Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by REVERIEN (2016-04-06 15:16:27)
Running from C:\Users\REVERIEN\Desktop
Windows 10 Home Version 1511 (X64) (2016-01-04 12:15:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1240968423-981972810-3087361095-500 - Administrator - Di
sabled)
DefaultAccount (S-1-5-21-1240968423-981972810-3087361095-503 - Limited - Disable
d)
Guest (S-1-5-21-1240968423-981972810-3087361095-501 - Limited - Disabled) => C:\
Users\Guest
HomeGroupUser$ (S-1-5-21-1240968423-981972810-3087361095-1003 - Limited - Enable
d)
REVERIEN (S-1-5-21-1240968423-981972810-3087361095-1001 - Administrator - Enable
d) => C:\Users\REVERIEN
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF4
6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF4
6}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to un
hide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21
.0.0.197 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 CE (HKLM-x32\...\Adobe Photoshop 7.0 CE) (Version: 7.0 CE Adobe Systems, Inc.)
Adobe Reader 9.4.0 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A94000000001}) (Versio
n: 9.4.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1
.7.157 - Adobe Systems, Inc.)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apache Tomcat 6.0 (remove only) (HKLM\...\Apache Tomcat 6.0) (Version: - )
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43F
F61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE037
66}) (Version: 4.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Ver
sion: 2.1.4.131 - Apple Inc.)
ArcGIS 10.1 for Desktop (HKLM-x32\...\ArcGIS 10.1 for Desktop) (Version: 10.1.30
35 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.1 for Desktop (x32 Version: 10.1.3035 - Environmental Systems Research
Institute, Inc.) Hidden
ArcGIS 10.1 License Manager (HKLM-x32\...\ArcGIS 10.1 License Manager) (Version:
10.1.2891 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.1 License Manager (x32 Version: 10.1.2891 - Environmental Systems Rese
arch Institute, Inc.) Hidden
Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F37011
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. T
he "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to d
efault or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1240968423-981972810-3087361095-1001\...\partition
guru.com -> hxxp://www.partitionguru.com
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2016-04-02 20:18 - 00011672 ____A C:\WINDOWS\system32\Drivers
\etc\hosts
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
199.59.62.24
There are 356 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1240968423-981972810-3087361095-1001\Control Panel\Desktop\\Wallpap
er -> C:\Users\REVERIEN\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\
DesktopBackground\img0.jpg
HKU\S-1-5-21-1240968423-981972810-3087361095-501\Control Panel\Desktop\\Wallpape
r -> C:\WINDOWS\web\wallpaper\Toshiba\standard.jpg
DNS Servers: 82.163.143.171 - 82.163.142.173
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPrompt
BehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "Everything"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "TecoResident"
HKLM\...\StartupApproved\Run: => "SRS Premium Sound HD"
HKLM\...\StartupApproved\Run: => "TCrdMain"
HKLM\...\StartupApproved\Run: => "TODDMain"
HKLM\...\StartupApproved\Run: => "TosWaitSrv"
HKLM\...\StartupApproved\Run32: => "autodetect"
HKLM\...\StartupApproved\Run32: => "Everything"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "RIMBBLaunchAgent.exe"
HKLM\...\StartupApproved\Run32: => "TPUReg"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-1240968423-981972810-3087361095-1001\...\StartupApproved\StartupFol
der: => "Dropbox.lnk"
HKU\S-1-5-21-1240968423-981972810-3087361095-1001\...\StartupApproved\Run: => "G
oogle Update"
HKU\S-1-5-21-1240968423-981972810-3087361095-1001\...\StartupApproved\Run: => "I
DMan"
HKU\S-1-5-21-1240968423-981972810-3087361095-1001\...\StartupApproved\Run: => "S
kype"
HKU\S-1-5-21-1240968423-981972810-3087361095-1001\...\StartupApproved\Run: => "S
creencast-O-Matic Tray"
HKU\S-1-5-21-1240968423-981972810-3087361095-1001\...\StartupApproved\Run: => "V
