Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016 Ran by eafae (2016-02-14 23:01:39) Running from C:\Users\eafae\Downloads Windows 8.1 Pro (X64) (2015-01-12 07:48:36) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4040340981-3488949422-2698820681-500 - Administrator - Disabled) eafae (S-1-5-21-4040340981-3488949422-2698820681-1001 - Administrator - Enabled) => C:\Users\eafae Guest (S-1-5-21-4040340981-3488949422-2698820681-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden Aktualizacje NVIDIA 2.4.5.28 (Version: 2.4.5.28 - NVIDIA Corporation) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DarkEra (HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\DarkEra) (Version: - DarkEra) <==== ATTENTION EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts) Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - ) Fraps (HKLM-x32\...\Fraps) (Version: - ) Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge) GameRanger (HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\GameRanger) (Version: - GameRanger Technologies) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) Geeks3D.com FurMark 1.8.5 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com) GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.47.0000 - GIGABYTE Technology Co.,Ltd.) GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.67.0000 - GIGABYTE Technology Co.,Ltd.) GIGABYTE OC_GURU II (x32 Version: 1.47.0000 - GIGABYTE Technology Co.,Ltd.) Hidden GIGABYTE OC_GURU II (x32 Version: 1.67.0000 - GIGABYTE Technology Co.,Ltd.) Hidden GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Gothic 3 - Quest Pack 4 PL (HKLM-x32\...\Gothic 3 - Quest Pack 4 PL) (Version: 4.2.1.75 - RobeN & G3 Community) Gothic III v1.12 (HKLM-x32\...\Gothic III_is1) (Version: - ) Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm) Heroes of Might & Magic III - HD Edition (HKLM-x32\...\Heroes of Might & Magic III - HD Edition_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) Heroes of Might and Magic III - Z³ota Edycja (HKLM-x32\...\{8B743AA0-53B2-11D2-808A-00600895FB43}) (Version: 1.0 - ) KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - ) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.) Metin2 (HKLM-x32\...\Metin2_PL_is1) (Version: - Gameforge 4D GmbH) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD) Native Info (HKLM-x32\...\Native Info) (Version: 2.0.5875.18562 - Native Info) <==== ATTENTION Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts) Nero 9 Essentials (HKLM-x32\...\{3c68754b-c937-4233-be45-50664f23607c}) (Version: - Nero AG) NetCut 2.1.4 (HKLM-x32\...\NetCut_is1) (Version: - arcai.com) NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.12.0) (Version: 4.0.12.0 - Locktime Software) NetLimiter 4 (Version: 4.0.12.0 - Locktime Software) Hidden No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version: - No More Room in Hell Team) NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA Sterownik graficzny 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA Wirtualny dźwięk Miracast 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.06 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.) Panel sterowania NVIDIA 353.06 (Version: 353.06 - NVIDIA Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.4.15.0 - Razer Inc.) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.8 - Rockstar Games) SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden Skype Web Plugin (HKLM-x32\...\{34E6C3B4-9354-41C2-9484-25B17F48E7E9}) (Version: 7.13.0.71 - Skype Technologies S.A.) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.) SnapDo (HKLM-x32\...\{27014B2C-4CD7-40DA-A98A-E89E3DF7A2A3}) (Version: 1.0.0.0 - Resoft) <==== ATTENTION Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine 3.4.0 (HKLM\...\SteelSeries Engine 3) (Version: 3.4.0 - SteelSeries ApS) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Test Drive Unlimited Gold (HKLM-x32\...\Test Drive Unlimited Gold_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.12.1.0 - GOG.com) The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.12.1.0 - GOG.com) Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton) Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft) Windows Driver Package - IC Plus Corp. (ip100Avista) Net (03/18/2009 5.02.9.318) (HKLM\...\8FA31CC1FC03243638A6AE7FEA7EDF1B4B7F6512) (Version: 03/18/2009 5.02.9.318 - IC Plus Corp.) WTFast 3.5 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 3.5.6.464 - Initex & AAA Internet Publishing) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4040340981-3488949422-2698820681-1001_Classes\CLSID\{34BEB704-B055-4D67-9AC1-C852E0E3DFA4}\localserver32 -> C:\Users\eafae\AppData\Local\SkypePlugin\7.13.0.71\GatewayVersion-x64.