==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0FAA4B06-CE8F-40A7-8B89-D65D0B141BEB} - System32\Tasks\AdobeAAMUpdater-1.0-WhiteKnight-Josh => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {2AAA147B-6B4A-4E9E-A42D-BC64FF14014C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {2CE86CC8-4DDA-46BC-B8DD-FEC71CDDE4A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08] (Adobe Systems Incorporated)
Task: {2D9655CB-F736-4522-B4D0-F3E4E2AE7F43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {382C49D8-4111-4D81-B91D-AC924F60CC51} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {526C51A6-36D2-4BA3-B28A-F08B7EF251D8} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-12-01] ()
Task: {A2C735BF-87E9-4D3B-A82A-6D0D654F356E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {AD073A98-9F4C-4B35-BFE8-E811B006C22A} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2015-10-27] (Easeware)
Task: {BA3679C9-340A-4F46-9AB3-9DF53001AFD7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {BBF52BDE-88BC-43DC-87E9-4C665F76C826} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {CED7C50C-C391-4E40-92AE-5EA13023B991} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {D129964E-8EE4-4365-ADED-711EA4FD8527} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-03-02] ()
Task: {F5482DA6-AA50-4353-B965-89E1A22859C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-07-23 21:11 - 2015-11-24 10:40 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-21 13:32 - 2015-09-21 13:32 - 00590416 _____ () C:\Program Files (x86)\bitbeans\Simple DNSCrypt\dnscrypt-proxy\dnscrypt-proxy.exe
2015-04-07 00:00 - 2014-01-16 15:19 - 00044104 _____ () C:\Windows\runSW.exe
2014-07-23 20:50 - 2008-06-26 15:09 - 00167936 _____ () C:\Program Files (x86)\D-Link\DWA-171\WlanWpsSvc.exe
2015-04-07 00:00 - 2013-05-07 14:06 - 00096768 _____ () C:\Program Files (x86)\Edimax\Edimax AC1200 Wireless LAN Driver\WPSService20.exe
2015-02-23 12:05 - 2014-06-03 22:17 - 00070480 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\KVPPlugIns.dll
2015-11-25 18:09 - 2015-11-25 18:09 - 12462784 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2015-09-15 13:58 - 2015-09-15 13:58 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-04-15 12:13 - 2015-04-15 12:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 08845798 _____ () C:\Program Files\pia_manager\pia_manager.exe
2014-07-23 20:46 - 2015-12-01 13:52 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2014-07-23 20:46 - 2015-12-01 13:52 - 00690688 _____ () C:\Program Files\pia_manager\openvpn.exe
2014-07-23 20:46 - 2015-12-01 13:52 - 00190317 _____ () C:\Program Files\pia_manager\liblzo2-2.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 00108441 _____ () C:\Program Files\pia_manager\libpkcs11-helper-1.dll
2015-09-21 13:32 - 2015-09-21 13:32 - 00445080 _____ () C:\Program Files (x86)\bitbeans\Simple DNSCrypt\dnscrypt-proxy\libsodium-13.dll
2015-09-21 13:32 - 2015-09-21 13:32 - 00125928 _____ () C:\Program Files (x86)\bitbeans\Simple DNSCrypt\dnscrypt-proxy\libgcc_s_dw2-1.dll
2015-11-25 18:09 - 2015-11-25 18:09 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2015-11-25 18:09 - 2015-11-25 18:09 - 00165056 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll
2015-11-25 18:09 - 2015-11-25 18:09 - 00191680 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll
2015-11-25 18:09 - 2015-11-25 18:09 - 00388800 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll
2015-03-30 13:12 - 2015-11-12 10:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-09 19:53 - 2015-12-09 19:53 - 00012800 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-12-09 19:53 - 2015-12-09 19:53 - 00009728 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-12-09 19:53 - 2015-12-09 19:53 - 00014848 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-12-09 19:53 - 2015-12-09 19:53 - 00094208 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\src\rgloader\rgloader193.mswin.so
2015-12-09 19:53 - 2015-12-09 19:53 - 00009216 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-12-09 19:53 - 2015-12-09 19:53 - 00094208 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-12-09 19:53 - 2015-12-09 19:53 - 00126976 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-12-09 19:53 - 2015-12-09 19:53 - 00087552 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-12-09 19:53 - 2015-12-09 19:53 - 00016384 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-12-09 19:53 - 2015-12-09 19:53 - 00127316 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\bin\libffi-6.dll
2015-12-09 19:53 - 2015-12-09 19:53 - 00008704 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-12-09 19:53 - 2015-12-09 19:53 - 00013312 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-12-09 19:53 - 2015-12-09 19:53 - 00095744 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-12-09 19:53 - 2015-12-09 19:54 - 00026624 _____ () C:\Users\Josh\AppData\Local\Temp\ocr48D0.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2014-12-08 17:35 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-12-09 19:54 - 2015-12-09 19:54 - 00012800 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00009728 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00014848 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00094208 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\src\rgloader\rgloader193.mswin.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00094208 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00118784 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00069120 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00083968 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\bin\zlib1.dll