See"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. T
he file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CED17A21-3FAE-49CF-9ECA-A918423B2CBF}] => (Allow) %systemroot%\
system32\alg.exe
FirewallRules: [UDP Query User{A3AD89B2-EF64-4B02-8C8D-76D6EA791ABC}C:\program f
iles (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connecti
fy\connectify.exe
FirewallRules: [TCP Query User{4EEFEEBC-829D-4AC5-A501-D7DD392F3F65}C:\program f
iles (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connecti
fy\connectify.exe
FirewallRules: [{26CBC116-A886-41F6-901D-44B8945880D9}] => (Allow) C:\Program Fi
les (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A1865D0E-DFB8-4358-AC73-2FA0CB843CC6}] => (Allow) C:\Program Fi
les (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{49110ED6-5883-4612-874C-AB647A68DF25}] => (Allow) C:\Program Fi
les (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{ED159E10-39F8-4B76-A3B3-F971B8CAE1AB}] => (Allow) C:\Program Fi
les (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F924F07A-D2A8-420C-9B88-11AD4B2C8370}] => (Allow) C:\Program Fi
les (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{2C6DE3EC-72A5-4457-8146-3389688D98CC}] => (Allow) C:\Program Fi
les (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{07D4D389-98EA-40A9-83BA-D730EC5C9630}] => (Allow) LPort=1688
FirewallRules: [{C109F93D-9100-431D-B61E-83C93D6E996A}] => (Allow) C:\Program Fi
les\KMSpico\AutoPico.exe
FirewallRules: [{7180087A-69A0-49FC-A8C0-88DDD581BDD7}] => (Allow) C:\Program Fi
les\KMSpico\AutoPico.exe
FirewallRules: [{81227772-2DAA-4A12-AF45-6FD4A355B49D}] => (Allow)
les\KMSpico\Service_KMS.exe
FirewallRules: [{9BACA3F2-6A32-43D2-9A57-FE02F540F858}] => (Allow)
les\KMSpico\Service_KMS.exe
FirewallRules: [{EF122BC9-8ED2-4F76-9A83-979E295D2594}] => (Allow)
les\KMSpico\KMSELDI.exe
FirewallRules: [{BC44951D-BA85-4509-A961-CC23E6570D30}] => (Allow)
les\KMSpico\KMSELDI.exe
FirewallRules: [{FB9C1AA6-B1DC-4FAF-823C-D769CA11ED7F}] => (Allow)
FirewallRules: [{EAB34039-D997-49A7-96B5-57F98CCD1402}] => (Allow)
les (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{CAA82361-BF4D-4259-A3DF-830A363F74C4}] => (Allow)
les (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{50EE1F7B-EEDB-46A0-99F8-FEA2C0BD925D}] => (Allow)
les (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{29B0DB79-257F-40D0-AA83-C1AD16D8ADD7}] => (Allow)
les (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{52D27317-8D42-43FF-A895-4BB64E868B1E}] => (Allow)
FirewallRules: [{3CF0ED6F-3D1A-4F51-9E5E-4C2BD0B5C806}] => (Allow)
les (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7C4E8E3C-1BB7-4E4C-AE79-DF4AC5C9B8D4}] => (Allow)
les (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B631FD5E-2E77-4114-A834-AAEDAE48BAF6}] => (Allow)
les (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{D063D9A9-8BBB-481E-933B-CD7F0967A396}] => (Allow)
les (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{07E6D6A7-E7EF-4A4F-91A2-25057ED1E21F}] => (Allow)
les (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{21B98EFC-048E-4BE2-BC33-0890B808A00D}] => (Allow)
les (x86)\Spotify\spotify.exe
FirewallRules: [{74E32F51-08BF-496A-A141-2D2EAF121968}] => (Allow)
les (x86)\Spotify\spotify.exe
FirewallRules: [{ED275BE1-9260-49CD-8405-134CE78CD8F7}] => (Allow)
les (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{D288FF71-31C1-4DF5-AFC5-175747EFA260}] => (Allow)
les (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{69B5AC7F-E405-4421-A111-09A6F9EEDD62}] => (Allow)
RIEN\AppData\Local\Temp\nsd3F3F.tmp\CnetInstaller-75715872.exe
FirewallRules: [{E6B96284-A2D9-4F0E-9CA7-813B79BC8EF0}] => (Allow)
RIEN\AppData\Local\Temp\nsd3F3F.tmp\CnetInstaller-75715872.exe
FirewallRules: [{8C677F5F-8553-429E-8E5E-7271B10687B7}] => (Allow)
les (x86)\Dynamo Combo\bin\DynamoCombo.BRT.Helper.exe
FirewallRules: [{574FD494-3CA7-4021-8A39-F14DA44AFC16}] => (Allow)
les (x86)\Dynamo Combo\bin\DynamoCombo.BRT.Helper.exe
FirewallRules: [{CD0B6F4B-0009-4EBC-A245-C5562ACE4FB4}] => (Allow)
les (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3C2D29B-B322-4EB2-B525-2F1273B1F716}] => (Allow)
les (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E9B53418-4574-45A0-8639-DC0D6707F655}] => (Allow)