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-4040340981-3488949422-2698820681-1001_Classes\CLSID\{79DF62FC-32CA-4F29-A0C2-FBD17AB15D63}\InprocServer32 -> C:\Users\eafae\AppData\Local\SkypePlugin\7.13.0.71\GatewayActiveX-x64.dll (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-4040340981-3488949422-2698820681-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\eafae\AppData\Local\SkypePlugin\7.13.0.71\EdgeCalling.exe (Skype Technologies S.A.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {2B732FB9-1F74-4BFA-BE2E-3D9E35E1D1B0} - System32\Tasks\SPBIW_UpdateTask_Time_313738353133383530322d454a2a415034412a4a6c575a => C:\Windows\system32\wscript.exe [2013-08-22] (Microsoft Corporation) Task: {497AFD50-BC92-4842-8AC4-EB2C5D731D06} - System32\Tasks\Inst_Rep => C:\Users\eafae\AppData\Local\Installer\Install_14590\ytdieamodc_amodc_inst.exe [2016-01-11] () <==== ATTENTION Task: {7A8B37D0-51B1-40C1-950F-28CC762AE3AC} - System32\Tasks\ndb3jyhj => C:\Program Files\Common Files\k3rc4xhk\ccd44y0jcijrf.exe [2016-02-14] () <==== ATTENTION Task: {7CCE48B3-69BB-49DF-A61E-8249DE5A6A61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-20] (Google Inc.) Task: {84F257F9-DF8F-40E3-A1E9-7C802A7F3168} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-20] (Google Inc.) Task: {95E5BF7F-AFB6-4DDF-8421-1224113D1E48} - System32\Tasks\Installer_iwebar => C:\Users\eafae\AppData\Local\Installer\Installiwebar_18987\ytdieamodc_amodc_inst.exe [2016-01-11] () <==== ATTENTION Task: {9A10756C-275D-4C25-83E7-A5645D4A7301} - System32\Tasks\f5qry3k3 => C:\Program Files\Common Files\ixsv3c2d\6fd91gmalpl2x.exe [2016-01-11] () <==== ATTENTION Task: {A134B599-FC65-4DA6-90BC-C67F7A3DF6DE} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-05-25] () Task: {A30E9030-2E60-42D0-942A-0F7110F5569E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd) Task: {A652EB74-B2CE-415F-98F4-3912D3DCA5FA} - \AutoPico Daily Restart -> No File <==== ATTENTION Task: {ACE2164B-D103-4E55-AA60-2CAB6A13EE65} - System32\Tasks\rurtn313 => C:\Program Files\Common Files\3vmusi4v\63035qoqjoaa3.exe [2016-01-11] () <==== ATTENTION Task: {BBAA705C-28AF-48AE-9FB1-78321271C3A2} - System32\Tasks\pbu12blk => C:\Program Files\Common Files\3jfzxv2k\fb9b3jkbeviro.exe [2016-01-11] () <==== ATTENTION Task: {E69403FA-3ED1-475B-9CBD-222510D98362} - System32\Tasks\turodhct => C:\Windows\system32\config\systemprofile\AppData\Local\Ozerex [2016-01-11] () <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-01-13 04:20 - 2015-05-28 05:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-01-13 04:28 - 2013-07-04 12:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2015-06-03 10:43 - 2015-06-03 10:43 - 00040448 _____ () C:\Program Files\Locktime Software\NetLimiter 4\CoreLibNet.dll 2015-03-10 18:20 - 2015-03-10 18:20 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2016-01-11 12:46 - 2016-01-11 12:23 - 00778752 _____ () C:\Users\eafae\AppData\Local\Installer\Installiwebar_18987\ytdieamodc_amodc_inst.exe 2016-02-14 22:58 - 2016-02-14 22:35 - 00527360 _____ () C:\ProgramData\Airtostrong\Airtostrong.exe 2015-01-13 04:28 - 2016-02-14 22:53 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2015-01-13 04:28 - 2013-07-04 12:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2015-05-26 16:25 - 2015-05-23 02:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-02-03 22:30 - 2015-12-15 06:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2016-02-03 22:30 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2016-02-03 22:30 - 2016-02-04 22:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll 2016-02-03 22:30 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2016-02-03 22:30 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-04-14 05:40 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-04-14 05:40 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-04-14 05:40 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-04-14 05:40 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-04-14 05:40 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-04-14 05:40 - 2016-02-04 22:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-07-22 20:56 - 2015-12-30 02:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2016-02-14 22:58 - 2016-02-14 22:58 - 00257536 _____ () C:\ProgramData\Airtostrong\Damdamstrong.dll 2016-02-10 22:35 - 2016-02-09 12:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll 2016-02-10 22:35 - 2016-02-09 12:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll 2016-02-10 22:35 - 2016-02-09 12:58 - 16810824 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll 2015-04-14 05:40 - 2016-01-06 02:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2016-02-14 23:00 - 2016-02-14 23:00 - 00380416 _____ () C:\Users\eafae\Downloads\fvsw3kkh.