2015-12-09 19:54 - 2015-12-09 19:54 - 00026624 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00275968 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00015360 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00008192 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00009216 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00023552 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00008704 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00008704 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00008704 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00008704 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00036352 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00126976 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00087552 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00016384 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00127316 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\bin\libffi-6.dll
2015-12-09 19:54 - 2015-12-09 19:54 - 00013312 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00095744 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-12-09 19:54 - 2015-12-09 19:54 - 00026624 _____ () C:\Users\Josh\AppData\Local\Temp\ocr9A4C.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2014-07-23 20:46 - 2015-12-01 13:52 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2014-07-23 20:46 - 2015-12-01 13:52 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2015-08-07 01:09 - 2015-08-07 01:09 - 01243936 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-12-02 23:54 - 2015-12-02 23:54 - 01020928 _____ () C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\ntbnx206.default-1413951357403\extensions\
[email protected]\platform\WINNT_x86-msvc\components\lpxpcom.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\1001movie.com -> 1001movie.com
There are 6091 more sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1506505283-487300969-3346399363-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 209.222.18.222 - 209.222.18.218
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "Wireless Connection Manager.lnk"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKU\S-1-5-21-1506505283-487300969-3346399363-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{87218DCD-5BA5-4978-BB9D-55C6B611ACA0}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{7F66F558-C8FC-4D58-87C8-0087B14A39CC}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{938756D5-28AC-4AF4-88F3-BE3B8B513020}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{B182164D-6AA9-4498-80C5-40ED7FD183D6}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{E2C0FB43-CBA2-4C5C-949D-8D6CF298510D}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{A6E13A13-58E2-4458-9EB8-FF5A0B5FDC0C}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{71975F5B-B539-49D5-A337-9DC40FA86982}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{16BDFA7A-25FA-4D9F-8B39-21AD291AF71B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6F5B3BEA-B07B-46F3-BB74-99D902879C5F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{435ECAD6-A665-444D-B7FD-35535A5BF5BB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{AC9654C4-BC8E-486D-BB7B-EC38B9AA1CF5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B47BA226-874B-48D4-A62A-70EB7EE7FC9B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7D721C9C-B4E7-4A53-BBE3-F37B48ED28D3}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{BC258D6B-194D-4B3E-A67A-B36E03572500}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{0F046C07-8485-4CAD-A6EA-EBFAA2DD32CD}C:\program files\maple 18\jre\bin\maple.exe] => (Allow) C:\program files\maple 18\jre\bin\maple.exe
FirewallRules: [UDP Query User{718E3FD9-FBC3-43F4-AA4F-8A6DF71A3EEA}C:\program files\maple 18\jre\bin\maple.exe] => (Allow) C:\program files\maple 18\jre\bin\maple.exe
FirewallRules: [{53320305-0EEC-4E78-82B0-00D7A03E7E99}] => (Block) C:\program files\maple 18\jre\bin\maple.exe
FirewallRules: [{86ACEF3E-36CC-4562-B068-5A3E29A15AEE}] => (Block) C:\program files\maple 18\jre\bin\maple.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [TCP Query User{A2A360F2-1957-4B65-9DA6-EC09704E31EF}C:\program files\java\jdk1.8.0_20\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_20\bin\jmc.exe
FirewallRules: [UDP Query User{3C2E9E2D-067E-4F0A-B668-1F838765F00B}C:\program files\java\jdk1.8.0_20\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_20\bin\jmc.exe
FirewallRules: [TCP Query User{3B4AB674-1190-4409-8C4B-35EC2BC34DED}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{D1C4B686-DD66-4B9E-916F-D75F32EE1F32}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{36D389F4-BD64-4F55-B10E-525067C679D5}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{51B59B8A-975F-40EC-96CA-0206A1BE55B8}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{3F131C05-CE02-4BC5-98B6-8A698D202F97}] => (Allow) C:\Users\Josh\AppData\Local\Temp\nsn986B.tmp\CnetInstaller-75660251.exe