RIEN\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F570D4F2-1C74-46C1-BCF1-1120781D9D59}] => (Allow)
RIEN\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9B9610DF-DAF7-4650-B8EB-BE4B5CAAE391}] => (Allow)
les (x86)\IBM\SPSS\Statistics\20\stats.com
FirewallRules: [{705BE377-AD8B-4F94-90AB-D2EFCB6644B4}] => (Allow)
les (x86)\IBM\SPSS\Statistics\20\WinWrapIDE.exe
FirewallRules: [{02C0309B-F069-4FF4-9696-6487D878C8CE}] => (Allow)
les (x86)\IBM\SPSS\Statistics\20\stats.exe
FirewallRules: [{AEE1A837-3B32-4F4E-84D3-C59B67FC0D4F}] => (Allow)
C:\Program Fi
C:\Program Fi
C:\Program Fi
C:\Program Fi
LPort=1688
C:\Program Fi
C:\Program Fi
C:\Program Fi
C:\Program Fi
LPort=3306
C:\Program Fi
C:\Program Fi
C:\Program Fi
C:\Program Fi
C:\Program Fi
C:\Program Fi
C:\Program Fi
C:\Program Fi
C:\Program Fi
C:\Users\REVE
C:\Users\REVE
C:\Program Fi
C:\Program Fi
C:\Program Fi
C:\Program Fi
C:\Users\REVE
C:\Users\REVE
C:\Program Fi
C:\Program Fi
C:\Program Fi
C:\Program Fi
\bin\java.exe
FirewallRules: [{9BE26317-4C02-4241-92DB-A8A1FC476E35}] => (Allow) C:\Program Fi
les\KMSnano\qemu-system-i386.exe
FirewallRules: [{0185FCB4-F83E-476C-8C83-7E96F997E750}] => (Allow) C:\Program Fi
les\KMSnano\qemu-system-i386.exe
FirewallRules: [{A94D9EED-B06D-40EF-BC22-696A748AA005}] => (Allow) c:\program fi
les (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [TCP Query User{C5F57E73-72B0-41B8-BC44-8684B97CC4DA}C:\program f
iles (x86)\vectir\vectir.exe] => (Allow) C:\program files (x86)\vectir\vectir.ex
e
FirewallRules: [UDP Query User{739CCF3C-E344-4A02-9C2E-E15BE58C0F42}C:\program f
iles (x86)\vectir\vectir.exe] => (Allow) C:\program files (x86)\vectir\vectir.ex
e
FirewallRules: [TCP Query User{23EA3972-718B-4DC8-8F47-383CBD730E9E}C:\program f
iles (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\
vlc.exe
FirewallRules: [UDP Query User{F0C8441B-10DA-43D0-ADD9-E489B359C9CC}C:\program f
iles (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\
vlc.exe
FirewallRules: [{F653B5D8-9AAC-4521-9B17-DFB7DC379077}] => (Allow) C:\Program Fi
les\Bonjour\mDNSResponder.exe
FirewallRules: [{88671DA2-CC5A-49CB-A0C9-48B72A220E78}] => (Allow) C:\Program Fi
les\Bonjour\mDNSResponder.exe
FirewallRules: [{91A5D443-9D77-4A0B-8E80-B5D3392DD370}] => (Allow) C:\Program Fi
les (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{87EF9B94-EE96-466E-BD82-8CE5117E7A10}] => (Allow) C:\Program Fi
les (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{70B2A856-2AF0-424D-8629-2DB1B396EC82}C:\program f
iles (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\
vlc.exe
FirewallRules: [UDP Query User{10211271-2BDC-42C2-B961-8DB4582E4C2F}C:\program f
iles (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\
vlc.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which
starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/06/2016 03:17:59 PM) (Source: Bonjour Service) (EventID: 100) (User:
)
Description: 788: ERROR: read_msg errno 0 (The operation completed successfully.
)
Error: (04/06/2016 03:17:59 PM) (Source: Bonjour Service) (EventID: 100) (User:
)
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
Error: (04/06/2016 03:16:59 PM) (Source: Bonjour Service) (EventID: 100) (User:
)
Description: 776: ERROR: read_msg errno 0 (The operation completed successfully.
)
Error: (04/06/2016 03:16:59 PM) (Source: Bonjour Service) (EventID: 100) (User:
)
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
Error: (04/06/2016 03:13:59 PM) (Source: Bonjour Service) (EventID: 100) (User:
)
Description: 776: ERROR: read_msg errno 0 (The operation completed successfully.
)
Error: (04/06/2016 03:13:59 PM) (Source: Bonjour Service) (EventID: 100) (User:
)
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
Error: (04/06/2016 03:12:59 PM) (Source: Bonjour Service) (EventID: 100) (User:
)
Description: 1016: ERROR: read_msg errno 0 (The operation completed successfully
.)
Error: (04/06/2016 03:12:59 PM) (Source: Bonjour Service) (EventID: 100) (User:
)
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
Error: (04/06/2016 03:11:59 PM) (Source: Bonjour Service) (EventID: 100) (User:
)
Description: 976: ERROR: read_msg errno 0 (The operation completed successfully.
