Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017 Ran by Yondaime (05-01-2017 01:35:44) Running from C:\Users\Yondaime\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2016-12-09 20:46:49) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-503687441-1764982139-705192744-500 - Administrator - Disabled) Guest (S-1-5-21-503687441-1764982139-705192744-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-503687441-1764982139-705192744-1002 - Limited - Enabled) Yondaime (S-1-5-21-503687441-1764982139-705192744-1001 - Administrator - Enabled) => C:\Users\Yondaime ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - ) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc) Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation) Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Camtasia Studio 8 (HKLM-x32\...\{904AC0F0-F69E-467E-A719-B083940F608A}) (Version: 8.5.2.1999 - TechSmith Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform) DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation) DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation) Driver Booster 3.5 (HKLM-x32\...\Driver Booster_is1) (Version: 3.5 - IObit) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.) Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) K-Lite Codec Pack 12.6.1 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.6.1 - KLCP) Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - ) Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - ) Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 4.5.1 (HKLM\...\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60830 (HKLM-x32\...\{c7ed0d4c-89c5-47fc-9e89-1088affe63f3}) (Version: 11.0.60830.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60830 (HKLM-x32\...\{9dba0447-b749-41ea-90bc-2aa19a9eb580}) (Version: 11.0.60830.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) MKVToolNix 9.6.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 9.6.0 - Moritz Bunkus) mp3Tag Pro 6.01 (HKLM-x32\...\mp3Tag Pro_is1) (Version: - Maniac Tools, Inc.) Opera Stable 42.0.2393.94 (HKLM-x32\...\Opera 42.0.2393.94) (Version: 42.0.2393.94 - Opera Software) PhotoFiltre Studio (HKLM-x32\...\PhotoFiltre Studio) (Version: - ) PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.30.1 - PS3 Media Server) Subtitle Edit 3.3.12 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.3.12.2367 - Nikse) TotalAudioConverter (HKLM-x32\...\Total Audio Converter_is1) (Version: - Softplicity, Inc.) UltraISO Premium V9.33 (HKLM-x32\...\UltraISO_is1) (Version: - ) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1B4BC160-4E77-496F-A8DC-139CD591975B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe [2016-12-15] (Adobe Systems Incorporated) Task: {1F9EA0EF-BEF2-4BD5-B944-39DCB967AEDE} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-07-14] (IObit) Task: {29FAE787-8E6C-4199-97EB-DB03E2AC23CB} - System32\Tasks\{9B159BEF-E675-47D7-A94C-48B529CE4A82} => pcalua.exe -a "C:\Users\Yondaime\Desktop\PS3 U\PS3CoverUploader\msvbvm50.exe" -d "C:\Users\Yondaime\Desktop\PS3 U\PS3CoverUploader" Task: {3EE866DD-A4FB-4BEE-8434-B93CB2FD0662} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-15] (Adobe Systems Incorporated) Task: {3EFD6B8F-FC82-4913-9740-F5B25EE944FE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {6EAC864F-B673-4B6A-B254-EF6A3B853D24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-09] (Google Inc.) Task: {A7F11F50-2E67-4BCD-BA4A-4961F34FCE87} - System32\Tasks\Driver Booster SkipUAC (Yondaime) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-07-18] (IObit) Task: {B2A78833-736C-4486-AC9D-4D6672B57410} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-09] (Google Inc.) Task: {C0C268E4-7E87-4159-93AC-2B189A407E38} - System32\Tasks\Opera scheduled Autoupdate 1481391711 => C:\Program Files (x86)\Opera\launcher.exe [2016-12-19] (Opera Software) Task: {EB79B140-7BFA-497F-8B51-B365578ECE0C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd) Task: {EE7DFA3F-81D4-498E-BA9D-7E49A1D05B9C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-11-22] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-12-09 21:56 - 2016-10-18 13:54 - 00133568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-11-17 01:28 - 2016-11-17 01:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2010-01-02 14:42 - 2010-01-02 14:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2016-12-09 23:08 - 2016-12-08 08:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll 2016-12-09 23:08 - 2016-12-08 08:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll 2017-01-05 00:34 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2017-01-05 00:34 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll 2017-01-05 00:34 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-503687441-1764982139-705192744-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{61003C96-D47B-4A11-900A-F6B209E08A42}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{D42C993A-C76B-4CCB-87CA-44B997CB7A6E}] => C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{D7345A69-D022-4716-994C-DF427FF2EB3B}] => C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{C0384D08-1FC2-4A66-BAFC-B9FC7EC41A44}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe FirewallRules: [UDP Query User{756C9067-DBD3-4562-B2EA-36772FC5C8E9}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe FirewallRules: [TCP Query User{40FD0DB9-BA3E-4A7D-B9D1-ECE733AF85F9}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [UDP Query User{4F9026C7-9FEF-4D12-89B6-287D585D200B}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [{94C0FB3E-7F07-489C-9593-4EC072F033FA}] => C:\Program Files\iTunes\iTunes.exe FirewallRules: [{DBF80BDF-86FB-47F5-9F57-30814DCC8CC3}] => LPort=8317 ==================== Restore Points ========================= 04-01-2017 21:55:02 Removed Bonjour ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/05/2017 12:10:40 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/04/2017 11:17:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/04/2017 11:00:33 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/04/2017 10:06:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/04/2017 10:03:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/04/2017 05:34:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/04/2017 04:11:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: CamtasiaStudio.exe, version: 8.5.2.1999, time stamp: 0x5542cc2d Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ba58 Exception code: 0xc0000374 Fault offset: 0x000ce653 Faulting process id: 0xedc Faulting application start time: 0x01d2663bef6594c2 Faulting application path: C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: ef25413e-d233-11e6-8f35-b8ac6f935483 Error: (01/03/2017 07:30:28 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/03/2017 02:28:11 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/02/2017 07:11:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (01/05/2017 12:11:38 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Yondaime\AppData\Local\Temp\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (01/05/2017 12:11:38 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Yondaime\AppData\Local\Temp\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (01/05/2017 12:11:38 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Yondaime\AppData\Local\Temp\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (01/05/2017 12:11:38 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Yondaime\AppData\Local\Temp\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (01/05/2017 12:06:31 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Yondaime\AppData\Local\Temp\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (01/05/2017 12:06:31 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Yondaime\AppData\Local\Temp\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (01/05/2017 12:06:31 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Yondaime\AppData\Local\Temp\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (01/04/2017 10:57:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (01/04/2017 10:57:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (01/04/2017 10:57:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2017-01-05 00:11:38.432 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Yondaime\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 00:11:38.432 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Yondaime\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 00:11:38.432 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Yondaime\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 00:11:38.432 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Yondaime\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 00:11:38.198 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Yondaime\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 00:11:38.198 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Yondaime\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 00:11:38.198 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Yondaime\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 00:11:38.183 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Yondaime\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 00:06:31.364 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Yondaime\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 00:06:31.364 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Yondaime\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Xeon(R) CPU W3503 @ 2.40GHz Percentage of memory in use: 75% Total physical RAM: 4093.59 MB Available physical RAM: 1010.23 MB Total Virtual: 8185.37 MB Available Virtual: 4472.34 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:136.72 GB) (Free:25.82 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:74.53 GB) (Free:2.22 GB) NTFS Drive e: () (Fixed) (Total:149.04 GB) (Free:3.81 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 136.7 GB) (Disk ID: 5E91D9B2) Partition 1: (Active) - (Size=136.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: DFA8DFA8) Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: 1B4B1242) Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================