FirewallRules: [{8C7C7877-658B-43D1-95A0-6B9DDACF2859}] => (Allow) C:\Users\Josh\AppData\Local\Temp\nsn986B.tmp\CnetInstaller-75660251.exe
FirewallRules: [{11C54487-B761-4BA2-8EC1-3B22F758DD0C}] => (Allow) C:\Users\Josh\AppData\Local\Temp\nsaB2E2.tmp\CnetInstaller-10598299.exe
FirewallRules: [{A18EE8D0-AFCD-42BD-BD8E-55BDB47415F8}] => (Allow) C:\Users\Josh\AppData\Local\Temp\nsaB2E2.tmp\CnetInstaller-10598299.exe
FirewallRules: [{6F7F2889-9FAC-408F-817F-227C95F6761D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3D084814-2CA2-45B6-8299-0062ECF5C29B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{92D71732-C3AF-4344-8CC6-0BF683743629}C:\program files (x86)\kurzweil educational systems\kurzweil 3000\kurzweil 3000.exe] => (Allow) C:\program files (x86)\kurzweil educational systems\kurzweil 3000\kurzweil 3000.exe
FirewallRules: [UDP Query User{A0C4A57A-198E-4083-8E23-2CB99BE915D9}C:\program files (x86)\kurzweil educational systems\kurzweil 3000\kurzweil 3000.exe] => (Allow) C:\program files (x86)\kurzweil educational systems\kurzweil 3000\kurzweil 3000.exe
FirewallRules: [TCP Query User{111599D5-FDC5-421C-B516-D12095A844A3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{93087213-060D-4D45-A7F3-325DE3FAC9BA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9F50ADD2-4CF4-417C-9E4E-691B7F69BD88}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{56511C0D-C114-4B37-AB36-D1341D830142}] => (Allow) LPort=2869
FirewallRules: [{468F7FA3-CD9D-4656-AACE-8A3C53D24295}] => (Allow) LPort=1900
FirewallRules: [{29B357B1-7ACF-40BA-B076-0FACDEAB17D0}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{28A84F87-3CEB-4756-8BF7-613E08AE2DFF}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [TCP Query User{48FC5C2C-130D-45C0-AF13-32060F084841}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{BF5834E0-DDEB-4342-822A-51E64BBBC05B}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{8B8B6759-80F5-4653-8559-0FDA0097F30B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7A54B1FE-4FB8-4448-A50F-A35B99CB5514}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{440AB108-F7B9-445C-9D19-1A8145952000}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{42640DDB-8DD9-4366-9194-BCEE40FDAD5F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{46BE4DCE-912F-494E-ABF7-0CBF74549A79}C:\program files\adobe\adobe dreamweaver cc 2015\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2015\node\node.exe
FirewallRules: [UDP Query User{96CABAD9-EC77-494E-8A82-40DF599AC98A}C:\program files\adobe\adobe dreamweaver cc 2015\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2015\node\node.exe
FirewallRules: [{281B6EFA-FF89-4347-BA8F-DAA2E059C365}] => (Allow) C:\wamp\wampmanager.exe
FirewallRules: [{D1332989-4EC0-43E1-9307-8EF8B6B7EEBA}] => (Allow) C:\wamp\wampmanager.exe
FirewallRules: [{6DBD3E06-492E-442E-B1B2-61787C74E9D3}] => (Allow) C:\wamp\wampmanager.exe
FirewallRules: [{A5454F5C-B73C-4691-86A6-AAEBEE8C875B}] => (Allow) C:\wamp\wampmanager.exe
FirewallRules: [{CAE4D5AF-0CFE-4F14-9923-CC6A5D5C636D}] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [{366A35E8-91EE-4FBD-9D6B-1FF944A37028}] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [{FF09676A-66D8-4B68-855A-00A1C1E18A22}] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [{2EE53426-4FEC-44F5-AEC7-443BB2DC0043}] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [{3B9549C6-86F8-469E-8382-2E1EA0457C97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CDF3B039-657A-41E4-AEF4-378CCA34F84A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A0640961-5A5F-4219-8599-1B6CFB9D285C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4378C9FB-6454-42B4-8AC0-4C22DD415C80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{00E19E75-EAB3-4366-B9AA-48D4BE623FD0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{122DC77D-B59D-456B-9556-1A328174B5B6}] => (Allow) C:\Users\Josh\AppData\Local\Temp\nsxB3C9.tmp\Installer-75802911.exe
FirewallRules: [{DD54E600-68A6-44D0-BACB-8456ECFF092E}] => (Allow) C:\Users\Josh\AppData\Local\Temp\nsxB3C9.tmp\Installer-75802911.exe
FirewallRules: [{E745BCC6-7121-4498-9E48-A910EF141659}] => (Allow) LPort=1689
FirewallRules: [TCP Query User{E3EACF65-0D31-422D-AD5B-C61B03F11086}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [UDP Query User{481B88E8-D36B-4BB2-B8E1-663E81239B95}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [{43A66DE5-AF83-4823-A3D1-4E64CFAF0F3E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2EEAEC21-9418-4D76-86A4-95BD42D7F39D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9E71145D-45D5-44FD-9BEB-1C1F4C2D3790}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{1E5C6E6F-DEFE-47CB-99A9-87433895F7B0}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{13F87D97-A936-4793-A76C-9F3B263B764C}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{C8BFCE1A-CB8A-417C-9757-FBB56B2F04AD}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/09/2015 07:53:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 13.1.0.0, time stamp: 0x5313ef48
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffaab180399
Faulting process id: 0x784
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5