)
Error: (04/06/2016 03:11:59 PM) (Source: Bonjour Service) (EventID: 100) (User:
)
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
System errors:
=============
Error: (04/06/2016 09:27:29 AM) (Source: Service Control Manager) (EventID: 7031
) (User: )
Description: The User Data Access_560cb16 service terminated unexpectedly. It ha
s done this 1 time(s). The following corrective action will be taken in 10000 mi
lliseconds: Restart the service.
Error: (04/06/2016 09:27:29 AM) (Source: Service Control Manager) (EventID: 7031
) (User: )
Description: The User Data Storage_560cb16 service terminated unexpectedly. It h
as done this 1 time(s). The following corrective action will be taken in 10000 m
illiseconds: Restart the service.
Error: (04/06/2016 09:27:29 AM) (Source: Service Control Manager) (EventID: 7031
) (User: )
Description: The Contact Data_560cb16 service terminated unexpectedly. It has do
ne this 1 time(s). The following corrective action will be taken in 10000 millis
econds: Restart the service.
Error: (04/06/2016 09:27:29 AM) (Source: Service Control Manager) (EventID: 7031
) (User: )
Description: The Sync Host_560cb16 service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 10000 milliseco
nds: Restart the service.
Error: (04/06/2016 09:27:28 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHOR
ITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D5
20160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost
(Using LRPC)UnavailableUnavailable
Error: (04/05/2016 08:58:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHOR
ITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D5
20160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost
(Using LRPC)UnavailableUnavailable
Error: (04/05/2016 05:02:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHOR
ITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D5
20160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost
(Using LRPC)UnavailableUnavailable
Error: (04/05/2016 03:08:37 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the comp
uter ACER
that believes that it is the master browser for the domain on transport NetBT_Tc
pip_{D3A7E1A2-BF66-4FA4-B421-289C91B29B3B}.
The master browser is stopping or an election is being forced.
Error: (04/05/2016 02:40:17 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the comp
uter LENOVO
that believes that it is the master browser for the domain on transport NetBT_Tc
pip_{C7344E23-A6A5-4EEE-9867-288EC4D5B277}.
The master browser is stopping or an election is being forced.
Error: (04/05/2016 01:02:47 PM) (Source: Service Control Manager) (EventID: 7031
) (User: )
Description: The UpdateSvc service terminated unexpectedly. It has done this 2 t
ime(s). The following corrective action will be taken in 60000 milliseconds: Res
tart the service.
CodeIntegrity:
===================================
Date: 2016-04-06 09:07:15.285
Description: Code Integrity determined that a process (\Device\HarddiskVolume4
\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskV
olume4\Windows\Provider.dll that did not meet the Custom 3 / Antimalware signing
level requirements.
Date: 2016-04-06 09:07:15.243
Description: Code Integrity determined that a process (\Device\HarddiskVolume4
\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskV
olume4\Windows\Provider.dll that did not meet the Custom 3 / Antimalware signing
level requirements.
Date: 2016-04-04 14:22:01.468
Description: Code Integrity determined that a process (\Device\HarddiskVolume4
\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskV
olume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that di
d not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-04 12:03:02.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume4
\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskV
olume4\Windows\Provider.dll that did not meet the Custom 3 / Antimalware signing
level requirements.
Date: 2016-04-04 12:03:02.171
Description: Code Integrity determined that a process (\Device\HarddiskVolume4
\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskV
olume4\Windows\Provider.dll that did not meet the Custom 3 / Antimalware signing
level requirements.
Date: 2016-04-02 20:08:57.152
Description: Code Integrity determined that a process (\Device\HarddiskVolume4
\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskV
olume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that di
d not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-30 14:43:23.764
Description: Code Integrity is unable to verify the image integrity of the fil
e \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-pag
e image hashes could not be found on the system.
Date: 2016-03-30 14:29:38.240
Description: Code Integrity determined that a process (\Device\HarddiskVolume4
\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskV
olume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that di
d not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-30 13:46:03.397
Description: Code Integrity is unable to verify the image integrity of the fil
e \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-pag
e image hashes could not be found on the system.
Date: 2016-03-30 13:37:25.565
Description: Code Integrity is unable to verify the image integrity of the fil
e \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-pag
e image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU 1000M @ 1.80GHz
Percentage of memory in use: 53%
Total physical RAM: 6027.22 MB
Available physical RAM: 2815.9 MB
Total Virtual: 8587.22 MB
Available Virtual: 4472.3 MB
==================== Drives ================================
Drive c: (TI31061100A) (Fixed) (Total:119.2 GB) (Free:20.51 GB) NTFS
Drive e: () (Fixed) (Total:166.29 GB) (Free:10.71 GB) NTFS
Drive h: () (Removable) (Total:7.44 GB) (Free:4.04 GB) FAT32