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\eafae\Downloads\Fallout42015CODEXPolskaWersjaJzykowaSpolszczenie__7934_il87675.exe:typelib AlternateDataStreams: C:\Users\eafae\Downloads\UnityWebPlayer.exe:BDU ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2016-02-13 16:00 - 00031188 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 13.69.186.195 1and1.com 13.69.186.195 22find.com 13.69.186.195 24img.com 13.69.186.195 a4.bing.com 13.69.186.195 abcsearch.ru 13.69.186.195 airzip.inspsearch.com 13.69.186.195 allsearch.ca 13.69.186.195 allsearch.space 13.69.186.195 alternativesearch.ru 13.69.186.195 amaizingsearches.info 13.69.186.195 amazon.smart-search.com 13.69.186.195 appiance.com 13.69.186.195 asiasearch.co 13.69.186.195 ask.com 13.69.186.195 atajitos.com 13.69.186.195 autosearch.centurylink.com 13.69.186.195 autosearch.zoominternet.net 13.69.186.195 avg.com 13.69.186.195 avg.nation.com 13.69.186.195 awesomehp.com 13.69.186.195 baidu.com 13.69.186.195 best-found.com 13.69.186.195 bestqualitysearch.com 13.69.186.195 bestsearch.com 13.69.186.195 bestsearch.space 13.69.186.195 bestsearchsresult.com 13.69.186.195 betasearch.ru 13.69.186.195 better-search.net 13.69.186.195 bilisearch.com There are 746 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\eafae\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta z Przeglądarki fotografii systemu Windows.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "GIGABYTE OC_GURU.lnk" HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKLM\...\StartupApproved\Run32: => "RazerCortex" HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\StartupApproved\Run: => "GalaxyClient" HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\StartupApproved\Run: => "NetLimiter" HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\StartupApproved\Run: => "WTFast Tray" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [TCP Query User{03DE8963-ED45-472E-BFBF-049D051740BA}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [UDP Query User{C8F17800-AB2D-42CA-8B21-49B441BF14B6}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [TCP Query User{C8E8DCF1-3C73-4BD7-9D53-7B79D4F3B887}C:\program files (x86)\counter strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter strike 1.6\hl.exe FirewallRules: [UDP Query User{EB71703C-C9ED-41D1-983F-B7A336C010B5}C:\program files (x86)\counter strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter strike 1.6\hl.exe FirewallRules: [{FB066FB6-F50E-43F6-9FDD-D66EDB35E09C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{75E2E2D5-4040-48E1-860C-82226A23F3BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4207012E-C281-4C33-AE10-522EB461E097}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{82DDA39C-1792-4269-8CCE-3AB236E0FFCF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{72CC26E2-50DC-4272-9F36-F86D899078E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{5DFE8425-CA76-4E14-A2C5-D261D0ED0C7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{0141C032-896D-410D-A59E-2F116797F5BA}] => (Allow) C:\Users\eafae\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CC26A13C-84E6-41CF-8CC0-05B2B321C552}] => (Allow) C:\Users\eafae\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{77776229-711A-48DC-8912-879ADD790AC6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{6A54C471-A485-4A8E-8482-DE7C7F2106D0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{B540120B-1361-4DD9-AAF8-509899624F65}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [UDP Query User{7371D6ED-A91D-43D6-B750-5DBB61E9A00C}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [{A48AD71B-23D1-49CB-A503-434B5608F3FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{AF916073-AE17-49C0-8752-BD573D8B2EF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{3EAA55B3-8114-4D73-82E4-24B39226447A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{D983953F-6F27-47D9-8FCF-DDA4494DA4B0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{3D95038F-2EF9-42C4-A3CE-6E396D770CFA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{FC7883BE-9899-46C0-8C06-F1E7209B44DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{BAB789A6-64C9-4479-8585-E53ABE31BC6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{783AC08B-A93B-41BB-A695-F98A3989679D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{3B32A7C2-4B8A-4B3B-9891-761BA43D69BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{EA9FB24C-A719-487D-BF35-9E234891195A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{3CF6E918-6681-4266-A1AB-30D18332DBFB}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{4182BCE6-2287-4A55-9B4F-6FBBDF77DC0F}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{99EF9B6D-82E1-4C4F-AF96-EDB6B80E43E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe FirewallRules: [{70DFBADE-DEA2-421F-95C2-512CA14C884E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe FirewallRules: [{353AEFAF-4C09-4136-B92B-93E84D81073A}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe FirewallRules: [{C945DCE5-F522-482C-B463-783034AAEBFC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe FirewallRules: [{BAB11A55-9F58-4031-966B-2B9C12342390}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{0A0199B3-E279-4995-A28D-784A9F187321}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{5CBA8962-E9D5-4532-9CEC-7866A64E427B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{6568B804-CBFA-464E-89BD-9602BC648558}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{15A988DD-9332-4790-9844-B5857F24AC05}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{44E0970D-41AB-47E3-B13E-AC52EB6E4B67}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{A320E3E5-167E-4DF8-B66E-28B145D70CFA}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{EBCB48FC-2C4A-4990-805E-9D5D17D2F41A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{0118898B-9980-45BF-9253-F9D3B16CD80E}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe FirewallRules: [{271D0A5C-4F44-4346-AC18-A1E77C9E4DA5}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [{1D4C5DEA-00E9-4ECB-8F15-8D11A37E5118}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [{449548D3-35CE-4762-A115-5CE57159A86C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 26-01-2016 20:56:34 Scheduled Checkpoint 02-02-2016 22:35:27 Zainstalowany program DirectX 14-02-2016 18:43:37 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= Name: Kontroler magistrali zarządzania systemem Description: Kontroler magistrali zarządzania systemem Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler Ethernet Description: Kontroler Ethernet Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (02/14/2016 10:58:48 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4 Error: (02/14/2016 10:58:47 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (02/14/2016 10:55:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/14/2016 10:55:49 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (02/14/2016 07:45:03 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/14/2016 07:44:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/14/2016 07:44:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/14/2016 07:44:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/14/2016 07:44:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/14/2016 07:44:12 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable System errors: ============= Error: (02/14/2016 10:53:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WinPcap Packet Driver (NPF) z powodu następującego błędu: %%2 Error: (02/14/2016 10:53:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WinPcap Packet Driver (NPF) z powodu następującego błędu: %%2 Error: (02/14/2016 10:53:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WinPcap Packet Driver (NPF) z powodu następującego błędu: %%2 Error: (02/14/2016 10:53:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WinPcap Packet Driver (NPF) z powodu następującego błędu: %%2 Error: (02/14/2016 10:53:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WinPcap Packet Driver (NPF) z powodu następującego błędu: %%2 Error: (02/14/2016 10:53:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WinPcap Packet Driver (NPF) z powodu następującego błędu: %%2 Error: (02/14/2016 10:53:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WinPcap Packet Driver (NPF) z powodu następującego błędu: %%2 Error: (02/14/2016 10:53:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WinPcap Packet Driver (NPF) z powodu następującego błędu: %%2 Error: (02/14/2016 10:53:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Update Mgr NativeInfo z powodu następującego błędu: %%2 Error: (02/14/2016 10:53:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Service Mgr NativeInfo z powodu następującego błędu: %%2 CodeIntegrity: =================================== Date: 2016-02-14 18:37:45.464 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-14 18:37:45.402 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-14 18:37:45.339 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-14 18:37:45.230 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-14 18:37:45.152 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-14 18:37:45.089 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-14 18:37:44.995 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-14 18:37:44.933 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-14 18:37:44.870 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-14 18:37:44.551 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz Percentage of memory in use: 28% Total physical RAM: 8134.93 MB Available physical RAM: 5802.04 MB Total Virtual: 16326.93 MB Available Virtual: 13980.47 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:596.16 GB) (Free:8.43 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive e: (DISK2) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: EFD1EFD1) Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================