Error: (12/09/2015 07:34:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program AcroRd32.exe version 15.9.20077.29851 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: f94
Start Time: 01d132f9ed3b5d8c
Termination Time: 8
Application Path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Report Id: f3bdd60c-9eee-11e5-8305-14dae9f55cd6
Faulting package full name:
Faulting package-relative application ID:
Error: (12/09/2015 01:39:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 13.1.0.0, time stamp: 0x5313ef48
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ff899980399
Faulting process id: 0x814
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5
Error: (12/09/2015 12:28:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program vmware.exe version 12.1.0.2487 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: d10
Start Time: 01d132498c023fbb
Termination Time: 60000
Application Path: C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe
Report Id: 6a2263c5-9e4e-11e5-8304-14dae9f55cd6
Faulting package full name:
Faulting package-relative application ID:
Error: (12/08/2015 05:00:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program AcroRd32.exe version 15.9.20077.29851 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 584
Start Time: 01d1321c73dce8e1
Termination Time: 9
Application Path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Report Id: 29d9ef2d-9e10-11e5-8304-14dae9f55cd6
Faulting package full name:
Faulting package-relative application ID:
Error: (12/08/2015 04:56:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program AcroRd32.exe version 15.9.20077.29851 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1338
Start Time: 01d132191e7a78a1
Termination Time: 7
Application Path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Report Id: abc4753c-9e0f-11e5-8304-14dae9f55cd6
Faulting package full name:
Faulting package-relative application ID:
Error: (12/08/2015 12:40:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 13.1.0.0, time stamp: 0x5313ef48
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffc2f580399
Faulting process id: 0x53c
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5
Error: (12/08/2015 12:33:55 AM) (Source: MsiInstaller) (EventID: 11722) (User: WhiteKnight)
Description: Product: Kurzweil 3000 v.14 -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action KillHelpToy, location: C:\Windows\Installer\MSI85B0.tmp, command: -k
Error: (12/08/2015 12:29:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 13.1.0.0, time stamp: 0x5313ef48
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007fff875e0399
Faulting process id: 0x5ac
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5
Error: (12/08/2015 12:26:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
System errors:
=============
Error: (12/09/2015 07:55:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2
Error: (12/09/2015 07:54:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).
Error: (12/09/2015 07:52:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (12/09/2015 07:17:57 PM) (Source: DCOM) (EventID: 10010) (User: WhiteKnight)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/09/2015 07:17:27 PM) (Source: DCOM) (EventID: 10010) (User: WhiteKnight)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (12/09/2015 06:23:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RunSwUSB service.
Error: (12/09/2015 12:12:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RunSwUSB service.
Error: (12/09/2015 12:11:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RunSwUSB service.
Error: (12/09/2015 12:11:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RunSwUSB service.
Error: (12/09/2015 01:41:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2
CodeIntegrity:
===================================
Date: 2015-12-09 22:10:46.525
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-09 22:10:46.361
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-09 22:10:34.327
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-09 22:10:34.163
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-09 20:09:18.968
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-09 20:09:18.811
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-09 20:09:18.638
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-09 20:09:18.485
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-09 20:09:18.336
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-09 20:09:18.187
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 35%
Total physical RAM: 8156.87 MB
Available physical RAM: 5287.76 MB
Total Virtual: 15580.87 MB
Available Virtual: 12584.09 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:209.25 GB) (Free:29.87 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (Storage) (Fixed) (Total:931.51 GB) (Free:458.71 GB) NTFS
Drive f: (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: (WD Unlocker) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF
Drive k: (My Passport) (Fixed) (Total:1862.98 GB) (Free:216.81 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 445F9625)
Partition 1: (Not Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=209.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A0AD132E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0005F107)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)