854-6159898CE8F2}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{84837263-1C2F-4B59-A5F9-B65A08D7B264}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{C0870380-4301-4CAF-9B41-43E664FD370A}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{000947AB-F082-47AF-9004-5B44A89A4588}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{856ED919-1873-4DDE-B106-92E308C6C5CF}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe FirewallRules: [{468CBB4F-9A97-4978-9072-08B0A6FB859A}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe FirewallRules: [{04A624B2-49E5-44B8-A62F-E71A48E56097}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe FirewallRules: [{EE1448C4-FA30-4AA9-BD60-390E8498A0CE}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe FirewallRules: [{11BEB365-127F-4D5A-8C34-65BBEE620D37}] => (Allow) C:\Program Files (x86)\Wifisrv\\WifiService.exe ==================== Restore Points ========================= 15-06-2016 15:53:07 Windows Update 22-06-2016 19:27:16 Scheduled Checkpoint 01-07-2016 18:01:09 Scheduled Checkpoint 02-07-2016 13:07:29 Herstelbewerking 03-07-2016 19:16:34 Removed Skype™ 7.24 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/04/2016 07:17:54 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0xC004F074 Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (07/04/2016 07:17:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0xC004F074 Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (07/03/2016 08:21:27 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0xC004F074 Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (07/03/2016 08:21:01 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0xC004F074 Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (07/03/2016 08:09:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-BNKSEGB) Description: Het pakket Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy+CortanaUI is beëindigd omdat het onderbreken te lang duurde. Error: (07/03/2016 07:16:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary RQueryOncew. System Error: The system cannot find the file specified. . Error: (07/03/2016 07:16:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (07/03/2016 07:14:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0xC004F074 Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (07/03/2016 07:14:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0xC004F074 Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (07/03/2016 05:26:45 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0xC004F074 Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 System errors: ============= Error: (07/04/2016 07:16:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Garmin Device Interaction Service-service kan vanwege de volgende fout niet worden gestart: %%1053 = De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Error: (07/04/2016 07:16:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Garmin Device Interaction Service. Error: (07/03/2016 08:42:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Sync Host_2d337-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Restart the service. Error: (07/03/2016 08:42:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (07/03/2016 08:19:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Garmin Device Interaction Service-service kan vanwege de volgende fout niet worden gestart: %%1053 = De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Error: (07/03/2016 08:19:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Garmin Device Interaction Service. Error: (07/03/2016 08:18:59 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: De vorige afsluiting van het systeem om 7:53:49 PM op ‎7/‎3/‎2016 is onverwacht gebeurd. Error: (07/03/2016 08:16:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BNKSEGB) Description: {9AA46009-3CE0-458A-A354-715610A075E6} Error: (07/03/2016 08:14:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BNKSEGB) Description: {9AA46009-3CE0-458A-A354-715610A075E6} Error: (07/03/2016 07:56:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Restart the service. CodeIntegrity: =================================== Date: 2016-07-03 02:23:37.885 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-03 02:23:37.853 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-03 02:23:37.806 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-03 02:23:37.578 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-03 02:23:36.715 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-02 21:52:41.630 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-02 21:52:41.612 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-02 21:52:41.593 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-02 21:52:41.574 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-02 21:52:41.529 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz Percentage of memory in use: 47% Total physical RAM: 3947.86 MB Available physical RAM: 2070.34 MB Total Virtual: 4651.86 MB Available Virtual: 2782.85 MB ==================== Drives ================================ Drive c: (Win 10) (Fixed) (Total:292.48 GB) (Free:248.89 GB) NTFS Drive d: (Backup) (Fixed) (Total:172.79 GB) (Free:171.45 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 16BA5C08) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=292.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=172.8 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================